Did you know - Google aren't very nice.  Apparently we're all evil pirates here on OpenIPCam, and they cancelled my adsense account due to that.  Sigh.

Recent Posts

Pages: 1 [2] 3 4 ... 10
Hacking & Modding / Chinese RT5350 cam serial port
« Last post by asf21 on May 02, 2017, 04:00:40 pm »
Hi. This is my small contribution of my hack for sharing, uart debug connection founded on B1 series Ip Camera (nwsvr), similare to MayGion vga/qvga ip cam, 1 antenna, no alarm, no sdcard, RT5350 CPU, very cheap cam but too simple...
Sorry for my strange english, I'm french.
After bricked my cam with a bad www.bin, caused by a very bad frontend web gui and some strange stuffs (freezes, sometimes reboot, losses connections), I decided to search a method to repair internal soft.
Unpacking a www.bin similar with original (but downed...), replacing bad files (aka asp files!!!) with the new files, Good!  Camera restart with good webui! But, no possibility to find any wifi spot (two spots at my home)... Sob!
Re telnetd, exploring internal directories, copying some strange files (...) newer viewed in other Linux distribution or OpenWrt packages. Reading with hex editor and dump editor, some mods to test with no more change... And a "little big" error of my stupid hand (the think positionned between me and computer!), I stupidly deleted tmp directory, not only /app /www!!! With ldr file!!! Big idiot retarded! :/
After this stupid action, i reboot the cam, telnetd connection disapear and only service ip for ftp...
Nothing for entering some linux commands!
Powering up iron solder, multimeter, big glasses front of my eyes, and founded with Ralink datasheet, the two hidden wires tx and rx minimalist uart!
My cam won't boout on normal fonctionnality, i'm not founded the LDR file on the web but ftp and telnetd will restart at this time... :/

Firmware / ldr file research
« Last post by asf21 on April 30, 2017, 08:41:50 am »
Hello everyone.
I'm looking for the famous ldr file which was previously available on rapidshare, now unavailable.
I have a ip Maygion vga SmartEye type camera, the famous MIPS Chinese cheap black camera with the small aluminum front plate and a single antenna, without alarm connector or microsd card reader in the back and Ralink IC RT5350 based CPU. I only have FTP access to service address and Telnet.
Who could have, by kindness, provide me with either a download link, or by Email, please, I would appreciate it. Thank you all.
Firmware / Re: [REQUEST] Firmware for IPCC-B13L 960P 1.3MP (Hi3518 + AR0130)
« Last post by G33RT on April 26, 2017, 07:17:43 pm »
I'm still busy to get this camera running again.

I found out that the IPS-HA1312L use also the same hardware Hi3518C + AR0130.

A nice guy from another forum was so friendly to provide the firmware.

I still have yet to test as my camera was flashed with a wrong firmware and got bricked.

Now I have to fine a way to flash the flash-chip with an compatible camera flash-dump and re-program my flash chip.

Hacking & Modding / Foscam Firmware ver2.x.1 - Shell access possible?
« Last post by corruption on April 24, 2017, 11:00:18 am »

i have a Foscam with Firmware ver2.x.1.139, I managed to connect a TTL-Serial-Adapter to the camera and it works fine but:

- u-boot requires a password
- no login to the linux system possible

If you need some more informations let me know.

Also i extracted the firmware with the openssl tool (Password was Wxift*v2) But i cant find a possible way to get a shell.

Any way to get shell access to the camera (with serial console connected)?

Most appreciated is one of the passwords ( u-boot or root )

Kind regards,

Firmware / Re: Is there such a thing as OpenNVR firmware?
« Last post by legolad on April 21, 2017, 09:30:28 pm »
Thanks for that. Sadly that's all beyond my skillset, though I do know some EEs who might take it on as a side project.

I was kind of hoping to find that some industrious folks had already started a replacement firmware for one or more of the generic NVRs out there.

Oh well. I guess I need to knuckle down and find an NVR with software that doesn't suck. If you have any recommendations, I'd like to hear them.

Thanks again.
Help / Re: How to extract a .OV (extention) firmware file?
« Last post by admin on April 17, 2017, 11:32:08 pm »
First off, you'll need to see what it is internally.

I'd start off with trying to find more info.
Common tools I would use for this are

head  filename.ov | hexdump -C
file filename.ov
strings filename.ov

OSX, Linux have those built in. Windows 10 now has bash/ Ubuntu if you enable it so will have after a bit of work. 
Otherwise a linux live ISO will be fine too.

