search

guino / Merkury1080P

Merkury1080P (CW017) Rooting and Customization
77 stars 16 forks source link

Cannot login via telnet #54

Closed bartflash closed 5 months ago

bartflash commented 5 months ago

Attempt method below, but I immediately get stuck at step 1, where I am prompted for a password. Combinations admin/admin, admin/password, admin/056565099 are not successful.

Any ideas?

Confirmed on a second camera.

To recreate, I followed all the steps until patching ppsapp then did the following:

1. telnet into camera

2. modify /home/cfg/tuya_config.json
   (a) change onvif_enable=0 to onvif_enable=1
   (b) change onvif_pwd to the password you wish (plaintext)

3. run the following command:
   set onvif_enable 1

4. reboot by running the reboot command

That's it, once it rebooted you can access the rtsp stream.

I used the following program to determine the rtsp stream addresses: https://github.com/paullouisageneau/gsoap-onvif

Here's the output:

[2021-09-23 23:36:06] [main.cpp] [26] {error:3 faultstring:Validation constraint violation: tag name or namespace mismatch in element 'env:Fault' faultcode:SOAP-ENV:Sender faultsubcode:(null) faultdetail:(null)} [2021-09-23 23:36:06] [main.cpp] [115] {-------------------Device-------------------} [2021-09-23 23:36:06] [main.cpp] [116] {XAddr:http://192.168.2.207:8000/onvif/device_service} [2021-09-23 23:36:06] [main.cpp] [118] {-------------------Network-------------------} [2021-09-23 23:36:06] [main.cpp] [119] {IPFilter:Y} [2021-09-23 23:36:06] [main.cpp] [120] {ZeroConfiguration:Y} [2021-09-23 23:36:06] [main.cpp] [121] {IPVersion6:Y} [2021-09-23 23:36:06] [main.cpp] [122] {DynDNS:Y} [2021-09-23 23:36:06] [main.cpp] [124] {-------------------System-------------------} [2021-09-23 23:36:06] [main.cpp] [125] {DiscoveryResolve:N} [2021-09-23 23:36:06] [main.cpp] [126] {DiscoveryBye:Y} [2021-09-23 23:36:06] [main.cpp] [127] {RemoteDiscovery:Y} [2021-09-23 23:36:06] [main.cpp] [133] {SupportedVersions:} [2021-09-23 23:36:06] [main.cpp] [137] {2.20 } [2021-09-23 23:36:06] [main.cpp] [141] {} [2021-09-23 23:36:06] [main.cpp] [144] {SystemBackup:N} [2021-09-23 23:36:06] [main.cpp] [145] {FirmwareUpgrade:N} [2021-09-23 23:36:06] [main.cpp] [146] {SystemLogging:N} [2021-09-23 23:36:06] [main.cpp] [148] {-------------------IO-------------------} [2021-09-23 23:36:06] [main.cpp] [149] {InputConnectors:-2075307872} [2021-09-23 23:36:06] [main.cpp] [150] {RelayOutputs:-2075307840} [2021-09-23 23:36:06] [main.cpp] [152] {-------------------Security-------------------} [2021-09-23 23:36:06] [main.cpp] [153] {TLS1.1:N} [2021-09-23 23:36:06] [main.cpp] [154] {TLS1.2:N} [2021-09-23 23:36:06] [main.cpp] [155] {OnboardKeyGeneration:N} [2021-09-23 23:36:06] [main.cpp] [156] {AccessPolicyConfig:N} [2021-09-23 23:36:06] [main.cpp] [157] {X.509Token:N} [2021-09-23 23:36:06] [main.cpp] [158] {SAMLToken:N} [2021-09-23 23:36:06] [main.cpp] [159] {KerberosToken:N} [2021-09-23 23:36:06] [main.cpp] [160] {RELToken:N} [2021-09-23 23:36:06] [main.cpp] [183] {-------------------Media-------------------} [2021-09-23 23:36:06] [main.cpp] [184] {XAddr:http://192.168.2.207:8000/onvif/Media} [2021-09-23 23:36:06] [main.cpp] [186] {-------------------streaming-------------------} [2021-09-23 23:36:06] [main.cpp] [187] {RTPMulticast:Y} [2021-09-23 