Put together, the search was historically used to find unsecured or default-configured IP cameras streaming live video to the web without a login wall.
The Ethics and Dangers of Google Dorking: A Case Study on Unsecured IoT Devices The search string inurl:viewerframe?mode=motion is a prime example of Google Dorking
The underlying vulnerability exposed by this Dork is not a flaw in Google's indexing mechanism; it is an omission of basic security best practices by camera owners and system installers. 1. Default Passwords and Open Guest Access inurl viewerframe mode motion hotel hot
: Engaging with these feeds can be unreliable, as high traffic from simultaneous viewers can cause the cameras to lag or require a reboot by the owner. controllable Webcams list - GitHub Gist
The dork we’re focusing on is just one of many. For completeness, here are other related search strings that security professionals use for auditing (again, only on authorized systems): Put together, the search was historically used to
Never leave the factory-set username and password intact. Create a strong, unique password consisting of letters, numbers, and symbols. If the device supports two-factor authentication (2FA), enable it. 2. Update Firmware Regularly
If you own a network camera, you must take active steps to ensure it is not publicly broadcasted. Default Passwords and Open Guest Access : Engaging
Google will return a list of URLs. They typically look like:
To view a camera feed remotely away from the property, owners assigned the camera a public static IP address or used dynamic DNS.