Hack any Mobile with Kali linux : Android Hacking

Hello and welcome to GitcodeX

In this article you will learn how to install and use Phonesploit in kali linux, windows and MAC OS. This tool is used for Android Hacking. With the help of this tool you can do many things on victims mobile like..

Access Shell, Screen record victim device, Screenshot a picture on victim device, Pull folders from victim device, Turn victim device off, Uninstall an app, Show real time log of victim device, Dump system info, List all apps on victim, Run an app, Port Forwarding, NetStat, Grab wpa_supplicant, Turn WiFi On/Off, Show Mac/Inet, Remove Password, Extract apk from app, Use Keycode, Get Battery Status, Get Current Activity and many more.

What is PhoneSploit ?

Phonesploit is a python script which uses the adb exploit about which I had written previously in an article. Instead of the troublesome way, it makes it very easy to hack android phones with adb by misusing the functionality of adb.

Many people unknowingly keep their android devices in USB debugging mode and keep open ports without knowing.

You can find these open adb ports by using a search engine like Shodan, which finds all devices on the internet. To see these ports, you must log in to Shodan. You can find open ports by doing the following search on Shodan:

“Android Debug Bridge”

You will get the following search results :

All these devices can be hacked !

So, let's see how does it work ?

Disclaimer :

Please be aware that hacking is illegal unless you have permission from the account owner and the parties involved. This post should be used as a tool to help people understand how hackers are hacking android devices with the adb server. The Hacking world team shall not be held responsible if any criminal charges are brought against any person who misuses the information on this website to violate the law.Now for the purposes of this tutorial, I will be hacking my own android phone.

Part : 1  Installation of the tool on your system

1. How to install in kali linux :

Step-1 : Clone into Phonesploit

git clone https://github.com/Zucccs/PhoneSploit

Step-2 : Install the requirements

cd PhoneSploit

pip install colorama

Step-3 : Run the tool

python main-linux.py

2. How to install in Windows :

Step-1 : Clone into Phonesploit

git clone https://github.com/Zucccs/PhoneSploit

then extract abd.rar to the phonesploit directory

step-2 : Install the requirements

cd PhoneSploit

pip install colorama

Step-3 : Run the tool

python2 main.py

3. How to install in macOS :

first of all install 'brew' then follow this command :

brew install git python@3

git clone https://github.com/01010000-kumar/PhoneSploit

cd PhoneSploit

python3 -m pip insatll colorama

python3 main_linux.py

Note : If you find any error in any of above methods of ABD not found, then run this command and install ABD.

sudo apt update

sudo apt install android-tools-abd android-tools-fastboot

Part : 2  How to Use this tool

Step-1 : Prepare the android phone

First of all you have to Enable developer options from the android phone. to do so, go to mobile settings and open "About Phone" info, then tap 7 times on "Build number". 

You will find something different of your mobile settings, now you can see the option of developer optinos on your screen, turn it on. then goto USB Debugging option and make it enable.

Step-2 :  Install ADB in kali linux

Open a Kali linux terminal and type this command to install ADB :

sudo apt-get install adb

Once ADB is installed in your Kali Machine, connect the android device, and allow the USB Debbuging when prompted by android.

You can use the following command to check if the device is connected correctly or not.

adb devices

Now we need to enable some settings to allow the hack over wifi.

Type the following

adb usb

Then install and enable tcpip by typing the following command.

adb tcpip 5555

Now connect your Android device to wifi and type the following command:

adb connect xxx.xxx.xxx.xxxx

(Note: xxx.xxx.xxx.xxx is the IP address of victim's mobile)

If you want to know more about IP Address : "Click Here"

Now, the phone is connected to Kali linux.

Step-3 : Install and Run the tool 

 As we seen in starting how to install the tool in your device, just follow those commands and install the tool, and run it. Once the installation of phonesploit is done, you will see the following screen.

Now, to hack any android device on the internet ( in my case it’s my phone ) 'Type : 3' in the  phonesploit terminal and enter the IP Address of the victim device.

Now to access the shell on the hacked phone, simply type 4 You will be asked for a device name 

Now the format for device name is:

address (IP + Port Number)

In my case, it will be : adb connect 192.168.0.xxxx:5555

And viola the device has shell access. Which means we can hack and control the device remotely over the internet.

This hack is quite similar to my adb hack and requires USB debugging to open or for you to have access to the victim’s device.

You can also find random devices on the internet with Shodan, as shown previously.

How To Protect Yourself From this PhoneSploit Hack ?

Keep your USB debugging and Developer option always disable.

Thank you for Reading ; )