Find Vulnerable Webcams with Shodan [Metasploit Framework]

Finding vulnerable webcams with Shodan and Metasploit can sound intimidating for beginners, but let me try to explain the key ideas simply. Think of Shodan as a search engine for connected devices and servers instead of websites. We can use it to find webcams and other systems that are publicly accessible over the internet. Sometimes these devices are not properly secured by their owners. Their login page or video feed may be accessible without a password. That is what we call a vulnerable webcam. Metasploit is a popular tool for testing vulnerabilities. Once we find an open webcam with Shodan. Metasploit helps us connect to that device and view the video feed.

What is Shodan?

Shodan is like Google for connected devices instead of websites. It maps and indexes things like webcams, printers, servers, and other gadgets hooked up to the internet. This allows people to easily find devices that are publicly accessible online. Sometimes these devices are not properly secured by their owners. For example, Shodan can help you discover webcams that don’t require a password. You could then view the live video feed from those unprotected webcams.

What are Vulnerable Webcams?

A webcam is a camera that can stream live video over the internet. People often use webcams to monitor their homes, offices, shops, etc. while away. The video from these cameras can be viewed on phones and computers. Now some of these webcams are left with poor security by their owners. They can be accessed over the internet without needing any password or login. We call such webcams as vulnerable webcams. Since anyone can view the live feed from an unsecured webcam, it is a major risk to the privacy and security of the people and spaces being monitored. Intruders can spy through vulnerable webcams without the owners realizing it.

In summary, a vulnerable webcam is a security camera streaming video online without protection. It allows unwanted people to access the live footage because no login credentials are required to view its feed over the internet.

How to Get the Shodan API Key

Follow the below steps to get the Shodan API Key. To find Vulnerable Webcams with Shodan we need Shodan API Key.

Step 1: Go to https://account.shodan.io/login and register for a Shodan account if you don’t already have one. and register for a Shodan account if you don’t already have one.

Step 2: Once registered and logged in, click on the Account in the top right corner.

Step 3: In the Overview Tab you can see the PI Key Last Click on ” Show ” and you will get to see the API Key.

We have successfully gotten the API Key and now you can use it to Scan the Vulnerable webcams.

How to find the Vulnerable Webcams With Shodan Using Metasploit Framework?

Step 1: To initialize the Metasploit penetration testing framework, we first need to launch the msfconsole command line interface using root privileges on our attacking machine:

sudo msfconsole

Step 2: Now that we have the Metasploit framework loaded through the msfconsole, our next step is to identify useful Shodan scripts contained within Metasploit that can integrate with the Shodan computer/device search engine.

search shodan

Step 3: Then we’ve to set the handler with this command you can set the Handler we need for searching the webcam and other databases.

use auxiliary/gather/shodan_search

This will execute a search across all existing Metasploit modules and scripts specifically looking for those tagged or related to “Shodan“.

Step 4: To execute Shodan search queries through Metasploit, we need to configure our private Shodan API key to authenticate and connect to the Shodan database. The set command in Metasploit allows us to set the global variables that scripts can use, such as our unique API key for accessing the Shodan platform.

set SHODAN_APIKEY ( Your_Api_key )

Step 5: Now that our Shodan API key is configured in Metasploit, we can define a search query to scan for specific targets. In this case, we are looking to identify open webcams that Shodan has indexed we may want to access. To set our search criteria, we will run the command :

set QUERY webcams

Step 6: Now that our groundwork is completed with our Shodan API key set and webcam search query configured, we are ready to execute the search itself to reveal vulnerable targets.

exploit

The exploit command we ran has surfaced a list of publicly accessible webcams that Shodan has indexed across the internet. What we see in the terminal output is metadata and access details on various vulnerable webcams ripe for unauthorized access.

To access any webcam stream, we first need to copy the IP address with the Port Number.

Next, we paste that copied IP: port combo into any web browser URL bar.

After Hitting enter should now display the live video stream from the targeted webcam. And just like that, we’re viewing the footage of security cameras, office webcams, or other unintentionally exposed devices.

Conclusion

In conclusion, with Metasploit and Shodan, finding exposed webcams was simple. A few clicks exposed peoples private feeds. This demonstrates how little tweaks in security settings can prevent such intrusions. Together, we can kindly show device owners how to guard their tech. Our communities are great that people guide others toward privacy and safety.