Hikvision Anti Hacking Firmware Tested

Author: Ethan Ace, Published on Jun 03, 2015

Hikvision has had historic hacking problems, with DVRs turned into Bitcoin miners, buffer overflow vulnerabilities, and finally culminating in the hacking of a Chinese province's cameras due to weak passwords.

In response to these attacks, Hikvision promised improvements to address these issues in updated firmware.

We tested this new firmware, version 5.3.0, to see how these features functioned, any potential drawbacks, and what impact this new firmware has on Hikvision devices being hacked.

************ *** ******** ******* ********, **** **** ****** *********** ******,****** ******** ***************, *** ******* *********** ** ********** ** * ******* ********'* ******* *** ** **** *********.

** ******** ** ***** *******,********* ******** ************** ******* ***** ****** ** ******* ********.

** ****** **** *** ********, ******* *.*.*, ** *** *** these ******** **********, *** ********* *********, *** **** ****** **** *** firmware *** ** ********* ******* ***** ******.

[***************]

Key ********

**** *** ************ ***** ** *.*.* ********, ********* ******* *** much **** ****** ** ** *********** ****** *** ** ***** *** ******** simple ******* ********* ** ******** ********* *******, ***** *** ******/******** forces * ****** ******** ****** ** *** ** ****. *******, some ***** *** **** ****** ******** ************ ******** ** ****** ** increased ************* *** *************** ****.

************, **** *** ********* ** ******* ***** **** (*** ************), brute ***** ******* ******** *** *** **** ****** ** *******, as ********* **** ** ******* ***********, ******** *** ******, *** users *** ** ********, ****** **** **** ** *****, *****, IP *********, ****** *******, ***. 

*******, *** ******* ** *** **********, ***********, *** ************ **** telnet ******** ****** * ******** **** ***** **** ** ********* of ******** *******.

Firmware ************

*.*.* ******** ** ********* *** *** ******** ************* ***'* ********** ***** ** ***** *******. ***** ** ***** ******* ****** check ***** ********** ********.

****: ********* ********** ******* ********** ***** ************* ** ******** (*.*., Chinese ******* ** ***** ******** *******), ** **** *** ******* for ********* *******, **** ********* **********, ***.

Device ********** *******

*** ******* *** ******** ** ******** *.*.* ** *** *** device ********** *******, ***** ****** ***** ** ****** * ****** password (*** *** ********* ** *********'* **** ********) ****** *** camera *** ** ******** ** ********* ** * ***. ********* must ******* ** ***** * ********** *** *** * *********** of *** ***** (*********, *********, *******, ** ******* **********), ****** this ** ***** ********** "****" ** *********. ** ***** ** create * "******" ********, ***** **** *** ** ***** ***** ***** of *********. 

*** ****** ********** ******* ** ******** ** **** *****:

**** ******** ******** ****** ********* ********, *** ***** **** *** downsides:

********* ************* ********

*** **** ********* ***** ****** *********, ********** ***** ***********, ** that ********* ************* ** ********. **** ****** ** ****** ***** ****** passwords *********, ********** **** ******* ** ************-**** ********, *** ****** with ***** ********.

************ *** ******* ***** *** **** ** **** ** ********* under **** ******, ***** **** *** **** ********* ****** ********* it. *******, ************* *** ****** ****** * ******* ******* ******** ***** is **** *** *** ******** *** **** ** ********, ***** still ******* ***** *****, *********** ******** **** ********.

*** ******** *********

****** ** ******** ***** *** ** ******** **** ****** *.*.* cameras ** ***** ***** ******** ******* *********. ***** ***** ***** do *** ****** ******* ******** ** ** *** ******* *** not *******, ***** ***** *** *** ******* **** *** ***** incorrect *********. **** *** ***** ********** ******** ** ******* ***** lock ** ****** ** (*****).

