The fish eye camera, or how the Chinese copied the dlink dcs-932l

I wanted to somehow watch in the country thatgoing on in the garage. For what? To see who in the absence of me goes there (the keys are not only mine, the owner) that brings and takes out. For a long time there has been an ESCAM OWL IP camera there - it is not afraid of the cold, but it also monitors only one entrance (and there is also a garage door). So I wanted to put a fisheye camera or fisheye on the ceiling.
Searching the internet, I found the normalaffordable device, and even with built-in wi-fi. The camera came from Mongolia in a month (apparently there is a warehouse.) There will be no unpacking, but the box pleased - a good, thick cardboard, with QR codes for the android application.

What was inside:
Camera, a pair of dowels with self-tapping screws, a clip and a 1A power supply:



It is strange that there was no cap on the Ethrenet connector. By the way, the camera seemed very well made, good plastic, no backlash, no creaks, no gaps, there is a TF card slot.



Oddities started when trying to find a camerastandard devices. I'm used to the fact that if the camera is connected via ethernet, then it automatically receives the address via DHCP or has a fixed address from the range 192.168. *. *
This was not so. No matter how I tried to find it, it didn’t work, I had to read the instructions, where not a word was said about the network setup. It was just recommended to download the application on android and it seems like - then you will understand everything yourself, dear laovai. Moreover, the camera raised a wireless access point with a long set of letters and numbers, but without a password.
I really didn’t want to put the application on my phone, so I just connected through a computer. The DHCP server address on the camera was given to me by a strange 192.169.10.17, the camera itself had an address 192.169.10.1
Web camera interfaces:



(I don’t overwrite P2P, I’ll understand why below)
Well, you need to enable the checkmark in the settingsopposite to DHCP and connect via wire (because wifi is certainly cool, but a copper ethernet connection is more reliable and preferable) And - nifiga. Because the wire failed to connect the camera. Even after setting a fixed IP address - it turned out only to connect it via wifi.
Further more. The camera turned out to be very talkative. When booting, with the loss of the wireless network, when connected, it was terribly wheezing, commented on everything in a female voice in English.
Then it bothered me that there was no onvif port at all. And my favorite program for working with cameras onvif - ONVIF Device manager did not want to see her.
Hmm, I thought, let's scan all the ports to this camera, and give the command:
nmap -p 1-65535 -T4 -A -v 192.168.1.19
After a couple of seconds, with a funny grunt of the speaker, the camera itself rebooted.
I tried again. The same situation. In general, it turned out that all ports had to be scanned with a healthy delay (I set the parameter for nmap-T2), otherwise after turning to about 13 thousand ports in a row the camera became bad (by the way, this is not only her, but also the cheap Digoo BB M1 - but she even has onvif - this is so, lyrical digression)
It turned out that ports 21, 23, 80 and 6789 were open on the camera (and in vain I waited so much, above 1000
I did not find open ports)

ABOUT! There is a telnet, we’ll see what you have there, I thought. And here is the figs, an unknown Chinese engineer thought.

No password matched.
But what’s strange - ftp access is also open, open to an anonymous user and open to the root directory:

Moreover, it is clear that the Chinese pioneered either the wholeD-Link DCS-932L has firmware, or part of it (which, by the way, doesn’t know anything about onvif, and therefore it’s clear why the camera has such a twisted web interface - the Chinese riveted it on their knees themselves).
You can copy / etc / passwd and / etc / shadow, you could even probably change the password in shadow, but I already lost interest in this camera - I already decided to open a dispute.
In general, everything was clear. Finally, I installed the application on android (each Chinese proudly writes his own - I already have three different on my phone for three different cameras)

There were also settings - where I already found that you can turn off the "talkativeness" of the camera.

I contacted the seller, who confirmed that inThe description on the camera has an error and it has nothing to do with onvif. Then he replaced her description. I saw its only application is to insert a TF card, write all the responses to movements on it, and then pick it up “from outside” with some script (I already have a logger that uploads such files to remote ftp itself), but I thought it was a crutch, and therefore I opened a dispute, first with a refund of half the cost of the camera (no refund), and then a full refund of the camera and money (I understand that I got the money through the seller’s fault for sending back, but nothing can not be helped). Given her planned transfer back - I did not disassemble it.
p.s. Summarizing - the quality of the video in the application and on the computer screen is average. It would be half as much and ONVIF would be - it would be a great camera. I do not recommend buying.
On Ali, the same cameras are still sold exactly as having onvif, look do not get involved.