What to do when Hikvision are watching?

[alastairstevenson]

Nothing like creating a new thread to attract their attention. Though that's not the purpose of this one.

It's pretty clear that when people figure out ways to improve how the Hikvision products they've acquired work for them, such as avoiding the Chinese menus or bricked cameras that result from updates to firmware that Hikvision publish - Hikvision then incorporate blocks or traps for these 'fixes' in subsequent firmware releases.

So when there are genuine high-severity security vulnerabilities that cause Hikvision to issue updated fixed firmware, such as these : Hikvision Europe - how do you reconcile the fact that you should do the update but there is a fair chance it will break the camera, if it was purchased on-line?

Well, one way is for the hobbyist user who has the interest and knowledge to mod the new firmware so it won't damage the cameras that were bought on-line.
But publish it openly, such as on ipcamtalk.com, and Hikvision will see it, analyse it, and block it in the next release.

Hence the title of this thread.

PS - There have been a good few interesting insights into some useful things that can be done in the Dahua firmware, such as changing the language, enabling telnet, enabling the bootloader etc.
Do Dahua also try to make using their products difficult for their customers?

 

[LeeH]

Are Western region cams at risk of being bricked? I bought another 2342 this weekend and was toying with the idea of updating it and my other WR serial numbered cams...

 

[alastairstevenson]

Are Western region cams at risk of being bricked?

No, they should be fine if they are genuine non-CN cameras, and if starting with early firmware you do sequential updates and not one big jump, as per Hikvision's guidance:

Please follow the steps to upgrade: V5.2.0->V5.3.0->V5.4.0
Skipping intermediate versions in upgrading may cause unpredicable problems.

It's the cameras purchased on-line, with 'hacked to English' firmware that are most at risk.
And use the right firmware of course!

 

[LeeH]

Thanks Alastair, I'll have a look. I do like the new UI of my latest cam. Will the firmware update that too? I only access via my NAS and VPN so I presume I dont have to worry about updates due to security vulnerabilities?

Sorry for the thread hijack...

I blocked my old Foscam from internet access with my router when I noticed it connecting to random IP addresses...I presumed that stopped and unwanted snooping.

 

[alastairstevenson]

Sorry for the thread hijack...

It's not a hijack - you're contributing to the discussion.

Though it does seem that you are in the fortunate position of -
Understanding the difference between low-cost CN region cameras sold with 'hacked to EN' firmware, and higher-cost WR 'full English' region cameras.
Being able to do firmware updates at lower risk than many on-line buyers.

 

[StefanB]

Thread seems dead, so I guess this ain't another hijack?

In the same vein.
Have a HIKVision DVR on the shelf that got hit by a power surge months ago, switches on but that's it. Distributor claimed was beyond salvage so we replaced it.
Lo and behold - pinged 192.0.0.64 on startup and she was alive! So not yet dead but merely bricked.

Any advice on how to proceed? I have no opinion on what might be wrong to start off with, but have literally nothing to loose?

Also - will a firmware update reset to factory default? Including passwords?

 

[alastairstevenson]

Lo and behold - pinged 192.0.0.64 on startup and she was alive! So not yet dead but merely bricked.

It might not be bricked, might just be hiding.
The first and easiest thing to try if you haven't already done so is to see what SADP makes of it, if anyhing : Hangzhou Hikvision Digital Technology Co. Ltd.

Also - will a firmware update reset to factory default? Including passwords?

An update using the Hikvision tftp updater will. An update using the web GUI generally won't.

Any advice on how to proceed? I have no opinion on what might be wrong to start off with, but have literally nothing to loose?

Another easy thing to try would be to see if re-applying the firmware would change anything. Assuming you know what firmware version was on it, and that it wasn't some modified version applied by the seller to convert to English, for example. Without the model number, I can't point you to any sources.
If it does actually show in SADP, then you could try the Batch Configuration Tool to attempt an update : Hangzhou Hikvision Digital Technology Co. Ltd.
If there is nothing in SADP, then the Hikvision-specific tftp updater tool can be tried.
Tool and instructions (but not the firmware) in the first link here : Custom Firmware Downgrader 5.3.0 Chinese to 5.2.5 English

And finally, assuming your Hikvision DVR has the same serial console connection as others, is to connect to it and see in detail what the status is.
To do that, a couple of items:
Serial TTL to USB convertor. The PL2303HX - based ones work well, plenty on eBay.
And a 4-pin 1.5mm JST ZH wired connector, again plenty on eBay, often packs of 10.

 

[StefanB]

Thanks for the reply!
That's a NO on SADP.
Tried tftp, no joy.
Gives messase that it connects to DVR, gives a message that it is transmitting the dav file and then, after a delay if a few minutes, cycles through the same two messages. Ad nauseum.
Tested my setup on an old SH series I had lying around and successfully installed the latest firmware.
Felt brave and tried on a brand new (yes, I was bored) 8 channel. Not even connecting to the DVR. Did the 192.0.0.64 ping thing and it does, so dunno what I'm doing wrong there.

Will post models etc and have a look at that serial equipment when I get home.



*Update*
Brick - DS-7116HGHI-F1
Unresponsive - DS-7108HGHI-F1