Tux

Upgrading Your HIKVision DVR Firmware using the API: A Step-by-Step Guide

18 October 2023 in HowTos tagged api / Firmware / hikvision / ISAPI / upgrade by Tux

Regularly updating the firmware of your HIKVision DVR (Digital Video Recorder) is crucial to ensure optimal performance and security. In this blog post, we will walk you through the process of upgrading your HIKVision DVR firmware using simple command-line tools like curl. We will also show you how to check the upgrade status to ensure a smooth and successful update.

Step 1: Preparing for the Upgrade

Before you begin, make sure you have the following information and files ready:

Your HIKVision DVR’s IP address (e.g., 10.20.30.1).
The username and password for accessing your DVR’s web interface.
The latest firmware file in DAV format (e.g., digicap.dav). Ensure you download this file from the official HIKVision website to guarantee its authenticity.

Step 2: Initiating the Firmware Upgrade

To start the firmware upgrade process, open your terminal or command prompt and use the curl command as follows:

curl -k --request PUT --data-binary "@digicap.dav" 'http://username:[email protected]/ISAPI/System/updateFirmware';

Explanation:

curl: This is a command-line tool for transferring data with URLs.
-k: This option tells curl to allow connections to SSL sites without certificates. It’s useful when connecting to devices with self-signed certificates.
--request PUT: This specifies the HTTP request method as PUT, which is used for updating the firmware.
--data-binary "@digicap.dav": Here, we provide the firmware file in DAV format as binary data.
'http://username:[email protected]/ISAPI/System/updateFirmware': Replace username and password with your DVR’s login credentials, and 10.20.30.1 with your DVR’s IP address. This URL is where the firmware update request is sent.

Step 3: Checking the Upgrade Status

To monitor the status of the firmware upgrade and ensure everything is proceeding as expected, use the following curl command:

curl -k 'http://username:[email protected]/ISAPI/System/upgradeStatus';

Explanation:

curl: As before, this is the command-line tool for making URL requests.
-k: Again, this option allows connections to SSL sites without certificates.
'http://username:[email protected]/ISAPI/System/upgradeStatus': Replace the placeholders with your DVR’s login credentials and IP address. This URL is where you can check the upgrade status.

Conclusion: Updating your HIKVision DVR’s firmware is essential for keeping it secure and running smoothly. By following these simple steps and using the curl commands provided, you can ensure that your DVR is up to date with the latest firmware. Remember to download firmware updates only from trusted sources like the official HIKVision website to avoid any security risks.

Sample Outputs

$ curl  -k  --request PUT --data-binary "@digicap.dav" 'http://username:[email protected]/ISAPI/System/updateFirmware';
<?xml version="1.0" encoding="UTF-8" ?>
<ResponseStatus version="1.0" xmlns="urn:psialliance-org">
<requestURL>/ISAPI/System/updateFirmware</requestURL>
<statusCode>7</statusCode>
<statusString>Reboot Required</statusString>
<subStatusCode>rebootRequired</subStatusCode>
</ResponseStatus>

# In another terminal as the above command blocks.
#Execute the status command.
$ curl  -k  'http://username:[email protected]/ISAPI/System/upgradeStatus';
<?xml version="1.0" encoding="UTF-8" ?>
<upgradeStatus version="1.0" xmlns="http://www.hikvision.com/ver20/XMLSchema">
<upgrading>true</upgrading>
<percent>98</percent>
</upgradeStatus>

$ curl  -k  'http://username:[email protected]/ISAPI/System/upgradeStatus';
<?xml version="1.0" encoding="UTF-8" ?>
<upgradeStatus version="1.0" xmlns="http://www.hikvision.com/ver20/XMLSchema">
<upgrading>false</upgrading>
<percent>0</percent>
</upgradeStatus>

Python: How to Connect and Use Office 365 Email

16 October 2023 in Programming / Python tagged Microsoft / office / office365 / python by Tux

As Office 365 transitions away from Basic authentication and embraces Multi-Factor Authentication (MFA) for end-users and OAuth for other purposes, connecting Python to Office 365 email requires a slightly different approach. This blog post will explore how to connect Python to Office 365 email using the exchangelib library and OAuth2 credentials. By following these steps, you can access and interact with your Office 365 email programmatically.

