No access : telnet and Snap.cgi / but RTSP : OK

[kwetnico]

Hello, I hacked my camera: (hardwareversion ":" M16S_A2_V10_F37 "," firmwareversion ":" ppstrong-a3-tuya2_lsc-4.0.6.20210311 ") The rtsp stream is working fine thanks. I wanted to test telnet and live access to snap.cgi but it doesn't work: I have access denied for snapshot and telnet .. I modified the http.conf file (without the hash) and passwd (with the hash). I even added the line not to ask for a password but impossible (custom.sh) and the hardware is ok : ..

What can I do to make it work ? Thank you

my http.conf :

my passwd :

[guino]

@kwetnico "Access denied" is different than "Connection refused" -- the first one would prompt you for user name/password and would say that it is invalid, the second one would give you no user/password prompts.

"Access denied" would mean the user/password or hash having issues. "Connection refuesed" with working RTSP on the same IP would mean missing/wrong files -- I would specifically recommend you check the busybox file has over 1Mb in size as that's used for both telnet and snap/mjpeg.

If you check busybox and it is ok, then you can post a zip of your SD card (Without the SDT folder) and I can check it out.

[kwetnico]

@kwetnico "Access denied" is different than "Connection refused" -- the first one would prompt you for user name/password and would say that it is invalid, the second one would give you no user/password prompts.

"Access denied" would mean the user/password or hash having issues. "Connection refuesed" with working RTSP on the same IP would mean missing/wrong files -- I would specifically recommend you check the busybox file has over 1Mb in size as that's used for both telnet and snap/mjpeg.

If you check busybox and it is ok, then you can post a zip of your SD card (Without the SDT folder) and I can check it out.

Thanks SD.zip

[guino]

@kwetnico your busybox looks right but I am worried about some core-busybox files which indicate busybox crashed a few times. You can try this busybox: https://github.com/guino/Merkury720/blob/main/mmc/busybox?raw=true which is slightly different but should have the same features.

When trying http://IP:8080/cgi-bin/snap.cgi did you ever get a user/passowrd prompt ? how about telnet -- did you ever get a prompt or just 'connection timeout/refused' ?

[kwetnico]

No prompt to telnet, just connection/refused with putty or mobaxterm. No prompt to http://ip:8080/cgi-bin/snap.cgi

[guino]

@kwetnico let me know how it goes with the other busybox then -- hopefully that does the trick but you do have to boot up the device with SD+busybox in it for it to be used. You may want to check if any more 'core-busybox' files were created in the SD card too.

[kwetnico]

ok i test now

[kwetnico]

@kwetnico let me know how it goes with the other busybox then -- hopefully that does the trick but you do have to boot up the device with SD+busybox in it for it to be used. You may want to check if any more 'core-busybox' files were created in the SD card too.

Yes ! it's ok my cam 2 reboots and : Telnet : OK Access to snap.cgi : OK Access to mjpeg : OK No busybox crashed : OK

Thanks !! it's perfect

[guino]

@kwetnico thanks for the feedback, I guess your camera must be running slightly different/older hardware which requires that 'more compatible' busybox version.

[kwetnico]

@kwetnico thanks for the feedback, I guess your camera must be running slightly different/older hardware which requires that 'more compatible' busybox version.

Possible I bought it 1 week ago.

[kwetnico]

@guino it's possible to change password rtsp ? Admin/admin isn't very secure...

[guino]

@kwetnico telnet into the device and take a look at /home/cfg/tuya_config.json -- it may be possible to modify the ONVIF/RTSP password in there depending on the firmware version (I don't have a device with your firmware to look at it). If it is possible then you can use the included set script o modify the setting like: /mnt/mmc01/set onvif_pw password -- this is only an example so you should check the name of the setting and choose whatever password you want to use. There's a chance the config may have the field but that it may not do anything.