Introduction
I’ve always loved Omegle and Chat Roulette. Clicking a button and getting dropped into a random situation somewhere on the planet felt like instant chaos in the best way.
For a long time, I’ve wanted to build a one-way version of Omegle for exposed IoT devices. You click a button, and boom: you’re connected to a proxied stream from some random device on the internet.
Try it out at StumbleTV!
How It Works
The whole app is built with Nuxt 4, with Nitro on the backend. It’s hosted on Cloudflare Workers/Pages on the $5/month plan.
Every 12 hours, the backend pulls a list of exposed devices from the paid Shodan API and stores them in a database. That includes a base64-encoded version of the original crawled stream screenshot.
When a user visits the frontend, the backend randomly selects a device from the database and returns the base64-encoded screenshot. If possible, it also crawls the origin IP and tries to procure a live stream via fuzzy path matching.
If no live stream is available, the backend will return the last persisted screenshot.
There’s a bunch more to it, mostly WAF-related stuff to stop you degenerates from speedrunning my cloud bill, but that’s the gist.
Random Interesting Things
I really love the minimap, which shows you where in the world the stream is coming from (via Shodan’s lot/landmark/etc. data).
Another interesting thing: a small but noticeable number of these streams are honeypots looping pre-recorded video and almost certainly logging the backend’s IP address.
Japan is the king of exposed webcams.
Last thing… Sony themselves exposed one of their own webcams, leaking Sony employees working on Sony projects. Of course, it’s live-stream enabled so you can watch them work in real-time. They’re incredibly productive. At the time of writing this post, they’re sleeping.
What’s Next For StumbleTV
First, I merged Omegle and Shodan. Next, I’m merging StumbleTV and GeoGuessr and turning this into a game where you guess where the stream is coming from on a map.
