Linux

Webcam Picture Capturing with Metasploit

For those who are still not familiar but interested in learning metasploit. These links might be helpful πŸ™‚

hxxp://www.offensive-security.com/metasploit-unleashed/Metasploit_Unleashed_Information_Security_Training

hxxp://www.grmn00bs.com/Β – great videos πŸ™‚

After doing all the hardwork of rooting and dumping all users and passwords from the victim’s box. Another post exploitation stuff that you can do is to capture an image from a victim’s webcam. This is one my favorite exploit to see what he/she is doing… lol.

Exploiting the victim

You might also want to set the target OS. It uses the autodetect os version and language which sometimes not accurate.

Meterpreter payload has tons of scripts that you can use for post exploitation such as adding backdoors, keylogging, desktop screen capture, token impersonating and many more.

If you encounter this problem. There are possibilities that either webcam is not configured or you have multiple webcam installed as indicated above the -i which uses default 1 webcam.

You can check the webcams available by issuing webcam_list:

Have fun! πŸ™‚

10 Comments

    1. meaning di ka makapag establish ng connection. Make sure that your target is connected to you or you have a backdoor to him. The chances of this exploit is really for LAN. =)

      Reply
  1. iset mo din tol yung TARGET for specific windows version minsan hindi effective yung autodetect sa TARGET. also try to turn off firewall for possible establish connection. πŸ™‚

    Reply
      1. done already πŸ™‚ can you point me to good blog/book/site where i can learn the basics of these things. πŸ™‚ my school is MS IT academy kasi, and it sucks 😐 i want to learn on my own sana ngibang bagay pa πŸ™‚

        Reply
        1. Brother, your question is very broad but I will refer you to some sites wherein you learn some basic things:
          1.google.com
          2.preferablylinux.blogspot.com
          3.blog.rootcon.org
          4. offensive-security.com
          5. backtrack-linux.org
          6. offensive-security.com/metasploit-unleashed/Metasploit_Unleashed_Information_Security_Training
          7. synfyre.net
          8. and more google.com

          Reply

Leave a Reply