Dahua Backdoor Patch Creates A New User "Null"

SIDE-EFFECT of firmware patch: It appears the patch affects the user cred file (you know what it is) in a malformed way, if you look at your user account page you will see a new user "null" added. While we tried deleting it, that was unsuccessful. Also another user management app which I am told uses Dahua's protocols was unsuccessful.

I don't think (am unsure, actually) this is a risk but it is uncomfortable. Since telnet is disabled (and can't be reenabled with the http API url) we can't directly edit the account file. Serial access might work but its too much of a hassle and requires physical access to the camera....my curiosity might get the better of me on this.

ANYONE know how to "delete" this "user"? Is this any risk to leaving as-is?

This is confirmed on "S" series PTZ.

remove nulluser

NOTICE: This comment was moved from an existing discussion: Dahua Backdoor Uncovered

Login to read this IPVM discussion.
Why do I need to log in?
IPVM conducts unique testing and research funded by member's payments enabling us to offer the most independent, accurate and in-depth information.

***** **** ** *** *** **** ** ** *** ** discussed ********.

***** ******* ********* ** ***:

#**

****, **'* ******** ****** *** ***** ******* **** *** **** database... (**** ******** *** ******* ***** ******* **** **** ***** to **** ***)

*** *** **** *** ****? *** ******** ** *****?

**** ******** *** ***** **** **** ******** ******* (*** ***** login ****), *** *** *** ***** "****", ***** **** ** so **** *** ******** ** *** ****. **, ** ***** be ** ***** *** ********.

** *** *** *** ******** ** **** ******* *** ****** be ****, ***** ** ***** ** *** ** *** ***** not..

**** *******:

*****, ********* **** "****" ** ************. * *** ***** ** set * ********, ** ** ***** ****** **** ***** *****, besides ******** *** "****".

** ***** ****: "*****" ****: "*****" **** *** ****** ** work.

****** *** **** ********

#**:

***** *** ****** ****** ** ***************@*********.**********

***** ******** *** ******, **** *** ***** ** ******* ******* the ******, *** **** *** **** ***** *** ** *** database?

***, ** **** ***** ** ******* *** ******. ********** *** users **** **** *********. **'*, *****, *****, *********, ********....******* *** changed *****. *** *******, ********, ***** ********** **** **** ** defaulted. *** **********. "****" **** *******. *******......

* ***** *** **** ** *** ****** **** *** **** API ****. ***** ***** ** * **** ****** "*******" ****** which *** ** **** ***** **** ****** *** **** ******* and *** **** *** ***.

***'** ******** ***** ** **** * "******" ******* ** ****** the ******** ***** *** *** ******** ** * ***...*****. *** serial *** ** *** *** ****** ****** ********.

***** ******* *** **** ******** ** *** ****** **** ** the *** **** ********** ********** ******.

****** *** **** **********. *** ******* ******* ** *** ****** to ***** ******** *****/****** (********) ****** ** ***** ********...*** ** curiosity **** *** *** ****** ** **. (;-)

*** *** ****?

*** ******* ** *** ********, **** ****** ** **** ***** accounts ** *******, ** **'* ****** * *** ** ***** scripting.

**, **'* **** **** ;)

** [ -* $**** ];****
**** "**** ******"
****

***** *** *** *** **** **** **** *****? *** ** you **** *** ***** ******** **** ** ** *** **** it?

******

*****:

**** ****** ** ***** ** ** ****. *****, ** ** now, ** *** ********* *** ******** **** ***** ******* ******* which **** ****** *** *****, **** ******** *************. **** **** been ********* ******, ** "*******" ******** ** *** ******** ********, which ******* *** **** (*****) ******* ****.

*** ******* ********** *** **** ***'* ******** ******** **** *** fixed *** **** ** ******** *** ** ***** ******* ****.

** ** ************* *** ***** ******** ** "*******".

**** ** **** * *****. * ********* ** *** ** anyone ******* * *** ********* ** ** ****** ****** ** script ** *** ******* ** ***** ******** **** ** *** the ****.