How to Hack Webcam, Microphone & get Mobile Location using a Link - YouTube

in this tutorial you will learn to  access device information location  

accessing webcam microphone and many other  things by just sending a url or a link  

hello everyone this is irfan from ehacking.net  you know the drill like subscribe share and  

comment anyway let's get started stormbreaker is  the utility that we will discuss in this tutorial  

what it does well if you go down you can see  a lot of thing perfect so it grabs device  

information and location without any permission  it can access mobile or even desktop or laptop  

webcam and microphone as well exciting  utility now let's configure it  

rule of thumb clone it using the good  clone command so open the terminal  

let me zoom so that you can see properly all  right and there you can see what i will do now  

i have to just clone it so go there copy open  your terminal again type get uh clone sorry

and enter it will take some time it will download  okay so once you are done you need to get into the  

directory for example let me check so this is see  stormbreaker all right so cd stormbreaker perfect  

now there you can see the installer which is a  bash script so since i'm logged in as root i'm  

not using the sudo command however if you are  not logged in as you root you should use the  

sudo command so bash and one more thing  i need to see the name linux installer  

perfect so type bash linux  installer dot sh install it  

okay it's done after installation you need to  check all the requirements in order to do this you  

should execute uh the uh the python script to run  to check this requirement so the python you should  

not be worried about all the commands you will get  all the commands in the description of this video  

so so don't worry about uh you know looking here  and typing i will just paste all the command there  

all right perfect and let's check the requirements  ops spell issue uh it's requirements without e  

now let's see already satisfied is working perfect  done so let me just clear it all thing done we  

have successfully installed and configured the  utility a few things to understand this excellent  

utility generates a and grog url hence you can  access the target outside your lan environment  

this means you can access anyone considering they  are connected to the internet this program is very  

easy to use i will demonstrate few things the  rest you can do on your own now let's find out  

what it can do so it's python 3 and just execute  this script and again if you are not logged in as  

root you should use the sudo otherwise it will not  work so even i'm using the sudo as well so there  

you can see that yeah perfect so these things can  be done uh now let's find out the device location  

so for this i need to execute number four enter  number four there are two templates near you is  

very interesting when a user opens the url it  displays a page that says find people around you  

upon continue the targets device location  capture and send back to the attacker now  

let's see the first option near you i'm testing  it on my android phone what you need to do is  

to just copy this particular url and send it to  your target and once your target opens this url  

the connection establishes to your local  host or local machine on this particular port  

you you don't need to do anything else just  copy this url and send it to your target  

so let me send it to my android phone and let's  see what will happen well so there you can see  

that it's it has captured some information it  means that the target has opened this particular  

url uh what i did i just i simply send this  url via whatsapp to the target and now the  

uh the shell is waiting for the interaction the  user interaction and upon clicking on uh on the  

continue it it will automatically automatically  captures the device device information so let's  

just do this i'm clicking on the continue now  wow wow so there you can see the exact location  

with google map this is interesting very very  interesting now let's move further and discuss the  

second option that was the weather option so the  second option the it's called the weather option  

is also very exciting it displays a random  location that excites users to click on the change  

my location button upon clicking it asks for  permission hence it gathers the actual location  

anyway so the working structure is similar now  let's move further and see the webcam option  

as well so let's access the webcam number  one perfect it presents three templates  

the default is handy to capture desktop or laptop  webcam however for mobile use the second option  

rather than sending this ngrok url i suggest using  any link shortener such as bitly to shorten this  

particular url and for a more sophisticated attack  buy a domain host a genuine website and either use  

redirector or dns to land users on this url a  lot of things can be done you should use your  

social engineering and technical skills as  well now let's quickly see this webcam feature  

on a mobile device rather than testing it on the  desktop i have i've tested it on a desktop as well  

it's working perfectly but now i'm demonstrating  this second option the mobile camera let's select  

number two as discussed earlier you just need  to copy this particular url and send it to your  

target and once you target open this url it  opens uh on a on a browser on a web browser  

and it gives you the access to the particular  webcam now let's see this so i've sent this  

particular url on a mobile now i'm opening  it wow perfect so we are getting images now  

and the images uh it automatically plays  all the images all the capture images  

in the images directory or folder which is inside  this particular tool so there you can see that  

it is it captures the images in in after after a  certain interval or after a certain period of time  

so it captures a lot of information as long as  the session is established so in order to check  

the images what you can do you can just simply go  to this particular directory and cross check it  

for for example let me do this so cd storm breaker  and then if you see open in the webcam directory  

webcam directory if you see and let's get  into the images and there you can see that  

it has it has captured all these image images  and it is continuously capturing the images  

so there you can see that it has a captured one  two three four five six images so far and still  

capturing the images and there you can see the  two two four and five and six images as well  

well perfect so yep one more image captured  so if if i just cross check again so there  

you can see that the image count increasing  i'm not opening it although i can open it  

you can just go to the directory and you  can open it you can see the images as well  

and it is it is you know continuously capturing  the images so let me just stop it at the moment  

uh the purpose has been served we have discussed  it so i have demonstrated few things you can  

grab windows password access microphone etc etc  anyway that is it see you next time take care bye