Remotely Capturing Photo: Using this method you can remotely hack your victim’s smartphone and secretly capture selfies or photos from their front camera just by sending a link and a little social engineering.
CEHv10 Course
Certified Ethical Hacking course is available now at very cheap price. If you are a complete beginner to Ethical Hacking and want to learn & grow in the field of Ethical Hacking then this course is for you.
Learn How to hack any android phone, IOS phone, any windows, linux, mac system, website and much more with this best beginner to advanced level ethical hacking course.
Click Here to Access the CEHv10 Course now
We will use a tool named saycheese by thelinuxchoice on github. This script will generate a malicious HTTPS page using ngrok or serveo for port forwarding over the internet.
This malicious page has a javascript code for camera requests with the help of MediaDevices.getUserMedia and it will capture photos using the victim’s front camera.
Learn How To Run Root Apps Without Rooting Your Android Phone
So that’s how it works. Now let’s move to the process of using this tool in Kali Linux.
Also if you like this, please support us by sharing this post with your friends by clicking on social media buttons.
How To Hack Front Camera of any Phone
Step 1- Open your terminal in Kali Linux and use the below command to download the tool from Github.
git clone https://github.com/thelinuxchoice/saycheese.git
Step 2- Now you have a new folder named saycheese navigate to this folder and execute the saycheese.sh file, like this.
cd saycheese
./saycheese.sh
Learn How To Hack Windows PC Just By Sending An Image
Step 3- You will see port forwarding options when you start this tool. You will have two options, serveo or ngrok.
Now, the serveo doesn’t work sometimes and you might face some problems with this method.
So, I recommend you to use ngrok method. Type 2 and hit enter to select the ngrok method.
Step 4- It will take less than a minute to start the server and then you will see ngrok URL to access the server over the internet.
Copy this URL and send to your victim. Once your target opens the URL, it will ask for camera permission (that’s where you need a little social engineering trick).
As soon as your victim clicks on allow, you will keep receiving photos captured from their front camera without knowing them in every 3 or 5 seconds until you turn off the tool and server by pressing ctrl+c or your target closes the tab and browser.
Learn How To Track Exact Location of Anyone
Conclusion
You can remotely capture selfies and photos using this method from your victim’s smartphone.
In the next post, we will learn to use Drop.it framework.
Don’t forget to share.