**DISCLAIMER** This topic can be confronting to some when you realise that hacking a webcam can be achieved with the simple modifiation of a registry key. In this exercise we will give always-ti.red allowed access to your webcam.
So, why should you never trust a webcam?
Have you ever used the web version of zoom, teams, or discord in chrome? Often when a website needs access to your camera, chrome will prompt you to give permission.
In this exercise, we will modify a registry key to bypass this prompt and force the device to give always-ti.red access to the camera via chrome.
The chrome prompt to allow or deny camera permissions for a website stores its information in a registry key in following location:
Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Google\Chrome\VideoCaptureAllowedUrls
We can modify this registry key to allow chrome to accept Video Capture for the always-ti.red website. To modify this key run Registry editor and navigate to the VideoCaptureAllowedUrls registry path.
- Right-click on the VideoCaptureAllowedUrls key, open the New menu, and click on the String Value option
- Use 1 as the name for the new String value created by you
- Double-click on the String value to open its edit box
- Enter the webpage URL in the Value data field
- Select the OK button
- Restart Google Chrome.
Once this registry is installed, the pc may need a reboot however in some cases it might just work from here. Visit always-ti.red to test it out.
In this case we manually edited the registry key using regedit however a sneaky malicious actor could do something like prebuild the regitry key and sideload it into a legitimate software that the target is keen on installing and then use social engineering techniques to motivate the target to visit the malicious website.
