.webp "How To Install/Run – Streamlining OSINT Workflows For Enhanced Capabilities")
HikvisionExploiter is a Python-based utility designed to automate exploitation and directory accessibility checks on Hikvision network cameras exploiting the Web interface Version 3.1.3.150324.
It downloads snapshots and compiles them into videos for efficient surveillance monitoring, Then retrieves the camera device info and downloads the “configurationFile” to all the registered Users Creds.
Table Of Contents
- Features
- Requirements
- Installation
- Usage
- Configuration
- Finding Targets
- License
Features
- Automated Directory Accessibility Checks for Hikvision Cameras
- Snapshot Downloading and Storage
- Device Information Retrieval and Logging
- User Information Retrieval and Logging
- Encrypted Configuration File Downloading and Decryption
- Comprehensive CVE Vulnerability Checks
- CVE-2021-36260 Detection
- CVE-2017-7921 Detection
- CVE-2022-28171 Detection
- Multi-Target Support with
targets.txt - Detailed Logging for Each Target
- Real-Time Feedback with Colored Output
- Interrupt Handling with SIGQUIT
- Customizable Configuration Options
- Organized Output for Snapshots, Logs, and Decrypted Files
Requirements
- Python 3.6 or higher
- FFmpeg
requestslibrary- PyCrypto library (for
decrypt_configurationFile.py, install usingpip install pycrypto)
Installation
Clone The Repository
git clone https://github.com/HexBuddy/HikvisionExploiter.git
cd HikvisionExploiterInstall required packages
pip3 install -r requirements.txtInstall FFmpeg
Download and install FFmpeg from FFmpeg’s official website.
Usage
Create a targets.txt file
Create a targets.txt file in the root directory of the project with the following format:
IP:PORTEach line should contain an IP address and port of a Hikvision camera.
Run The Script
python3 checker.pyThe script will check the accessibility of the directories on the specified cameras, download snapshots, and compile them into videos.
