This Module allows attackers to Remote Control Target WebCam (Laptop|PC|Pads) to take a screenshot OR to list all webcam devices Available. This module will upload @tedburke/CommandCam.exe binary to target '$env:tmp' folder, before silent execute it in background (cmd child process).

'CommandCam' is a simple and easy to use command line webcam image grabber for Windows. It captures a single image from a webcam and stores it in a bitmap file (bmp). CommandCam uses Microsoft’s DirectShow API to access webcams, so it should work with most USB cameras. CommandCam.exe (meterpeter) have been modified (digital signed) to evade signature detection.

Remark

• Remote-Host WebCam will turn 'on' the 'green' ligth while taking screenshots
  
• CommandCam.exe binary (Manipulate WebCam) will be 'auto-deleted' after each action
  
• 'PS Downgrade attack' its used to exec CommandCam.exe If the Client its exec as Administrator
  
• ALL the Modules in this article does 'not' require the Client to be executed with 'Admin Privs'
  
  

Article Quick Jump List

• meterpeter - List All Remote-Host Webcams (devices) Available
• meterpeter - Use Target WebCam to take a screenshot

1º - Sellect meterpeter 'PostExploit' Module

2º - Sellect meterpeter 'CamSnap' Module

3º - Sellect meterpeter 'Device' Module

• Jump To Top
  

1º - Sellect meterpeter 'PostExploit' Module

2º - Sellect meterpeter 'CamSnap' Module

3º - Sellect meterpeter 'Snap' Module
This Module will take target screenshot using default webcam and store it on remote '$env:tmp' dir.

• Remark:
  
• 'PS Downgrade attack' (PSv2) its used to execute 'CommandCam.exe' If the Client its exec as 'Administrator'
  
  

4º - Sellect meterpeter 'Download' Module
Use meterpeter 'Download' Module to download remote-host screenshot

• @tedburke/CommandCam.exe
  
• Jump To Top