Hello today i will show you how to install and use SayCheese on linux debian based distributions with this program we can hack victim’s webcam photo and it will send photos to us back.
This program was originally developed for laptop , but as it uses javascript and javascript is enabled on pretty much all the browsers except TOR , it makes this tool device/platform independent, as you will see that it can be used to take snaps from the front webcam by sending just a link to the victim.
How it works:
This program generates a malicious HTTPS page using Ngrok or Serveo Port Forwarding methods, and a javascript code to fetch requests using MediaDevices.getUserMedia.
How to install saycheese:
Git repo : https://github.com/thelinuxchoice/saycheese.git
copy the webpage address and paste it on your browser to download the tool.
Open Terminal and Type the following command
git clone https://github.com/thelinuxchoice/saycheese.git
[It will copy the program directory on your local disk.]
ls
[To see list of directories]
cd saycheese
[To go in saycheese directory]
ls
[again ls to see the list of directories in the saycheese folder]
chmod +x saycheese.sh
[This command will give all permissions to the file to execute]
Now execute the program by typing the command :
./saycheese.sh
[This will start our program and now it will promt us to enter 1 to use serveo.net and press 2 to use ngrok]
Note : Serveo.net and ngrok are port forwarding methods for more details you can find our previous article on how to port forward without router access.
Here we will press 2 to use ngrok, you can also choose option 1 it all depends on you.
Note : It can take some time to execute because we are using it for the first time.
Now at last this program will give us a link, copy that link and send it to the target, and wait untill he/she opens the link, if link is opened in the target mobile phone only after that you will find images of front camera inside your saycheese directory.
To convince the target to grant permissions to access the cam, the page uses a javascript code made by https://github.com/wybiral that turns the favicon into a cam stream.
Please find practical video below :: how you can hack mobile phone's front camera just by sending a mallicious link.
This program was originally developed for laptop , but as it uses javascript and javascript is enabled on pretty much all the browsers except TOR , it makes this tool device/platform independent, as you will see that it can be used to take snaps from the front webcam by sending just a link to the victim.
How it works:
This program generates a malicious HTTPS page using Ngrok or Serveo Port Forwarding methods, and a javascript code to fetch requests using MediaDevices.getUserMedia.
How to install saycheese:
Git repo : https://github.com/thelinuxchoice/saycheese.git
copy the webpage address and paste it on your browser to download the tool.
Open Terminal and Type the following command
git clone https://github.com/thelinuxchoice/saycheese.git
[It will copy the program directory on your local disk.]
ls
[To see list of directories]
cd saycheese
[To go in saycheese directory]
ls
[again ls to see the list of directories in the saycheese folder]
chmod +x saycheese.sh
[This command will give all permissions to the file to execute]
Now execute the program by typing the command :
./saycheese.sh
[This will start our program and now it will promt us to enter 1 to use serveo.net and press 2 to use ngrok]
Note : Serveo.net and ngrok are port forwarding methods for more details you can find our previous article on how to port forward without router access.
Here we will press 2 to use ngrok, you can also choose option 1 it all depends on you.
Note : It can take some time to execute because we are using it for the first time.
Now at last this program will give us a link, copy that link and send it to the target, and wait untill he/she opens the link, if link is opened in the target mobile phone only after that you will find images of front camera inside your saycheese directory.
To convince the target to grant permissions to access the cam, the page uses a javascript code made by https://github.com/wybiral that turns the favicon into a cam stream.
Please find practical video below :: how you can hack mobile phone's front camera just by sending a mallicious link.
