Shodan implements a feature to browse vulnerable webcams

Shodan implements a feature to browse vulnerable webcams, including the one that is monitoring your kids while sleeping.

The explosion of the paradigm of the Internet of things has dramatically enlarged our surface of attack, it is quite easy to locate vulnerable devices and hack them by using search engines like Shodan and Censys.

Both platforms allow finding specific types of Internet-connected devices (routers, servers, hard drives, webcams, etc.), they represent a privileged instrument for IT professionals, hackers and obviously also crooks.

One of these search engines, Shodan,  has now created a new dedicated section for vulnerable webcams, the news was first reported by Ars Technica.

“Shodan, a search engine for the Internet of Things (IoT), recently launched a new section that lets users easily browse vulnerable webcams.” states the post published by Ars. “The feed includes images of marijuana plantations, back rooms of banks, children, kitchens, living rooms, garages, front gardens, back gardens, ski slopes, swimming pools, colleges and schools, laboratories, and cash register cameras in retail stores, according to Dan Tentler, a security researcher who has spent several years investigating webcam security.”

The webcams are everywhere and are used for several purposes, including the monitoring of kids sleeping.

Webcams are becoming even more, popular, this means that threat actors in the wild can easily hack them and access kitchens, garages, swimming pools, colleges and schools, and cash register cameras in retail stores.

Recently I posted about an intriguing experiment dubbed @FFD8FFDB, the researcher behind it developed a Twitter bot that spies on poorly configured cameras tweeting the images captured by the connected devices.


— ˇÿˇ€ (@FFD8FFDB) 2 Gennaio 2016

The Shodan search engine crawls the Internet searching for webcams, this is possible looking IP addresses with open ports that lacks authentication and streams a video. When Shodan locates an open webcam it also takes a picture of the surrounding environment, the operation is quite simple by exploiting the Real Time Streaming Protocol (RTSP, port 554) poorly implemented by the webcams to share video, that lack of authentication mechanism.

While free Shodan accounts are only able to search webcams using the filter port:554 has_screenshot:true (be aware you need to be logged in with a free account to view results).


Shodan Payment accounts offer the access to the image feed through the feature.

Administrators need to carefully configure their system before exposing them on the Internet, for example by protecting them with a form of authentication.

Be careful, threat actors can violate your privacy easily!

Pierluigi Paganini

FAIR USE NOTICE: Under the "fair use" act, another author may make limited use of the original author's work without asking permission. Pursuant to 17 U.S. Code § 107, certain uses of copyrighted material "for purposes such as criticism, comment, news reporting, teaching (including multiple copies for classroom use), scholarship, or research, is not an infringement of copyright." As a matter of policy, fair use is based on the belief that the public is entitled to freely use portions of copyrighted materials for purposes of commentary and criticism. The fair use privilege is perhaps the most significant limitation on a copyright owner's exclusive rights. Cyber Defense Media Group is a news reporting company, reporting cyber news, events, information and much more at no charge at our website Cyber Defense Magazine. All images and reporting are done exclusively under the Fair Use of the US copyright act.

Global InfoSec Awards 2021

We are in our 9th year, and these awards are incredibly well received – helping build buzz, customer awareness, sales and marketing growth opportunities, investment opportunities and so much more.