Hacking Android phone using Metasploit Msfvenom in Kali Linux


hi everyone this is Irfan from ehacking.

net and in this episode I will discuss the steps to hack an Androiddevice using the Msfvenom in Kali Linux in the previous lecture I havediscussed the installation and configuration of an Android in thevirtual VM in the VirtualBox VM so in this episode I will show you the stepsto hack it before moving further a quick reminder about connecting with me if youhave not liked or subscribed the channel yet then what are you waiting fordo it now and do not forget to hit the bell icon button in order to get the recentupdates from me so let's do it alright so this is the Kali Linux that I haveand what I'm going to do now I will use the Msfvenom for creating our payload andsave it as an apk file after generating the payload we need to set up a listenerto my metasploit framework once the target download and install the malicious apkthen being an attacker we can easily get back meterpreter session on Msf right anattacker needs to do some social engineering to install apk on thevictims mobile device in real life scenario and I generally discussdecreased social engineering techniques in my courses and yeah I do offerseveral free courses as well so do check the link in the description of the videoto enroll ok so let's do it at first we need to fire up our KaliLinux and we need to find out the IP of this machine so that we can generate themalicious payload and in order to do this our beasts a simple command ifconvict is should be sufficient enough ok let me zoom it so that you can see ifconvict all right so the RP my IP is 192.



1 also after getting the after getting thelocal IP of this host attacker machine we need to use the MSL VM tools thatwill generate a payload to pain free the Android device and we are going to typethe following command I have basically copied it here because long command youjust need to replace the attacker IP all right with the time and put this perfectall right so our perfect although seems fine alright so I justneed to copy this clear now I'm I'll paste it here everythingseems fine or I hit it the semicolon is it's a mistake here shouldn't be therealright there's perfect all right so it's generating the malicious apk nameda fund or apk so this is the malicious apk and we will trick okay so let meexplain this where this – P indicates a payload type that is Android millimeterreverse TCP L host is the attacker IP while the poor chose the output this isthe port number that should be enabled to listening generally tool to listenbasically and this is the location where the malicious apk should be placed inthe VAR the road or HTML directory so that we can basically it's in the ad orthe output directory is basically Apache territory so that we can use the Apacheserver for this demonstration purpose okay so the payload is is ready now youcan see the size all right so now before launching the attack we need to checkthe status of the Apache server so in order to do this we just need to typeservice a party to it is this inactive if it is inactivethen you need to start this start all right check the status again whether itshould be walking now all right this is active or running perfect perfect now wehave our Apache active and running all we need to do is now go to the MSLMetasploit and then we need to fire up our ms of our console so this is theMetasploit all right you can see and if you assume this a little are we going touse the handler multi handler here all right and then I'm going to set thepayload which should P and drive slash mr.

pritter all right slash the wallsmust close TCP this is sounds good we load loaded now I need to set the Elwoodthat is the IP of the attacker and to Todd what was it about it it's 18 .

12all right and this is good 18 .

12 all right now and you just set the outputthe local port numbers in order to listen or fret and then I need to launchthe exploit okay so I'll launch the exploit and once the victim or targetdownloaded and install the malicious apk we will get the interpreter session hereso as I said that in real life scenario some social engineering technique can beused to let download the malicious apk file for thedemonstration purpose they are just accessing the attacker machine todownload the malicious file in the android device that we have installedand configured in the previous session all right so let me access the Androidmachine here we will open the browser and access the Apache folder to downloadand install the malicious apk that we have just created so on my android hereyou can see let me show it the screen first perfect on the Android machine youneed to access the Apache folder using the IP address of the attacker machinesince this is the virtual environment and I'm using the Android and the KyleYuma machine has an demonstration purpose only so in the real life serviceanalogy you need to use some social engineering technique in order to letthe at the victim install and download and install the malicious apk now onthis demonstration I need to access the malicious apk and I need to download andinstall it I have already downloaded it on this machine since I did a testbefore but I'll just show you the example ok as it sees that I havealready downloaded it I done I just don't need to download it again but letme do it so once you are done CA is downloaded the file just need to open itand one more thing that since you we are not downloading it from the Play Storeand then we need to enable the option waves is that the enable the option toinstalled so the application from the third-party sources all right so onceyou install it it says that it can do all these activities alright so once youare done with the solution just install it and after installingopen the application so that we can get the interpreter session on the attackerside okay so installing it will take sometime okay install anyway so once it is donewhat it is done you just need to open the application I don't send itjust open the application when once I open it it's done now all you all I needto do I need to switch to my attacker side so that I can see whether I'mgetting all right so you can see I got did it I got this session here theembroidered printer session is here so now I own the device I have I got theaccess now we need to see the post exploitation the exploitation hasalready been done now we need to see what can be done after getting aftergetting the interpreter session you can just type background so that you can seelet me show you an example of sorry background alright session 1 and thenjust type session to list down all the active sessions from where you can seeall the IPS connected to that machine ok so with this session you can see thatone active session and in order to connect with an active session you justneed to type session – sessions – I and the ID so ID 1 since I'm connecting withthis being as an attacker machine alright so starting the interaction withthe session ok just I have help and then you will see lots of things that you canbe that can be done on this metal supply machine alright so you can see so manythings so my activity is there can be done you can use all thesecommand even send SMS you can see some controller or command file or systemfile for example the install the application you can see the list of allthe application you can uninstall any application you can do you can see thecall log you can dump the contact of this Android machine you can dump theSMS and even you can access through the camera and you can record the mics somany things can be done just imagine you own this device you can do whatever youwant to do so for example if i just type let's say app underscore list you cansee the list of installed application in the android machine that we own now andyou can install the back door you can install the rootkit for future accessyou can install any type of key log or any other device for future connectivityso you have everything you have all the power to do whatever you want to do andi have published a detailed article on this on the post exploitation so irecommend you to check the link in the description of this video i shared thelink of the blog post that is very relevant to this android hacking sessionand in this blog post you will see the post exploitation techniques and trickswhat can be done so this is it for this video for this session and i hope youliked the video just like you liked the other one that i published before and sothis is it and see you with some other lecture do not forget to like this videoand you don't forget to subscribe if you have not done it yet do for do postquestions if you have any i would love to help you out so see you take care byebye.

Leave A Reply

Your email address will not be published.