The Scariest Search Engine ( ). Find Vulnerable Webcams Using Shodan.

the world’s most dangerous search engine.  These include routers, switches, webcams, traffic lights, SCADA systems, and even home security systems.

Here, we will look to find webcams that are either unprotected or will allow us to log in with the default credentials.

STEP 1 : Log In To Shodan

First you need to login at Although you can use Shodan without logging in, Shodan restricts some of its capabilities to only logged-in users.


STEP 2 : Search for Webcams

There are many ways to find web cams on Shodan. Usually, using the name of the manufacturer of the webcam is a good start. Remember, Shodan indexes the information in the banner, not the content. This means that if the manufacturer puts their name in the banner, we can search by it. ex webcamxp

 1 . Someone webcam in Netherland – outside


 2 . Inside Home


 FUN Right . . . . ! !

STEP 3 : Default Webcam Username & Passwords

For those which will require authentication. The first step is to try the default username and password. I have compiled a short list of the default username and passwords of some of the most widely used webcams below.

  • Samsung Electronics: root/root or admin/4321
  • Samsung Techwin (old): admin/1111111
  • Samsung Techwin (new): admin/4321
  • WebcamXP: admin/ <blank>
  • ACTi: admin/123456 or Admin/123456
  • Axis (traditional): root/pass,
  • Sony: admin/admin
  • TRENDnet: admin/admin
  • Toshiba: root/ikwd
  • Vivotek: root/<blank>
  • Axis (new): requires password creation during first login
  • Cisco: No default password, requires creation during first login
  • Grandstream: admin/admin
  • IQinVision: root/system
  • Mobotix: admin/meinsm
  • Panasonic: admin/12345

Stay tuned for more .. Happy Hacking #3dayhack

1 Comment

  1. Buy Cialis Online Usa Oklahoma Metformin Achat Obtaining Viagra Without Prescription viagra Ibilex Cephalexin Std Propecia Meteo Proscar Mantreal Cialas Commercial Clomid Acupuncture Get Pregnant

Leave a Reply

Your email address will not be published. Required fields are marked *