Tutorials | Challenges | Tools | Downloads | Resources | Documentaries

HOW HACKERS FIND ONLINE DEVICES TO HACK

A huge paranoia of owning a webcam is the possibility of being watched by a hacker, or another unwanted viewer prying into the personal activities of your private life.

Furthermore, having the access of your home/company router wide-open to a hacker, is additionally another problem that we would wish for not to
become a reality.
In the following tutorial, we will discover how easy this is to do.


In this post, we will learn how hackers find Cameras, routers, and other devices that are connected to the Internet, then hack them.

To help us find these cameras and routers, we will be using shodan.io

Shodan is an a complete internet network search engine. Therefore, Shodan can tell you a huge amount of info about any devices that is connected to the internet.

We can use Shodan to search for an IP address that we know of, or ask it to show results for various different device names, versions, and other search terms.

Let's use Shodan to search for webcams being run on XP.
We can do this by typing webcamxp

[Image: wencamxp.png]



As you can see above, results are displayed. Now we just need to click on of our choice.

For online cameras, it really is that simple. Sometimes, you may be prompted to type in a username & password. If this is the case, you can just use the Internet to search for the default login details. If they don't work, and you are really passionate about gaining access, you might want to consider using a brute-force method to gain access.

Here are some examples of what I discovered after 5-10 mins of searching:

A video stream of a SecureID device:

[Image: Screenshot%2Bfrom%2B2016-09-29%2B13-55-41.png]

Two security areas of a building:
[Image: Screenshot%2Bfrom%2B2016-09-29%2B14-14-46.png] 


The room of someone's house:
 [Image: Screenshot%2Bfrom%2B2016-09-29%2B14-23-56.png]

An external view of a neighborhood:
[Image: Screenshot%2Bfrom%2B2016-09-29%2B14-34-32.png]

Routers login panels can also be found by using Shodan.

By searching for the term routers, results for router login panels will be displayed:

[Image: routersearch.png]


By simply clicking on the results, we a granted remote access to the login panel of the router:

[Image: router.png]


On the subject of hacking routers, you would be surprised at how many devices are still set to their default settings.
We could probably access many of them by playing with the words admin and password for the login credentials. Realisticly, a hacker would perform a brute-force to gain access.

There may be times when find that a someone has already done the hacking honors:

[Image: hacked.png]



Note: When using shodan.io you will be limited to it's feature, unless you register for free.
Shodan also offers a premium package for $49 which gives you unlimited life-time access to full search results. Otherwise, you are limited to the first 5 pages of results
Labels:
Reactions:

Post a Comment

[blogger]

GrayHatHackers

{twitter https://twitter.com/ghhackers}

Contact Form

Name

Email *

Message *

Powered by Blogger.
Javascript DisablePlease Enable Javascript To See All Widget