How To: Hack Any Account That Has Recovery via Phone Option Enabled (SMS) On Android:

Welcome Armin,
I'll make more tutorials like this, just keep coming back!
(Actually Thank You! for the appreciation)

NIcE!!! Great TUT I have yet to try your initial android hack but looking forward to it after this article heh. BTW haven't got a chance to take a creen shot of that issue with that windows 7 hack. Will eventually. Keep up the Good Work!

Thank You! Buckeroo,
You can also enable default administrator by opening cmd with admin privilages by typing :

• net user administrator /active:yes (just for testing)
• After that log into the (default) administrator account.
• Goto C:\Windows\System32
• Rename sethc to 123
• Make a copy of cmd present there, rename this copy as sethc.
• Done.
• Goto the logging screen, press shift 5 times(or more)
• And BOOM! cmd pops-up with system(highest) priviliges.
• EDIT: You can verify by typing explorer.exe, press enter.
• EDIT: After its complete goto start and see the name of the account.

Use this method as a test, until then I'll search for some other commands that enables boot screen on your HP.

AND... got it,

Try enabling this at the classic BIOS SETUP SCREEN. (If its not classic then switch to it, there is a specific option to do so...)

Enable:

I think you know how to open the BIOS SETUP.

Cunning. Great read.
Thanks F.E.A.R.

Anytime, ALPHA

Looks great, you got a follower more :D

Thank You! BENI, :D

This is pretty nifty and quite clever. I have been reading many tutorials on this site but recently I have cake across a problem that I haven't found an answer to. I made a few accounts on my phone that were for a game and testing purposes, well one of the takes I played ended up switching my associated gmail to a trash acct which I no longer have the info for. Is there a way to run a user enumeration through google recovery or sign up page?

Hi Glenn,
I don't think so, if I understand your question correctly.

Nice tut, FEAR.

I can't send messages because first I need to confirm my Email. However, I haven't yet received it from wonderhowto.

Could you please look into it.

Thanks.

FEAR, when I type dump_sms, I get
Unknown command: dump_sms
I also don't seem to have any Android commands listed when I look at th meterpreter help..
I did set up my listener and apk with android/meterpreter/reverse_tcp payload
Any suggestions?

Yes, Upgrade Kali (1.1.0) because the androids have been upgraded too

More details: Go here and read the comments at the end.

That's the odd thing, I thought that might be the problem too, but it's completely up to date, and the problem persists. I will have to try this out on some consenting friends to be sure it's not my devices causing this... I've only two androids, one is kind of old, but the other is only a year old and should work..

If you type "help" on the meterpreter you can see all the commands available. Therefore you can make sure you spelled everything correctly.

You should try this command first:
check_root
Don't worry the device doesn't need to be rooted, but still, run that and tell the result.

Not the easiest, but an effective way. Oh, I love MitM...

I actually used it thrice but success was only 2 times.
Also, a question:

My android was not rooted and had CM11 , and meterpreter showed me that it's rooted? Why? How? And same with some other phones.

Sometimes there can be small errors like that. Maybe there is something else on your phone that makes it look like it's rooted. Download an app from the Google Play Store called "Check Root" and see if it is the same result there.

Already did (in the past, now I have rooted the android) and it showed, root not properly installed. (The device is not rooted)

I checked further about this issue with no success, and finally left worrying. (Android was/is OPO)

is there recommended time period between you seeing "enter password rest code" appeared and completing it" ?

None that I know of.

nice tutorial thank u, but how to delete the message if the victims phone is not rooted ????? plz respond.

You are welcome,
Nope, you can't until, you have physical access or android is rooted.

Well, not a way that we know of. Android has it's bugs... :P

If the phone number is not tied to Android system, could I obtain the phone number anyway?? PLease answer me ASAP, thank you!

Nope you can't,
Not until you know the account's credentials and the phone number was linked/saved in that account.

Hey.. Very informative tut..
a small ques..

Is there any way to knw that the target is using which OS based phone.. i mean Andorid/WP/iphone .. How to know his phone's OS.. so to move forward with related trick. ..

Hello Rajat,
Well, you should know the target before you exploit it of-course.
This exploit will only work for Android.

Please help me. Get my friends email. I just really need it very bad :( i dont jave linux and PC's all i have is just android. I know its kinda hard to find this kind of article but only you i can trust when it comes to gmail hacking. Please help me. Im very thankful i found you

hey F.E.A.R. could u pls make a video tutorial for this. im new to this so i don't understood it fully pls

Please help, whenever I try to start the meterpreter (first step) it says permission denied. Any way ti fix this? Plz help

Attach a screenshot of the issue, can you?

quite informative and useful as well thanks mate... .!!

hey FEAR
i have kali on my VB in windows 10
is there any needs to forward port?
and shall i use ipv4 ip in kali when i type ifconfig?

F.E.A.R
I really respect and appreciate that mind you got and the way you put stuff together <3
You can say am still new to those stuff am trying to develop myself, can u hand me some help?
And abt this topic, what can i do if the victim's phone was an iphone ?
Thank you alot man, i hope you can answer me soon
Take care

Great Tutorial .

wifi huota

When i type the first command it gives me "prompt denied". Can you help me get my friends email instead. Please send at xtianrobert@gmail.com. my friends email is enrico.oliva@gmail.com

I dont know how to create a private message to you . I dont have linux O.S and i also dont have PC all i have got is just the android device. Can you please help me get the gmail account. Please reply A.S.A.P

i thinked of that before.. but there is two issues u cant deleted the sms because mostly the phone is not rooted.. and the second is when the victem recieve the sms the phone will ring.

How can I get my deleted sms from my PC?
I am waiting for your help

How to spoof sms using kali ,Please i know you can do that

Hello everyone plz can you help me.......
i need help plz reply

Hello Admin can you send me guidelines to my email now from beginning to end ,,I don't really understand I need help