{"id":226,"date":"2015-08-22T01:42:29","date_gmt":"2015-08-22T01:42:29","guid":{"rendered":"http:\/\/dahua.evosec.eu\/?page_id=226"},"modified":"2016-09-11T17:47:32","modified_gmt":"2016-09-11T17:47:32","slug":"device-security-assessment","status":"publish","type":"page","link":"https:\/\/dahua.evosec.eu\/hu\/device-security-assessment\/","title":{"rendered":"K\u00e9sz\u00fcl\u00e9k Biztons\u00e1gi \u00e9rt\u00e9kel\u00e9si &amp; V\u00e9grehajt\u00e1si"},"content":{"rendered":"<div><i>Friss\u00edt\u00e9s 2015. szeptember 25.<\/i><br \/>\r\nMost, van azonos\u00edtott hib\u00e1kat, kifejlesztett egy patch (el\u00e9rhet\u0151 lesz a legt\u00f6bb DAHUA alap\u00fa term\u00e9kek), valamint a megold\u00e1sok beszedik a k\u00e9sz\u00fcl\u00e9k helyzetekben hol:<\/p>\r\n<ul>\r\n<li>Berendez\u00e9s meg\u00e1ll\u00edt v\u00e1laszol, felv\u00e9tel, vagy nem \u00e9rhet\u0151 el k\u00f6zvetlen\u00fcl csatlakoztatott Internet vagy kereszt\u00fcl PPPoE<\/li>\r\n<li>Eszk\u00f6z m\u00e9g rekordokat, de nem f\u00e9r hozz\u00e1, interneten kereszt\u00fcl<\/li>\r\n<li>Eszk\u00f6zh\u00f6z jelen\u00edti meg a &#8222;System has been hacked&#8221;, &#8222;Device has been hacked&#8221;, &#8222;DVR has been hacked&#8221; vagy m\u00e1s \u00fczeneteket \u00e9s a <strong>admin<\/strong> fi\u00f3k nem rendelkezik jogokkal<\/li>\r\n<\/ul>\r\n<\/div>\r\n<hr \/>\r\n<div><i>Update 1 szeptember, 2015-re<\/i><br \/>\r\nEgy\u00e9ni firmware(s) r\u00e9gi eszk\u00f6z\u00f6kh\u00f6z, amelyek hajlamos arra, hogy telnet(port 23) az \u00e1ltalunk kifejlesztett->root username t\u00e1mad\u00e1sok(via alap\u00e9rtelmezett, v\u00e1ltozatlan <strong>vizxv<\/strong> jelsz\u00f3). Vagyunk k\u00e9pes-hoz megszokott\/jav\u00edt\u00e1s szinte minden r\u00e9gi firmware-t egy biztons\u00e1gos jelsz\u00f3 megad\u00e1s\u00e1val.<\/p>\r\n<p>mi\u00e9rt? Mert seg\u00edts\u00e9g\u00e9vel root&#038;<strong>vizxv<\/strong> eszk\u00f6z\u00f6k jelsz\u00f3 sebezhet\u0151-hoz adat sziv\u00e1rg\u00e1s (bele\u00e9rtve a t\u00f6bb, tiszta sz\u00f6veges t\u00e1rolt hiteles\u00edt\u0151 adatok), rekord(ok) t\u00f6rl\u00e9s, (legal\u00e1bb 4 perc), a m\u0171velet meg\u00e1ll\u00edt\u00e1sa a konfigur\u00e1ci\u00f3 vissza\u00e1ll\u00edt\u00e1sa stb.<\/p>\r\n<div class=\"panel panel-default\">\r\n<div class=\"panel-heading\">N\u00e9h\u00e1ny \u00e9rintett modellek<\/div>\r\n<div class=\"panel-body\">\r\nDVR0404HE-AN, DVR0404HE-AS, DVR0404HF-AN, DVR0404HF-AS, DVR0404HF-AT, DVR0404HF-U, DVR0404LE-AN, DVR0404LE-AS, DVR0404LF-A, DVR0404LF-AS, DVR0404LF-AST, DVR0404LF-L, DVR0404LF-S, DVR0804HF-U, DVR0804LE-AS, DVR0804LF-A, DVR0804LF-AS, DVR0804LF-AST, DVR0804LF-L, DVR0804LF-S, DVR1604HF-L-E, DVR1604HF-S-E, DVR1604HF-U, DVR1604LE-AS, DVR1604LE-SL, DVR1604LF-A, DVR1604LF-AE, DVR1604LF-AS, DVR1604LF-AST, DVR1604LF-L, DVR1604LF-S, DVR3108H, DVR310XE, DVR3116E, DVR3116H\r\n  <\/div>\r\n<\/div>\r\n<hr \/>\r\n<div>N\u00e9h\u00e1ny DVR, NVR (\u00e9s m\u00e1s be\u00e1gyazott biztons\u00e1gi vagy ellen\u0151rz\u0151 k\u00e9sz\u00fcl\u00e9kek) is, \u00e9s a k\u00fcl\u00f6nb\u00f6z\u0151 biztons\u00e1gi probl\u00e9m\u00e1k is vesz\u00e9lybe ker\u00fcl. Azok sz\u00e1m\u00e1ra mi t\u00e1volr\u00f3l \u00e9rt\u00e9keli a jelenlegi k\u00e9sz\u00fcl\u00e9k biztons\u00e1gi \u00e9s jelent\u00e9st ad ki.\r\n<\/div>\r\n<\/p>\r\n<div><strong>Tipp:<\/strong> Ez a funkci\u00f3 jelenleg fejleszt\u00e9s alatt \u00e1ll.<br \/>\r\nMi lesz ennek, #pentesting \u00e9s n\u00e9h\u00e1ny #hardwarefingerprinting. Mi is haszn\u00e1ljuk a k\u00f6z\u00f6s #CVEs \u00e1ll rendelkez\u00e9sre, \u00e9s n\u00e9h\u00e1ny bels\u0151 fejleszt\u00e9s\u0171 eszk\u00f6z. Bemutatjuk a statisztika sebezhet\u0151 eszk\u00f6z\u00f6k a k\u00f6zelj\u00f6v\u0151ben.