How to increase your chances of finding a hidden camera

Take note of the title of this blog. What you read below will give you some additional knowledge that may help you identify a hidden camera but it certainly won’t guarantee that.

We got lucky (if you can say that), the host had the hidden camera on the same network as the wifi that he allowed us access to and the stream was not protected (required authentication to access).

If a camera is hidden well and is not on the network (i.e. records to an internal memory card) or is on a network that you don’t have access to it may be very difficult to identify.

Report this ad

Below are the steps we are now taking when booking/staying at an Airbnb (or similar).

Step 1: Read the house listing in detail and view all photos

Before you book a house make sure you aren’t setting yourself up to fail.

It is Airbnb policy that any cameras be detailed in the listing. Scroll through all the details as there doesn’t seem to be a defined place for the host to list these details. Details could be in the description, the amenities section, the safety features or the house rules.

If a camera can be seen in a photo of the house listing then Airbnb deems that you have been notified of the cameras.

So, in summary if you want to avoid a house with cameras ensure that when you book it you have not been notified that there are cameras.

Step 2: Do a physical check of the house

First, understand what you are looking for. Non-hidden cameras are pretty obvious and are readily identifiable as cameras. Hidden cameras unfortunately come in all shapes and sizes and are hidden in numerous objects.

Here are some examples:

Smoke Detector – http://www.brickhousesecurity.com

Fan *– http://www.brickhousesecurity.com*

Clock – *http://www.brickhousesecurity.com*

Yes, they even come disguised as screws.

This was the one we found. The hidden camera is in the enclosure on the left (the one on the right is a real smoke detector). If you zoom in on the picture you can see that I have stuffed tissue paper in the hole where the camera lens was so that we could work out what to do without the host watching us.

A camera has to “see” to take an image so it needs a hole (although that can be as small as a pinhole) or a clear substrate to see through.

Look for anything unusual in the rooms e.g. 2 smoke detectors in the same room, an alarm sensor but no alarm pad.

A hidden camera will typically be placed so it has a field of view of what the person wants to see. So usually on a ceiling, bedside table, bathrooms, corners of rooms etc. Remember that these cameras typically have a wide field of view.

Have a close look at any devices you find and see if you can see any lens. You can take photos using your phone up close with the flash or shine lights on them in the dark – the lens will usually reflect light.

Step 3: Scan the house network to identify potential cameras

Before we start you should note that a camera will not be discoverable on the network in the following circumstances:

The camera is not on the same network as the network you have connected to. That is, if a host wants to hide a camera they can connect it to a network that you may not have access to.
If the camera records to an internal memory card then it doesn’t need to be connected to a network and therefore wont show up on one.

Connect to host accommodation network. Typically all host houses provide wireless access with a password. Once you are connected to the hosts wireless network you can then access the network to discover what is on it.
Launch network scanning app and scan for devices connected to the network.

In my case I used an Android app called “Network Scanner – First Row”. There are many alternatives for Windows, Mac, iOS etc.

This app automatically scans the network you are connected to and displays the IP address of the device and the Manufacturer. See example output below.

As you can see the scan has identified a number of devices on the network including the Gateway (wireless access point / router), my laptop and several phones (Huawei and LG).

At this stage you should be looking for any giveaway signs that one of the devices is a camera. For example, the manufacturer could be IPCAMERA. (That was the case in the one I discovered )

In this example the device at the bottom has raised my suspicions as it is not one of my devices (tick off your devices and see whats left) and the manufacturer is not a well known brand. For example we found it common to find the likes of Nest heating devices on the network.

I then use a port scanning app to see what ports (different options to connect to a device) are open on the device. This typically helps me identify the device.

I used the Android “Network Mapper” app.

Once you run the app you need to enter in the IP address of the device you want to port scan. In this case it is 192.168.0.116

The output of that port scan is below:

The details you are interested in are the Open ports detailed at the bottom of the scan.

In this example there are 4 ports open: 81, 554, 1935 and 8080 and the port scanner notes the typical service used on these ports.

You can Google the services and for this one you would discover that RTSP and RTMP services are used to stream video. Any ports that appear with the service HTTP or HTTPS can be attempted to be connected to with your web browser.

For example here is the output below when I connect to Port 8080 with my web browser:

The important thing to note from the output of the above is the mention of ONVIF. ONVIF is a standardised way of connecting to IP security cameras.

So, we can be fairly certain that this is a camera. In this instance this is a external camera that we were made aware of.

In our case finding and accessing the hidden camera was easy because:

it was on the same nework as the wifi we were given access to
it was named in the network scan as an “IPCAMERA”
it had a live stream running on port 80 which could be connect to without requiring authentication (login and password)

In many cases accessing a hidden camera video stream may require more “invasive” techniques (e.g. password bruteforcing, vulnerability exploitation etc). Essentially hacking the devices to get access. Be aware that this may be illegal.

So, I hope that has provided some guidance. Just be careful sometimes a little knowledge can get you all paranoid without there actually being an issue.

47 thoughts on “How to increase your chances of finding a hidden camera”

Anonymous says:

April 6, 2019 at 2:46 pm

Absolutely DISGUSTING!

