How to hack mobile cam in a few clicks! - With G-Console & CamPhish — ” Educational Purpose Only!!!!!! “ -
How to hack mobile cam in a few clicks!
Difficulty: Medium
Time: within 5 minutes
Requirements: A web Browser Preferably a PC or Tablet. A minimum knowledge of CLI or Terminal.
Here we go again today with an “ Educational Purpose Only “ on How to take someone’s mobile camera in a few minutes with only a few clicks. With this Tool, you can even get target IP which, also eases further attacks. Note that, with this tool, you will not permanently take over the camera but only be able to establish a bland connection through Serveo or Ngrok. All of it is from a web browser without the need to install OS, Tools, Virtual Machines ( VM ), Dockers, Emulators or so on, or expose any of our devices thus, in less than 10 Minutes.
Intoday’s tutorial, we will use the G-Cloud console which is not a proper fully functional OS ( Operating System ) for those who are new to it, but a terminal that perfectly works with less need of maintenance, often faster & secure than a normal VM or emulator thus, Docker if properly set. All of it in the cloud, easily accessible from any web browser. Besides, since it is not a full OS, it may sometimes lack certain features. However, I believe that it is easy to use, with a hassle-free installation, maintenance, thus, update process. As a result, not everyone may opt for it. On the other hand, it comes equipped with numerous pre-set tools such as NANO, wget, & many more.
Ok, let’s start!
To access G-Console you will need a G-Mail Account & head to:
https://console.cloud.google.com/getting-started
The first time it may ask for a little info & agree on terms then you are ready to go. Click on the little icon in the corner & you’ll be provisioned with a fully ready-to-go cloud terminal! In this story I will not guide you throughout the power & countless tools G-Console have to offer, but I warmly inviting you to take a look at it.
Just in case this is the icon:
Intoday’s tutorial we will use a simple tool & as many know why we will try to avoid Ngrok; as often lately recognised by Google & not only as a virus if not, properly hidden. Serveo on the other hand seems to be a good ally. Leave the terminal open then open a new window & paste the URL:
https://github.com/techchipnet/CamPhish 
Aneasy-to-use tool that takes over for a short time is a camera device. Works also on Kali-Linux, Termux, MacOS, Ubuntu, Parrot & G-Cloud thus, more with the right configuration.
To Install the requirements copy & paste the below into your terminal:
apt-get -y install php openssh git wgetThen below as it is or in sequence, up to you.
git clone https://github.com/techchipnet/CamPhish
cd CamPhish
bash camphish. sh
& Boom! You in. Often, on VMs, Dockers, some Terminals or Emulators lack updates & dependencies thus, may slow installation but with G-Console it’s all preset & often helps you solve the fuss easily. Once you are done with all, this should be your first screen.
Perfect, I will opt for Serveo but if you want to use Ngrok remember that will take a few minutes more indeed, if not nicely hidden it will be flagged as Virus or Threat from Google & many others. Below, will be the screen & the options to choose from. The easiest is “ Festival Wishing “. Once chosen it will ask if you want to change the subdomain & the name. 2 secs & there you go with your link. The link in itself may seem scary to many & may not click. Then, let’s change it.
Open a new window & head to:
https://free-url-shortener.rb.gy
Paste the long link & get the new one. Yep, might still look suspicious to expert eyes but overlaps many neglected users. Remember Tinyurl & others banned Serveo & alike. Once you are ready just send the link to the victim. Remember better send the link via Text Message or Temp emails as WhatsApp, Social Messaging & most emails will inspect the link often with your IP. When the link is received this will be what they will see.
Then…
Onold mobile phones indeed, if not updated they may not even ask permission to access the Camera but on most New mobile phones a little window will ask for camera permission & if the user click on it, done. The connection won’t last long & not much to do apart from screenshots & IPaddresses but the whole can be done in minutes. Screenshots are usually saved once the victim is allowed on cam & you can access it anytime.
This Test can be perfect to spread awareness & learn how easily are we exposed to dangers thus, below we will see how to protect ourselves.
It is important to note that the following information is intended solely for educational purposes. Any unauthorized use of this information is strictly prohibited & may result in legal consequences. It is essential to keep in mind that to access private information, you will need to target consumers & gain access to their devices. Please proceed with caution & ensure that you are acting within the bounds of the law.
Credits App:
How can we protect ourselves from those kind of attacks?
Simply, do not click on links you are not sure about & if needed inspect them. Often on Social Media, Websites & nowadays in real life with QR codes we are overflooded with URL redirection indeed, we need to be very careful when exposing ourselves. Also, remember that when we visit ANY WEBSITE more than probably they can see the following information from us:
IP Address — If not protected from a VPN they can easily Geolocate you.
Location — Same if not VPN they will see your actual one.
System Used & Info: They will see which OS, you have, which Web Browser you are using and some more details about screen size & more.
This is the basic info you are giving away every time you visit a website & not protecting yourself. Things you can do are more thus, just stay tuned to know more ;)
Another option you have is to inspect url, to do so head to one of the following & paste the URL they will inspect it for you & advise if safe or not.
- https://www.virustotal.com
- https://radar.cloudflare.com/scan
- https://sitecheck.sucuri.net
- https://www.ipqualityscore.com/threat-feeds/malicious-url-scanner
- https://www.urlvoid.com
or
Today, you saw how easy is to get into someone’s mobile cam & how to protect yourself from it, hope you enjoy it, you will share it & drop your comment below. In case you are curious about OSINT, OOSINT ( Offensive OSINT ) or DOSINT ( Decepting OSINT ) check my stories or my work in progress!
>>>>>> https://start.me/p/ME7aRA/oosint
Take care surf safe & see you soon!
I’ll update you soon with a video just stay tune 4 the link……
Think I did good? Buy me a coffee! ;)
Comments
Post a Comment