Cracking DVRIP/Sofia Hashes With Python Using a simple dictionary attack to crack a DVRIP/Sofia hash found on Xiongmai-based IP cameras. Full code is provided in DVRIP_hash_cracker Github …

InfoSecWriteUps' platform is  dedicated to providing insights and resources for cybersecurity professionals and enthusiasts. Through articles, tutorials, and security research, InfoSecWriteUps offers insights into cybersecurity vulnerabilities, attack techniques, and defense strategies. Readers can learn about penetration testing, threat intelligence, and incident response to enhance their cybersecurity knowledge and skills.

InfoSec Write-ups

A security researcher demonstrates how to crack DVRIP/Sofia password hashes used by Xiongmai-based IP cameras. The post explains the custom hashing algorithm (MD5-derived, 8-character output), shows how to extract hashes from devices using two CVEs (CVE-2025-65857 and CVE-2024-3765 authentication bypass vulnerabilities), and provides a Python dictionary attack tool that compares wordlist entries against the retrieved hash. Full source code is available on GitHub.

Cracking DVRIP/Sofia Hashes With Python

Get Kostas Ereksonas’s stories in your inbox