Saturday, September 21, 2019

SayCheese

SayCheese is a tool that allows you to control the victim's webcam and take a picture of the victim behind the keyboard. This tool does not require you to infect the victim's computer, all it does is it prompts the victim's browser to allow the browser access to the webcam once the victim clicks on the link. From here you will have to use social engineering and convince the victim to click on Allow. Once the victim clicks on allow inside the browser, the tool will begin to capture multiple pictures of the victim using the victim's webcam and save it to your attack machine.

Follow the instruction below to learn how to use SayCheese.

1. git clone https://github.com/thelinuxchoice/saycheese

2. cd saycheese

3. bash saycheese.sh


4. Option 1 is recommended unless you have Ngrok installed and you know what you are doing then you can pick option 2.

5. Y for default subdomain.

6. Leave this blank and press Enter unless you have a custom subdomain you would like to use. You can type in whatever you want here but for me, I just left it as default.


7. Below is what the victim will see after they visit your link. 


 8. After the victim clicks on Allow inside the browser, your terminal will start displaying Cam file received! The longer you leave this running the more picture it will capture. I recommend leaving it for at least 10 - 15 minutes because you will be able to capture a lot of information. You can access the captured picture by going into the saycheese folder under the Home directory.


0 comments:

Post a Comment