海康摄像头web登录算法实现

IP不卡

通过脚本或者虚拟机实现海康摄像头的登录 拿到登录的sessionID后 就可以为所欲为啦 比如云台控制 调用预置位 获取IO状态等 不一定适用所有型号摄像机 该脚本在DS-2DF7230IW测试可用 其他型号的登录的过程可以自己抓包研究

var fmt= import("fmt")
var sha256 = import("crypto/sha256")
var net = import("net")
var strings = import("strings")
var io = import("io/ioutil")
var http = import("net/http")
var time = import("time")
var log = import("log")

func strtag (str, start, end){
                startindex = strings.Index(str, start)
                if startindex == -1 {
                return ""
                  }
            startindex += len(start)
            endindex = strings.Index(str[startindex:], end)
            if startindex == -1 {
                  return ""
            }
                  endindex += startindex
                  return str[startindex:endindex]
          }
       
func HikGet (ip, UserName, PassWord){
        tcptest, err = net.DialTimeout("tcp",ip+":80",time.Second * 2)
        if err !=nil {
          println("读取海康摄像头Cookies 设备不在线",err)
        }else{
                        Geturl1 = "http://"
                        Geturl2 = "/ISAPI/Security/sessionLogin/capabilities?username=admin&random=35487877"
                        Geturl = Geturl1+ip+Geturl2
                        Getreq, _ = http.NewRequest("GET", Geturl, nil)
                        Getreq.Header.Add("content-type", "application/json")
                        Getres, _ = http.DefaultClient.Do(Getreq)
                        Getbody, _ = io.ReadAll(Getres.Body)
                        //fmt.Println(Getres)
                        Getstr = fmt.Sprintf("%c", Getbody)
                        token = strings.Replace(Getstr," ","", -1)

                        sessionID = strtag(token, `<sessionID>`, `</sessionID>`)
                        challenge = strtag(token, `<challenge>`, `</challenge>`)
                        salt = strtag(token, `<salt>`, `</salt>`)
                        iterations = strtag(token, `<iterations>`, `</iterations>`)
                        hash_pwd = sha256.Sum256(UserName + salt + PassWord)
                        hash_pwd = sha256.Sum256(fmt.Sprintf("%x", hash_pwd) + challenge)
                        for i = 2; i < iterations; i++ {
                        hash_pwd = sha256.Sum256(fmt.Sprintf("%x", hash_pwd))
                }
        hasppass = fmt.Sprintf("%x", hash_pwd)
  
        timeunix = time.Now().Unix()
        url1 = "http://"
        url2 = "/ISAPI/Security/sessionLogin?timeStamp="
        url = url1+ip+url2+timeunix                //登录请求地址
        payload1 = "<SessionLogin><userName>admin</userName><password>"
        payload2 = "</password><sessionID>"
        payload3 = "</sessionID><isSessionIDValidLongTerm>false</isSessionIDValidLongTerm><sessionIDVersion>2</sessionIDVersion></SessionLogin>"
        payloadstr = payload1 + hasppass + payload2 + sessionID + payload3                //登录请求内容
        payload = strings.NewReader(payloadstr)
          //println("url:", url)
          //println("payload", payload)
        req, _ = http.NewRequest("POST", url, payload)
        req.Header.Add("content-type", "application/json")
        res, _ = http.DefaultClient.Do(req)
        body, _ = io.ReadAll(res.Body)
        //fmt.Println(ip)
        //fmt.Println(res,"\n")
          Cookies =  strings.Replace(strings.Replace(strings.Split(toString(res.Cookies()),";")[0],"[","", -1)," ","", -1)
          //println(Cookies)
        bodystr1= (fmt.Sprintf("%c", body))
        bodystr = strings.Replace(bodystr1," ","", -1)
        //fmt.Println(bodystr,"\n")
  return        strtag(bodystr, `<sessionID>`, `</sessionID>`)
                }
        }
       
//调用函数，传入摄像头IP 用户名 密码 返回已登录的sessionID 返回值为空说明摄像头版本不适应或者密码错误
HikGet("192.168.1.64","admin","12345")