I have recently come into possession of a cctv dvr from 2014. The model number is ed7004tsl. The web interface needs NPAPI, so it only works on older machines. I used nmap and found it had an open telnet port, eventually i brute forced the password, just had to find the right list. Now I have a root shell on this embedded linux cctv dvr and I would like to be able to view the cameras remotely without using a windows xp vm. It uses armv7l running HiLinux. The 4 cameras are plugged into the dvr with bnc connectors. Originally, my idea was to just forward the x server, however it does not use x as a display manager. I’ve looked into trying to read the framebuffer, but I’m not sure what I am doing with that so I can’t even get an image out of it. The dvr has a VGA and an HDMI port on the back of it. If I look at ps, it seems that there is a custom binary called XDVRStart.hisi running. I haven’t been able to find much about this, but I know it runs the web server. I have a theory that it also is the display manager, but I’m not too sure about that one. Any help is appreciated.
Try metasploit. It should be able to pull just the camera fueds for you.
1 Like
If it uses rtmp or any type of real time protocol, you can use VLC.
The main issue is it doesn’t use any standard for the video. It gets sent over a custom website with NPAPI.