In the era of security, many devices are still vulnerable because many devices are not updated to the last version of the software.
Many Hikvision cameras are still vulnerable to some kind of vulnerability that allows backdoor access hidden from the software, allowing attackers to use one of your choiceSo to change passwords for all users, we can scan this python script using shodan or censys.
Io, all cameras running the software version.
Step 1: Download Haikang xploitfirst you want to download this tool from the official repository on github by cloning github through doinggit.
Then you want to go into hikycd and install the requirementspip installation-r requirements.
You are ready.
Step 2: start Haikang xploityou and then start the tool by executing python Haikang xploit_win.
Pyyou will need to register on shodan and censys.
When you choose the site to study, io uses their api to get the list of devices, just type the number and then give a query to scan interneti, it is highly recommended to use "App-
Web 200 OK "because it works for me all the time, after that you just need to scan the host from the list of vulnerable devices that you have already downloaded valid, then you can choose a different quality-