This blog is NOT OFFICIAL website of Kali Linux. We just share Tutorials to learn Cybersecurity.

CamPhish -- Control Front Camera of Mobile and PC | Hack WebCam

Home
CamPhish is a camera phishing toolkit inspired from saycheese, it is a upgraded version of saycheese. We can get camera clicks from victim's mobile's front cam or PC's webcam. We can use this on our Kali Linux and we also can use it on our Android mobile phone using Termux.

CamPhish have two automatic generated webpage templates for engaging target on that webpage so the attacker can get more camera snaps.

CamPhish -- Control Front Camera of Mobile and PC

CamPhish need some tools installed in our system, the tools are php openssh git wget. All these tools comes pre-installed with our Kali Linux system, so we start installation process by entering following command:

git clone https://github.com/techchipnet/CamPhish
It will be cloned on our current working directory, as we can see the process in the following screenshot:

camphish cloning from github

Then we need to to the CamPhish directory by using following command:

cd CamPhish
Then we give the permission to the shell script by running following command:

sudo chmod +x camphish.sh
After this we can run the tool by applying following command:

./camphish.sh
Then it will open it's menu as we can see in the following screenshot:

camphish

Here we need to select the port forwarding option we can choose between ngrok and Serveo.net as we know serveo server goes down sometimes so we choose ngrok.

Then it will prompt for choose phishing template as we can see in the following screenshot:

chooseing phishing templet

Here we got two options, option 1 is festival wishing and other is YouTube. We can choose whatever depending on our social engineering. For an example we choose option 2 for YouTube.

youtube watch id

Here the YouTube watch ID means then end id of a YouTube video URL. The screenshot is following:

what is youtube whatch id
YouTube watch Id is the highlighted text
We copy a YouTube video's watch ID as per our target's interest and paste it on CamPhish.

If ngrok is not installed in our system then this tool now download and install ngrok in our system. Then it  will configure the server and automatically give us a link. This is the link as we can see in the following screenshot.

ngrok link

Here we can see that we got the ngrok link (can be opened from anywhere via internet) and now we can send this to victim with some social engineering twists. Sending phishing links to target is an art, we have discussed it on this tutorial.

Sometimes if the server's are down then we can't see the direct link it will be a blank space then we can see that it is running on our localhost:3333. Then we can use other port forwarding services to make it live on internet. For a reference we suggest you to read our this tutorial.
 
To hide the link as a pro we need to learn how to hide a phishing link.

Now whenever target clicks on the link it will open YouTube video in target's browser and prompt for camera permission. Peoples usually don't read about the permissions and clicked "OK". BINGO! We got connected and we can get snaps from victim's webcam/Frontcam. 


Here we can see that target got connected with our CamPhish server and we are getting camera shots. Those received images files will be saved in CamPhish directory. That is how we can take control of front cameras.

This tutorial is for educational purpose and Proof of Concept only. Hack Webcam and Phishing is a crime. If anyone do any illegal activity then we are not responsible for that.
author-img
Kali Linux

Comments

84 comments
Post a Comment
  • Unknown photo
    UnknownApril 23, 2020 at 7:49 AM

    no direct links after entering watch id

    Delete Comment
    • Kali Linux photo
      Kali LinuxApril 23, 2020 at 9:28 PM

      Feeling sad that it doesn't work for you. What port forwarding options you have selected?

      Delete Comment
      • Unknown photo
        UnknownMay 31, 2020 at 6:30 PM

        hey ans the question the
        direct links are blank

        Delete Comment
        • Kali Linux photo
          Kali LinuxJune 1, 2020 at 8:33 AM

          Don't choose the serveo option. Try ngrok that will provide you a link

          Delete Comment
          • Unknown photo
            UnknownDecember 31, 2020 at 9:06 AM

            CamPhish direct link not working

            Delete Comment
            • Kali Linux photo
              Kali LinuxDecember 31, 2020 at 5:49 PM

              CamPhish is not updated from a long time.

              Delete Comment
              • Yusof antar photo
                Yusof antarJanuary 21, 2021 at 4:56 PM

                same here the link inst generated

                Delete Comment
                • Kali Linux photo
                  Kali LinuxJanuary 22, 2021 at 11:13 AM

                  YAP. CamPhish is not working. It is outdated. Need up-gradation.

                  Delete Comment
                  • Unknown photo
                    UnknownJuly 4, 2021 at 11:16 PM

                    Bro how to get those can files its not coming in manager what to do now the command are not working mv cam04Jul5.png /data/data/com.termux/files/home/storage/shared
                    mv: cannot move 'cam04Jul2023855.png' to '/data/data/com.termux/files/home/storage/shared': No such file or directory
                    It shows this

                    Delete Comment
                    • Kali Linux photo
                      Kali LinuxJuly 5, 2021 at 6:00 PM

                      It clear that there is no such files or directories. Are you sure about the location of file? You can share screenshots to us on our Telegram channel.