Illegal ***** ****

******* ***** **** ****** *** ****** **** ******** ** ********* after **** ****** ***** ********. ************, ****** *** ** ********* informing ************* ** ****** ***** ******** ** **** *** **** other ******* **** ** ******** *** ********* ********* ** *********, checking ******** ********, ***.

**** ******, ***** **** **** ** ******* ** ****** *** camera, ** *** ** *** * ********* ** *******, *** disable *** **-****** *** *******.

******* ***** **** ********* *** ***** ** **** *****:

***** *** **** ******

***** *** ******* ******** ******* ***** **** ** **** ******* to *** * ****** ** * *** ***** *** ******* credentials. ** *** *** ******** ** ********* *******, *** ****** may ***** *** ****** ** * ****** ** **** * few ******* ** ****** ********* *** *** *******. ** *** tests, ********** **** ********** ******* ********* ** ***** ***** *** ***********, *** ****** *** blocked ** ***** *** *******.

****** *******

*******, ********* ******* ****** ******* **** *** ******* ** *.*.*, a******* ******** ******** ** *******, ***** ** ** *********** *** *** **** ** ***** open ** *******. ***, * ******* ********, ** ***** ** use, ******* **** ** *** **** ********* ** ******** ****** is ********, ****** ** ** *********, ******* *** ****** *** and **** **** ********** ** ******.

** **** *****, ** ************ ******* ******* ******* *.*.* *** *.*.*, ******* *** *********** ** open/closed ***** *** ******* ********.

**** **********

*** ********** ***** ***** *** ********** ** **** *** ****** ports ******* * ****** ******* *.*.* ******** *** *** ******* 5.2.x, **** ****** ****** (** **** ** *** *** *****, which *** *** ******** ** *******).

Compared ** ***** *************

********* ** *** *** ***** ************ ** ********* **** ** these ******** ********, *** *** ** *** ***** ** ******* them. ** ******* * ******* ** ******** ***** ** ***** manufacturers *****. ******* ****** *** *** ** ****** ********* - ****, *****, ******* ****** *** **** *******.

******* ******** * ****** ********** ******* ******* ** *********, ******** in 2.x *********. ***** *** ******** ** ****** * ****** ******** (**** more ******* **** *********, **** *****) ****** *** ****** *** be ******** ** ***** ** * ***.

**** *** ****** ***** ** ****** * **** ********, *** users *** ***** ****** *** "****", *********** *** **** ** keeping *** *******. ************, ****** *** ******** ** *******, ***** is ******* ***** *** ****/**** ***********, ******** *** ****** ** be ***** ** *****.

*******, ***** **** *** ******* *** ****** ******** ************, **** passwords ********** ** "*****". *******, **** *** *** ** *** other ************* ** ******* ***** ************ ** ******** ****** ***** attempts. ******, ****** *********, *** ****** **** *** *********** ***** the ********* ** *******, ******** *** ****** ** ********.

What ** *** *****?

** ***** ********* ** *********'* *.*.* ******** ** ****** ** prevent *******? ** **** ******** *******?

 

 

Comments (15)

Meghan Uhl

06/03/15 07:29pm

******* ** ***** ** "******* *******". * ***** **** *** a ****** **** *** ** ********* ** *** ** **** as **** ********* - ***'** *** ****. *** **** ***** - *** **** ** *** ***** ** ** **** ** accept ****, **** ******** *********** ** ***, *** ******** ********* we ***, **** *** *** **** *** ***'* ***** ** it. ********* **** ** **** **** ***'** ***** ***** ********** but **** ********** **** ** *** **** & ***** ***'* keep ***** ******* ****, **** ***'* ****** ** **** ***** security ****** ***% **** ******.

Tyler Fenby

06/03/15 09:00pm

*****'* **** ********** ** **** ****** ********** ****** ******** ******* as ****? ***'* *** * *** **** ***** ** **** after ****.