For dev work, you really want a Mac or Linux box (I'm biased after using Windows for many years and hating it, hehe)

As an example -

Code: [Select]
head | hexdump -C
00000000  50 4b 03 04 0a 00 00 00  00 00 30 0f 91 4a 00 00  |PK........0..J..|
00000010  00 00 00 00 00 00 00 00  00 00 08 00 10 00 63 6f  ||
00000020  6e 66 69 67 73 2f 55 58  0c 00 d6 b0 f3 58 8c b0  |nfigs/UX.....X..|
00000030  f3 58 f5 01 14 00 50 4b  03 04 14 00 08 00 08 00  |.X....PK........|
00000040  56 0f 91 4a 00 00 00 00  00 00 00 00 00 00 00 00  |V..J............|
00000050  11 00 10 00 63 6f 6e 66  69 67 73 2f 2e 44 53 5f  |....configs/.DS_|
00000060  53 74 6f 72 65 55 58 0c  00 d3 b0 f3 58 d3 b0 f3  |StoreUX.....X...|
00000070  58 f5 01 14 00 ed 98 c1  6a c2 40 10 86 ff 89 39  |X.......j.@....9|
00000080  04 0a 65 8f 3d ee 13 48  b5 82 7a 5b 42 7c 82 be  |..e.=..H..z[B|..|
00000090  40 69 3d 0a 1e a4 f7 9c  7c ae 3e 9a 1b e6 b7 0a  |@i=.....|.>.....|
000000a0  31 62 4f 96 f6 ff 60 f8  20 99 99 24 97 dd 9d 00  |1bO...`. ..$....|

You'll see that my file starts with PK, so mine is a zip file (as phil katz invented zip, so zip files use his PK header, more history on that here  -

file will also tell me that though -
Code: [Select]
file Zip archive data, at least v1.0 to extract

For your OV file, you'll need to look at the header, and see if its a standard format, or its a custom format.
Its more likely to be a custom format.  Typically those will have a header with where bits are in the file, and filesize, and maybe crc's.
If you're really unlucky, its also sha1 or similar encryption on the file data.

I've written about decoding custom format files before on here, look through some of my posts on that, or on my under firmware ( )

If you post the output from  head yourovfile.ov | hexdump -C here I can take a cursory look and tell you which its likely to be.

Firmware / Re: Is there such a thing as OpenNVR firmware?
« Last post by admin on April 17, 2017, 10:06:25 pm »
Not really (opennvr firmware)

What you'll need to do is get hold of the SDK for the chipset, so that you can compile a kernel and app's.
Once you have that, then you can start building firmware and flash.

Issues are that not all hardware is identical, so you will have different NAND types, flash sizes, gpio usage etc.
Not insurmountable, but you'll generally want to pick the same hardware to develop, and port to.

The SDK for the HI3615C is here -

Let me know if you have problems downloading, I can put elsewhere.

Generally speaking, you'll want to open up whatever hardware you have.  Add serial headers, and connect up serial for minimal debugging, and for more serious stuff JTAG.  Boot up the hardware, and see what it tells you.  Hopefully you'll be able to see a boot log and bootloader, and communicate with it.

Developing with just serial is viable though if the hardware isn't too locked.
i.e. hopefully the device will have an accessible bootloader, then you can flash kernels and filesystems without too many headaches.

The flash will generally contain a bootloader (don't overwrite this, otherwise you'll need to use an SPI flasher or similar to rewrite).
The bootloader will load a kernel from the flash into ram, then execute it.
The kernel will then mount a filesystem from flash, and run the OS + programs.

A BSP or SDK allows you to build a kernel and programs (BSP = board support package.  SDK = software development kit).

Thats a brief overview.
Help / How to extract a .OV (extention) firmware file?
« Last post by G33RT on April 17, 2017, 12:24:07 pm »

Does someone knows how to extract a .OV (extention) firmware file?

Any help on this is welcome!
Firmware / [REQUEST] Firmware for IPCC-B13L 960P 1.3MP (Hi3518 + AR0130)
« Last post by G33RT on April 15, 2017, 02:09:15 pm »

I'm looking for the firmware of an IPCC-B13L 960P 1.3MP (Hi3518 + AR0130).
The manufacturer does not have the firmware for this camera at their support page.

The camera has two boards, one with the Hi3518 chip and one with the CCD sensor and schould be an Aptiva AR0130 CCD sensor.

The CCD board have the description: CCD_CAM_8M-142(A)
After searching I can not find anything about CCD CAM 8M-142.

At WebIF I could see Hard Ver: 7100-ar0130_960P
The firmware I had on this was: V2.0.6.1-X20-Build:20130928D

I have bricked the camera due to flashing a wrong firmware :-[

Does anybody knows if the whole firmware is located in the flash chip 25L12835F ?

Any help is welcome!
Pages: 1 [2] 3 4 ... 10