Skip to content

KostasEreksonas/DVRIP_hash_cracker

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6 Commits
LICENSE
LICENSE
 
 
README.md
README.md
 
 
pyproject.toml
pyproject.toml
 
 
uv.lock
uv.lock
 
 
xm_hash_cracker.py
xm_hash_cracker.py
 
 

Repository files navigation

DVRIP_hash_cracker

Python script for cracking DVRIP/Sofia password hash. Existing vulnerabilities are being exploited for hash retrieval. Only dictionary attack is supported as of now.

Usage

uv run xm_hash_cracker.py

Test setup

This script was tested on Besder 6024PB-XMA51 IP camera:

Model: XM530_50X50-WG_8M
Firmware version: V5.00.R02.00030747.10010.349f17

Exploited vulnerabilities

  • CVE-2024-3765 - authentication bypass vulnerability in proprietary Sofia protocol found on Xiongmai based IP cameras. Sending a crafted payload with the command code f103 (little-endian hex for 1009) allows unauthorized access. A writeup by netsecfish is available on Github
  • CVE-2025-65857 - authentication bypass vulnerability in the ONVIF implementation found on Xiongmai XM530 chipset based IP cameras. This vulnerability allows unauthenticated access on 31 critical endpoints, including unauthorized video stream access. Vulnerability writeup on NIST database

About

Python script for cracking DVRIP/Sofia password hash. Existing vulnerabilities are being exploited for hash retrieval

Topics

cctv ipcamera ipcam sofia xmeye netsurveillance dvrip xiongmai xiongmaitech besder besder-6024pb-xma501 besder-6024pb

Resources

Readme

License

GPL-3.0 license
Activity

Stars

1 star

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages