Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Pen-Test
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Webcams

from [rajat swarup] Network Security [Permanent Link]
Subject: Re: Webcams
Date: Mon, 27 Aug 2007 06:44:35 -0700 
On 8/25/07, Jan Heisterkamp <janheisterkamp@web.de> wrote:

Why don't you query the webcamserver or for webcamserverfiles?
You can find, only for example,  webcams in the internet with a simple
googling for example with inurl:/view/index.shtml or
inurl:"ViewerFrame?Mode="...this won't help you in  your case, but you
have admin rights, you should be able to find them..you don't need a
scanner for this job.

Richard Lane schrieb:

You could try GFi LANGuard's Network Security Scanner -
http://www.gfi.com/lannetscan/ .  IT allows you to remotely query the
machine's to determine a wide range of info - including installed software,
registry settings, USB devices (currently and previously connected).  I've
just used it to audit our infrastructure (around 700 devices) and a client
(around 3000 devices), and it highlighted a number of people running webcams
(amongst other unauthorised stuff, which NSS is great for identifying).


-----Original Message-----
From: listbounce@securityfocus.com [mailto:listbounce@securityfocus.com] On
Behalf Of Holstein, Robert - BLS CTR
Sent: 24 August 2007 06:27
To: pen-test@securityfocus.com
Subject: Webcams

Does anyone have a method for remotely detecting webcams installed on
Windows hosts?  I have the need to conduct an audit to find out if
certain staff are using webcams. I may have administrative rights to the
targets remotely, but no physical, or console access.
Any input would be appreciated.

Robert C. Holstein




Hi Robert,
I'm not an expert on WMI but maybe this might be of some help to you.

http://packages.debian.org/unstable/python/wmi-client

Are you sure that all webcams would be definitely using WMI interface
only?  I've seen that some scanners don't use it.  May be it's worth
researching.
Just my 2 cents.

HTH,
-- 
Rajat Swarup

http://rajatswarup.blogspot.com/

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: [WEB SECURITY] HTTP Proxy for thick clients, Ofer Shezaf
Next by Date:  HTTP Proxy for thick clients, Huan Chi
Previous by Thread:  Re: Webcams, Jan Heisterkamp
Next by Thread:  Re: Webcams, anastasiosm
Indexes:  [Date] [Thread] [Top] [All Lists]