Viewing Remote Video with Backtrack 4 and Metasploit

Thursday, December 16, 2010

Dan Dieterle

B64e021126c832bb29ec9fa988155eaf

Many people have wondered if hackers could take control of a remote webcam. Well, the short answer is yes.

If a hacker has compromised your system via malware, exploit or by you clicking on one of those fake online virus scan programs, they could in fact view images through your webcam.

Well you know I just had to test this out. 

Okay, before we continue, it is illegal to access a remote computer that you do not have express permission to to do so. So please do not run this to try to find out what your neighbors or co-workers are doing.

To test this I fired up my Backtrack 4. After obtaining a remote Metasploit shell to a test machine, all that was needed was to run a single script, aptly named “webcam”.

From the Metasploit shell, typing “run webcam -h” displays the help menu. Then typing “run webcam” and the options you want will remotely display the webcam from the target system. Yeah, that is pretty much it.

What is nice, is that the webcam script by default gives you an instant jpg screenshot of whatever is in front of the camera, and browsing to the HTML link provided gives you a live remote webcam updated at whatever setting you select.

The only hint you get on the target machine that something is wrong is that your webcam recording light (if yours has one) comes on. Other than that, you cannot tell that someone is remotely viewing your webcam.

Also, you may not know what you will find if you run this against one of your other computers. The webcam screenshot above is of my cat. Not sure why cats must sleep on laptop keyboards, but I now know who has been ordering all that Tuna online…

Okay, how to defend against this type of attack. First of all the attacker needs to get a remote shell on your computer. Standard security defense applies, keep your system and virus program updated.

Also, don’t run “Free online Virus Scanners” or “You need to install the missing video codex to view your video” links when surfing.

Unfortunately it seems most laptops these days have video cams built in. Most military laptops have shutter covers and black tape also works sufficiently (Thanks RAF2!). You can always just unplug USB webcams when not in use.

Sound recorder scripts are also available, so disabling microphones or unplugging them when not in use may also be a good idea if you work in a sensitive area.

Cross-posted from Cyber Arms

Possibly Related Articles:
13358
Privacy
Privacy malware Hacking Backtrack Metasploit Webcam
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.