How To Find Vulnerable Webcams Across The World

January 01, 2015

Today i am going to tell you how to Find Vulnerable Webcams Using Shodan  


THIS IS FOR EDUCATIONAL PURPOSE ONLY, I AM NOT RESPONSIBLE FOR ANY 
ILLEGAL ACTIVITIES DONE BY VISITORS, THIS IS FOR ETHICAL PURPOSE ONLY


        
Sometimes, we don't have a specific target in mind, but rather we are simply looking for vulnerable and easy-to-hack targets anywhere on the planet. Wouldn't be great if we had a search engine like Google that could help us find these targets? Well, we do, and it's called Shodan!

What Is Shodan?

Some have described Shodan as a search engine for hackers, and have even called it "the world's most dangerous search engine". It was developed byJohn Matherly in 2009, and unlike other search engines, it looks for specific information that can be invaluable to hackers.
Shodan pulls service banners (see my tutorial on fingerprinting web servers for more on banners) from servers and devices on the web, mostly port 80, but also ports 21 (ftp), 22 (SSH), 23 (telnet), 161 (SNMP), and 5060 (SIP).

What Can Shodan Show Us?

Since almost every new device now has a web interface (maybe even your refrigerator) to ease remote management, we can access innumerable web-enabled servers, network devices, home security systems, etc.
Shodan can find us webcams, traffic signals, video projectors, routers, home heating systems, and SCADA systems that, for instance, control nuclear power plants and electrical grids. If it has a web interface, Shodan can find it!
Although many of these systems communicate over port 80 using HTTP, many use telnet or other protocols over other ports. Keep that in mind when trying to connect to them.
Now let's take a look at this fascinating and nefarious search engine!

1)    Log in to Shodan

First, we need to log in to shodanhq.com. Although you can use Shodan without logging in, Shodan restricts some of its capabilities to only logged-in users.



Step 2: Search for Webcams
There are many ways to find web cams on Shodan. Usually, using the name of the manufacturer of the webcam is a good start. Remember, Shodan indexes the information In the banner, not the content. This means that if the manufacturer puts their name in the banner, we can search by it. If it doesn't, then the search will be fruitless.
One of my favorites is webcamxp, and when we type this into the Shodan search engine, it pulls up links to hundreds, if not thousands, of web-enabled webcams around the world!




Although this can be fun and interesting to peek in—unbeknownst to these people around the world—we probably want to be more specific in our search for webcams.
Step 3: Default Webcam Username & Passwords
Although some of these webcams are unprotected, many of them will require authentication. The first step is to try the default username and password. I have compiled a short list of the default username and passwords of some of the most widely used webcams below.


·         ACTiadmin/123456 or Admin/123456
·         Axis (traditional)root/pass,
·         Axis (new): requires password creation during first login
·         Cisco: No default password, requires creation during first login
·         Grandstreamadmin/admin
·         IQinVisionroot/system
·         Mobotixadmin/meinsm
·         Panasonicadmin/12345
·         Samsung Electronicsroot/root or admin/4321
·         Samsung Techwin (old)admin/1111111
·         Samsung Techwin (new)admin/4321
·         Sonyadmin/admin
·         TRENDnetadmin/admin
·         Toshibaroot/ikwd
·         Vivotekroot/<blank>
·         WebcamXPadmin/ <blank>
There is no guarantee that these will work, but many inattentive and lazy administrators and individuals simply leave the default settings, and in those cases, these username and passwords will give you access to confidential and private webcams around the world!
Step 4: Search for Webcams by Geography
Now that we know how to find webcams and potentially log-in using the default username and passwords, let's get more specific and try to find webcams in a specific location. If we were interested in webcams by the manufacturer WebcamXP in Australia, we could find them by typing:
·         webcamxp country:IN


This will pull up a list of every WebcamXP in Australia that is web-enabled in Shodan's index as shown below. 
Step 5: Narrow Your Search to a City
To be even more specific, we can narrow our search down to an individual city. Let's see what we can find in Sydney, Australia. We can find those webcams by typing:
·         webcamxp city:delhi



 Step 6: Find Webcams by Longitude & Latitude
Shodan even enables us to be very specific in searching for web-enabled devices. In some cases, we can specify the longitude and latitude of the devices we want to find.
In this case, we will be looking for WebcamXP cameras at the longitude and latitude (-37.81, 144.96) of the city of Melbourne, Australia. When we search, we get a list of every WebcamXP at those coordinates on the globe. We must use the keyword geo followed by the longitude and latitude.
·         webcamxp geo: -37.81,144.96


When we get that specific, Shodan only finds four (4) WebcamXP cameras as shown below.
Thats It, When you open any of them, you can watch the Live stream, So Enjoy Watching 

 ==========     Hacking Don't Need Agreements     ==========

Just Remember One Thing You Don't Need To Seek Anyone's Permission To Hack Anything Or Anyone As Long As It Is Ethical, This Is The Main Principle Of Hacking Dream
            Thank You for Reading My Post, I Hope It Will Be Useful For You

I Will Be Very Happy To Help You So For Queries or Any Problem Comment Below Or You Can Mail Me At BhanuHacks@gmail.com

By:
Bhanu Namikaze

Bhanu Namikaze is an Ethical Hacker, Security Analyst, Blogger, Web Developer and a Mechanical Engineer. He Enjoys writing articles, Blogging, Debugging Errors and Capture the Flags. Enjoy Learning; There is Nothing Like Absolute Defeat - Try and try until you Succeed.

No comments:

Post a Comment