Search results

Repack of the 5.5.53 firmware (R6 EN cameras) with the following changes: * Full-featured busybox * SSH access enabled * PSH (protected shell) disabled * Dropbear host key persists between reboots * Customizable init script IPC_R6_EN_STD_5.5.53_180730_mcr.zip — RGhost — файлообменник Enjoy.

It's been a while, time to upgrade. Here is the repack of the latest K51 NVR firmware. - full-featured busybox - persistent ssh keys - PSH removed NVR_K51_BL_ML_STD_V4.1.70_181114_mcr.zip — RGhost — файлообменник

Repacked IPC_G1_EN_STD_5.4.5_170124 firmware with PSH disabled. You can load it after you install modified G1 minisystem (search this forum). It won't load via web GUI or through stock minisystem. IPC_G1_EN_STD_5.4.5_170124_mc.zip — RGhost — файлообменник Enjoy.

Attached is PSH-free minisystem image for G1. You can use it to get full filesystem access. The image comes with a full-featured busybox. The image allows loading unsigned firmware The image will work with U-Boot 3.1.6-279309 (May 11 2017-13:36:13) or earlier. to install rooted minisystem: -...

Source firmware: ---------------- IPC_R6_EN_STD_5.4.5_170124 Changes in repacked firmware: ----------------------------- * Full-featured busybox * SSH access enabled * PSH (protected shell) disabled * Dropbear host key persists between reboots * Customizable init script...

There have been rumours... I would like to confirm that there is a backdoor in many popular Hikvision products that makes it possible to gain full admin access to the device. Hikvision gets two weeks to come forward, acknowledge, and explain why the backdoor is there and when it is going to be...

This is a repack of NVR_K51_BL_ML_STD_V3.4.91_161220 firmware with the following changes: - bp_read command added (dumps bootparams) - psh is disabled - ssh host key persists between reboots. Hikvision regenerated it upon each reboot, which was extremely annoying. - busybox binary is replaced...

-------- dieter 2.10.16 1473645726 fiona ---------- So, which one of you here is Dieter and how hot is Fiona? We need a picture. :) The tagline comes from a hacked 5.4.20 firmware installed on an aliexpress camera.

So... It turns out that, unlike DVRs and older cameras, newer hikvision cams, including R6 and G0, store its configuration settings in smartcard chips. The chips are made by Watchdata and they run TimeCOS. Basically, your cameras have the same chip as you VISA credit card. That chip stores...

Pissed at people trying to fix buggy firmware themselves, Hikvision is hiring 10,000 R&D resources. Rumors say that 5,000 of those will be tasked with replacing the current outdated XOR encryption with double ROT13 and the other half will focus on devising a new encryption scheme that does not...

This is a repack of R6 English firmware IPC_R6_EN_STD_5.4.4_161125 with the following changes: * PSH disabled * SSH enabled IPC_R6_EN_STD_5.4.4_161125_mcr.zip — RGhost — файлообменник Enjoy!

The attached app unpacks and repacks Hikvision firmware for K41/K51 NVRs and R0/R1/R6/G0 cameras. I plan to add support for more hardware, but in many cases I need to buy cameras to extract keys from them. Your donations can help, contribute here if you feel like it: The binary runs on x64...

This is a repack of R6 English firmware IPC_R6_EN_STD_5.4.3_160902 with the following changes: * PSH disabled * SSH enabled IPC_R6_EN_STD_5.4.3_160902_mcr.zip — RGhost — файлообменник Enjoy!

K51 DS-78xxNI-I2 firmware repack for NVR_K51_BL_ML_STD_V3.4.80_160718 http://rgho.st/7xHv2ZRzs Changes: PSH removed Added bp_read app that dumps bootparams (just run bp_read at console prompt). Yes, I also have bp_set that changes bootparams but I won't share it at this time. Full featured...

This is a repack of NVR_K51_BL_ML_STD_V3.4.62_160503 PSH disabled SSH available Hikvision's bastardized busybox replaced with a full-featured busybox app. This turns the DVR into a capable Linux server. You can do syslog, etc. http://rgho.st/68mln2sdk Enjoy.

There is confusion in forums regarding serial numbers and region codes. Here is now you read HIK serial numbers: Example for a DVR: DS-7608NI-E2/8P0820160211AAWR123456789WCVU (IP camera serials are similar) DS-7608NI-E2/8P <- model name 08 <- input channels 20160211 <-...

http://rgho.st/79FhPqRZr

Repacked IPC_R6_EN_STD_5.3.8_160126 firmware with psh disabled. English cameras only. I could repack the same EN firmware to work with CN hardware, but I don't have any CN cameras for testing and they use different crypto keys. Yes, I can do 5.4.0 and R0 cameras (2x32) too. Be patient...

Xuefeng Qian, Hikvision's head of R&D is on the mission to use as many crypto, hashing, and CRC algorithms as his team can possibly fit in firmware. So far we have: md5 sha1 dumb add crc XOR with rotating key XOR with computed key crc32 3des aes256 All this obfuscation mess has no...

Could somebody PM me 14 bytes that ioctl("/dev/hikio", 0x8004480f) returns? (2032 hardware)

Does anybody know how to decrypt a firmware blob for DS-2x22FWD,2x42FWD_5.3.6_151105 Here is the header, de-XORed as usual. The last 3 DWORDs are offset, length, and CRC of the firmware blob that immediately follows he header. The blob appears encrypted. How do I decrypt it? The camera is still...

For those interested, SDK for Hi3535 (which is what 76xx, 77xx, 86xx are based on) appears to be available here: https://soc.systems/projects/hisilicon-hi3535-sdk

I would like to understand how core hik camera hardware compares between different models within the same Hikvision lines. I do NOT need to know that a "Z" suffix stands for "Zoom" or that some cameras come with POE and some don't have the POE module. I need to understand hardware...

OK, since the hiktool.rar and everything else I was able to find did not work with current digicap.dav images, I created this: jpi@dvdev:~$ hikpack hikpack 1.0b -- Hikvision digicap.dav firmware packer/unpacker Usage: hikpack -i <davfile> print dav file information...