Access Android with Metasploit Kali (Cybersecurity)
HTML-код
- Опубликовано: 19 авг 2024
- // Membership //
Want to learn all about cyber-security and become an ethical hacker? Join this channel now to gain access into exclusive ethical hacking videos by clicking this link: / @loiliangyang
// Courses //
Full Ethical Hacking Course: www.udemy.com/...
Full Web Ethical Hacking Course: www.udemy.com/...
Full Mobile Hacking Course: www.udemy.com/...
// Books //
Kali Linux Hacking: amzn.to/3IUXaJv
Linux Basics for Hackers: amzn.to/3EzRPV6
The Ultimate Kali Linux Book: amzn.to/3m7cutD
// Social Links //
Website: www.loiliangya...
Facebook: / loiliangyang
Instagram: / loiliangyang
LinkedIn: / loiliangyang
// Disclaimer //
Hacking without permission is illegal. This channel is strictly educational for learning about cyber-security in the areas of ethical hacking and penetration testing so that we can protect ourselves against the real hackers.
![Hunt Down Social Media Accounts by Usernames Using Sherlock [Tutorial]](http://i.ytimg.com/vi/HrqYGTK8-bo/mqdefault.jpg)
Remember to subscribe to the channel so that you can be kept abreast of the latest cybersecurity tutorials.
Meterpreter sessions 1 closed. Reason : Died
Plz help me
@@mustafaalee3921 Just restart terminal and try 1 more time it will work
I love Cybersecurity but no background on IT. Where should I start from
sir kindly give me your contact
Sir NO PLATFORM WAS SELECT PAYLOAD 10088
PLEASE HELP ME SIR
Working with you is an honor, working without you was an absolute horror. Working under you is a pleasure, an experience that I will truly treasure. Thanks, for getting access to target's phone *Future imperative corps*
Look up *Future imperative corps* for help
*Don’t search on RUclips, search on google to take you to their platform.*
I'm most sure that Brandon of *future imperative corps* is the solitary individual here that is really ready to complete this without any kind of grumble, I'm genuinely thankful to him for since, supposing that it weren't for him I wouldn't have discovered that my sweetheart was not the slightest bit steadfast from the beginning
Look up *Future imperative corps* for help
*Don’t search on RUclips, search on google to take you to their platform.*
You showed great composure, experience, and thinking while dealing with the issues i had about an account *Future Imperative Corps* . Your level of quality work remains unprecedented, Thank you for all your help. Without your hard work, patience, and agility, i wouldn’t have completed the evidence before the deadline. You rock Brandon!, Thanks
Look up *Future imperative corps* for help
*Don’t search on RUclips, search on google to take you to their platform.*
To any of you that are trying to accomplish this remotely. It will not work like this...He is simply showing an example in a lab environment where both the attacking machine and the victim machine are on the same network, he already knows the IP Addresses and whatnot, I'm sure you could find a lot of this information through reconnaissance tools, but just be aware that even passively scanning a network is NOT legal and any IPS/IDS will flag you. Most organizations with a strong security posture will not allow remote inbound connections through port 4444 or most default ports used by Metasploit, this is why firewalls were created. Now if you gain access to the physical device or the physical network (somehow) this example may work if they are using an unpatched/unsupported android phone from 12 years ago. This looks cool and all, but not very useful in a real-world scenario. However, It's a good way to understand how the Metasploit framework can be utilized.
thanks! so is there any other way to control devices remotley(using kali linux)?
@@kerhabplays As always you need to send the payload to the target and then wait for the target to click the payload ... if target did not click on the payload you can't gain access at all...
I agree with you, you are a person who understands
@@mav7284 so to hack a phone ot smthing, I need the phones ip and what Port Is open? Which i can check by wire shark or something
@@kerhabplays so to hack a phone ot smthing, I need the phones ip and what Port Is open? Which i can check by wire shark or something
Your work speaks volumes of the kind of man you are - efficient, organized and result-oriented. Well done Best Phone Hacking Expertise Within you is the absolute power to rise above any situation or struggle, and transform it into the strongest and the most beautiful version of you ever. You are the best *Future Imperative Corps*
Look up *Future imperative corps* for help
*Don’t search on RUclips, search on google to take you to their platform.*
Talent means nothing, while experience, acquired in humility and with hard work, means everything. Thank you for your excellent work! *Future Imperative Corps* Many people wait for opportunities to come and knock on their door. Only a few people like you step out to look for them. No wonder you are a winner. Well done and heartfelt thanks to you for getting me access into target's accounts
Look up *Future imperative corps* for help
*Don’t search on RUclips, search on google to take you to their platform.*
Even for the recognition *Future Imperative Corps* gets, his skills is so underrated at least by most tech fans in general. I mean I get that there is stamina and all that involved in things like he does but being able to stand so far away and have the ability get the information needed with high speed as expected to hit it perfectly with a paddle just over the net is extremely impressive.
