How to use Shodan to find webcams
The use of a search engine index in most websites nowadays has enhanced efficiency as well as the ability. This concept is even applied to internet-connected devices too. Shodan mainly works for indexes like webcams, printers, and even the database which is easy control through the industrial website. All these if seen carefully then provide an easy gateway for the hackers to target upon. The hacking however can erase most of the data which can further be misused by mainly third side parties involved in illegal offences.
The platform of Shadon has changed the whole method through which the hackers build most of their tools as in here the large part of the discovery phase of the target is been easily automated. As when the internet is been used then a large group of targeted can be seen but through the use of this platform, the hacker will be able to enter the best as well as a right phase where the list of potential targets can easily be found without going here and there losing the track by the use of the internet. The Shodan python library always allows the hackers to write the easy python script within a very small duration of time and thought that it will be easy to fill the potential target as per any vulnerable device located nearby. There is even no requirement to search for the vulnerable device each time as that will take a lot of time for the hackers and here time is money.
Table of Contents
Now let us see the steps involved in finding the webcams using Shodan:
Step 1: The first step will be login into the Shodan
This step is necessary whether you are using a website or a command line you must log in to shodanhq.com in the web browser. There is even the option of using the Shodan platform without logging into but to make use of every capability the planform provide the login option is a must demand. The website has blocked some feature for the users using the site without a proper account. The search page is visible to both the users without even logging inside. If you want to proceed with the command line then the API key will be required to access the registered account with your respective name.
Step 2: A second step is an option as this is only for the users who are accessing the platform of Shodan via command line
As in the previous step we discussed that the platform usage via command line is possible if you have the required API key. The installation of the Shodan the initial requirement is of a working python IDE. Then you can type the listed commands in the terminal window to install the Shodan. ~$ pip install Shodan. After this command, you will be able to see all the relevant option via ~$ Shodan –h. All the above-written control is mostly straightforward to follow. The login can be performed via this key in the place of xxx… Write the API key: ~$ shodan init XXXXxxxxXXXXxxXxXXXxXxxXxxxXXXxX. After this, the successfully installed command will be shown on the screen.
Step 3: In the third step the user is required to search for the accessible webcams
There are several ways available on the Shodan platform to find webcams. But using the name of the webcam or the manufacture name for the search is recognized as one of the best ways through which the start is considered good.
The name will be displaying all the accessible webcams nearby if the webcam is not nearby the result will be fruitless. According to a lot of people choose, the webcam known as webcamxp is considered that is designed for both new and old windows system. After typing the required name thousands of results will be displayed on the screen from which you are free to make choice based on your preferences and demand. If you want to perform this action the command line then proceed with the search option available: ~$ Shodan search webcamxp. If you want to exist the list then kindly press Q on the keyboard. The field command can even help: ~$ Shodan search –fields ip_str, port, org, hostnames webcamxp. Look out for the results and make the choice of which one you want to use.
Step 4: In this step, we will discuss the tips
There are some webcams available that mainly shows the notification as unprotected or restricted. In that case, kindly use the default username and password.
- Axis (traditional): root/pass
- Grand stream: admin/admin
- Sony: admin/admin
- Toshiba: root/ikwd
- WebcamXP: admin/ <blank>
- Samsung Techwin (new): admin/4321
- Samsung Techwin (old): admin/1111111
- WebcamXP: admin/ <blank>
- Mobotix: admin/meinsm
- IQinVision: root/system
In all these passwords mentioned above, there is no guarantee as they are in regular change by the respective manufactures from time to time. Most of the time this may work as nobody has the time to change it all the time.
All the steps written above should be followed without missing any. I hope the article was useful for people reading.