In this blog, we will see hacking an Android device using Phonesploit. It uses the same thing as before, a bad fix in ADB, but this reduces a lot of work for you.
Phonesploit:
Phonesploit is a framework we use that can exploit android devices, It uses ADB 5555 port to connect to the device and use commands on it. Some commands are pre-built in this framework, so you don't need to remember or look back at ADB instructions each time, which I hope will make things easier for you.
Don't Miss: Install Kali Net Hunter in Any Android Device 2020
Let's get started!
The tool works on python2, if you don't have one please install it.
The beauty is this is a standalone platform because, it only uses python2.
Configuring your python. We need a package called colorama,
install it as,
pip install colorama
Now to get to the tool, just do a repo as,
git clone https://www.github.com/Zucccs/PhoneSploit.git
After downloading the repository, lets move to the directory, to see what it contains.
cd PhoneSploit
ls
Let’s get into the fun part!
If you are in the linux program, use the main_linux.py file, if you are using Windows, use the main.py file as,
python main_linux.py
If you run it, it verifies whether you installed ADB or not. If you have seen my previous blog, you have installed it now. Although not a problem, if you do not install it, the tool installs it automatically. Since I installed it, Skip this step.
After that it would greet us with such a beautiful screen,
As you can see, you can do a lot with it and change a lot of what has to be done by hand. And, as I said before, If you are familiar with Metasploit, you can play around with these tools easily. By the way, I hope, you'll know about Metasploit, if you don't know about it. Continuing can be fun.
Don't Miss: Hack Instagram Account Using Kali Linux 2020 ! Hack Instagram Passwords
We should use the number as a means of communicating with the system.
To connect to a device, type in 3 And to connect to a remote device we need its IP address. So we can remotely access the Android device.
An error is displayed because, for the first time the system searches for Android emulators locally on the device. It then asks for an IP address to connect. Once there is an emulator, it will connect you automatically.
This uses the adb connect command as you would have known from my previous blog, where you did it manually.
After this you can start playing around with this device as you wish.
Let's find out more about connected devices using number 1.
Let's do something fun, Let's see if we can pull a screenshot from the device. And you do not need to memorize or look back at any of the instructions for this, the system takes care of this.
It verifies the device's IP to take its screenshot, and requests its location to save the screenshot. You're crazy, aren't you? It really pulled a screenshot of the device, it was just a black screen.
I hope you are happy that you have an easy way to use an Android device, Ghost Framework is similar to this, consider seeing it too.
With this you can't exploit any random Android device out there, you can only get access to those with their ADB port 5555 open without security.
Thanks for your reading. I hope you learned something.
0 Comments