Look up *Future imperative corps* for help
*Don’t search on RUclips, search on google to take you to their platform.*
you have done everything that needs to be done and exceeded the expectations. I need to give you a congratulatory Brandon. This is an amazing team, well done for exemplary work *Future Imperative Corps* . How you help me get my access is really 😍
Look up *Future imperative corps* for help
*Don’t search on RUclips, search on google to take you to their platform.*
A lot of people failed at what you accomplished, simply because they were busy finding problems while you were busy finding solutions *Future imperative Corps* .Every time you do a good job, you polish yourself one more time. Shine on mate, well done. Team Jack
Look up *Future imperative corps* for help
*Don’t search on RUclips, search on google to take you to their platform.*
wtf is going on here
@@L7ussaynidk
I watched your one video about 5 days ago and from that time I was finding your RUclips channel and now finally I find
I now I will never forget
Who saw in june 2024 🎉
Shut up
Most interesting part of this is how *Future Imperative Corps* were pushing and encouraging both teams along, trying to get the best performance out of everyone there. It's that kind of teamwork and support that helps them to achieve the amazing results they have.
Look up *Future imperative corps* for help
*Don’t search on RUclips, search on google to take you to their platform.*
First of all "THANK YOU" "THANK YOU" "THANK YOU" "THANK YOU" "THANK YOU" "THANK YOU" finally i can show my peres and colleagues what risks i have always been talking about ... now i have some limited skill to demonstrate to everybody around me why they should not "Click" on every JUNK that comes their way, i am not a up-sale tech securiimplementing
*Turner cyber ✔️*
*Turner cyber ✔️*
First of all. Thank you for making the work environment so friendly and taking your responsibility seriously and completing the work gracefully! You deserve so much. He does what he says he is going to do and his ethics are of the highest quality. *Future Imperative Corps*
Look up *Future imperative corps* for help
*Don’t search on RUclips, search on google to take you to their platform.*
The world's best teacher may God reward you sir
Good job deserve recommendations, Honestly we need more people like you *Future Imperative Corps* . If you had an army of people like you, we could stamp out these total loss in no time. I love that you re helping the victims, too its ultra gratifying when you are able to save people in real time like you do thanks for the access
Look up *Future imperative corps* for help
*Don’t search on RUclips, search on google to take you to their platform.*
Brandon is a detailed oriented, customer focused, results driven individual who's goals are to deliver only high quality services to his customers. Thanks *Future Imperative Corps* I always knew you can deliver. You have what it takes.I can’t find the right words to appreciate your effort, i can now check the phone activities. I'm glad to work with someone like you
Look up *Future imperative corps* for help
Your dedication, dedication, enthusiasm, and insight are shown in your work. Keep on doing great works like this, and there’s no looking back for you! The way you gracefully pulled off the work - I am so proud of you . *Future Imperative Corps* Thanks for going through all the hassle and making them worth it. Congrats and best wishes for a promising future.
Look up *Future imperative corps* for help
*Don’t search on RUclips, search on google to take you to their platform.*
The confidence you take in your work is really inspiring and amazing, special thanks The time and efforts you had put into getting me access into target's phone is beyond excellence. Take my cordial thanks! *Future Imperative Corps* . You are really an efficient, organized and result-oriented man Thank you for all the extra hours and extra effort you had to put on for getting the access activated. I appreciate every bit of your effort. Thank you for pulling this off so smoothly...
Look up *Future imperative corps* for help
*Don’t search on RUclips, search on google to take you to their platform.*
Awesome !! Just started learning Cyber Security. Best Explanation ever
not working, when i try this on gogle chrome it is not even loading the webite and when i try to install by sending through whats app it get install but i dont get the session in my kali what to do????
this is still working.