                      Delete Comment
                      • AnonymousApril 7, 2023 at 11:41 PM

                        do u know how disable permission pop up ( for webcam ) when target click on link. I've a last question, do u know how to disable webcam's led because it's very obvious.

                        Delete Comment
                      • Unknown photo
                        UnknownApril 24, 2020 at 10:32 AM

                        where can i find received cam file ?

                        Delete Comment
                        • Kali Linux photo
                          Kali LinuxApril 24, 2020 at 12:31 PM

                          The received images files will stored in CamPhish directory.

                          Delete Comment
                          • Unknown photo
                            UnknownJanuary 7, 2022 at 8:28 AM

                            First start your hotspot to get link, then you can get the link😄

                            Delete Comment
                          • AnonymousApril 27, 2020 at 1:01 AM

                            It's sad that the user will asked for a authorization. Regardless thank you!

                            Delete Comment
                            • Kali Linux photo
                              Kali LinuxApril 27, 2020 at 6:46 AM

                              Thanks for reading it carefully. It is asked by the user's system security. One think we can do that trick the user to click on the "allow" button.

                              Delete Comment
                            • All In One photo
                              All In OneApril 28, 2020 at 8:26 PM

                              How we open camphish directory?

                              Delete Comment
                              • Kali Linux photo
                                Kali LinuxApril 28, 2020 at 9:22 PM

                                We have run our script in CamPhish directory that means its our current working directory. Otherwise you can reach it by opening a new terminal and type
                                cd CamPhish

                                Delete Comment
                                • Unknown photo
                                  UnknownAugust 24, 2020 at 9:37 PM

                                  Open your hotspots to see the link

                                  Delete Comment
                                • Aloiid photo
                                  AloiidMay 2, 2020 at 11:53 PM

                                  the pictures for me are black... HELP please

                                  Delete Comment
                                  • AnonymousJune 10, 2020 at 12:11 AM

                                    provavelmente negaram a solicitação da camera

                                    Delete Comment
                                  • Salvatore_19 photo
                                    Salvatore_19May 5, 2020 at 7:47 AM

                                    Asks username and password for github.

                                    Delete Comment
                                    • Kali Linux photo
                                      Kali LinuxMay 5, 2020 at 9:03 AM

                                      It looks that you have misstyped the GitHub URL in git clone command... Please check it and type again.

                                      Delete Comment
                                    • Sunder Muthukumaran photo
                                      Sunder MuthukumaranMay 6, 2020 at 9:14 PM

                                      only from the devices in same network can be obtained , right ??

                                      Delete Comment
                                      • Kali Linux photo
                                        Kali LinuxMay 7, 2020 at 8:11 AM

                                        Nope. It comes with ngrok that will help us to grab snaps of anyone on the internet. Please read the article carefully till end.

                                        Delete Comment
                                      • Unknown photo
                                        UnknownMay 25, 2020 at 8:35 PM

                                        it can capture many images or just 1?

                                        Delete Comment
                                      • Unknown photo
                                        UnknownMay 25, 2020 at 8:54 PM

                                        root@kali:/home/kali# git clone https://github.com/techchipnet/CamPhish
                                        Cloning into 'CamPhish'...
                                        fatal: unable to access 'https://github.com/techchipnet/CamPhish/': Couldn't connect to server
                                        it says like this

                                        Delete Comment
                                      • AnonymousMay 26, 2020 at 3:03 PM

                                        Hi, Awesome tutorial.. thank you bro.. just 1 question, is there any way to change text in permission popup... "*.ngrok. is asking for permission for camera" can we change text here.. or is there any to way to block youtube video from playing if he rejects camera permission... Thank you....!!

                                        Delete Comment
                                        • Kali Linux photo
                                          Kali LinuxMay 26, 2020 at 10:44 PM

                                          The permission popup is prompt by victim's browser, we can't bypass it. Because it didn't depend on our tool. In the case of YouTube video we will ask the tool maker if he can do something.

                                          Delete Comment
                                        • matrixman photo
                                          matrixmanJune 15, 2020 at 10:48 PM

                                          tunnel .io is not found
                                          what should i do ?
                                          i did not receive any files

                                          Delete Comment
                                        • AnonymousJune 28, 2020 at 9:38 PM

                                          ngrok server started for the first time but now it's not responding. like i am not getting anything displayed after "starting ngrok server"

                                          Delete Comment
                                          • Kali Linux photo
                                            Kali LinuxJune 29, 2020 at 10:35 AM

                                            It looks like the problem is coming from ngrok server. Wait some hour or a day then try again. Thank you.

