CVE-2021-33044

PoC misc PoC - Internet of (In)Security Things Well worth to read about these crappy (in)security things: ipvmcom/reports/security-exploits Hikvision CVE-2021-36260 2021-10-19 All credit to Watchful_IP (watchfulipgithubio/) githubcom/mcw0/PoC/blob/master/CVE-2021-36260py Dahua CVE-2021-33044, CVE-2021-33045 2021-10-06 Details: githubcom/mcw

PoC misc PoC - Internet of (In)Security Things Well worth to read about these crappy (in)security things: ipvmcom/reports/security-exploits Hikvision CVE-2021-36260 2021-10-19 All credit to Watchful_IP (watchfulipgithubio/) githubcom/mcw0/PoC/blob/master/CVE-2021-36260py Dahua CVE-2021-33044, CVE-2021-33045 2021-10-06 Details: githubcom/mcw

Chrome extension that uses vulnerabilities CVE-2021-33044 and CVE-2021-33045 to log in to Dahua cameras without authentication.

DahuaLoginBypass Chrome extension that uses vulnerability CVE-2021-33044 to log in to Dahua IP cameras and VTH/VTO (video intercom) devices without authentication For other device types (NVR/DVR/XVR, etc), there exists CVE-2021-33045 which cannot be exploited with an ordinary web browser These vulnerabilities are likely to be fixed in firmware released after Sept 2021 Credit

PoC misc PoC - Internet of (In)Security Things Well worth to read about these crappy (in)security things: ipvmcom/reports/security-exploits Hikvision CVE-2021-36260 2021-10-19 All credit to Watchful_IP (watchfulipgithubio/) githubcom/mcw0/PoC/blob/master/CVE-2021-36260py Dahua CVE-2021-33044, CVE-2021-33045 2021-10-06 Details: githubcom/mcw

Proof of concept (PoC) - misc PoC - Internet of (In)Security Things

PoC misc PoC - Internet of (In)Security Things Well worth to read about these crappy (in)security things: security-exploits Hikvision CVE-2021-36260 2021-10-19 All credit to Watchful_IP CVE-2021-36260 Dahua CVE-2021-33044, CVE-2021-33045 2021-10-06 Details: Dahua Authentication Bypass Dahua Console PoC: 2021-09-06 Two independent authentication bypass Due to the very high pote

简体中文 | English 简介 主要针对网络摄像头的漏洞扫描框架，目前已集成海康、大华、宇视、dlink等常见设备

PoC misc PoC - Internet of (In)Security Things Well worth to read about these crappy (in)security things: ipvmcom/reports/security-exploits Hikvision CVE-2021-36260 2021-10-19 All credit to Watchful_IP (watchfulipgithubio/) githubcom/mcw0/PoC/blob/master/CVE-2021-36260py Dahua CVE-2021-33044, CVE-2021-33045 2021-10-06 Details: githubcom/mcw

PoC misc PoC - Internet of (In)Security Things Well worth to read about these crappy (in)security things: ipvmcom/reports/security-exploits Hikvision CVE-2021-36260 2021-10-19 All credit to Watchful_IP (watchfulipgithubio/) githubcom/mcw0/PoC/blob/master/CVE-2021-36260py Dahua CVE-2021-33044, CVE-2021-33045 2021-10-06 Details: githubcom/mcw

Issues has been disabled for these PoC's, as they are simply PoC, Public Domain and unsupported.

PoC misc PoC - Internet of (In)Security Things Well worth to read about these crappy (in)security things: ipvmcom/reports/security-exploits Hikvision CVE-2021-36260 2021-10-19 All credit to Watchful_IP (watchfulipgithubio/) githubcom/mcw0/PoC/blob/master/CVE-2021-36260py Dahua CVE-2021-33044, CVE-2021-33045 2021-10-06 Details: githubcom/mcw

Dahua Console, access internal debug console and/or other researched functions in Dahua devices. Feel free to contribute in this project.

Dahua Console Version: Pre-alpha Bugs: Indeed TODO: Lots of stuff [Install requirements] sudo pip3 install -r requirementstxt [Arguments] -h, --help show this help message and exit --rhost RHOST Remote Target Address (IP/FQDN) --rport RPORT Remote Target Port --proto {dhip,dvrip,3des,http,https}

简体中文 | English 简介 主要针对网络摄像头的漏洞扫描框架，目前已集成海康、大华、宇视、dlink等常见设备

简体中文 | English 简介 主要针对网络摄像头的漏洞扫描框架，目前已集成海康、大华、宇视、dlink等常见设备

批量扫描破解海康威视、大华等摄像头的常见漏洞。

CameraHack 批量扫描破解海康威视、大华等摄像头的常见漏洞、弱密码 海康威视 RTSP 弱密码 # 主码流 rtsp://admin:12345@IP:554/h264/ch1/main/av_stream rtsp://admin:12345@IP:554/MPEG-4/ch1/main/av_stream # 子码流 rtsp://admin:12345@IP/mpeg4/ch1/sub/av_stream rtsp://admin:12345@IP/h264/ch1/sub/av_stream CVE-2

Dahua IPC/VTH/VTO devices auth bypass exploit

CVE-2021-33044 Dahua IPC/VTH/VTO devices auth bypass exploit About: The identity authentication bypass vulnerability found in some Dahua products during the login process Attackers can bypass device identity authentication by constructing malicious data packets use - python3 dahua_exploitpy http(s)://ip:port Author D0rkerDevil

简介 主要针对网络摄像头的漏洞扫描框架，目前已集成海康、大华、宇视等常见设备。后期会加入更多摄像头设备和路由器设备。

简体中文 | English Introduction ======= Mainly for the vulnerability scanning framework of network cameras, it has integrated common equipment such as Hikvision, Dahua, and Uniview More camera devices and router devices will be added later

CVE-2021-33044 Dahua IPC/VTH/VTO devices auth bypass exploit About: The identity authentication bypass vulnerability found in some Dahua products during the login process Attackers can bypass device identity authentication by constructing malicious data packets use - python3 dahua_exploitpy http(s)://ip:port Author D0rkerDevil

Categorized lists of my projects on Github.

bp2008's Project Index Below are categorized lists of links to my most interesting projects Blue Iris Integrations UI3 - A powerful, modern HTML5 web interface for Blue Iris biupdatehelper - A Windows service which archives Blue Iris update files and makes configuration backups Home Automation, Weather Sensors, etc AcuRiteSniffer - Reads weather data packets sent by

简体中文 | English 简介 主要针对网络摄像头的漏洞扫描框架，目前已集成海康、大华、宇视、dlink等常见设备