Google hacking is about searching the google search engine of things that are not supposed to be publicly seen. These could include files, data, other sensitive information and even access to hardware devices like webcams. In this post we are going to see how easy it is to find online webcams that are accessible over the internet (ofcourse due to wrong network configuration by their IT guys).
Most webcams provide a web based interface to stream the pictures/video over the network. But sometimes these webcams are put live for remote access. The remote access is so remote that eventually it becomes accessible from all over the internet. And since google is constantly scanning the entire internet, it finds such webcams.
Some of the google search terms that can reveal online webcams are :
intitle:"Live View / - AXIS" inurl:"sample/LvAppl/" inurl:"viewerframe?mode=refresh" intitle:"Network Camera" inurl:"/ViewerFrame?Mode=Refresh" intitle:"Web Monitor" inurl:"simple.htm" intitle:"Toshiba Network Camera" user login
You would be actually surprised to see the number of webcams online. Most of the webcam interfaces require java to be installed since they stream the video/pictures over a java applet. If you want to find some details about the video/pictures as to where do they belong to, then check the domain name and finds its details through whois, or find the location of the ip address. It can tell the country and city of the webcam and the pictures.
Some more google dorks are
inurl:/view.index.shtml inurl:/view.shtml intitle:”Live View / - AXIS” | inurl:view/view.shtml^ inurl:ViewerFrame?Mode=
Search the exploit-db google dorks for latest and new dorks. Apart from google, now there is a search engine known as Shodan, that is specially made for hackers. It can also be used to find webcams. Shall talk about shodan in some other post.