                                            Delete Comment
                                          • Parthipan photo
                                            ParthipanJuly 2, 2020 at 11:01 AM

                                            I received ip Id but cannot received cam file

                                            Delete Comment
                                          • Unknown photo
                                            UnknownJuly 7, 2020 at 4:27 PM

                                            i dint get direct link but it is showing waiting targets
                                            how do i get the link

                                            Delete Comment
                                            • AnonymousJuly 23, 2020 at 10:45 PM

                                              how can i find call details of number by using kali linux tool

                                              Delete Comment
                                              • Kali Linux photo
                                                Kali LinuxJuly 24, 2020 at 5:05 AM

                                                In that case you need to use the HaxRat or L3MON tool. We have featured them in our articles. Try them.

                                                Delete Comment
                                              • Unknown photo
                                                UnknownJuly 24, 2020 at 1:58 PM

                                                If we want the pictures of victim again! Then again we need to make him to click on that link?

                                                And what if our machine is offline when victim is watching that link? Will the images come to my machine after I come online?

                                                Delete Comment
                                                • Kali Linux photo
                                                  Kali LinuxJuly 24, 2020 at 2:31 PM

                                                  Answer of the 1st question is 'YES'. You need to send the link again.

                                                  If your machine is offline and online again then our will not receive the pictures because the connection will broke. You need to be online constantly while attacking.

                                                  Delete Comment
                                                • AnonymousAugust 11, 2020 at 12:00 PM

                                                  after i done everything it shows cannot read real time clock invalid argument

                                                  Delete Comment
                                                  • Kali Linux photo
                                                    Kali LinuxAugust 11, 2020 at 6:46 PM

                                                    Are you using WSL (Windows Subsystem for Linux) to run Kali ? This problem is comes from there. Check the solution here.

                                                    Delete Comment
                                                  • Musharaf parwej photo
                                                    Musharaf parwejAugust 19, 2020 at 1:44 PM

                                                    Does it work for wsl......as i am not getting the link....it is blank

                                                    Delete Comment
                                                    • Kali Linux photo
                                                      Kali LinuxAugust 19, 2020 at 10:55 PM

                                                      Which method of port forwarding you have tried serveo or ngrok? Serveo server seems to be down. These kind of free services faces these problems. It happens with them sometimes. You should wait for their server come back online. Or host these pages on localhost and try portmap. Both these tutorial is available on our website.

                                                      Delete Comment
                                                    • Unknown photo
                                                      UnknownAugust 20, 2020 at 11:57 PM

                                                      im able to send link and works perfectly with laptop cams. but i tried cellphone and not asking for the camera permission. any help?

                                                      Delete Comment
                                                      • Kali Linux photo
                                                        Kali LinuxAugust 21, 2020 at 3:45 AM

                                                        Did you tried on another mobile devices. Because we don't got this kind of issues.

                                                        Delete Comment
                                                      • Admin photo
                                                        AdminAugust 21, 2020 at 1:38 PM

                                                        i found image but blank image

                                                        Delete Comment
                                                        • Kali Linux photo
                                                          Kali LinuxAugust 21, 2020 at 4:23 PM

                                                          Did you tried this to anyone? May be your target is in a dark room.

                                                          Delete Comment
                                                        • Lokendra beniwal photo
                                                          Lokendra beniwalSeptember 1, 2020 at 12:01 AM

                                                          I didn't get the link even after starting the hotspot (in pc ) plss help

                                                          Delete Comment
                                                          • Kali Linux photo
                                                            Kali LinuxSeptember 1, 2020 at 5:49 AM

                                                            Turning on the hotspot is for mobile not for PC. I think the serveo server is down. That's why the link is not generating.

                                                            Delete Comment
                                                          • AnonymousSeptember 5, 2020 at 9:18 PM

                                                            the cam file is not been received on Kali

                                                            Delete Comment
                                                          • AnonymousSeptember 18, 2020 at 8:20 AM

                                                            Hey, it works flawlessly on PC but on mobile, it doesn't work on newer OS

                                                            Delete Comment
                                                            • Kali Linux photo
                                                              Kali LinuxSeptember 18, 2020 at 1:23 PM

                                                              The author told me to turn on mobiles wifi hotspot to use it with Termux.

                                                              Delete Comment
                                                            • AnonymousSeptember 18, 2020 at 5:54 PM

                                                              I mean it doesn't capture anything on some phones, sorry for not being specific:)). Does it have something to do with phones security?

