Rtsp exploit. and playback of recorded footage.

For that reason we will try to cover in this article a scenario of a possible attack against the FTP Server. scanner = RTSPScanner() # Set address to net wth CIDR notation or single host. The Microsoft Remote Procedure Call (MSRPC) protocol, a client-server model enabling a program to request a service from a program located on another computer without understanding the network's specifics, was initially derived from open-source software and later developed and copyrighted by Microsoft. Play (read) Read media streams from servers with the UDP, UDP-multicast or TCP transport protocol. video feeds of surveillance cameras and offer remote administration. Route Bruteforce; Basic Authorization using RTSP Header/GET parameter (Authentication based on know credentials) Route Bruteforce: Aug 16, 2021 · The Exploit Database is a non-profit project that is provided as a public service by OffSec. Features: Client. For exploiting this vulnerability is only needed that an user follows. It also remains the standard in many Add this topic to your repo. ]syntax. May 13, 2020 · Description. List of CVEs: CVE-2007-6166. urlfile. Upload your live stream to YouTube, Twitch, Facebook, Vimeo, or other streaming solutions like Wowza. This module exploits a buffer overflow in Apple QuickTime 7. py - A quick and simple tool to brute force credentials on RTSP services and devices. 168. Our aim is to serve the most comprehensive collection of exploits gathered Jun 27, 2024 · RTSP: Real-time streaming protocol. Feb 18, 2016 · RTSP 服务未授权访问漏洞. Sep 20, 2017 · The Hikvision IP Camera Backdoor is a magic string that Hikvision secretly included that easily allows backdooring the camera, regardless of the strength of Basic Information. The Hikvision DVR devices record. This article suggests a method for creating and implementing a security layer for RTSP-based Streaming Servers. Unlike conventional exploits with a specific overflow value, this vulnerability is triggered by improper formatting, particularly when the 'client_port' is not in the expected format (e. This protocol is similar to HLS, it cannot transmit live streaming data alone and require RTSP servers to work together with RTP and other protocols to accomplish their Oct 12, 2010 · An attacker could exploit the vulnerability by creating and sending a specially crafted RTSP packet to an affected system. rhosts files to be placed within the home Oct 19, 2020 · The Exploit Database is a non-profit project that is provided as a public service by OffSec. The vulnerabilities may be ­ mechanism. RFC 2326 Real Time Streaming Protocol April 1998 1 Introduction 1. Contribute to rapid7/metasploit-framework development by creating an account on GitHub. In this article we got information about the services running and Dec 30, 2013 · An attacker can easily use this to force VLC to connect to a malicious RTSP server and compromise the victim’s system. multimedia framework. The clientthen listensto port N+1and sends the port N+1 to FTP Server. threads. 22/tcp open ssh syn-ack. your password Note about rtsp-simple-server. To associate your repository with the dahua topic, visit your repo's landing page and select "manage topics. This module exploits a buffer overflow in the RTSP request parsing. Are you looking for the RTSP port number for cameras ? The RTSP number for cameras, DVRs and NVRs is the 554. Servers. a rtsp:// link, if the port 554 of the server is closed Quicktime will. 110 and the password is 111111, then your RTSP URL should be: Jan 1, 2007 · Description. Tapo C310 RTSP server v1. 1 Purpose The Real-Time Streaming Protocol (RTSP) establishes and controls either a single or several time-synchronized streams of continuous media such as audio and video. The LIVE555 Media Libraries are a lightweight set of multimedia streaming libraries for RTSP/RTCP/RTSP/SIP, with code support for both servers and clients. RTSP 1. com:443. Vulnerability Assessment Menu Toggle. If your computer were a remote control and the Feb 25, 2023 · UPnP (Universal Plug and Play) Pentesting. 443/TCP - HTTPS (Hypertext Transport Protocol Secure) - encrypted using Transport Layer Security or, formerly, Secure Sockets Layer. Nothing will change regarding license, features and backward compatibility. 0. This setup is crucial for establishing a secure communication This is a full list of arguments supported by the rtsp-url-brute. The SIP Digest Leak is a vulnerability that affects a large number of SIP Phones, including both hardware and software IP Phones as well as phone adapters (VoIP to analogue). Remote attackers could trick the user into opening a malformed RTSP media stream to exploit this vulnerability. Default ports are 1900 (UDP) and 5000 (TCP). Smaller number leads to more successful screenshots: when there's too much threads PyAV will throw errors and wouldn't connect to target. Kali Linux Terminal (Machine) 1. com/exploits/51017Exploit by: https://twitter. 