CamPhish enables capturing webcam photos and GPS location from a target device by sending a crafted link that requests camera and location permissions.
Grab cam shots & GPS location from target's phone front camera or PC webcam just sending a link.
This tool is primarily used by penetration testers and red teamers to simulate social engineering attacks that capture webcam images and GPS data from targets remotely. By hosting a fake website and sending a link, testers can assess the security awareness and response of users in controlled environments.
CamPhish requires PHP and wget to function properly and depends on ngrok and CloudFlare Tunnel for external link generation. It is intended strictly for authorized penetration testing and red teaming; unauthorized use is illegal and unethical. Users should ensure targets are aware or have consent before deployment. The tool supports multiple CPU architectures including ARM and Apple Silicon, making it versatile across devices.
Install required dependencies: apt-get -y install php wget unzip
Clone the repository: git clone https://github.com/techchipnet/CamPhish
Navigate into the directory: cd CamPhish
Run the main script: bash camphish.shbash camphish.sh
Launches the CamPhish tool and starts the phishing server with link generation.
bash cleanup.sh
Removes all unnecessary files, logs, and captured webcam images and GPS location data.