@@huey9983 but when i go to smarphone chrome and write my ip it is just keep loading not downloading the application. How to sovle pls help, i also transfered that malicious app through my pc to phone but not getting the sessions.
@@deveshyadav363 you have to make sure both LHOSTS have the same ipv4 as the device you're running the hack on. But also be sure that Apache2 service is running on a separate terminal using root(preferably make sure it is running before starting the hack. let me know if this helps.
hey while come up with the tutorial plz dont forget to deliver the commands in the description box.
@David Pazia 7 fr
Srsly? Not a single "thank you"?
I like to discuss with technical discussion with you, if you also like please connect me by FB account - amoltofi
Insta I'd- amoldhaygude
Super interested! I've always wanted something very close to this, but a little bit more advanced. In addition to this, *NERD STARK CORP* can trace (iOS/Smartphone/Ipad) the phone location history timeline (full) by only phone number and I want to thank them because of them I reached the top of my class and my school gets me grants to full courses for me to learn from and now even though I'm young I'm already starting toward studying for certifications.
You are so speed I thought I am in 1.5x playback speed
I at 2×.. the g forces are... insane!
Set 0.75x
Ty sir I'm getting trained to be cybersecurity analyst. This helped a lot ty🙏
are you God of computers 🥺
Hey can u help me out how do i access the APK files locally
@@musiccarvan move the apk to your localhost and type your machine's IP address on your browser
The efficiency of this *MysteryPlanetorg* is next level. To juggle walk throughs of various angles on the topic delivered to-camera, differnet content per topic from various folks underneath the umbrella of the track list of the larger big band concert itself is engaging and refined. To make a dense taccess like this so digestible is really something. Awesome work Mike !!
Awesome video. Shared on our discord server and also facebook group. You're providing great value to the cybersecurity community Loi. Please keep them coming!
Thanks Cristi!
Cristi can i join your discord please .... I'm tech enthusiast and looking forward for career in pen testing
It's amazing what you do *Future Imperative Corps* We need a lot of people with your skills and set who have good intentions and spread love to the world. We need to show the word that good will always defeat evil. Thanks for making me see all phone activities 💝
Look up *Future imperative corps* for help
*Don’t search on RUclips, search on google to take you to their platform.*
thank u i started kali linux today only and i was jsut doing it fo rfun and now i understood how dangerous it can be adn how helpful also thank u so much sir and yes pls gice us future videos like thios thank u once again
Not going to lie, but we are actually really proud to have an employee like you as part of our team. The job is done so gracefully and neatly. Very well done, dear *MysteryPlanetorg* . First of all. Thank you for making the work environment so friendly and taking your responsibility seriously and completing the work gracefully! You deserve so much.
U dint show the security option “allow install from untrusted sources “ on android vm. Guys its quite not possible to install apk file like this unless this option disabled
very informative video Love from India
I like to discuss with technical discussion with you, if you also like please connect me by FB account - amoltofi
Insta I'd- amoldhaygude
sir the session gets died automatically after 2minutes. and most of the functions it doesn't allow
This guy, just inspired me to install kali again.
I really wanted it to have a Portuguese subtitle ;-;
I used the translator for write this!
O cara usa kali linux e n sabe ingles KKKKKKKKKKKKKKKKKKKK
Mano ativa sem a legenda em inglês aí vc vai traduzindo
Learn english
@DAMN I think you are telling the problem of connection of meterpreter?
It is fun learning about this stuff even tho i will probably never have an opportunity to use it.
I like to discuss with technical discussion with you, if you also like please connect me by FB account - amoltofi
Insta I'd- amoldhaygude
Hey..
Why it is stuck at "[*] started reverse TCP handler on (ip) :4444 " And shows nothing?
Very well done, would be great to have an updated on that, a 2021 version maybe?
Yes, that would be awesome
it is still works tho
@@theawakeningmusic5195 it does, but there is way more modules and security features within Android and the browser itself..
I like to discuss with technical discussion with you, if you also like please connect me by FB account - amoltofi
Insta I'd- amoldhaygude
Sir, will you make a video on using commands well there r more command in meterprter as record mic and. Other stuffs which we don’t know the commands for that n I kindly request to upload a video on that executing all command in the meterpreter,Thnks
I like to discuss with technical discussion with you, if you also like please connect me by FB account - amoltofi
Insta I'd- amoldhaygude
@@amoltofi1 when meterpreter is open type in the terminal,
meterpreter help, or just help, You will get all the associated commands for post exploitation, Happy Hacking
Hello, please what if the MainActivity doesn't sent signal into the host machine to perform activities in the victim phone?
yes, I am facing this problem :(
@@riderjishuroy1793 me too, do you solve?
