Registered a URL and setup a forum as the IPCam stuff really needed its own site vs my irregular blog posts about IPCam hacking at

Recent Posts

Pages: 1 2 [3] 4 5 ... 10
Hacking & Modding / Re: maisi Cloud IP camera
« Last post by btsimonh on May 16, 2018, 07:29:59 am »
Hi cmeister2,

modified 'upgrade' files now available in

basically, the scripts in the upgrade files (for two base versions) have been updated to enable root telnet and other things.

Have fun and let me know how you get on.
I am unable to test your camera version, but have updated the 'upgrade' file you posted anyway.

modified 'upgrade' files now available in

basically, the scripts in the upgrade files (for two base versions) have been updated to enable root telnet and other things.

Have fun and let me know how you get on.

so the text was really revealing....
online OCR did not get near to that :) - thankyou!

have had a quick look, but github loads terribly slowly in china., if you're referring to j3.jpg 左右 that means left right

gm8126 for bt mining? hah, woefully underpowered
Hi all,

searched the site for mipc and hit,1429.msg5003.html#msg5003

I recently bought a camera on amazon; it's basically the same firmware as described in the above thread, but updated.  There are a LOT of very similar 'IP cloud' cameras, all using different website URLs.

I started a github here and hope for some collaboration with changing the firmware.....

The mipcm cameras seem to have firmware developed by 'shenzhenmining'; the only other references to them are to dodgy bitcoin mining equipment - maybe they are flooding the market with cameras they can use to mine bitcoin?

The protocol between the camera and the browser uses some 'interesting' methods, which includes 'eval'ing returns to every message (it's called json, but is actually a javascript snippet).

With a serial connection, you can break into the uboot, and with a little careful modification of a JFFS2 partition, gain root access.  From there you can open telnet and ftp access.

The firmware is firmly based on the Grain 8126 SDK, based on a squashfs partition (which MAY be signed) plus a JFFS2 partition.  The method of firmware upgrade I've observed is downloading a file which contains a difference (a patch) on top of the shipping firmware, which is applied every boot to a 'project.rar', which is then extracted to memory to represent the running applications.
The firmware upgrade file can be decomposed into a number of parts, the last of which is a checksum or CRC of some form.  If we could reproduce the upgrade file, then this may provide a 'solderless' path to open frimware on the device.

Observing traffic, it does not SEEM to send all my personal info beyond that required to operate the camera to the internet.  However, the websites have NO privacy policy specified, and the is very little information on the operators (Maybe someone with Chinese language skills would have more success searching?).  There is not subscription cost to using the websites, so how can they operate (many amazon servers) based on the cheap cost of the cameras alone? (I can only assume that the whole operation is financed by some larger entity who wishes to remain secret - maybe the Iranian secret service has a major worldwide exploit going on :) ).
So for the time being, I would NOT recommend exposing your internal LAN to one of these cameras.
I have changed the configuration of my camera to set ALL the IP addresses I could find to be my laptop, yet the camera still knows at least one external address to talk out to, so I can't completely sanitise it yet.

What I would really like to do is completely replace the running firmware with some more open GM8126S firmware which supports OnVif, and over which I have some control.
If anyone knows of efforts to produce such an open firmware, please let me know, or comment in an issue in github.

oh... also, there is one image on the github where a connector is labelled in Chinese - If you read chinese, can you let me know what it says :)  I think maybe GPIO or 'external triggers'....


The following may be a complete list of brands using this style of firmware:

Code: [Select]
"":{m_title:"EYE DOT",m_scheme:"keepereyedot"},
"":{m_title:"DEVELE IPC",m_scheme:"develeipc"},
"":{m_title:"SmartCam HD 1Clic",m_scheme:"macwaysmartcam"},
"":{m_title:"Any Look",m_scheme:"yescctvanylook"},
"":{m_title:"PROLAB CLOUD",m_scheme:"prolabcloud"},
"":{m_title:"E-HAWK", m_scheme:"hootoo"},
"":{m_title:"MIPC",m_scheme:"mipcmv1", },
"":{m_title:"ITACAM", m_scheme:"itacam"},

Hacking & Modding / Re: GRAIN 8135S CPU SDK
« Last post by djdubuque on April 15, 2018, 07:42:58 am »
I to have a CCTV camera with this chip and have noticed that the manufacture has blocked or failed to install a Web interface so that users could configure the camera settings.  I've contacted the manufacture and they refuse to help.
OpenWrt Wiki for Hisilicon here -

Site Announcements / Forum update
« Last post by admin on April 04, 2018, 07:40:37 pm »
Possibly seeing some failed hack attempts, as the settings file was getting erased blocking the site for a day or two.
Updated forum software to latest version, and will monitor for further issues.
Firmware / Firmware Vstarcam T6836
« Last post by vecocamacho on March 07, 2018, 01:07:18 am »
Hello, I updated my Firmware Vstarcam T6836 over the app and it got Bricked, does anyone knows where I can find the firmware (No its not on vstarcam page) and how to install over SD

I conect my camera and can get the IP adress (Does not show up in router, cam locator software or with arp -a)

Pages: 1 2 [3] 4 5 ... 10