Prerequisites: Before diving into the code, ensure you have the following prerequisites in place:

Access to the Office 365 admin portal
Basic knowledge of Python programming
Required Python libraries: exchangelib

Step 1: Registering an App and Gathering Credentials: To connect Python with Office 365 email, you must register an application in the Azure Active Directory. Here’s how you can do it:

Log into the Office 365 admin portal at https://admin.microsoft.com.
Locate and click on the link to Azure Active Directory.
Register a new app and make a note of the Directory (tenant) ID, Application (client) ID, and the secret (client secret).

Step 2: Granting App Permissions: To grant necessary permissions to the registered app, follow these steps:

Navigate to the API permissions page within the Azure Active Directory.
Add the full_access_as_app permission for your app.

Step 3: Verify App Permissions: To ensure the app has the required permissions, perform the following steps:

Go to the Enterprise applications page in Azure Active Directory.
Select your app.
Continue to the Permissions page and verify that your app has the full_access_as_app permission.

Connecting Python to Office 365 Email: Now that we have the required credentials and permissions in place, let’s connect Python to Office 365 email using the exchangelib library. Here’s the code snippet to establish the connection:

import logging
from exchangelib import Account, Configuration, Identity, OAUTH2, OAuth2Credentials

logging.basicConfig(level=logging.ERROR, format='%(asctime)s - %(levelname)s - %(message)s')
logging.debug('Start...')

creds = OAuth2Credentials(
    client_id='4e89**********************',
    client_secret='cx67**********************',
    tenant_id='gt6**********************',
    identity=Identity(primary_smtp_address=r'[email protected]')
)

config = Configuration(server='outlook.office365.com', credentials=creds, auth_type=OAUTH2)

a = Account(
    primary_smtp_address='[email protected]',
    autodiscover=False,
    config=config
)

# Print first inbox messages in reverse order
for item in a.inbox.all().only('subject').order_by('-datetime_received')[:2]:
    print(item.subject)

a.protocol.close()

logging.debug('End...')

Make sure to replace the code’s placeholders with your credentials and email address.

Explanation of the Code:

The exchangelib library is imported, and logging is set up to display any errors.
OAuth2 credentials are created using the previously obtained client ID, client secret, tenant ID, and primary SMTP address.
A configuration object is created with the server address, credentials, and authentication type.
An Account object is initialized using the email address, disabling autodiscover, and providing the configuration.
The code retrieves the two most recent inbox messages and prints their subjects.
The connection is closed, and the logging is finalized.

Conclusion: By following the steps outlined in this blog post, you can easily connect Python to your Office 365 email using the exchangelib library and OAuth2 credentials. This enables you to automate email-related tasks, retrieve messages, send emails, and perform various other operations programmatically. Embracing OAuth2 and MFA adds an extra layer of security to your email communication. Enjoy leveraging the power of Python and Office 365 to streamline your workflows!

Decrypting Firefox Traffic Using Wireshark in Ubuntu GNU/Linux

13 October 2023 in Bash / FireFox / GNU/Linux tagged decrypt / firefox / SSLKEYLOGFILE / ubuntu / wireshark by Tux

Wireshark is a powerful network protocol analyzer that lets you capture and analyze real-time network traffic. By default, Wireshark does not decrypt encrypted traffic, such as HTTPS, as it is designed to maintain security and privacy. However, there are cases where decrypting network traffic can be helpful in debugging or analyzing security issues. This blog post will guide you through the steps to decrypt Firefox traffic using Wireshark in Ubuntu GNU/Linux.

Step 1: Download and Extract Firefox:

Since Ubuntu uses the snap package manager to install Firefox, which does not provide access to the file system by default, we need to download Firefox from the official website as a tar.gz archive. Open your browser and navigate to the Mozilla Firefox website (https://www.mozilla.org/en-US/firefox/new/) to download the tar.gz package suitable for your Ubuntu version.

Once the download is complete, navigate to the downloaded location and extract the tar.gz file using the following command:

tar -xvf firefox-<version>.tar.gz;

Step 2: Set up the SSLKEYLOGFILE Environment Variable:

To enable Wireshark to decrypt the SSL/TLS traffic from Firefox, we need to set up the SSLKEYLOGFILE environment variable. This variable will point to a log file where Firefox will write the session keys used for encryption. Execute the following command in the terminal:

export SSLKEYLOGFILE="/home/$USER/.ssl-key.log";

This command sets the SSLKEYLOGFILE environment variable to the specified file path, which is /home/$USER/.ssl-key.log. Feel free to change the file path and name to your preference.

