Hijacking a webcam remotely

Warning: Do not use this for unauthorized activity. Duh. 

Step 1: Make sure that the victim machine has a camera, and that it's enabled. Then, open Metasploit in Kali. 


Step 2: Select an exploit to use that your target machine is vulnerable to. I already had knowledge of this vulnerability through a Nessus scan that I did for an earlier assignment. 




Step 3: Run show options to see what you need to set in order to run the exploit. 




Step 4: In this case, it looks like we just need to set RHOSTS. Set RHOSTS to the IP of the vulnerable machine. 

If you need the IP, use nmap. I was working with a practice VM on my local subnet, so I could just scan that:


Next, set RHOSTS to the IP:



Step 5: Run exploit in order to get a meterpreter session: 




Step 6: Run webcam_list:



If you can't see any webcams and you're on a VM, go to the victim VM and connect the webcam -- it may still be connected to your host. The next picture shows what it looks like for me after connecting. You may need to restart both the victim machine and metasploit. 

In the real world, you obviously aren't going to be hacking virtual machines very often, so you should have direct access to the webcam and this step will not be possible to execute anyway -- unless you have physical access to the victim machine itself. 




Step 7: Run webcam_snap to get a picture. Since we only have one webcam, we don't have to specify which -- meterpreter will simply default to it. 


Oh look...It's my room. :V 

What have we learned from this? If your machine a) has a webcam, and b) has a known vulnerability that can be accessed via Metasploit, then someone is probably going to be able to access your camera. 



Step 8: Try not to think about how creepy it is that some random person can access your webcam if they have the right information. :D (Don't worry, I only did this for a school assignment, and it was my own webcam after all.) I mean, I don't care that much if some rando on the internet wants to admire my beauty, but I think it's a bit difficult to run a webcam hack without becoming slightly uncomfortable in regards to how easy it is. 

But then again, whatever. 



Source



Comments

Post a Comment

Popular posts from this blog

Unleashing my inner Disney Princess ✩₊˚.⋆☾⋆⁺₊✧ at the 2024 Disney Princesses Half Marathon

Image
TL;DR it was amazing and perfect  and we are going to make this an annual tradition. I may edit this with photos later, but I'm probably going to forget.  Recently, I spent 5 wonderful days donating my dollarbucks and soul to the evil mouse in Orlando. I did it for the Disney Princess Half Marathon.  Just look at that happy little alligator musician. He's so CHONKY. It's adorable. I love him. How could you NOT run a half marathon for him when he's cheering you on?  (My dad says it's weird to say the word "adorable" as a man, which makes zero logical sense and obviously means I need to use that word as often as possible. I will also continue to wear my rings and maybe I'll start flashing my pink protein shaker. Just to cause a little discomfort, because it's funny.)  I haven't seen the movie yet actually so idk if the gator is a major character or not. But JUST LOOK AT HIM.  My cousin and I had been planning a Disney trip, specifically centered
Read more

The 20-something types of Computer Science majors

Image
I've been way too distracted with this blog lately, and I need to hurry up and start getting crap done. But...I've been dying to write this lol.  The advanced neckbeard A rare variety. When a neckbeard is forced out of his mom's basement and into college, he becomes an Advanced Neckbeard. You can always tell when he's coming, because you can smell him from half a mile away. He is very overweight, and wears shirts that are either plain or adorned with anime/gaming graphics. These shirts are either stained with sweat, Hot Cheetos, or something a little bit more, ah, suspicious . He is so socially unskilled that he makes everyone else in the major look normal. Age 30+, GPA at a 2.0 or just barely above it. Will never drop the major despite his lack of effort, because he simply doesn't care if he gets bad grades. In fact, he is probably highly intelligent, but his grades will never reflect that. Nevertheless, he will get a much higher paying job than a regular neckbeard
Read more

The Evenstar

I've never liked this world much.  Ever since I was a little kid, I always dreamed of going somewhere else. I created this alternate version of Earth that had everything and everyone that I loved, but with all these improvements to it. Magic was real. So were dragons. Dinosaurs hadn't gone extinct. Technology allowed people to fly. A network of glass corridors provided transport between this world and mine, snaking through streams of stars, galaxies, and lightyears of blackness.  And more than anything, I wasn't alone. I don't remember why I spent so much time alone as a kid. I really wish I did. All I know is that when I was in my  world, I always had someone by my side.  The feeling of being out of place here was overwhelming. It still is. That sense of not belonging, of longing for somewhere else, it has never gone away.  When I was in middle school, being bullied daily, I escaped to that world. The boys who tripped me and spit on me disappeared, replaced by tropical
Read more