Bob Germain

In reply to Tyler Fenby | 06/07/15 12:53am

*****- *** ****** ******** ***** *** ********* **** ****, ****** a **** ** ** ***** ******** ** ** (*********). ********* has *** ** ******** ********* *** *** ********* ** ******* concerns *** ******. ** **** ***** **-**** *** ***** ****** reports ** *** ******** ******** ******.

***

Steve Mitchell

06/03/15 10:10pm

*** ******. ********* *********'* *****: * ****** ** *** **** for ***** ***** ** *****. *** **** ** *** ********'* own *****: ***/**** (*** *******) ***** ***** *** **** ***** of ******** *************** ** ********* ** ********* (***/*******) *** ******* the ******** ********* ** ************** ** ******* ******* ******* **** have ******* ** *** ** ******** **** *** **** **+ years. *********, *****, **, **., ******* ******** ******* ****** *******, and **** ** ***** *** *** ** ** ****** ******* these ************* ** **** ******** ** ****** **** ******** ** kept **-**-****. *** ******** ** ******** ***** ** ** "***-*********" and ** **** *****'* **** *** *** **** ** **** software **-**-**** ** ******. ************, **** ********* **** **** ******* remain *********.

Tyler Fenby

In reply to Steve Mitchell | 06/04/15 12:37pm

*'* *** **'* * ******* **** ******* **** ******* ** security. **, ** **** ****** **** ***'* ********** *** ******* of ****** * ****** ********** ** ***** ****** ****** ** the ***** **** ** ** ******* *** ****** **** ** doesn't **** *** ******* ***************. **** ** *** ****** ***** that **** ******** (*** *** ********** ** ******) *** * perfect *******.

Steve Mitchell

In reply to Tyler Fenby | 06/04/15 04:59pm

*****, ***'** *****, ** ***/**** ***** ******* ** ********. ** exists ** *** ******* ***** ******* *** *** ********* ******* with *** ********** ******** *****.

** ***** ** *** ******* ** ** **** **-**-**** *** thus ********** **** ** ***** ******** *************** *** ****** **** to *****:

  1. *** ************ ***** ** **** ************ ******* ******** ******* *** provide ********** ******* ******* *** ** ****** (** *** *************) applied.
  2. *** ******** ***** ** ********* **** ******* ******* *** ******** to **** ***** ****** ******, *** **** ************** *** ******** the ******* *** *******. **** **** ** **** *** ************ accountable, *** ******* ******** ********** ***** (*.*, ********* *******) ** update ***** ******* ******** ********.

*** ** ******* ***** ********* ** * ********: ** *** extreme **** ******* * ****** *** ***** ****** **, ** the ***** ******* **** *********** ***** *******.

*** ******** ******** ***** ** **** ******* *** ****** **** of **** ********. **** ********* ********* ****’* ****** ********* ** the ******** ** ***** ***/**** (** **** ******’* *** ****** run ** ***** *******), *** ********* *** *** **** *********** for ******* ***** *************** ** *****. * ***’* ******* **** will ****** **** ****** *** ***-********* ******** ******** **** ** some ** *** **** ********* **** *** **** ****** ** the ** *******.

**** ******* ** ****** *************** ** * ***** ***. *** I ******* **** **** *** ** ****** * ******* ** an ***********/******* ***** ******* *** ******* ** *** *** ** date (************, *** ****/*****-****** ***********). **** ******* ** ***** ‘*****’*’ typically ** ***-** ******, *** *****’* **** **** **** ****** be ******** ** ****** ***** ******* ***** ****** *** *************** and ***** **** ******** ** ** **** ***** ****** *******.

Undisclosed End User #2

In reply to Steve Mitchell | 06/04/15 05:10pm

* ***** *** **** ***** ***** **** *********** ****** ** Hikvision. *** ******* *** *** *** **** *** ******** *********** passwords. **** ****** ****** ******** *********** *** ********** ** ** their *** ********. *** ******* ** * **** ******** ******* and **** ****** ***** ******* ** * **** **** ****** than **** ******.