LikeLike

Reply
Pingback: Ospite di Airbnb scopre una telecamera di sorveglianza nascosta
Mark says:

April 6, 2019 at 7:46 pm

I was hoping you’d give us a lesson. Great post!!

LikeLiked by 1 person

Reply
Pingback: Airbnb hidden camera: Family angry after finding secret recording in Ireland | Dose Of Viral
Pingback: Airbnb hidden camera: Family angry after finding secret recording in Ireland – Power Money Sex
Ozzard says:

April 6, 2019 at 9:42 pm

Excellent advice! Also, unfortunately, illegal for anyone in the UK – port scanning someone else’s device is illegal under the Computer Misuse Act 1990. Yes, even if it is itself doing something unpleasant. I’m sure you’ll be as amused* as I am by that little gem.

* For some value of “amused”.

LikeLiked by 1 person

Reply
1. Anonymous says:
  
  April 8, 2019 at 2:50 pm
  
  This is not strictly true, whether or not port scanning is legal in the UK depends very much on the intent of the actor when undertaking the scan.
  
  Additionally, if the device is not protected by a password or network segregation, there may be an argument (depending on terms for staying in the property) that accessing it is authorised as you have been permitted to use facilities and appliances at the property.
  
  Disclaimer: this is purely my own opinion and speculation and should not be considered legal advice. Anyone in this, or a related, situation should seek professional legal advice prior to acting
  
  LikeLike
  
  Reply
2. Screw the UK says:
  
  April 8, 2019 at 3:06 pm
  
  Dude, fuck the UK. The UK will be gone soon in a few days time post the brexit mess brought by the clowns in parliament. They’re the same clowns who also introduced the GDPR crap. What the fuck do they know about technology? Nothing.
  Just stay safe out there!
  
  LikeLike
  
  Reply
3. Anonymous says:
  
  April 8, 2019 at 10:59 pm
  
  Of course port-scanning isn’t illegal in the UK.
  
  LikeLike
  
  Reply
Stu says:

April 7, 2019 at 1:13 am

Cheers Andy. Takes me back to our previous life…..

LikeLike

Reply
Ti. says:

April 7, 2019 at 2:09 am

Thanks a lot for sharing this post on how to potentially detect hidden cameras.

LikeLike

Reply
Raj says:

April 7, 2019 at 4:30 am

Wonderful post and great explanation! Yes, you were kind of lucky here as the owner did not think much about how to hide his IP-camera. Another private secure wifi network with a strong password would have made your job difficult. But your post made a lot of things clear for me. I have seen a lot of posts on social channels about identifying the hidden cameras as walk in the park! Thank you!

LikeLike

Reply
Michael Kardos says:

April 7, 2019 at 7:19 am

Dear Nealie Barker,

Thanks very much for bringing this issue to light, and for pursuing the matter so Airbnb takes meaningful action.

My wife and I have been traveling the world full time — haven’t been back to the U.S. — for more than three and a half years. We sold our house in Los Angeles, cars, and virtually all our belongings. We hope to travel for at least another 10 years. We did buy a small apartment in Split, Croatia, but we continue to add cities and countries to the list as we explore the world.

Airbnb is a generally our default choice, so reading your story this morning in The Washington Post was alarming. Once, in Viña del Mar, Chile our Airbnb had a camera — in plain sight — aimed at the front door to see who was coming in. Nonetheless, I disconnected it and covered the lens; still it felt creepy.

Your experience, and informative blog post is a strong reminder to remain vigilant and aware.

We wish you and your family all the best on your exciting adventure. Again, thanks.

Best,

Michael

LikeLike

Reply
Michel says:

April 7, 2019 at 7:52 am

Thanks a lot to share this useful in-plain-words short guide. Kudos!
On a side note I’m amazed by the lack of responsiveness AirBnB displayed when you approached them in the first place. (in the -short- history of this unicorn, they needed each time to face public outcry to upgrade their policy.. such a disappointment for an “agile” company)

Again thanks for the guide and the energy you demonstrated.

Cheers Michel. (Paris-Fr)

LikeLike

Reply
Richard Dittbenner says:

April 7, 2019 at 5:41 pm

Thanks for your diligence in following up. I read about your trials and tribulations in today’s Washington Post newspaper- one of the two leading newspapers in the USA. I am not su sure I will use Airbnb again, principally because they dragged their feet for so long in addressing your well-documented invasion of your privacy. And most troubling of all to me is that no one at Airbnb appears to have been fired! It reminds me to the behavior of the Catholic Church in Ireland- no action on wrongdoing against children until it became a scandal but no apparent real change in the larger global organization! But lots of public pronouncements about their need to make changes. . . . still no one was removed from their positions of authority. https://www.washingtonpost.com/technology/2019/04/06/they-were-settling-into-their-airbnb-then-they-found-hidden-camera/?utm_term=.2767b0115e26

LikeLike

Reply
Cosmo Freund Lee says:

April 7, 2019 at 7:06 pm

Nice. Can you provide details on how you viewed the video feed from the cam?

