### Hikvision DVR DS-7204HGHI User Enumeration (CVE-2020-7057)
The DVR DS-7204HGHI created by Hikvision is using the Web version V4.0.1 build
1.

When you try to log-in in the WebServer, the Webpage rely on the "ISAPI" for
the authentication. It makes GET requests for the username trying to
authenticate, if this username exists, it will respond a Session ID, a
Challange and a SALT (also the iterations and if is reversible). If the
username does not exist, is going to respond with a 500 Internal Server Error.


But as I said before, if the username exists, is going to response with
interesting information.


This give us the chance to rely on a bruteforce attack for username
enumeration. Hikvision's Web Server, have a limit for fail log-ins, so be
careful with the bruteforce OR do it manually avoiding the ban and trying only
4 - 5 usernames per device until you can try again.
CVE-2020-7057
<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7057>
暂无评论