** *** ****** **** *** * ****** **** **********, *** alone * ******** ******, **** ******* ********* ** *****. *** it ***** ** **** ***** ** ******* ** ***** ** seconds ** ****** *** **** **** ******* ** **** *******.

******* *** ************ *** **** ** **** ******* **** **** your *** *** ****** ******* *** **** ** ******** *** the *** ** *** ********. * *** ** ************** ***** to *** ************* *** ********.

* ***** **** *** * *** ** ***** ** ** was * ******* ******* *** **** ***** ********* *** **** cameras *** ********* ***** ******** (**** ******** *** ***) *** exactly ** ********** **** *** ************** ***'* *** ****** ******** protocols.

John Honovich

IPVM | In reply to Undisclosed End User #2 | 06/04/15 05:19pm

"******* *** ************ *** **** ** **** ******* **** **** your *** *** ****** ******* *** **** ** ******** *** the *** ** *** ********. * *** ** ************** ***** to *** ************* *** ********."

****'* * **** *****.

"*** **** ******* *** ********* ***** ******** (**** ******** *** not) *** ******* ** ********** **** *** ************** ***'* *** proper ******** *********."

****** **** *** ****** ******* * ******** **** ***** ***** for * *** *****, ***** ***** ** ******** ******* ****.

Bob Germain

In reply to Steve Mitchell | 06/07/15 01:04am

*****- *** ***** ** *** **** * ****** *** *** already **** ********* ** ***** ******** ********. **** *** ****** Activation ******* *** **** ** *********** *** **** **** *** takes *** ******** ** * *** *****.

** **** ******** ******** ****** **********, ********* ****, ****, ** Cameras, **** ****** ****, ****-****, *** ***** ***********, ***, ** is *** ****** ********* **** ** ********* *** ********. ** are **** ********* ******* ****** ** ****** ********* **** **** new ******* ** *** ** **** *********** ***** ********* ** taking.

**** *******

***

Undisclosed Integrator #1

06/03/15 11:18pm

*** ********* **** *** **** ** ******* ** **** *** firmware?

Thumbnail image

Jon Dillabaugh

Pro Focus LLC | 06/05/15 03:58am

**** ******* **** *** ******* **** ******** ** *********, ***** than ***** *** ********* **?

**** ******* ** * ************* ******* ** ******* *** ***** user *******? **** * ***/*** ***** *** **** ***** **** connection ***?

** **, * ***** * *** *************.

Chris Dearing

IPVMU Certified | In reply to Jon Dillabaugh | 06/05/15 04:37am

** *** *** **** **** ***** ******** **** *** **** machine/IP ** *** ***, *** **** *** ******* ********** ******(*), forcing *** *** ** **-************, **** *** ****** ** ******.

David Oleksy

In reply to Jon Dillabaugh | 06/06/15 10:59pm

** *****'* ***** *** *******. ** ****** *** ** ******* with *** **** ****** ***** ********.

Thumbnail image

Jon Dillabaugh

Pro Focus LLC | In reply to David Oleksy | 06/07/15 12:27am

***** ***** ** ********* ** ******** *** **?

Bob Germain

06/05/15 11:24am

*****- *** ******** ** *** ********* ** *** ********* *** website.

****://***.*********.***/**/**/********.***

*** ***** *******, ****** ** ** **** ******** ********* ******* for ********* *********.

Login to read this IPVM report.
Why do I need to log in?
IPVM conducts unique testing and research funded by member's payments enabling us to offer the most independent, accurate and in-depth information.

