Futaba _ Webs 🕸🕸🎃🕸🕸

🎃 CCTV Hacking

Premise 🕸🕸🎃🕸🕸

For this demonstration, since we'll be using metasploit for it, you're going to need a Shodan premium membership to get a lifetime API key(s). Sadly, Shodan now requires you to be a premium member if you wish to use the API freely.

You can still query searches on the site if you are looking for something and tap into feeds via GUI, but you won't have access to the full features of the core API if you wish to craft your own exploits with them via metasploit and your own code for example.

Link to Shodan

Link to video

Like always, before we dive into the actual exploit, let's touch up on a bit of terminology and major concepts so that you understand how the overall process works. Wouldn't be a good article without that.

What is an API? 🕸🕸🎃🕸🕸

You've probably heard this term a lot, and probably need a bit of clarification on what this is. An API (Application programming interface) is essentially the core biological functions that make up a computer program. In most cases nowadays it's used in context with "automation" software for web applications, stuff like the "Shodan API" for example, that have core integrated functions that allow you to query information about IoT devices on the web. Another example of an API, would be a kernel, which pertains to the core functions that make up an operating system, and dictates how hardware and software interact with each other, allowing you to control the system.

Another good example would be the Windows32 API, that hackers and researchers use for stuff like DLL and Code injections to hook and hijack Windows system processes. They can also use it for little pranks like preventing you from opening your CD Drive, or shutting off your monitor by broadcasting a system command to all handles on the main system, shutting it off and on as they please.

What is the Shodan API? 🕸🕸🎃🕸🕸

The Shodan API is an OSINT tool that is used to track and gather information about various IoT gateway devices (routers), services hosted on them, as well as their corresponding IP's that are connected to the internet. This allows you to gain insight and exploit various services hosted on them and tap into things like: CCTV surveillance systems, home security systems, as well as file sharing services, SSH services, and of course, WEB APPLICATION services. You can also exploit any vulnerabilities that are in the firmware of the router itself, allowing you to pwn it and compromise the internal network.

Fun fact, when you are talking to a web server, you aren't actually talking to the main system itself directly, you are talking to the router that is hosting the service on behalf of it, indirectly. This also comes into play when you are port scanning with NMAP. When you scan with NMAP, you're actually scanning the router that is hosting many services on behalf of other systems on the internal network, or a singular one if that's the case.

As we know, the internet is made up of various communication devices, routers, that interconnect to one another, allowing end users to exchange data, access services like web applications (web sites), and communicate over the internet. All of this is possible through a technique known as port forwarding, that allows internal networks to safely communicate with each other. The internet wouldn't be possible without it, and without it, internal networks and highly sensitive information would be highly exposed and easily compromised.