Step 3: Launch Wireshark and Configure Preferences:

Open the terminal and start Wireshark by entering the following command:

wireshark;

Once Wireshark runs, go to “Edit” in the menu bar and select “Preferences” from the dropdown menu. This will open the Wireshark Preferences window.

Step 4: Configure TLS Protocol Preferences:

In the Preferences window, locate and select “Protocols” on the left-hand side. Scroll down the protocols list and find “TLS”. Click on it to expand the options.

Within the TLS section, you will find a field labeled “(Pre)-Master-Secret log filename”. Click on the folder icon next to the field and browse to select the file path for the SSLKEYLOGFILE we set earlier.

After selecting the file path, click the “OK” button to save the changes and close the Preferences window.

Step 5: Capture and Decrypt Firefox Traffic:

With the configuration set up, you can now start capturing and decrypting Firefox traffic. Keep the Wireshark application running and launch the Firefox browser you downloaded and extracted earlier.

Wireshark will capture the network traffic as you browse the web using Firefox. You should be able to see the decrypted traffic in the Wireshark capture window.

Conclusion:

Decrypting network traffic using Wireshark can be valuable for analyzing and troubleshooting network-related issues. This blog post covered the steps to decrypt Firefox traffic using Wireshark in Ubuntu GNU/Linux. By downloading Firefox directly from the website, setting up the SSLKEYLOGFILE environment variable, and configuring Wireshark preferences, you can capture and analyze unencrypted network traffic within Wireshark. Remember to use this technique responsibly and respect the privacy of others while conducting network analysis.

Create an HTTPS server in Python 3

10 October 2023 in Programming / Python tagged certiciate / certificate / fullchain.pem / http / https / python / python3 by Tux

To create an HTTPS server in Python 3 and serve a specific directory, you can use the http.server module along with the http.server.SimpleHTTPRequestHandler class. However, you’ll need to generate SSL/TLS certificates to make it an HTTPS server. You can use the http.server module in combination with the ssl module to achieve this. Here’s a step-by-step guide:

Generate SSL/TLS certificates (self-signed in this example):

You can use the openssl command-line tool to generate self-signed certificates for testing purposes:

openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 365;

Create a Python script to serve a directory via HTTPS:

import http.server
import socketserver
import ssl

# Set the path to the directory you want to serve
directory_to_serve = "/path/to/your/directory"

# Set the port for your HTTPS server
port = 443

# Specify the SSL/TLS certificate and key files
certfile = "cert.pem"
keyfile = "key.pem"

# Create a custom handler to use the SSL context
class MyHandler(http.server.SimpleHTTPRequestHandler):
    def __init__(self, *args, **kwargs):
        super().__init__(*args, directory=directory_to_serve, **kwargs)

# Create an SSL context
ssl_context = ssl.SSLContext(ssl.PROTOCOL_TLS_SERVER)
ssl_context.load_cert_chain(certfile=certfile, keyfile=keyfile)

# Create the HTTPS server
with socketserver.TCPServer(("0.0.0.0", port), MyHandler) as httpd:
    httpd.socket = ssl_context.wrap_socket(httpd.socket, server_side=True)
    print(f"Serving directory at https://localhost:{port}")
    httpd.serve_forever()

Replace /path/to/your/directory with the absolute path to the directory you want to serve, and adjust the port, certfile, and keyfile variables as needed.

Run this Python script to create an HTTPS server that serves files from the specified directory over HTTPS on the specified port. Access it in your web browser using https://localhost:443 (or any other IP your machine is configured to use).

Remember that this example uses a self-signed certificate, suitable for testing but not recommended for production use. In a production environment, you should obtain a valid SSL/TLS certificate from a certificate authority. If we were serving certificates from LetsEncrypt, then the respective variables in the file above would be as follows:

certfile = "/certificates/api.bytefreaks.net/fullchain.pem"
keyfile = "/certificates/api.bytefreaks.net/privkey.pem"

In this example, we used port 443. This port requires elevated rights, so you should execute the above script with sudo. If you use another port like 8443, then sudo is not required.

Bytefreaks.net – a place for hacks