Thursday, 21 August 2014

Android Meterpreter Shell Hack


It is fun to hack android phones, Its not new but still interesting and thought to put it here...
Metasploit framework has different Android Payloads mentioned below :




















I have my HTC One V phone and its rooted , first thing we going to do is create Evil.apk file which will be deployed in android phone, once installed and executed by user we get reverse shell !!

Creating "evil.apk" file and uploaded to HTTP root directory :





















evil.apk downloaded in my android phone :


























evil.apk download location :






















Installing Malicious APK containing reverse shell ;)




























Its interesting my CM Security real time protection not detecting any malicious activity! 



























After executin "MainActivity" application here is our reverse shell :






















Interesting commands from Anroid Meterpreter shell :






















Capturing screenshot through meterpreter shell :





















Regards,
eXpl0i13r




1 comment:

  1. =>CM Security is does not detect this apk as threat,
    Malwarebytes Anti-Malware has detect and defeat this threat ,immediately!!

    ReplyDelete