top of page
Writer's pictureNitin Yadav

An Ethical Guide To Hacking Mobile Phones

Mobile phones have become an integral part of everyone’s lives today, and so have the problems associated with these gadgets, the most predominant one being that of hacking.



This blog post aims to familiarize mobile phone users with the different kinds of threats they are predisposed to via their cell phones.


So let's take a look at a scenario so that you can understand how mobile hacking can take place and how you can be the victim too.


How you can be a victim of mobile phone hacking?


There was a young professional named Alex who was rushing to a crucial meeting. The sky was overcast, hinting at an impending storm, and Alex's mind was preoccupied with the presentation he was about to deliver. He walked briskly, weaving through the crowd, his mind racing with last-minute thoughts.



As Alex reached the intersection near the city park, a distressed-looking man approached him. The man, dressed in a neat suit but appearing slightly frazzled, seemed out of breath and anxious. He held up his hand, trying to get Alex’s attention.



"Excuse me, sir," the man said, his voice tinged with urgency. "I'm really sorry to bother you, but my phone is dead, and I need to make an urgent call. Could I please borrow your phone just for a minute?"


Alex hesitated for a moment, glancing at his watch. He didn't have much time, but the man’s polished appearance and desperate eyes compelled him to help. He reached into his pocket and handed over his sleek, black smartphone.


"Thank you so much," the man said, visibly relieved. He quickly dialed a number and brought the phone to his ear. But to talk with the other person he goes to a distance and here comes the real threat.





What the person can do now?


So a person having physical access to your phone can install malware to your mobile.


How he can archive it?


So the simple answer is there are some tools which can help you in that like installing a rat inside your mobile phone.


In this article, we will talk about a technique that an Attacker/Hacker can use to hack your mobile phone if he gets access to your mobile phone. For that we will use a tool.


PhoneSploit Pro


PhoneSploit Pro is an all-in-one hacking tool written in Python to remotely exploit Android devices using ADB (Android Debug Bridge) and Metasploit-Framework.



Complete Automation to get a Meterpreter session in One Click


This tool can automatically Create, Install, and Run payload on the target device using Metasploit-Framework and ADB to completely hack the Android Device in one click if the device has open ADB port TCP 5555.


The goal of this project is to make penetration testing and vulnerability assessment on Android devices easy. Now you don't have to learn commands and arguments, PhoneSploit Pro does it for you. Using this tool, you can test the security of your Android devices easily.



PhoneSploit Pro can also be used as a complete ADB Toolkit to perform various operations on Android devices over Wi-Fi as well as USB.


What features does it have?


  • Connect device using ADB remotely.

  • List connected devices.

  • Disconnect all devices.

  • Access connected device shell.

  • Stop ADB Server.

  • Take screenshot and pull it to computer automatically.

  • Screen Record target device screen for a specified time and automatically pull it to computer.

  • Download file/folder from target device.

  • Send file/folder from computer to target device.

  • Run an app.

  • Install an APK file from computer to target device.

  • Uninstall an app.

  • List all installed apps in target device.

  • Restart/Reboot the target device to System, Recovery, Bootloader, Fastboot.

  • Hack Device Completely :

  1. Automatically fetch your IP Address to set LHOST.

  2. Automatically create a payload using msfvenom, install it, and run it on target device.

  3. Then automatically launch and setup Metasploit-Framework to get a meterpreter session.

  4. Getting a meterpreter session means the device is completely hacked using Metasploit-Framework, and you can do anything with it.

  • List all files and folders of the target devices.

  • Copy all WhatsApp Data to computer.

  • Copy all Screenshots to computer.

  • Copy all Camera Photos to computer.

  • Take screenshots and screen-record anonymously (Automatically delete file from target device).

  • Open a link on target device.

  • Display an image/photo on target device.

  • Play an audio on target device.

  • Play a video on target device.

  • Get device information.

  • Get battery information.

  • Use Keycodes to control device remotely.

  • Send SMS through target device.

  • Unlock device (Automatic screen on, swipe up and password input).

  • Lock device.

  • Dump all SMS from device to computer.

  • Dump all Contacts from device to computer.

  • Dump all Call Logs from device to computer.

  • Extract APK from an installed app.

  • Mirror and Control the target device.

  • Power off the target device.

  • Scan local network for connected devices to get Target IP Address.

  • Record Microphone Audio

  • Stream Microphone Audio

  • Record Device Audio

  • Stream Device Audio


What are the Requirements for the tool?


  • python3 : Python 3.10 or Newer

  • pip : Package installer for Python

  • adb : Android Debug Bridge (ADB) from Android SDK Platform Tools

  • metasploit-framework : Metasploit-Framework (msfvenom and msfconsole)

  • scrcpy : Scrcpy

  • nmap : Nmap


How to install the tool?


On Linux

 

Open terminal and paste the following commands :


Step 1:


Step 2:


Step 3:


Step 4:


 

On Windows

 

Open terminal and paste the following commands :


Step 1:


Step 2:


Step 3:


Step 4:

Download and extract latest platform-tools from here.


Step 5:

Copy all files from the extracted platform-tools or adb directory to PhoneSploit-Pro directory


Step 6:


 

Setting up Android Phone for the first time


  • Enabling the Developer Options

  1. Open Settings.

  2. Go to About Phone.

  3. Find Build Number.

  4. Tap on Build Number 7 times.

  5. Enter your pattern, PIN or password to enable the Developer options menu.

  6. The Developer options menu will now appear in your Settings menu.

  • Enabling USB Debugging

  1. Open Settings.

  2. Go to System > Developer options.

  3. Scroll down and Enable USB debugging.

  • Connecting with Computer

  1. Connect your Android device and adb host computer to a common Wi-Fi network.

  2. Connect the device to the host computer with a USB cable.

  3. Open a terminal in the computer and enter the following command :


  1. A pop-up will appear in the Android phone when you connect your phone to a new PC for the first time : Allow USB debugging?.

  2. Click on Always allow from this computer check-box and then click Allow.

  3. Then in the terminal enter the following command :


  1. Now you can connect the Android Phone with the computer over Wi-Fi using adb.

  2. Disconnect the USB cable.

  3. Go to Settings > About Phone > Status > IP address and note the phone's IP Address.

  4. Run PhoneSploit Pro and select Connect a device and enter the target's IP Address to connect over Wi-Fi.


Connecting the Android phone for the next time


  1. Connect your Android device and host computer to a common Wi-Fi network.

  2. Run PhoneSploit Pro and select Connect a device and enter the target's IP Address to connect over Wi-Fi.



37 views0 comments

Comentários


bottom of page