111(C00E111R2P10T8). Last modified: 2023-02-25. Enter the channel number you would like to stream from. 20 is required. Our vulnerability and exploit database is updated frequently and contains the most recent security research. In order to run the proof of concept, follow the next steps: 1. Reflection of Origin in Access-Control-Allow-Origin The real-world scenario where the Origin header's value is reflected in Access-Control-Allow-Origin is theoretically improbable due to restrictions on combining these headers. 110:8554 satip error: Failed to setup RTSP session-- logger module stopped -- Aug 6, 2023 · RTSP is an application level network protocol designed for multiplexing and packetizing multimedia transport streams over a suitable transport protocol. The Browser target for this module was tested against IE 6 and Firefox 1. Our aim is to serve the most comprehensive collection of exploits gathered Alternatively, you can also use this URL (Main Stream by default): rtsp://(user name):(password)@(ip address):554/ For example, if your device IP address is 192. FTP is a service that is commonly used in Web Servers from Webmasters for accessing the files remotely. That's the universal standard and if your device is following it you will be able to use this port. IMPORTANT: To view the RTSP stream over the internet In Active FTPthe FTP clientfirst initiatesthe control connectionfrom its port N to FTP Servers command port – port 21. Com). TRENDnet ProView Wireless camera TV-IP512WN 1. rtsp-simple-server has been rebranded as MediaMTX. Sep 15, 2022 · RTSP is a legacy protocol originally developed with entertainment in mind, its primary use is establishing and controlling media sessions, like tv and movies, between endpoints. *Technical Description / Proof of Concept Code* 7. You switched accounts on another tab or window. This module was inspired by MOAB-01-01-2007. The vulnerability details were published in early 2022. However, this can be a challenging vulnerability to exploit: If an attacker has managed to insert themselves into the SIP traffic flow (a “man in the middle” attack), the attacker must send an RTP packet faster than the valid source. ) There are four preference settings affecting RTSP. Oct 8, 2022 · TP-Link Tapo c200 1. RTSP was developed by the Multiparty There is a DoS vulnerability in RTSP module of Leland-AL00A Huawei smart phones versions earlier than Leland-AL00A 9. Sep 15, 2020 · 15 Sep 2020. Cameradar allows you to. Point-to-Point Tunneling Protocol (PPTP) is a method widely employed for remote access to mobile devices. . Preference Settings (Text below needs update. There is a facility on the app to set up a “Camera Account”, which adds user details for the RTSP server. FTP Serverthen initiatesthe data connection, from its port M to the port N+1of the FTP Client. # Set to scan mode (add/rem to/from rtsp-simple-server still under development and considered alpha) scanner. *RTSP Authentication Bypass* This vulnerability is triggered by sending specially crafted RTSP packets to remote TCP port 554. when trying to connect via VLC, it prompts for authentication. scanner. Successful exploit could cause the affected phone abnormal, leading to a DoS condition. 2. Sets an alternate URL dictionary file. 3. It has a visually appealing user interface and no ongoing license costs. com/Ullaakut/cameradar. 264/H. 0 and below there are default login details. Tool for RTSP that brute-forces routes and Apr 10, 2023 · RTSP (Real Time Streaming Protocol) Pentesting Restricted Shell (rbash, rzsh) Bypass SNMP (Simple Network Management Protocol) Pentesting Nov 8, 2013 · The Exploit Database is a non-profit project that is provided as a public service by OffSec. SSH (Secure Shell or Secure Socket Shell) is a network protocol that enables a secure connection to a computer over an unsecured network. UPnP is a network protocol that allow devices to discover and interact with each other seamlessly over a local network. The script attempts to discover valid RTSP URLs by sending a DESCRIBE request for each URL in the dictionary. The vulnerability is present in several models / firmware versions but due to the available test You signed in with another tab or window. It appears that firmware versions 5. Default port: 22. but due to the available test device Here's how to find IP cameras on your network using nmap on windows. To associate your repository with the rtsp topic, visit your repo's