Access Target’s Webcam, Microphone, Device location, and more

Cybercriminals and black hat hackers exploit system vulnerabilities and human weaknesses as well. This hacking tutorial discusses how a malicious actor can access any mobile or computer camera, microphone, physical location, and device information by just sending a URL along with some basic social engineering techniques.

Throughout this tutorial, we will glance at How Hackers Access Target WebCam Remotely and see what is happening on the other hand. To break into the victim’s webcam, we will utilize the tool Storm-Breaker and Kali Linux.

Recently in March 2021,

A group of hackers breached a massive trove of security-camera data collected by Silicon Valley startup Verkada Inc. gaining access to live feeds of 150,000 surveillance cameras inside hospitals, companies, police departments, prisons, and schools.

Storm-Breaker is going to assist us with a hack. With Storm-Breaker, you have.

  • Get Device Information Without Any Permissions
  • Access Location [SMARTPHONES]
  • OS Password Grabber [WIN-10]
  • Access Webcam
  • Access Microphone

Let us get rolling!

Install Storm-Breaker in Kali Linux

Clone the git repository into your Kali Linux Desktop.

git clone https://github.com/ultrasecurity/Storm-Breaker

Install Storm-Breaker in Kali Linux

Change directory to storm-breaker.

cd Storm-Breaker

 

Change directory to storm-breaker.Change the mode of the installer.sh file and execute the script. The install.sh script handles all operations related to installing and removing the application.

Chmod 777 linux-installer.sh

sudo bash linux-installer.sh

Install all the requirements for the tool using pip functionality.

python3 -m pip install -r requirments.txt

Install all the requirements for the tool using pip functionality

Give executable permission to python file.

chmod 777 Storm-Breaker.py

Give executable permission to python file

And run the setup.

sudo python3 Storm-Breaker.py

And run the setup

Access Webcam or Mobile Camera

Select option 1 and press enter.

Access Webcam or Mobile CameraSelect any templet you wish to hack. You can go for the default or mobile cam. Here I select option 2.

Access Webcam or Mobile Camera 2

At this point, wait for the tool to download Ngrok server and generate a malicious link for a victim.

Ngrok Server

Ngrok is a tunneling reverse proxy system that establishes tunnels from a public endpoint i.e., an internet, to a locally running network service. It creates a public HTTP/HTTPS URL for a website running locally in a machine.

If you want to learn more about installing your own Ngrok server, you can find here.

Ngrok Server

Transfer the malicious link to the victim’s device and wait for the victim to click on the link. Here I have emailed the link to the victim’s mobile device.

Ngrok Server

Once the victim clicks on the link, it will redirect to the fake page and will give pop-up message to allow for webcam.

victim clicks on the link

When the victim allows the webcam, nothing will happen other than the webcam clicking images every other second. But If a victim is smart enough, then from notification, he will recognize that link is using a webcam for malicious purpose.

victim clicks on the link

The webcam will take images as long as the victim will stay on that webpage. But as soon as the victim closes the webpage, the connection will break, and all the taken images save in an image folder of Storm-beaker.

victim clicks on the link

Mitigation

  • Always keep your laptop/mobile webcam close.
  • Avoid clicking on links or opening attachments from unknown sources.
  • Put the tape around your laptop webcams.
  • Always check if the webcam indicator light turns on by itself.

Should we fear hackers? Intention is at the heart of this discussion.

Kevin Mitnick

Sana Qazi
Sana Qazi is a technical writer specialized in Information Security. She enjoys writing about technology and reading multiple genres like suspense. When not writing, she can be found traveling, dinning out, watching series etc. She manages her medium blog as well.

Most Popular

Why You Need a Disaster Recovery Plan (DRP)

Although an apocalyptic IT network disaster may be unthinkable, a company should plan for its eventual occurrence and remediation. Sooner or later, catastrophe will...

Access Target’s Webcam, Microphone, Device location, and more

Cybercriminals and black hat hackers exploit system vulnerabilities and human weaknesses as well. This hacking tutorial discusses how a malicious actor can access any...

The Benefits of Automated Penetration Testing

Penetration testing has been one of the industries that are relatively slow adopters of automation. As security firms started automating many parts of the...

Wii Features That We Loved The Most and Would Like to See on Other Consoles

The Wii was released in the US on November 19, 2006, for $249 and is the smallest of the 7th generation consoles. Its dimensions...