                                                              Delete Comment
                                                              • Rajpoot photo
                                                                RajpootOctober 1, 2020 at 10:04 AM

                                                                how to open directory

                                                                Delete Comment
                                                                • popeye photo
                                                                  popeyeOctober 2, 2020 at 4:28 PM

                                                                  all are blank images bro ive opened link in my mobile and i received all black images nothing is visible except black screen

                                                                  Delete Comment
                                                                  • Kali Linux photo
                                                                    Kali LinuxOctober 2, 2020 at 7:05 PM

                                                                    This tool requires up-gradation but the developer didn't looking on it. Let we talk with the developer.

                                                                    Delete Comment
                                                                  • Kali Linux photo
                                                                    Kali LinuxOctober 5, 2020 at 7:41 AM

                                                                    Here we showed this

                                                                    Delete Comment
                                                                    • AnonymousOctober 14, 2020 at 11:05 AM

                                                                      Great tutorial. Since you're actually helping people with issues, I have one.
                                                                      It works fine on a computer. However, the link crashes when I try and open it on Android. The site straight up refuses to open.

                                                                      Delete Comment
                                                                      • AnonymousOctober 14, 2020 at 4:38 PM

                                                                        I'm using Android 10, by the way...

                                                                        Delete Comment
                                                                        • Kali Linux photo
                                                                          Kali LinuxOctober 14, 2020 at 4:58 PM

                                                                          Actually we are specially focused on Kali Linux. Not used Android for a while. But if possible can you provide some screenshot when site refuses to open it? Then might be we can help you. Thanks

                                                                          Delete Comment
                                                                        • Unknown photo
                                                                          UnknownNovember 8, 2020 at 11:01 AM

                                                                          How to delete the pictures capturred by Camphish i couldnt delete it

                                                                          Delete Comment
                                                                          • Kali Linux photo
                                                                            Kali LinuxNovember 8, 2020 at 4:42 PM

                                                                            try to delete them from terminal using sudo. But be careful abusing sudo command can delete your whole Operating System files.

                                                                            Delete Comment
                                                                          • AnonymousDecember 5, 2020 at 6:49 PM

                                                                            pictures received from victim's laptop are good but from mobile phone, they are black

                                                                            Delete Comment
                                                                            • Kali Linux photo
                                                                              Kali LinuxDecember 6, 2020 at 9:25 AM

                                                                              Many people facing this issue. We are trying to contact the original developer (thelinuxchoice) but he is not responding and he deleted his original GitHub repository. He just told us that he left cybersecurity.

                                                                              Delete Comment
                                                                            • Unknown photo
                                                                              UnknownJanuary 10, 2021 at 5:13 AM

                                                                              no link there,is that a bug?

                                                                              Delete Comment
                                                                            • Painted wolf photo
                                                                              Painted wolfJune 20, 2021 at 4:43 PM

                                                                              I did every thing right and I am not able to get the pictures in CamPhish directory ,why? I am running Kali on VM Oracle.

                                                                              Delete Comment
                                                                              • Kali Linux photo
                                                                                Kali LinuxJune 22, 2021 at 9:10 PM

                                                                                This project is not updated for a long time. There are lots of issues in the repository.

                                                                                Delete Comment
                                                                              • Youva imarazene photo
                                                                                Youva imarazeneAugust 8, 2021 at 8:29 PM

                                                                                Hello I can't find the saved photos on my iphone

                                                                                Delete Comment
                                                                              • AnonymousMay 13, 2022 at 2:44 PM

                                                                                [!] Direct link is not generating, check following possible reason
                                                                                Ngrok authtoken is not valid
                                                                                [*] If you are using android, turn hotspot on
                                                                                [*] Ngrok is already running, run this command killall ngrok
                                                                                [*] Check your internet connection


                                                                                pls tell ho to resolve this plsss

                                                                                Delete Comment
                                                                              • AnonymousFebruary 9, 2023 at 10:27 AM

                                                                                How do i uninstall camphish?

                                                                                Delete Comment
                                                                                • AnonymousFebruary 13, 2023 at 8:44 PM

                                                                                  use the command rm -r camphish

                                                                                  Delete Comment
                                                                                  • AnonymousFebruary 13, 2023 at 9:30 PM

                                                                                    mera work nhi kar raha ha
                                                                                    koi help karo

                                                                                    Delete Comment
                                                                                  • AnonymousFebruary 13, 2023 at 9:34 PM

                                                                                    Bro help me

                                                                                    Delete Comment
                                                                                    • AnonymousFebruary 17, 2023 at 5:52 PM

                                                                                      Thx Kali

                                                                                      Delete Comment
                                                                                      • AnonymousFebruary 19, 2023 at 10:05 PM

                                                                                        How to install Kali Linux

                                                                                        Delete Comment
                                                                                        • AnonymousApril 12, 2023 at 11:42 PM

                                                                                          Camera full black not working

                                                                                          Delete Comment
                                                                                          google-playkhamsatmostaqltradent