LikeLike

Reply
1. cindelicatonetizencorpcom says:
  
  April 9, 2019 at 11:38 am
  
  He did already:
  it had a live stream running on port 80 which could be connect to without requiring authentication (login and password)
  
  LikeLike
  
  Reply
  1. Cosmo Freund Lee says:
    
    April 9, 2019 at 12:36 pm
    
    Port 80 is generally used for HTTP transfers. RTSP was mentioned, but 554 is the port for that. Some kind of client was used to access the video stream – what was it? I’m looking for a bit more detail, like did he just point a browser at port 80 and a link popped up, or use an RTSP client? IE, how was the streaming actually initiated?
    
    LikeLike
  2. sixfortwelve says:
    
    April 9, 2019 at 3:16 pm
    
    In this instance the streaming was initiated by just pointing my browser at port 80.
    
    LikeLike
Per Westermark says:

April 7, 2019 at 7:55 pm

Consider using the phone camera and view all walls/objects in a room while the room is pitch black. The phone camera will often catch the light from the IR diodes used by the hidden camera to see in the dark.

Different phones have different quality of IR filter on the phone camera so not all phones works as well.

One way to check the IR detection capability of the phone is to film a remote control in the dark while pressing buttons.

LikeLike

Reply
Pingback: They were settling into their Airbnb. Then they found a hidden camera. | Tech.Money.Fitness
Anonymous says:

April 8, 2019 at 3:18 am

My husband and I stayed in a B& B (not an Air B&B Listing) that had a communal lounge. We were the only ones there and made ourselves comfortable in this room after dinner. As the evening drew later, we stopped talking and were just looking at the fire as you do. The host showed up a few minutes into the silence and apologised. They thought we had gone to bed as they couldn’t hear any noise. When I asked how they could expect to hear any noise from the top floor where they were situated, he calmly pulled out a radio monitor that was placed behind a TV cabinet. “We listen in to all our guests, ” he said. I just about died on the spot. We left early the next morning and we will never be back.

LikeLiked by 1 person

Reply
Pingback: New top story on Hacker News: How to increase your chances of finding a hidden camera – World Best News
Pingback: New top story on Hacker News: How to increase your chances of finding a hidden camera – News about world
Pingback: New top story on Hacker News: How to increase your chances of finding a hidden camera – Latest news
Pingback: New top story on Hacker News: How to increase your chances of finding a hidden camera – Golden News
Pingback: New top story on Hacker News: How to increase your chances of finding a hidden camera – Hckr News
Pingback: New top story on Hacker News: How to increase your chances of finding a hidden camera – Outside The Know
Pingback: How to increase your chances of finding a hidden camera – INDIA NEWS
Pingback: How to increase your chances of finding a hidden camera | My Tech Blog
Nick says:

April 8, 2019 at 10:04 am

I also liked this one:
https://www.senteltechsecurity.com/blog/post/how-to-find-hidden-cameras

Best, Nick

LikeLike

Reply
Pingback: How to increase your chances of finding a hidden camera – Hacker News Robot
Criação Ribeirão Preto says:

April 8, 2019 at 12:22 pm

This is on Hacker News front page right now!

LikeLiked by 1 person

Reply
Pingback: How to increase your chances of finding a hidden camera – JNW
peneves says:

April 8, 2019 at 1:56 pm

Can you use the wifi signal to help localize the camera?

LikeLike

Reply
Galahad says:

April 8, 2019 at 2:37 pm

Thanks for sharing!

LikeLike

Reply
Pingback: Airbnb says sorry after man detects hidden camera with network scan – Naked Security
Httqm says:

April 9, 2019 at 11:05 am

Another hack you may use to spot hidden cameras is to search for infrared light sources : those are invisible to human eyes, but cell phones cameras can see them (check this with any IR remote controller
Make the room dark so that the external lightning (IR) device activates, then “scan” the room with your cellphone.

LikeLike

Reply
Pingback: Airbnb says sorry after man detects hidden camera with network scan | Infosec News Ireland
Pingback: Airbnb says sorry after man detects hidden camera with network scan Hacksploitable
Pingback: Airbnb says sorry after man detects hidden camera with network scan – STE WILLIAMS
Pingback: Airbnb says sorry after man detects hidden camera with network scan
Pingback: You can legally be spied on while staying in an Airbnb rental - Welcome
Monica Torres says:

April 10, 2019 at 7:32 pm

Hi Andrew,

My name is Monica Torres and I’m a HuffPost reporter who would love to get your expertise for a story I’m writing on how to spot hidden cameras in an Airbnb! Please email me at monica.torres@huffpost.com!

LikeLike

Reply
Pingback: Airbnb guest finds hidden cameras (and 4 tips on how to stay safe on your next holiday) – AntiVirus Review Club
Pingback: Airbnb guest finds hidden cameras (and 4 tips on how to stay safe on your next holiday) - Best Antivirus Reviews
Pingback: meshedsociety weekly #213 | meshedsociety.com

Share this:

Like this:

Related

47 thoughts on “How to increase your chances of finding a hidden camera”

Leave a Reply Cancel reply