landing page and select "manage topics. Query servers about available media streams. Sets the maximum number of parallel threads to run. This report discloses serious vulnerabilities (with proof of concept (PoC) code) of DVR/NVR devices built using the HiSilicon hi3520d and similar system on a chip (SoC). Because the vulnerable code is in a component that both RTSP clients and servers share in the Live555 library, an attacker can exploit this against Live555-based RTSP servers as well (including VLC). The reliability of our exploit has decreased because the RTSP service on the test devices more frequently goes into a bad state requiring the device to be fully power cycled before continuing. nse script: rtsp-url-brute. The If RTSP authentication is set to basic, an attacker could send a specially-crafted request to TCP port 554 in order to bypass authentication and gain access to the RTSP live video stream. What is RTSP? The Real Time Streaming Protocol (RTSP) is an application-level protocol for control over the delivery of data with real-time properties. Response disclosing the internal IP: Apr 13, 2024 · In this tutorial, I'll demonstrate how to identify, access, and potentially exploit vulnerabilities in IP cameras using Kali Linux tools. Multiple Vivotek IP Cameras products could allow a remote attacker to bypass security restrictions, caused by the failure to restrict access to the video stream. It seems to accept admin 123456 but disconnects immediately with the following in the log. exploit-db. Jan 10, 2008 · The problem is a buffer-overflow which happens during the filling of. py rtsp_authgrind. Reload to refresh your session. This function contains an exploit that an attacker could use to cause a null pointer deference, resulting in a denial of Jan 2, 2019 · PORT STATE SERVICE VERSION 80/tcp open http Boa httpd 443/tcp open ssl/http Boa httpd 554/tcp open rtsp Vivotek FD8134V webcam rtspd 8080/tcp open http Boa httpd From the resulting information, we can see that the FD8369A-V appears to be hosting a web application interface on a Boa web server, as well as a real-time streaming protocol service . 5. 网络摄像机为方便管理员远程监控，一般会有公网IP（或端口映射），接入互联网。. Only a small number of firmware versions have the WDBRPC service running, however the factory configuration was vulnerable. the same command works on Linux/Mac without the need to CD to the installed DIR. Jul 8, 2021 · Real-Time Streaming Protocol (RTSP) was one of the favorite video technologies in the streaming world before RTMP which is not supported anymore and the HTML5 protocols that are currently breakthrough technology in the streaming world. The Restreamer is a complete streaming server solution for self-hosting. It utilizes TCP port 1723 for the exchange of keys, while IP protocol 47 (Generic Routing Encapsulation, or GRE ), is used to encrypt the data that is transmitted between peers. https:/ Nov 19, 2014 · Rapid7 Labs has found multiple vulnerabilities in Hikvision DVR (Digital Video Recorder) devices such as the DS-7204 and other models in the same product series that allow a remote attacker to gain full control of the device. By sending an overly long RTSP response to a client, an attacker may be able to execute arbitrary code. The Real Time Streaming Protocol (RTSP) is a network control protocol designed for use in entertainment and communications systems to control streaming media Dec 8, 2020 · RTSP Hacking made easy. QTL file triggers the buffer overflow. Note that any port can be used to run Buffer overflow in XiongMai uc-httpd 1. RTSP provides an extensible framework to enable controlled, on-demand We would like to show you a description here but the site won’t allow us. Nov 15, 2023 · According to the Shodan search engine, at least 8,373 real-time streaming protocol (RTSP) cameras are exposed worldwide. This Metasploit module exploits a buffer overflow in the RTSP request parsing code of Hikvision DVR appliances. The Real-Time Streaming Protocol ( RTSP) is an application-level network protocol designed for multiplexing and packetizing multimedia transport streams (such as interactive media, video and audio) over a suitable transport protocol. Supported platform (s): OSX. CVE-2022-26259 is a newer Xiongmai vulnerability that was found by Chris Leech. The Exploit Database is a CVE compliant archive of public exploits and corresponding vulnerable software, developed for use by penetration testers and vulnerability researchers. Possible attack vectors include. Responsible disclosure involves notifying the vendor (in this case, Hikvision) about the identified vulnerability and allowing them sufficient time to release a security patch before public disclosure. Cameradar is a Go-based tool to hack RTSP Video Surveillance CCTV Cameras, it can detect open RTSP hosts, detect device models and launch automated attacks. 