SayCheese: Capture Photos Remotely From a Device

  • Sat, May 1, 2021
  • 2-minute read

What is SayCheese?

SayCheese is a tool that remotely captures photos from a device, whether mobile devices or computers, achieving this through a link generated with ngrok and sent to the victim.

How it works?

The tool uses Ngrok via the Port-Forwarding method to generate the malicious link, which is then sent to the victim. Once the victim opens the link in their browser, they will be asked for permission to use the camera. This is done using the function MediaDevices.getUserMedia() embedded in the JavaScript code of the index.php file.

By accepting the permissions, SayCheese begins to obtain the photographs and store them in the folder called images.

Tool installation

Installing SayCheese is very simple, you just need to run the following commands in the terminal:

git clone https://github.com/Technicalheadquarter/saycheese
cd saycheese
chmod +x saycheese.sh
./saycheese.sh

If the tool requires you to install httrack, which is a dependency for its operation, run the following:

apt-get install httrack

Using SayCheese

We run the tool and it displays a presentation with two options for creating the phishing email that will be shown to the victim. In this case, we choose the first option:

image

Then it shows us which website we want to use for phishing; we will use the default Snapchat website. Just press enter to select it.

image

Now ngrok starts generating the malicious link. If SayCheese doesn’t detect ngrok, it automatically downloads it and generates the link, which must be opened in the victim’s browser.

image

The malicious link opens in the browser of the target device, whether a mobile phone or computer, and displays the Snapchat page and the permission request:

image

When the victim opens the malicious link, SayCheese shows that the link has been opened, and once the permission request is accepted, the device’s camera starts taking pictures and saving them in the images folder.

image

And here are the photographs captured in the images folder:

image

Conclusion

SayCheese is an interesting tool to play around with. Of course, it’s a bit difficult to trick the target due to camera access restrictions, but with creativity, nothing is impossible.

“The hacker’s task is not to destroy, but to use their knowledge in favor of freedom and social equality."
Johan Manuel Mendez

Tools