\r\n<\/div>","protected":false},"excerpt":{"rendered":"Friss\u00edt\u00e9s 2015. szeptember 25. Most, van azonos\u00edtott hib\u00e1kat, kifejlesztett egy patch (el\u00e9rhet\u0151 lesz a legt\u00f6bb DAHUA alap\u00fa term\u00e9kek), valamint a megold\u00e1sok beszedik a k\u00e9sz\u00fcl\u00e9k helyzetekben hol: Berendez\u00e9s meg\u00e1ll\u00edt v\u00e1laszol, felv\u00e9tel, vagy nem \u00e9rhet\u0151 el k\u00f6zvetlen\u00fcl csatlakoztatott Internet vagy kereszt\u00fcl PPPoE Eszk\u00f6z m\u00e9g rekordokat, de nem f\u00e9r hozz\u00e1, interneten kereszt\u00fcl Eszk\u00f6zh\u00f6z jelen\u00edti meg a &#8222;System has&hellip; <a class=\"more-link\" href=\"https:\/\/dahua.evosec.eu\/hu\/device-security-assessment\/\">Continue Reading K\u00e9sz\u00fcl\u00e9k Biztons\u00e1gi \u00e9rt\u00e9kel\u00e9si &amp; V\u00e9grehajt\u00e1si<\/a>","protected":false},"author":1,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"footnotes":""},"class_list":["post-226","page","type-page","status-publish","hentry"],"translation":{"provider":"WPGlobus","version":"3.0.1","language":"hu","enabled_languages":["en","da","de","es","fi","fr","it","hu","nl","no","pt","pl","ru","sv","ja"],"languages":{"en":{"title":true,"content":true,"excerpt":false},"da":{"title":true,"content":true,"excerpt":false},"de":{"title":true,"content":true,"excerpt":false},"es":{"title":true,"content":true,"excerpt":false},"fi":{"title":true,"content":true,"excerpt":false},"fr":{"title":true,"content":true,"excerpt":false},"it":{"title":true,"content":true,"excerpt":false},"hu":{"title":true,"content":true,"excerpt":false},"nl":{"title":true,"content":true,"excerpt":false},"no":{"title":true,"content":true,"excerpt":false},"pt":{"title":true,"content":true,"excerpt":false},"pl":{"title":true,"content":true,"excerpt":false},"ru":{"title":true,"content":true,"excerpt":false},"sv":{"title":true,"content":true,"excerpt":false},"ja":{"title":false,"content":false,"excerpt":false}}},"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.4 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>K\u00e9sz\u00fcl\u00e9k Biztons\u00e1gi \u00e9rt\u00e9kel\u00e9si &amp; V\u00e9grehajt\u00e1si - A DAHUA term\u00e9kek a pr\u00e9mium-tan\u00e1csad\u00e1st<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/dahua.evosec.eu\/hu\/device-security-assessment\/\" \/>\n<meta property=\"og:locale\" content=\"hu_HU\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"K\u00e9sz\u00fcl\u00e9k Biztons\u00e1gi \u00e9rt\u00e9kel\u00e9si &amp; V\u00e9grehajt\u00e1si - A DAHUA term\u00e9kek a pr\u00e9mium-tan\u00e1csad\u00e1st\" \/>\n<meta property=\"og:url\" content=\"https:\/\/dahua.evosec.eu\/hu\/device-security-assessment\/\" \/>\n<meta property=\"og:site_name\" content=\"A DAHUA term\u00e9kek a pr\u00e9mium-tan\u00e1csad\u00e1st\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/euroevosolutions\" \/>\n<meta property=\"article:modified_time\" content=\"2016-09-11T17:47:32+00:00\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:site\" content=\"@evosec_eu\" \/>\n<meta name=\"twitter:label1\" content=\"Becs\u00fclt olvas\u00e1si id\u0151\" \/>\n\t<meta name=\"twitter:data1\" content=\"22 perc\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/dahua.evosec.eu\\\/hu\\\/device-security-assessment\\\/\",\"url\":\"https:\\\/\\\/dahua.evosec.eu\\\/hu\\\/device-security-assessment\\\/\",\"name\":\"K\u00e9sz\u00fcl\u00e9k Biztons\u00e1gi \u00e9rt\u00e9kel\u00e9si &amp; V\u00e9grehajt\u00e1si - A DAHUA term\u00e9kek a pr\u00e9mium-tan\u00e1csad\u00e1st\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/dahua.evosec.eu\\\/#website\"},\"datePublished\":\"2015-08-22T01:42:29+00:00\",\"dateModified\":\"2016-09-11T17:47:32+00:00\",\"description\":\"\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/dahua.evosec.eu\\\/hu\\\/device-security-assessment\\\/#breadcrumb\"},\"inLanguage\":\"hu\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/dahua.evosec.eu\\\/hu\\\/device-security-assessment\\\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/dahua.evosec.eu\\\/hu\\\/device-security-assessment\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/dahua.evosec.eu\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"K\u00e9sz\u00fcl\u00e9k