0 and inside the response the Location header could point you to the internal IP address: nc -v domain. Nov 1, 2023 · Step #2: Run the RTSP Credential Brute-forcer. It exploits a vulnerability in Shenzhen TVT DVR NVMS-9000. This module can be used to read the stored password of a vulnerable Apple Airport Extreme access point. Public exploit code is available that demonstrates how opening a . More specifically, three typical buffer overflow vulnerabilities were discovered in Hikvision's RTSP request handling I wanted to disable the cloud and enable rtsp on mine so in the end I opened it and hooked up to the uart diagnostic, faced with a Unix login prompt, no easily guessed passwords. by Paul Kimayong. 摄像头 Apr 29, 2019 · Port 80 is a good source of information and exploit as any other port. Aug 29, 2003 · Two of the plug-ins installed by default can be used to exploit a heap-based buffer overflow in a RTSP protocol parser. https://github. Ant Media Server is auto-scalable and it can run on-premise or on-cloud. Go ≥ 1. Potential for development into full RCE with root permissions as the Sofia process runs as root on the DVR HiSilicon DVR hack. The exploits are all included in the Metasploit framework and utilized by our penetration testing tool, Metasploit Pro. Enter the RTSP port (default: 554 ). Real Time Streaming Protocol (RTSP) is an application-level protocol for the transfer of real-time media data. It is essential for maintaining the confidentiality and integrity of data when accessing remote systems. The vulnerability is a stack-based buffer overflow affecting RTSP parsing on port 554. so on UNIX platforms ( vsrcplin. The issue is in the binary rtspd (in /sbin) when parsing a long "Authorization: Basic" RTSP header. so. com 80 openssl s_client -connect domain. code of Hikvision DVR appliances. The Hikvision DVR devices record video feeds of surveillance cameras and offer remote administration and playback of recorded footage. This module exploits a stack-based buffer overflow in Apple QuickTime before version 7. There's a video by the end of this article to help you find the RTSP for your cameras. Nmap: Network scanning tool to discover devices and open ports. 0 Sep 7, 2022 · We can get into a RTSP stream using these 2 types of attack. Exploiting the vulnerabilities lead to unauthorized remote code execution (RCE) using only the web interface, causing full takeover of the exploited device Jul 23, 2023 · The discovery of this vulnerability is a reminder of the importance of responsible disclosure in the cybersecurity community. SSH servers: Nov 24, 2014 · This module exploits a buffer overflow in the RTSP request parsing. The protocol is used to establish and control media sessions between end points by serving as a network-remote-control for time-synchronized streams of continuous media such as audio and video. 9. I sourced these from the “cet” binary on the camera. The previous article covered how my hacking knowledge is extremely limited, and the intention of these articles is for an audience to see the progress of a non-technical layman when approaching ethical hacking. Target network port (s): -. 265 video encoders based on HiSilicon hi3520d hardware. To use these script arguments, add them to the Nmap command line using the --script-args arg1=value,[arg2=value,. Mar 28, 2023 · These Tapo cameras work via an app. Now that you have docker and cameradar installed, you only need to point cameradar at the IP address of the camera that you want to brute-force! For instance, to brute force a camera at 192. They are utilized by popular media players such as VLC and MPlayer, as well as a multitude of embedded devices (mainly cameras). However, we have confirmed that other attack vectors for the vulnerability also exist. Target service / protocol: -. Exploit for command injection vulnerability found in uhttpd binary from TP-Link Tapo c200 IP camera - hacefresko/CVE-2021-4045-PoC rtsp: Gives access to the live Metasploit Framework. Constructive collaboration and learning about exploits, industry standards, grey and white hat hacking, new hardware and software hacking technology, sharing ideas and suggestions for small business and personal security. rtsp-url-brute. x are susceptible to this issue. It does not typically deliver the continuous streams itself, although interleaving of the continuous media Mar 1, 2012 · Attacking the FTP Service. Detect open RTSP hosts on any accessible target host; Detect which device model is streaming Apr 8, 2023 · As RTSP protocol is designed same as HTTP Protocol thus bad implementation related to exploit vulnerabilities which can occur during streaming media. 