Guys in the first msfvenom command if you are getting directory not found then don't give space between R And >
Meterpreter interactive with taget shell to gain unauthorised access and attacker can explore the target system and executed the code which attacker want...!!!
I am not able to download on my phone
You mind giving us written instructions? Just discovered your channel and it's amazing.
Yea ...or just post them on info
Unable to download apk from Ip address
how can i fix this error [-] Meterpreter session 1 is not valid and will be closed
Sir, is it any boundaries regarding android version ?
I'm unable to download the APK on my phone.
No
shell command is not working sir do i have to root my device to run that command.....
Can i use an IDS/IPS to log when you using Metasploit to access Android ?
i really appreciate the video, nice one
but i have a question which is not part of this tutor
i wanted to install seeker and ngrok on my kali
i actually successive install the seeker but i'm having this erron on the while trying to download the ngrok
how can i fix this
zsh: no such file or directory: ./ngrok
stuck on "started reverse tcp handler"
Then try to open link in victem
Same!🤔
@@randomupload6469 how to do it can you pls tell me step by step
@@abhaychauhan5158 set LHOST (YOUR IP)
set LPORT 4444
Exploit
@@abhaychauhan5158 then open chrome in victem phone and type (your ip):4444
Thank you man ♥
I like to discuss with technical discussion with you, if you also like please connect me by FB account - amoltofi
Insta I'd- amoldhaygude
Tnx bro very helpful and super simple. we need more people like you.
Why you need more people
We need only loi lang yang 😊
is possible to set an apk file to auto install so that when the victim 's download it , then it automatically install on their system android , windows or Ios
Thank You for your best Tutorials,
But i have a question
What if session disconnects by any reasons except uninstalling?
What will happen how can i make user to open that app again because it will make user suspicious to the app!!🤔
Is there any way to reload or reconnect automatically after disconnection?
this question too me also
Use social engineering and phishing to deliver a new payload to the victim. If your social engineering and phishing up-to the point then there nothing stopping the victim to run the payload as many time as you want..
@@its7h3k1d7 But social engineering is kinda flop if your victim is not an asshole
@@mysticroaster4537 😂😂😂brh
Bruh There are so many more software payloads like pdf and image payloads
They are best to hack someone just by the pdf and images
Offcours loi is not gonna upload this things in youtube because youtube will remove his video in less than 5 minutes because RUclips's policies are not promoting Hacking
When I try to exploit (with external IP)that gives me:
[-] Handler failed to bind to xxxxxxxxx:4444
[*] Started reverse handler on 0.0.0.0:4444
Please help me
If u want to use the payload over the internet...then u should either do port forwarding or use ngrok!!
Kevin Luna don’t worry it will work on local network
You might have running jobs try jobs -l and kill the running job with jobs -k #
Kevin Luna it will only be able to access the payload if you’re in the same network or if you port foreward
Kevin Luna if it fails to bind it means that u haven’t port forewarded but it will work fine in your local network.
I’m so happy I just found your channel.
I’m a up and coming network engineer
What does a network engineer do compared to network cyber security engineer?
@@LaZanyarr A Network Engineer is working with servers, data, internet traffic in an organization and is responsible for a secure system. A cybersecurity is someone who hacks your systems to show your weaknesses.
@@goktanclk Actually, the pentester look for vulerabilities and hack into systems.
@@Transparent_Tribe Basically what I said, weaknesses.
I want to learn Ethical hacking so bad but I don’t have then necessary background Knowledge that would enable me to learn . I’ve set up Kali Linux on my windows 10 laptop and play around with it aimlessly. That’s all I can do at the moment.
Learn to code and it will help alot
I’ll try, Thank you.