23:36:06] [main.cpp] [188] {RTP_TCP:Y} [2021-09-23 23:36:06] [main.cpp] [189] {RTP_RTSP_TCP:Y} [2021-09-23 23:36:06] [main.cpp] [196] {-------------------PTZ-------------------} [2021-09-23 23:36:06] [main.cpp] [197] {XAddr:http://192.168.2.207:8000/onvif/PTZ} [2021-09-23 23:36:06] [main.cpp] [26] {error:401 faultstring:HTTP Error faultcode:SOAP-ENV:Server faultsubcode:SOAP-ENV:Server faultdetail:HTTP/1.1 401 Not Unauthorized} [2021-09-23 23:36:06] [main.cpp] [239] {-------------------NetworkInterfaces-------------------} [2021-09-23 23:36:06] [main.cpp] [240] {IPCNetwork} [2021-09-23 23:36:06] [main.cpp] [241] {84-7a-b6-88-10-05} [2021-09-23 23:36:06] [main.cpp] [275] {-------------------MediaProfiles-------------------} }2021-09-23 23:36:06] [main.cpp] [278] {profile0:MainStream Token:IPCProfilesToken0 [2021-09-23 23:36:06] [main.cpp] [288] {RTSP URI:rtsp://192.168.2.207:8554/Streaming/Channels/101} }2021-09-23 23:36:06] [main.cpp] [278] {profile1:SubStream Token:IPCProfilesToken1 [2021-09-23 23:36:06] [main.cpp] [288] {RTSP URI:rtsp://192.168.2.207:8554/Streaming/Channels/102} [2021-09-23 23:36:06] [main.cpp] [314] {-------------------VideoEncoderConfigurations-------------------} [2021-09-23 23:36:06] [main.cpp] [26] {error:401 faultstring:HTTP Error faultcode:SOAP-ENV:Server faultsubcode:SOAP-ENV:Server faultdetail:HTTP/1.1 401 Not Unauthorized} [2021-09-23 23:36:06] [main.cpp] [332] {Encoding:ttVideoEncodingH264} [2021-09-23 23:36:06] [main.cpp] [336] {name:VideoEncoderConfig0 UseCount:1 token:VideoEncoderConfigToken0 } [2021-09-23 23:36:06] [main.cpp] [338] {Width:1920 Height:1080 } [2021-09-23 23:36:06] [main.cpp] [26] {error:401 faultstring:HTTP Error faultcode:SOAP-ENV:Server faultsubcode:SOAP-ENV:Server faultdetail:HTTP/1.1 401 Not Unauthorized} [2021-09-23 23:36:06] [main.cpp] [332] {Encoding:ttVideoEncodingH264} [2021-09-23 23:36:06] [main.cpp] [336] {name:VideoEncoderConfig1 UseCount:1 token:VideoEncoderConfigToken1 } [2021-09-23 23:36:06] [main.cpp] [338] {Width:640 Height:360 }

And Bob's your uncle you have an ONVIF camera that you can now integrate with tensorflow and other utilities... I personally use motioneye and doods along with home assistant. i detect motion with motioneye, send a webhook to home assistant, this triggers doods (tensorflow) which detects objects in frame during motion. If it detects objects, it then sends me a notification via telegram. HIKVISION charges 200-300 per camera for a 1080p camera with less configurable software.

What password you use? http://admin:056565099 or http://admin:admin. dos not work. i got the same deviceinfo

Originally posted by @Marko9831 in https://github.com/guino/Merkury1080P/issues/9#issuecomment-986093092

guino commented 5 months ago

@bartflash If telnet is asking for a user/password then we can assume telnet is running (which is a good thing).

The telnet password should be whatever you defined in step 9 of https://github.com/guino/Merkury720 during the initial process. If you don't remember the password you set or you don't want to deal with a password, simply modify the line in custom.sh from: /mnt/mmc01/busybox telnetd to be: /mnt/mmc01/busybox telnetd -l /bin/sh

The above change will make it so no user/password will be asked to telnet into the device.

bartflash commented 5 months ago

Thanks! Completely overlooked that one!