Kang Asu

This blog talks about Computer, Security, Information technology, SEO, Video, etc. Now you can find all free things, Information Technology and Tips and Trick in this blog. JOIN ME KANG ASU

Breaking

Friday 17 April 2020

Home / framework / HikPwn

HikPwn

by on in
Kang Asu
HikPwn - A Simple Scanner For Hikvision Devices


HikPwn, a simple scanner for Hikvision devices with basic vulnerability scanning capabilities written in Python 3.8. This project was born out of curiosity while I was capturing and watching network traffic generated by some of Hikvision's software and devices.


Setup instructions:
git clone https://github.com/4n4nk3/HikPwn.git
cd HikPwn
pip install -r requirements.txt

Tested on:
  • Python 3.8 on Linux 4.19 x86_64

Functions and characteristics:
  • Passive discovery of Hikvision devices.
  • Active discovery and enumeration of Hikvision devices via UDP probing.
 Work in progress... stay tuned!

TODO:
  • Add detection and exploitation capabilities for ICSA-17-124-01.

Help:
usage: hikpwn.py [-h] --interface INTERFACE --address ADDRESS [--active]

HikPwn, a simple scanner for Hikvision devices with basic vulnerability scanning capabilities written in Python 3.8. by Ananke: https://github.com/4n4nk3.

optional arguments:
  -h, --help            show this help message and exit
  --interface INTERFACE the network interface to use
  --address ADDRESS     the ip address of the selected network interface
  --active              enable "active" discovery

Censored preview:
Using eth0 as network interface and XXX.XXX.XXX.XXX as its IP address...

[*] Started 30 seconds of both passive and active discovery...

[*] Active discovery's results:

DEVICE #1:
 LABEL                     DATA      
 --------------------------------------------------
 Serial Number             xxxxxxxxxxxxxxxxxxxxx
 Description               DS-2DE4220IW-D
 MAC                       XX-XX-XX-XX-XX-XX
 IP                        XXX.XXX.XXX.XX
 DHCP in use               false     
 Software Version          V5.4.3build 160810
 DSP Version               V7.3 build 160801
 Boot Time                 2019-03-01 00:05:33
 Activation Status         true      
 Password Reset Ability    true      


[*] Passive discovery didn't find any device.
This project is for educational purposes only. Don't use it for illegal activities. I don't support nor condone illegal or unethical actions and I can't be held responsible for possible misuse of this software.


Regards
Kang Asu
Author Image

About Kang Asu
Saya sangat menyukai dunia Kedokteran dan Teknologi.

Related Posts:
By at
Labels:

No comments:

Post a Comment

# Silahkan berkomentar, bertanya dan kritik dengan sopan
# Disini anda boleh menyisipkan Link di kolom komentar
# Tetapi akan saya moderasi atau Review terlebih dahulu tiap komentar
# Jangan sampai komentar anda mengandung SPAM.

# Terima Kasih - Regards Muhammad Sobri Maulana

Subscribe to: Post Comments (Atom)