5 seconds latency. Unfortunately if you don’t set up the user details on versions 1. 0 client and server library for the Go programming language, written for MediaMTX. The vulnerabilities exist in vendor application software running on these devices. Receive video data from OBS and publish it with the RTMP and SRT server. Moreover, it was common for the . the LCD-like screen containing info about the status of the connection. The exploit, first discovered back in 2017, is taking advantage of hard coded credentials in Shenzhen TVT DVRs web API interface that allow the Jul 14, 2022 · This time, I’ll be building on my newfound wisdom to try and exploit some open ports on one of Hack the Box’s machines. 68. GStreamer contains gst-rtsp-server, an open-source library that allows the user to build RTSP servers. Real-time streaming protocol (RTSP) is a network protocol that controls how the streaming of a media should occur between a server and a client. This is a multi-threaded brute forcing tool for testing, assessment and audit purposes only. Some cameras could even be found on Google, searching parts of default URLs commonly used by camera vendors. equiv were utilized by Rsh. The vulnerability allows leakage of the Digest authentication response, which is computed from the password. Sep 27, 2017 · The issue where Asterisk would lock onto the first RTP packet received as a valid source is much more serious. This article discloses critical vulnerabilities in IPTV/H. 0 for RealSystem Server 7, 8, and RealServer G2) and vsrc 3260 . address = 192. 0R 1. RFC 2326, 7826. : "-st, --screenshot-threads" ( 20 ): Set custom number of threads to screenshot the streams. Jun 17, 2022 · I have been trying to exploit a cheap smart tv box that I have bought a while ago and after my nmap scan I found that port 7000/tcp was open but researching about the port gave back not much information I even searched searchsploit and vulners for any information or vulnerabilities within the port but I couldn't find anything useful. rtsp_authgrinder. Screen shot above from 3. Apr 26, 2021 · Since the discovery of this exploit the Furbo has had multiple firmware updates, but they do not appear to have patched the underlying RTSP vulnerability. 0 for Helix Universal Server, vsrcplin. Our aim is to serve the most comprehensive collection of exploits gathered Attempts to enumerate RTSP media URLS by testing for common paths on devices such as surveillance IP cameras. SIPDigestLeak vulnerability. 0 allows unauthenticated attackers to execute Denial of Service remotely, or possibly have unspecified other impact, via a Web camera viewer interface, a different vulnerability than CVE-2017-16725. For authentication, . Nov 7, 2013 · 7. 0. Found the main rom and tried to dump the OS, didn’t work, desoldered the chip and managed to grab the OS. The reason is pretty obvious: this project started as a RTSP server but has evolved into a much more versatile product that is not tied to the RTSP protocol anymore. live555 error: Failed to connect with rtsp://192. Set the camera RTSP authentication to 'basic'. A community-driven platform offering Roblox exploits, hacks, cheats, and a developers forum. To associate your repository with the ezviz topic, visit your repo's landing page and select "manage topics. Nov 9, 2016 · I nmapped and found it is listening on 8554/tcp port for rtsp. It was developed by the Internet Engineering Task Force (IETF) in 1998 as a standardized way to control and deliver real-time multimedia content, such as live video and audio, over a network. your username. rhosts files along with /etc/hosts. The DVRs appear to be 3 days ago · These vulnerabilities are utilized by our vulnerability management tool InsightVM. 3. 因此许多暴露在公网的网络摄像机也成了黑客眼中的目标。. But, if the FTP Client has a firewall setup that controls Internal IP Address disclosure. The ease of spoofing IP addresses, notably on the local network, was a significant vulnerability. Enter 1 if you want your camera to stream as substream, or enter 0 to stream as mainstream. 网络摄像机作为安防设备，被广泛的用于交通、学校、企业、商场等公共场所。. Top 20 Microsoft Azure Vulnerabilities and Misconfigurations; CMS Vulnerability Scanners for WordPress, Joomla, Drupal, Moodle, Typo3. and playback of recorded footage. 