Related Reports

No Hack, Still Liable, Court Finds ADT on Jun 20, 2017
Recently, ADT has been in the news for a $16 million settlement for a cyber security vulnerability class action suit. One of the most important...
VMS UI - Light vs Dark Preferences on Jun 16, 2017
Several VMS manufacturers have the ability to choose a user interface with either a light or dark color theme. 150+ integrators told us which they...
Axis 20MP Q1659 Camera Tested on Jun 13, 2017
Axis has joined the super high resolution camera trend with their Q1659, a 20MP model equipped with Canon's APS-C sensor. We tested the Q1659...
Milestone New "+" Claims To "Conquer The Mid-Market" on Jun 07, 2017
Milestone has declared they are going to "Conquer The Mid-Market" with new "+" releases. Will they? In this report, we examine Milestone's "+"...
Manufacturer Revenue Directory on Jun 05, 2017
This report contains data on the revenue of 32 security manufacturers, trend analysis of whether they are gaining or losing ground and commentary...
Most Disrespected Manufacturer Competitors on Jun 01, 2017
Manufacturers told IPVM what competitor they most disrespected. There was one overwhelming selection that manufacturers felt was harming the...
How To Hack Your Company's Hikvision Recorder on May 29, 2017
Here's how easy it is to hack your company's Hikvision recorder: It does not matter how hard or secret the admin password is. Hikvision will...
Anti-Hack Access Card Shields Tested on May 26, 2017
Keeping your access control card information secure is becoming a big priority, especially since cheaper copiers can hack details easily. Multiple...
Most Respected Manufacturer Competitors on May 25, 2017
Manufacturers told IPVM what competitor they most respected. In terms of total revenue, Hikvision, Dahua and Axis are certainly tops but would...
IP Camera - 15 Year Shootout on May 22, 2017
How far have IP cameras come? We bought and tested 4 cameras across the past 15 years to understand how much and where performance has...

Most Recent Industry Reports

Importance of Sales To Integrators - Statistics on Jun 23, 2017
One of the top trends in the industry over the past few years has been the rise of across-the-board sales (e.g.: Hikvision Sales, Dahua Sale,...
Deep Learning Surveillance Startups Deep Problem on Jun 23, 2017
The undeniably good news for the video surveillance market is that we are seeing the rise of more startups than in many years. The cause of this...
Avigilon Announces RADAR-Based Presence Detector on Jun 22, 2017
RADAR is gaining momentum within physical security. Two months after Axis announced a network radar detector, Avigilon has announced a RADAR-Based...
Covert Cloud Camera Service Launching (KJB) on Jun 22, 2017
Cloud IP cameras, for consumers, has become increasingly commonplace. However, covert cameras, lag there, with few options. Now, North America's...
Manufacturers Shipping Unlicensed H.265 Products on Jun 22, 2017
While H.265 support in video surveillance is growing, IPVM's research shows that most surveillance manufacturers are shipping H.265 products with...
Uniview Low-Cost Bullet PTZ Tested on Jun 21, 2017
Uniview is offering a HD zoom bullet camera, the IPC742SR9-PZ30-32G, with an integrated pan / tilt positioner, for the price of a low-cost...
QSR Video Surveillance Best Practices on Jun 21, 2017
Fast food restaurants or QSRs (quick service restaurants), are frequent victims of crime and fraud. Because they are open late, deal with cash, and...
45 Drives 'Lowest Cost' Enterprise Storage Company Profile on Jun 21, 2017
45 Drives claims the "lowest cost per Hard Drive Slot in the industry." But who or what is '45 Drives'? What started as a product design to...
No Hack, Still Liable, Court Finds ADT on Jun 20, 2017
Recently, ADT has been in the news for a $16 million settlement for a cyber security vulnerability class action suit. One of the most important...
Resolver / PPM 2000 Incident Management Platform Profile on Jun 20, 2017
You might have seen the company whose employees wear hockey jerseys at trade shows and wondered "what do they do?" PPM 2000 has been active in...

The world's leading video surveillance information source, IPVM provides the best reporting, testing and training for 10,000+ members globally. Dedicated to independent and objective information, we uniquely refuse any and all advertisements, sponsorship and consulting from manufacturers.

About | FAQ | Contact