Dahua Security Camera Backdoor Checker and the Story Behind It

On March 6, 2017, during a regular monitoring our specialists found on seclists a message from an independent researcher who reported problems in Dahua products. The user under the name mcw0 was convinced that this vulnerability, namely unauthenticated user management, was left by the manufacturer on purpose.Based on personal beliefs, the researcher decided to notify the community of the defect first and put all the details and exploits in public access.


Dahua Security Camera Backdoor Checker and the Story Behind It 1

He himself says that he does not like to listen to vendors requests to keep silent about the bugs found. However, despite this, mcw0 removed the proof of concept and gave the manufacturer 30 days to fix the vulnerability.The situation is aggravated by the fact that the software developed by Dahua is used by other companies, which in turn may not have enough resources to update their products.

Careful consideration of the github repository where the proof of concept was published showed that the exploit code was not completely removed and can be easily restored without waiting a month and without contacting the researcher. To completely delete a file from the history, you need to use the corresponding git (git rm and git rebase) functionality. A few days later the researcher, apparently noticing the oversight, completely removed the repository and created a new one, without any traces of exploit.

The exploit went to the IoTsploit laboratory for a thorough examination. All stages of operation were reproduced manually to understand the mechanics of breaking. The main bug was that the devices configuration file is available for download to any unauthorized user.

This is a very common mistake among IoT devices developers. A similar vulnerability was made in their time by developers from D-Link, Humax (CVE-20177315), Broadcom (CVE-20133690) and other companies.In the downloaded file you can find the entire list of device users and hashes of passwords.


Dahua Security Camera Backdoor Checker and the Story Behind It 2

Should the database leak, hashed passwords for their intended purpose should make it difficult for an attacker to gain access to the system. But in our case, the hash is sufficient due to the presence of another vulnerability such as pass-the-hash. The fact is that the desktop client for the web camera is authorized on the server not using a password, but using a hash of the password.

Thus, the exploit allows you to get into the system and perform camera management under the guise of a desktop client.All exploit code was completely rewritten and embedded in our authoring framework, IoTsploit scanner, available by subscription. In addition, we have developed a public tool to check any ip on the Internet for susceptibility to vulnerabilities.

This tool does not contain a payload, and therefore cannot damage the device being tested. The same tool we sent to check 23 thousand Dahua devices found in the search engine shodan.Also, there is an updated graph of the number of vulnerable devices in the public access.

The checker is here co/dahua/This research and the checker was made by IoTSploit Team (Gleb Ershov). Feel free to contact us at and visit our website at co/.

HOT PRODUCTS
no data
GET IN TOUCH WITH US
recommended articles
Cases
Dahua Cctv Security Camera Pakistan- Fmn Security
Dahua Cctv Security Camera Pakistan- Fmn Security
Closed-circuit television (CCTV) is used for checking crime and high value of investigation tool. This help to establish how CCTV works and give useful indication and also solve different situation, analysing 251,195 crimes recorded by British Transport Police that occurred on the British railway network between 2011 and 2015. CCTV used to remove many chances of crime. Images are available for more serious crime and available in different locations like malls, school, and universities, hospitals etc. This is a powerful investigation tool even in railway for many crimes. The effectiveness of CCTV is incomplete by several factors, most particularly the number of public areas not covered. These cameras are mostly installed in streets and businesses in all over the world which is effective to reducing crime and increasing public safety. CCTV cameras also have the possibility of creating unintended effects, good and bad. Cameras could also sponsor a false intelligence of security and lead citizens to take fewer protections, or they could also cause more crimes to be reported, and thus lead to a supposed increase in crime. Requirement: The use of camera systems must be reasonable observed, perfectly by free expert. Objectives and intended outcomes must be defined.Proportionality: CCTV equipment must be suitable for the problem it is planned to address. Technology should respond to the recognized objectives, without going further. Data should be protected and the length of time it is engaged be clearly defined.Clearness: Citizens should know what the objectives of a CCTV system are, what its connection and working costs are, the areas being measured, and what the results are. Reports should occur regularly so citizens can make up-to-date decisions.Responsibility: Those in charge of public CCTV systems should be clearly recognized and responsible to the public, whether the systems are run by the government or private firms.Independent error: An external body should be charged with guaranteeing that systems respect the publics rights and are attaining their specified purposes. Preferably citizens would have opinion in the mistake process.For more detail visit here: Dahua Cctv Security Camera Pakistan- Fmn Security RELATED QUESTION What do you think about digital signage? In my knowledge, Dahua Security is renowned brand & all products are good quality & very competitive, much people like that product. I know very one company who are selling dahua product very well by online & offline, website is Best CCTV Camera Price in Bangladesh - CCTV Camera Company in BD can check.Dahua product line given below:Dahua CCTV. IP Camera or HD Camera. DVR 4 channel to 64 Channel. NVR 4 channel to 64 Channel. Digital display. Video Conference. They also provide one year free service. What do you think about dahua. com. bd digital signage?.
2021 04 16
read more
Shenzhen TGW Technology Co.,Ltd is the leading access control solution provider for vehicle intelligent parking system, license plate recognition recognition system and pedestrian access control turnstile and face recognition terminals.
CONTACT US

Shenzhen TigerWong Technology Co.,Ltd

Tel: +86 0755-23773884 

E-Mail: info@sztigerwong.com

Add: Room 601-605, Building 6, 1980 Science and Technology Industrial Park,  Longhua Street, Longhua District, Shenzhen

                    

Copyright © 2021 Shenzhen TigerWong Technology Co.,Ltd  | Sitemap
wechat
skype
whatsapp
messenger