Strange query in REMOTE server logs HI_SRDK_DEV_GetHddInfo

Question

Strange query in REMOTE server logs HI_SRDK_DEV_GetHddInfo

I have this http request in the server logs:

REMOTE HI_SRDK_DEV_GetHddInfo

Has anyone seen this post before?

+6

http

Meisam emamjome June 16 17 at 19:18

source to share

2 answers

HiSilicon provides an SDK for software development for digital video recorders and webcams. The SDK contains a protocol for configuring a remote device named "MCTP". Commands transmitted over this protocol have names similar to HI_SRDK_SYS_USERMNG_GetUserList, HI_SRDK_NET_GetEmailAttr , etc. Someone wanted to find a HiSilicon based DVR by your IP address, perhaps for a hack.

0

Dmytro dadyka 20 jan. 19 at 21:36

source to share

mulya · Accepted Answer · 2017-06-18T08:04:14+0000

It looks like someone is using an exploit to find and hack Kguard DVRs on the Internet. Ignore it if you don't have one.

https://dl.packetstormsecurity.net/1506-exploits/kdvr-authorization.txt

Strange query in REMOTE server logs HI_SRDK_DEV_GetHddInfo

More articles: