How does it work?

The tool generates a malicious HTTPS page using Serveo or Ngrok Port Forwarding methods, and a javascript code to cam requests using MediaDevices.getUserMedia.

The MediaDevices.getUserMedia() method prompts the user for permission to use a media input which produces a MediaStream with tracks containing the requested types of media. That stream can include, for example, a video track (produced by either a hardware or virtual video source such as a camera, video recording device, screen sharing service, and so forth), an audio track (similarly, produced by a physical or virtual audio source like a microphone, A/D converter, or the like), and possibly other track types.

Installing (Kali Linux/Termux):

git clone https://github.com/thelinuxchoice/saycheese
cd saycheese
bash saycheese.sh

Requirements For Android

Termux from the play store.
Mobile data / wifi connection.

Requirements For Pc

Kali Linux

Steps To Use

1. Termux and type ‘ pkg install git php ‘
2. Now type ‘ pkg install openssh ‘ this command will install ssh which is required for server operation.
3. Type ‘ git clone https://github.com/thelinuxchoice/saycheese.git ‘
4. Now type ‘ cd saycheese ‘ > ‘ ls ‘
5. Give permission to script by typing ‘ chmod +x saycheese.sh ‘
6. Start the script ‘ bash saycheese.sh ‘
7. Now select the server of your choice and address.(for default address type ‘n’ for custom type ‘y’)
8. Send the link to the victim. Once he/she give camera permission to the website it will start capturing photos.
9. Once you have received these image file you need to copy them in your storage so that you can view them. Just type ‘ cp y(file name) /data/data/com.termux/files/home/storage/downloads ‘.

Tutorial in GIF Video