From: Holstein, Robert - BLS CTR (Holstein.Robert@bls.gov)
Date: Fri Aug 24 2007 - 09:15:16 EDT
The guys over on the nessus list had some pretty good input as well.
Nessus has a plug-in or two that may help.
It looks like at the end of the day this will need to be a WMI query or
a manual examination of a registry dump to sift for drivers or webcam
support software. I was hoping for a quick turn around, but alas I'll
have to use a baseball bat instead of a scalpel. I have a pretty good
idea which type of camera they are using. I know it's not wireless and
I'm just about 100% certain they are all USB so that narrows down the
scope somewhat from what I had yesterday.
Thanks for all the help everyone!
-----Original Message-----
From: p1g [mailto:killfactory@gmail.com]
Sent: Thursday, August 23, 2007 11:51 PM
To: Holstein, Robert - BLS CTR
Cc: pen-test@securityfocus.com
Subject: Re: Webcams
You could maybe query WMI via vbs, perl, WMI, nessus, etc.
You could query the filesystem or registry for installed camera
software.
query registery for usb devices.
If you knew what model of camera was being used, it would ne easier :) ,
yea, i know...
FYI..
The nessus-users list would be a good place to ask.
Sometimes this list(pen-test) reacts differently to the 'I want to
search my network for stuff' questions.
On 8/23/07, Holstein, Robert - BLS CTR <Holstein.Robert@bls.gov> wrote:
> Does anyone have a method for remotely detecting webcams installed on
> Windows hosts? I have the need to conduct an audit to find out if
> certain staff are using webcams. I may have administrative rights to
> the targets remotely, but no physical, or console access.
> Any input would be appreciated.
>
> Thank you,
> Robert C. Holstein
> IT Security Analyst
> Bureau of Labor Statistics
> (202)-691-7611
>
>
> ----------------------------------------------------------------------
> --
> This list is sponsored by: Cenzic
>
> Need to secure your web apps NOW?
> Cenzic finds more, "real" vulnerabilities fast.
> Click to try it, buy it or download a solution FREE today!
>
> http://www.cenzic.com/downloads
> ----------------------------------------------------------------------
> --
>
>
-- -p1g SnortCP ,,__ o" )~ oink oink ' ' ' ' If you spend more on coffee than on IT security, you will be hacked. What's more, you deserve to be hacked. -- former White House cybersecurity czar Richard Clarke ------------------------------------------------------------------------ This list is sponsored by: Cenzic Need to secure your web apps NOW? Cenzic finds more, "real" vulnerabilities fast. Click to try it, buy it or download a solution FREE today! http://www.cenzic.com/downloads ------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:58:03 EDT