CCTV IP camera hacking
Discussion
I've bought a house that a previous owner has installed Lilin IP cameras on. I'd like to play with this new toy but unfortunately the admin credentials for the cameras are lost, so while I can browse to the device IP address and try a bunch of manufacturer default passwords and some common ADMIN/Passw0rd/1234 guesses, i'm getting nowhere. I do get a preview snapshot from each camera to the NVR device. I've tried asking Lilin support for another admin account or resetting the admin password but they are adamant it can't be done over the LAN. Yes the reason i'm asking is that while the cameras can be factory reset, they are mounted to the roof and therefore I have to do this from a tall ladder I do not possess. I'd like to do this the lazy techie way and hack the web interface creds from my desk 
Muntu said:
ARH said:
Muntu said:
ARH said:
Have you tried a factory reset?
Jesus wept And there is really no need to be rude however smart you are.
Herbs said:
Have you tried these?
IP Camera Default: Username: admin / Password: pass.
NVR/DVR Default: Username: admin / Password: 1111.
Alternative User: User01 / Password: 3333.
Yes thanks. I'm into the NVR box as that's very accessible. I've tried a few combinations of the Operator and Guest accounts that the NVR references too.IP Camera Default: Username: admin / Password: pass.
NVR/DVR Default: Username: admin / Password: 1111.
Alternative User: User01 / Password: 3333.
drmotorsport said:
Mr Pointy said:
OP: any chance you can find out which company installed the system? They may have a record of the passwords if they changed them.
Nope that's lost in the mists of time. I was hoping that the Chinese manufacturer would have a back door admin account lolIIRC - There are some YouTube tutorials on how you can 'brute force' hack things too.
M
As other posters suggest, a factory reset should get you back to a standard box that you can then configure yourself:
https://lilin.zendesk.com/hc/en-gb/article_attachm...
I nearly had to do this with my Reolink box yesterday but then had a sudden flash of inspiration to remember the password I set during the pandemic!
(I am assuming all the cameras are on default settings. Mine just plug to the box and the NVR recognises their IP)
https://lilin.zendesk.com/hc/en-gb/article_attachm...
I nearly had to do this with my Reolink box yesterday but then had a sudden flash of inspiration to remember the password I set during the pandemic!
(I am assuming all the cameras are on default settings. Mine just plug to the box and the NVR recognises their IP)
Edited by Shooter McGavin on Tuesday 28th April 12:21
If they have ONVIF/RTSP stream enabled, try this https://github.com/Ullaakut/cameradar
Any idea of the model? There might be a vuln available, e.g. credential bypass
Any idea of the model? There might be a vuln available, e.g. credential bypass
ARH said:
Muntu said:
ARH said:
Muntu said:
ARH said:
Have you tried a factory reset?
Jesus wept And there is really no need to be rude however smart you are.
drmotorsport said:
I do get a preview snapshot from each camera to the NVR device
In my (limited) experience of ONVIF cameras - with the password you get data, without the password you don't. Getting a preview image seems surprising. Perhaps these cameras are different, but is the NVR the previous owners', and thus contains the passwords? If so, it's probably easier to pull/hack the passwords out of the NVR. Edited to add: it's usually within the cameras' URL.Edited by biggiles on Wednesday 29th April 08:47
Gassing Station | Computers, Gadgets & Stuff | Top of Page | What's New | My Stuff