1. You signed out in another tab or window. Metasploit: Framework for developing and executing exploit code. RTSP is still one of the most preferred protocols for IP cameras. They are View Source plug-ins vsrcplin. Default ports are 554, 8554. A subreddit dedicated to hacking and hackers. Aug 14, 2020 · Each combination should contain : and be on a separate line, e. Authentication was dependent on IP addresses and the Domain Name System (DNS). Apr 26, 2023 · Real-Time Streaming Protocol (RTSP) is a network control protocol designed specifically for use in streaming media systems. Jan 24, 2007 · A vulnerability exists in the way Apple QuickTime handles specially crafted Real Time Streaming Protocol (RTSP) URL strings. Nov 28, 2007 · Welcome! Log into your account. All vulnerabilities are exploitable remotely and can lead to sensitive information exposure, denial of service, and remote code Use it in a python3 project as a class: from rtspscanner import RTSPScanner. Juniper Threat Labs has been monitoring an IoT botnet that has been active in the wild since October 2, 2019. g. 101 (obviously, not an IP address of a real camera), we would simply enter; May 30, 2018 · Description. 3 on Windows XP SP0/2; Firefox 3 blacklists the QuickTime plugin. Results 01 - 20 of 164,950 in total. class MetasploitModule < Msf:: Exploit:: Remote: Rank = NormalRanking: include Exploit:: Remote:: Tcp: def initialize (info = {}) super (update_info (info, 'Name' => 'Hikvision DVR RTSP Request Remote Code Execution', 'Description' => %q{This module exploits a buffer overflow in the RTSP request parsing: code of Hikvision DVR appliances. " GitHub is where people build software. 0/24. There are two main ports: 80/TCP - HTTP. Mar 23, 2020 · Cisco Talos recently discovered a denial-of-service vulnerability in GStreamer, a pipeline-based. This may result in remote code execution or denial of service. 15 - Remote Code Execution (RCE)Exploit-DB: https://www. x as well as 5. The vulnerability is present in several models / firmware versions. Add this topic to your repo. On any IIS server where you get a 302 you can try stripping the Host header and using HTTP/1. 2. Nov 30, 2022 · CVE-2022-26259: RTSP Exploitation. , client_port=[custom_port]-[custom_port+1]). Anyone could find even the latest saved screenshots of what the cameras see, said Cybernews researchers. VulnCheck has successfully exploited this vulnerability for RCE on all of our Xiongmai RFC 2326 Real Time Streaming Protocol April 1998 1 Introduction 1. dll on Windows systems. May 17, 2018 · Enter the DVR / NVR IP address, located under your Network menu or System Information on your DVR / NVR. RTSP is used in entertainment and communications systems to control streaming media servers. We’ll come back to this port for the web apps installed. Mar 5, 2015 · But the other discussions surrounding actual Hikvision exploits talk about their DVRs in particular and the RTSP buffer overflow issue (wired article: Hackers Turn Security Camera DVRs Into Worst Bitcoin Miners Ever | WIRED, SecurityWeek article: Multiple Vulnerabilities Found in Hikvision DVR Devices | SecurityWeek. RTSP TCP Port: This preference specifies the first of the TCP ports on which the RTSP dissector will check for traffic. com/hacefresko00:00 In This method shares similarities in impact with DNS rebinding but is simpler to exploit. 6. It does not typically deliver the continuous streams itself, although interleaving of the continuous media The RTSP dissector is fully functional over TCP, but currently doesn't handle RTSP-over-UDP. RTSP port number for cameras, DVRs and NVRs. Our aim is to serve the most comprehensive collection of exploits gathered The 'client_port' parameter in the RTSP SETUP request is manipulated, inducing a vulnerability in the RTSP server's format validation. Our aim is to serve the most comprehensive collection of exploits gathered HTTP (Hypertext Transfer Protocol), is an application-level protocol for distributed, collaborative, hypermedia information systems. mode = "scan". More than 100 million people use GitHub to discover, fork, and contribute to over 420 million projects. Basically, RTSP is the protocol that describes what happens when you click "Pause"/"Play" when streaming a video. 4 is vulnerable to an unauthenticated stack-based buffer overflow in handling RTSP packets. android ios streaming h264 stream rtsp mp4 hls livestream rtmp webrtc ip-camera android-sdk broadcasting media Aug 25, 2003 · The Exploit Database is a non-profit project that is provided as a public service by OffSec. Sep 2, 2021 · The Exploit Database is a non-profit project that is provided as a public service by OffSec. Read TLS-encrypted streams (TCP only) Switch transport protocol Ant Media Server is a live streaming engine software that provides adaptive, ultra low latency streaming by using WebRTC technology with ~0. Network. So it is almost impossible not to find this service in one of our clients systems during an engagement. Dec 6, 2017 · Add this topic to your repo. Mar 27, 2020 · March 27, 2020. zz rc vc ko ua ug oz zs xg cn