How To Find Vulnerable Webcams Around The World

How To Find Vulnerable Webcams Around The World

Today I am going to tell you how to Find Vulnerable Webcams Using Shodan



Sometimes we do not have a specific goal in mind, but we simply look for vulnerable webcams and easily hacked targets around the world. Would not it be great if we had a search engine like Google that could help us find those goals? Well, we do, and it’s called Shodan!

What is Shodan?

Some have described Shodan as a hacker search engine, and have even called it “the most dangerous search engine in the world”. It was developed by John Matherly in 2009 and, unlike other search engines, looks for specific information that can be invaluable for hackers.

Shodan has service flags (see my tutorial on web servers fingerprints for more information on banners) servers and devices on the network, mainly port 80, but also ports 21 (FTP), 22 (SSH), 23 (telnet ), 161 (SNMP) and 5060 (SIP).

Also read: Bad Rabbit Ransomware Is Widely Spreading Across Europe

What can Shodan show us?

Since almost all new devices now have a web interface (perhaps even your refrigerator) to facilitate remote administration, we can access countless web servers, network devices, home security systems and more.

Shodan can find vulnerable webcams, semaphores, video projectors, routers, home heating systems and SCADA systems that, for example, control nuclear power plants and power grids. If you have a web interface, Shodan can find it!

Although most of these systems communicate over port 80 using the HTTP protocol, many use Telnet or other protocols on other ports. Keep this in mind when you try to connect to them.

Also Read: How To Hack Facebook Using Trusted Friends Method

Let’s take a look at this fascinating and harmful search engine!

Now Let’s Start Finding Vulnerable Webcams Across The World:

[sociallocker id=1998]

1) Log in to Shodan

First, we need to connect to Although you can use Shodan without logging in, Shodan restricts some of its features only to connected users.



Step 2: Search for webcams

There are several ways to find vulnerable webcams in Shodan. Usually using the webcam manufacturer’s name is a good start. Remember, Shodan indexes the information in the banner, not the content. This means that if the manufacturer puts his name on the banner, we can look for it. If this is not the case, the search will not succeed.

Also Read: How To Hack Wifi Using Evil Twin Attack Using Wifislax

One of my favorites is webcamxp, and when we type this in the Shodan search engine, it links to hundreds, even thousands, of webcams around the world.


While it can be fun and interesting to watch without the knowledge of these people around the world, we are likely to want to be more specific in our search for webcams.

Step 3: Default webcam username and password

Although some of these webcams are not protected, many of them will require authentication. The first step is to test the default username and password. I have compiled a short list of the username and default passwords for some of the most used webcams below.


ACTiadmin/123456 or Admin/123456

  • Axis (traditional)root/pass,
  • Axis (new): requires password created during the first login
  • Cisco: No default password, requires creation during the first login
  • Grandstreamadmin/admin
  • IQinVisionroot/system
  • Mobotixadmin/meinsm
  • Panasonicadmin/12345
  • Samsung Electronicsroot/root or admin/4321
  • Samsung Techwin (old)admin/1111111
  • Samsung Techwin (new)admin/4321
  • Sonyadmin/admin
  • TRENDnetadmin/admin
  • Toshibaroot/ikwd
  • Vivotekroot/<blank>
  • WebcamXPadmin/ <blank>

There is no guarantee that it will work, but many managers and individuals inattentive and lazy simply leave the default settings, and in these cases, this username and password will give you access to private and confidential webcams around the world!

Step 4: Search Webcams by Geography

Now that we know how to find vulnerable webcams and possibly log in with the default username and passwords, we will be more specific and try to find vulnerable webcams in a specific place. If we are interested in the webcam manufacturer WebcamXP Australia, we can find them by typing:

·         webcamxp country:IN


This will display a list of all WebcamXPs in Australia that are enabled on the web in the Shodan index, as shown below.

Step 5: Refine your search in a city

To be even more precise, we can limit our search to a single city. Let’s see what we can find in Sydney, Australia. We can find these vulnerable webcams by typing:

·         webcamxp city:delhi


Step 6: Search for webcams by length and latitude

Shodan even allows us to be very precise in the search of devices enabled for the web. In some cases, we can specify the length and latitude of the devices we want to find.

In this case, we will look for WebcamXP cameras in length and latitude (-37.81, 144.96) in the city of Melbourne, Australia. When we perform a search, we obtain a list of each WebcamXP in these coordinates of the globe. We must use the geo keyword followed by longitude and latitude.

·         webcamxp geo: -37.81,144.96


When we get that specific, Shodan only finds four (4) WebcamXP cameras as shown below.


That’s It, When you open any of them, you can watch the Live stream, So Enjoy Watching


Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.