Insights For Success

Strategy, Innovation, Leadership and Security

webcam

CyberSecurity OSINT - Shodan searches for webcams

GeneralEdward Kiledjian
webcam-153319.png

Everyone on the internet knows what a search engine is. It allows you to find internet connected resources (webpages) quickly and easily without having to catalog the web yourself. Well Shodan.io is a search engine used by researchers and hackers to find Internet of Things devices connected to the internet (printers, webcams, industrial systems, WindowsXP, etc).

The purpose of this article is to provide some hyperlinked examples to help the Open Source Intelligence student play with Shodan and make it immediately useful.

This article will provide some examples of how to find webcams connected to the internet.

While you will find thosands that are unprotected (no username or password required) others will be protected but have the default password enabled. Where can you find webcam default passwords? Just search the net but here is one called iSpy to get you started.

Many of these searches will require a free Shodan account so make sure you create one.

I am providing this information for educational purposes only. Don’t do anything illegal.

html:"DVR_H264 ActiveX" - Security Digital Video Recorders
Screen Shot 2021-01-31 at 9.16.21 PM.png

title:camera - This is a quick search that lists anything with the word camera in it

Screen Shot 2021-01-31 at 8.55.39 PM.png

webcam has_screenshot:true - This search lists any device that self identifies as a webcam and where Shodan has a screenshot.

Screen Shot 2021-01-31 at 8.59.01 PM.png 
Server: IP Webcam Server "200 OK" - android IP webcam server
Screen Shot 2021-01-31 at 9.14.42 PM.png

server: webcampxp - Looking for a very popular windows Webcam server software

Screen Shot 2021-01-31 at 9.01.00 PM.png

title:”blue iris remote view” - Webcams using the Blue Iris webcam management software

Screen Shot 2021-01-31 at 9.03.32 PM.png

product:”Yawcam webcam viewer httpd - Yet Another Webcam is a free webcam publishing server software.

Screen Shot 2021-01-31 at 9.06.16 PM.png

title:”IPCam Client” - Devices using the IPCam software

Screen Shot 2021-01-31 at 9.08.23 PM.png

title:”+tm01+” - loads of unsecured Linksys webcams

Screen Shot 2021-01-31 at 9.10.43 PM.png

Others

I will be posting more articles about other interesting Shodan searches but here are a couple extra to wet your appetite.

"230 login successful" port:"21" - Find FTP servers without logins

Screen Shot 2021-01-31 at 9.19.22 PM.png

Cover your laptop's webcam now

GeneralEdward Kiledjian

We learned a couple of month's ago that Mark Zuckerberg covers his webcam with black tape (via a NY Times article) . 

Then FBI director James Comey made the same recommendation:

"There's some sensible things you should be doing, and that's one of them," Director James Comey said during a conference at the Center for Strategic and International Studies."

The truth is bad actors can easily hack into a laptop equipped with a camera without the user knowing it.  Travellers are at an even higher risk because airports and hotels are used by intelligence agencies around the world to collect information (especially when you use a WIFI hotspot without first setting up a VPN - read this article).

Instead of using black tape which could leave residue, I bought a re-usable webcam cover from amazon for $3. 

8 tips for successful video conferencing

technologyEdward Kiledjian
Creative Commons - Flickr user Timo Newton

Creative Commons - Flickr user Timo Newton

As little as 2 years ago, video conferencing was reserved for the most technically savvy amongst us. with the introduction of Apple's Facetime and Google Hangouts, millions have started enjoying it for work and pleasure. Videoconferencing is easy but that doesn't mean everyone is doing it right. Here are tips to help you video conference like a champ.

  1. Good Lighting - Just life traditional photography, lighting is one of the most important factors to consider. If you have too little light, your webcam will digitally boost the ISO making the image look ugly and grainy. If you have the wrong kind of light, you will look overly pink or blue. You don't have to spend a lot of money to get good lighting. You should be able to pickup a handful of LED lights that you can place around you to create a soft and well balanced light. Try to avoid harsh spot lighting and direct sunlight. Also make sure you don't have any bright light behind you as that may trick the camera and underexpose you.
  2. Good Camera - The better the camera the better the experience. Look for a camera that offers full HD support and reliable focusing. My favorite brand is Logitech so anything there should work just fine.
  3. Good Microphone - 90% of all home and business videoconferencing users never even think about adding a good quality microphone to the mix but it makes a difference. The higher end webcams have decent microphones but anything that is built into a smartphone or laptop should be considered sub-par. If possible, add an external microphone that is closer to your speak organ (aka your mouth ). A good setup is to use a headset for sound when videoconferencing.
  4. Frame the shot - I recommend starting the video chat software ahead of time and determine what is showing. If your face properly framed? Are there distracting objects showing in the scene (background, overhead, etc?) It's a good opportunity to make sure your lighting is good and that your video camera is configured optimally. Assume you may need to move when the video-conference is live and dress appropriately (aka don't wear Bermuda shorts when on a business video-conference)
  5. My eyes are up here - The biggest mistake people make is looking in the wrong place. If you are watching your participants on your screen, you are not looking at them in their eyes. If possible, stare at the webcam.
  6. Good networking - Spend the money and buy a reliably good router. I recommend the Asus branded WIFI routers. A bad router could cause huge videoconferencing issues.
  7. Use Quality of Service - You should enable the QOS feature on your router to prioritize your videoconferencing traffic.
  8. Mute - Make sure you have a way to quickly mute sound. It's good to mute when you not talking or quickly mute if you have to cough.