search

Relkci / NightOwl-WifiCamera-Config-wnip2

WIFI configuration and ONVIF information for Nightowl WNIP2 series cameras
7 stars 3 forks source link

Can't connect to devices #3

Open redwiz666 opened 3 months ago

redwiz666 commented 3 months ago

Looks like Night Owl has patched this.

I am able to connect to the network and can ping the gateway that is specified in the config, but none of the cameras are responding to ping or when performing an NMAP scan even with -Pn they will not response.

Geofferey commented 3 months ago

Same here on an WNVR-BTWN8-V2... I can get on the hidden AP using the credentials I obtained using Wireshark, unfortunately It appears there is some client device isolation being used on the AP. Was hoping to see how NVR sets up a connection to the cams using some ARP spoofing.... I was also able to get the CAMs to connect to my doppelganger AP, however upon scanning the devices I am only seeing port 80 open and none of the others described in write-up or ONVIF. Sorta luckily the NVR itself supports RTSP streams via address rtsp://${NVR-IP}/ch0_0.264 and each channel can be accessed by incrementing chX_0.264. Problem with that being the streams cuts every 3 min. I stupidly bought one of these things thinking a power supply would provide always on recording and now I'm trying to hack the damn things to allow for it, smh.

Edit: There is a trick that I thought of which allowed me to eavesdrop on the communications between cams/NVR. Since one can decipher the key from broadcast it is possible to use Wi-Fi monitor mode to listen in using WPA-PWD/SSID. I found that the cameras POST to the NVRs internal IP via http://172.20.14.1:80/recvstream/`[0-8]` unfortunately this is just leaving me with more questions than answers for the time being.

D2theR commented 1 week ago

After much trial, error, lot's of factory resetting and restraint against smashing the NVR in a Office Space style fit of rage. I got it to leak the PSK and the same info from the tutorial. Here's what I did:

  1. I installed the stupid Windows and Android apps (links are in tutorial).
  2. I deleted the NVR from my device list in the app (the Windows program is hot garbage and wont let you).
  3. I reset my password to my account.
  4. Leaving one of the cameras OFF/Unplugged...
  5. I reset the NVR to factory default settings, then logged back in using the new credentials from the NVR.
  6. I started Wireshark and logged into the NightOWL windows app.
  7. I plugged in the OFF and placed it in "Pairing mode" by pressing and holding the reset button.
  8. I cheered with joy at my newly cracked cameras and gave NightOwl the finger.

I've successfully got these connected to a Unifi AP, and will continue to probe them further to gather intel. My end goal is to use them with Home Assistant and Frigate for AI image detection.