Biztons\u00e1gi \u00e9rt\u00e9kel\u00e9si &amp; V\u00e9grehajt\u00e1si\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/dahua.evosec.eu\\\/#website\",\"url\":\"https:\\\/\\\/dahua.evosec.eu\\\/\",\"name\":\"A DAHUA term\u00e9kek a pr\u00e9mium-tan\u00e1csad\u00e1st\",\"description\":\"3. f\u00e9l v\u00e1llalat tapasztalt DAHUA term\u00e9kek\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/dahua.evosec.eu\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"hu\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"K\u00e9sz\u00fcl\u00e9k Biztons\u00e1gi \u00e9rt\u00e9kel\u00e9si &amp; V\u00e9grehajt\u00e1si - A DAHUA term\u00e9kek a pr\u00e9mium-tan\u00e1csad\u00e1st","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/dahua.evosec.eu\/hu\/device-security-assessment\/","og_locale":"hu_HU","og_type":"article","og_title":"K\u00e9sz\u00fcl\u00e9k Biztons\u00e1gi \u00e9rt\u00e9kel\u00e9si &amp; V\u00e9grehajt\u00e1si - A DAHUA term\u00e9kek a pr\u00e9mium-tan\u00e1csad\u00e1st","og_url":"https:\/\/dahua.evosec.eu\/hu\/device-security-assessment\/","og_site_name":"A DAHUA term\u00e9kek a pr\u00e9mium-tan\u00e1csad\u00e1st","article_publisher":"https:\/\/www.facebook.com\/euroevosolutions","article_modified_time":"2016-09-11T17:47:32+00:00","twitter_card":"summary_large_image","twitter_site":"@evosec_eu","twitter_misc":{"Becs\u00fclt olvas\u00e1si id\u0151":"22 perc"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/dahua.evosec.eu\/hu\/device-security-assessment\/","url":"https:\/\/dahua.evosec.eu\/hu\/device-security-assessment\/","name":"K\u00e9sz\u00fcl\u00e9k Biztons\u00e1gi \u00e9rt\u00e9kel\u00e9si &amp; V\u00e9grehajt\u00e1si - A DAHUA term\u00e9kek a pr\u00e9mium-tan\u00e1csad\u00e1st","isPartOf":{"@id":"https:\/\/dahua.evosec.eu\/#website"},"datePublished":"2015-08-22T01:42:29+00:00","dateModified":"2016-09-11T17:47:32+00:00","description":"","breadcrumb":{"@id":"https:\/\/dahua.evosec.eu\/hu\/device-security-assessment\/#breadcrumb"},"inLanguage":"hu","potentialAction":[{"@type":"ReadAction","target":["https:\/\/dahua.evosec.eu\/hu\/device-security-assessment\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/dahua.evosec.eu\/hu\/device-security-assessment\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/dahua.evosec.eu\/"},{"@type":"ListItem","position":2,"name":"K\u00e9sz\u00fcl\u00e9k Biztons\u00e1gi \u00e9rt\u00e9kel\u00e9si &amp; V\u00e9grehajt\u00e1si"}]},{"@type":"WebSite","@id":"https:\/\/dahua.evosec.eu\/#website","url":"https:\/\/dahua.evosec.eu\/","name":"A DAHUA term\u00e9kek a pr\u00e9mium-tan\u00e1csad\u00e1st","description":"3. f\u00e9l v\u00e1llalat tapasztalt DAHUA term\u00e9kek","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/dahua.evosec.eu\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"hu"}]}},"_links":{"self":[{"href":"https:\/\/dahua.evosec.eu\/hu\/wp-json\/wp\/v2\/pages\/226","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/dahua.evosec.eu\/hu\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/dahua.evosec.eu\/hu\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/dahua.evosec.eu\/hu\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/dahua.evosec.eu\/hu\/wp-json\/wp\/v2\/comments?post=226"}],"version-history":[{"count":0,"href":"https:\/\/dahua.evosec.eu\/hu\/wp-json\/wp\/v2\/pages\/226\/revisions"}],"wp:attachment":[{"href":"https:\/\/dahua.evosec.eu\/hu\/wp-json\/wp\/v2\/media?parent=226"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}