Telnet credentials for ZMD-DD-SAN8

What are the Telnet Credentials for the ZMD-DD-SAN8??

The ZMD-DD-SAN8 system was developed in 2011 by a third party OEM prior to Zmodo beginning in house development.

We do not have access to the Telnet credentials as it was not provided by the original OEM.

Supposedly, this works on some cameras

telnet -l admin 198.xxxx.xxx.xxx 8000

then enter zmodo19820816 for the password

It did not work on my ZP-IBH15-W unfortunately.

Telnet wouldn’t operate over port 8000 anyway. Telnet works over 23.

I think those credentials were thrown about by someone who tried them on the firmware versions with the unsecured video port (which is 8000), and thought that they found the correct credentials, but really just found an unsecured port that would let anything through.

telnet is a program that can connect to any port. If you leave off the port# then the default is 23. The password was found by a hacker (not me) who disassembled a Zmodo camera and connected an RS232 link to the diagnostic jumpers on the PCB and rooted its linux system. Looking at the password, the number are probably the birthday of the programmer.
hack1

I’ve seen that page.

If you notice, one person says root/nopassword worked and another person says admin/ zmodo19820816 worked.

The person posting was using a really old version of the camera, specifically, the version that they were on had a completely unsecured video port. It was a BIG security issue for those devices, which is why they ultimately pushed a forced update to resolve the security hole. On the version that they were using, you could have entered any password, or no password on port 8000, and you would have gotten access to the video stream data.

Notice that the person who updated to the V7.9.0.30 couldn’t get it to work, because that version has a secured 8000 port.

1 Like