[plug] Dodgy tcp proxy
Brad Campbell
brad at fnarfbargle.com
Mon Aug 21 14:42:48 AWST 2017
G'day all,
Just putting this out there as I looked for solutions and didn't find
anything workable.
I'm doing some remote configuration on a system I have no physical
access to in order to help someone out.
This is a cheap Chinese Hikvision NVR. I need to get access to one of
the cameras behind it. The NVR is on a 192.168.0.0/24 network and the
cameras are on a 192.0.0.0/24 network on the NVRs PoE switch. I can get
access to the network via a Linux machine and OpenVPN.
If the cameras are using a native protocol the NVR provides a dodgy
internal port map that allows you to get access to the cameras web
interface. Unfortunately the camera in question uses another protocol
and thus the NVR won't let me near it.
I have access to a telnet shell on the NVR, but the internal version of
Busybox doesn't really have anything useful (except tftp!).
So, tftp a pre-compiled busybox binary (found on the busybox site to
same me the effort) to /tmp. Now use the busybox tcpdsvd to set up a
listening port, and run netcat on connection.
./busybox-armv6l tcpsvd 192.168.0.220 8080 ./busybox-armv6l nc 192.0.0.13 80
Boom. Connect to the NVR on port 8080 and it gets redirected to the
camera on port 80. Win.
Alternatives gratefully solicited. Oddly enough this is something that
comes up from time to time and I seem to find a different method every time.
More information about the plug
mailing list