CAUTION: CAMPHISH IS CREATED TO HELP IN PENETRATION TESTING AND IT’S NOT RESPONSIBLE FOR ANY MISUSE OR ILLEGAL PURPOSES.
In this digital era, you have received or sent links to your colleagues for them to scope that interesting article or maybe linking to a file. But how often do you check the legitimacy of these links, without waiting to hear your answer I bet it is none. Have you ever thought that hacking android camera with just a link is like a twinkle of an eye or counting alphabetical? Then if you don’t have a clue today, I will enlighten of one way among many how an attacker might trick you and access your camera.
- Kali Linux
- Virtual Box
For this to work you will need a Linux os or Mac OS, but I am going to use kali Linux. We will first make a virtual machine using VirtualBox.
Process of hacking android camera with just a link:
Download virtual box and install it is simple.
After installing virtual box, hoping you have already downloaded kali Linux, launch virtual box.
On the right-hand menu press the New option or you can press shortcut key Ctrl+N.
A window will open, give your machine a name in my case I will name it hacklab, type select Linux, version-Debian 64 you should this with respect to your machine architecture. Allocate memory in my case I am setting to 1024(1gb). After you’re done click create.
It will launch a window select where you want your machine to be located, give it 50gb size and click create.
You have successfully created your machine now it times to install our kali Linux os.
On the right-hand menu, press start option, a window opens up now open the location where you downloaded your kali Linux. After selecting press start and follow all steps until it is installed. It will take like 20 minutes setting up your machine after you are done, we are now good to proceed to the next part.
I’m now assuming you already have your machine running. Fire up terminal, for our program to work we need first to install a web server. Copy and paste this apt-get -y install php openssh git wget to your terminal and hit enter, it will start installation.
Then we will have to clone CamPhish from GitHub, simply copy this link and paste to your terminal. Before that we should be in our download folder ,simply type cd Downloads in your terminal and make sure it looks like this.
Now copy our link
git clone https://github.com/techchipnet/CamPhish
and it should start downloading, depending on how faster your internet connection it shouldn’t take longer.
When done downloading, on your terminal type cd CamPhish. Then type bash camphish.sh to install our CamPhish. Congratulation you are done.
Now that we have installed CamPhish, it is displaying some options, requiring to choose tunnel server, you should select option one Ngrok as Serveo.net sometimes have down times.
Next is choosing phishing template, in considering your target victims you can either choose Festival Wishing or Live YouTube TV. I am going to choose the first option and when prompted to enter festive name I will name it valentine. CamPhish will now generate a link which you will be sending to your victims.
When your victims open the link, a pop notification will appear asking them to allow camera. As soon as the victim allows camera, the phone will start snapping shots of the victim silently without them knowing. Caution these snaps will be sent to the CamPhish owner.
Snaps will be located in the CamPhish folder in the Downloads location in my case.