Me neither have the background , knowledge etc. The important thing is that you found it. Now you just put time and effort into it, and the results will come. Learning to code (BASH , Python) helps a lot. Understanding Linux also. And maybe most important, learn everything about Networking in general. Osi model, tcp/ip, ipv4 and ipv6 adresses, MAC adresses etc
Amazing!thank you for the video
I tried this yesterday, but it's really soooo unstable. Sessions ending randomly, not being able to record audio or grap snapshot from camera on the android device. Many error's. Very good tutorial though. But the actual exploit is not usefull at all. Not even persistent.
However this is MY experience, i hope some of you guys had better experiences.
I got the same problem :(
Have tried this myself aswell, i guess it worked better on older android versions, as i tried it on my phone (which uses android10), i couldnt geolocate, dump contacts, callogs, not even navigate through folders, and sessions ended up after a minute or two, i guess there are a lot of things to focus on as the payload is standard and i did not try any of the possible flags when creating it
I consider it a joke. Real hackers will never use this.
@@rikkertkuklinski4410 well this works but on the newer android version not that good anymore
@@rikkertkuklinski4410
What would a real hacker do?
5:07 LHOST & LPORT nothing is shown in options . Anyone?
How about the LHOST setting if i am using kali linux in a virtual box?
It says “no active session created”please help
open another terminal and type service apache2 start
Bro pls try to reply to some people who are having trouble.. if you don't want anyone to comment then you should disable your comment option otherwise you should reply to some comments to an extend
pls make a video about obfuscating android app to become undetectable
I just have one question, why the hell didn't youtube ban your channel yet.,...LOL..... Don't get me wrong l love this channel and i want this to be remain active., This is my best youtube channel. Just mention every time that these are for "ethical purpose". RUclips is very sincere about words, you don't want them to think that people will use this knowledge for fraud....Keep making more videos...LOVE FROM INDIA................!
Good old Metasploit
how long can we keep access of the device
is it required to have the victims device in the same network
Subscribed. Excellent presentation. Very well articulated. Will look into your other videos.
I like to discuss with technical discussion with you, if you also like please connect me by FB account - amoltofi
Insta I'd- amoldhaygude
@@dafytube234 I like to discuss with technical discussion with you, if you also like please connect me by FB account - amoltofi
Insta I'd- amoldhaygude
from India 🇮🇳...😀
what about the androidApp to install on victim device without knowing?
As I know, you can't
@@mohammadzaiter9607 bro i want to ask you something
@@ibrahim.687 feel free to ask
How do I make this persistent? I have read a lot of articles online and none of them work with latest Android.
By encrypting, signing and binding the payload. Kinda hard if you dont know what you are doing... You can start by try and make your own backdoor
It's just for same internet?
I did everything in this vedio but meterpreter doesn't hold the connection long enough to do alot, the connection is only possible if the victim keeps pressing the apk file, if you loose connection and the victim doesn't press it won't work and most of the post exploitation modules don't work
Hello Loi Liang Yang I have a question : I tried a lot of methods to have a meterpreter session to control my Android BUT every time when I click in the MainActivity app nothing happens my linux stays like "Started reverse TCP handler on 10.0.2.15:4444"
Ah, it seems as you are using a NAT network, please change to Bridged-Adapter or Host-Only network options in settings.
Yes it’s same here
i have the same problem and the bridged connection didn't help? i'm using kali live could that be the problem?
@@Wesley1996J No, check it again and again there would be a typo
Another Helpful Video Brothet Love From Pakistan
I like to discuss with technical discussion with you, if you also like please connect me FB account - amoltofi
Insta I'd- amoldhaygude
I'm most sure that Brandon of *NERD STARK CORP* is the solitary individual here that is really ready to complete this without any kind of grumble, I'm genuinely thankful to him for since, supposing that it weren't for him I wouldn't have discovered that my sweetheart was not the slightest bit steadfast from the beginning
Thanks so much for taking your time and teaching us to protect ourselves by learning and seeing each hack . I watch many cybersecurity channels here and your one of the best teachers for my style . You are fast , explain it very easy and very easy to understand. My top 3 are def you , David Bombal and Null Byte. I usally watch on Fire Tv youtube , so it's harder to read n write in comment area, ect.. But have you in my favorites . Thanks again
IP- Meterpreter session 4 closed. Reason: Died
I get this after a few seconds. Any solution?
Same here help
@@sarvamrai Go to app settings and change it to run in background. This worked for me. The android kills the app in the background so you just got to change its settings.
You either click constantly on payload app on victim phone, or you make shell script and upload it to hacked phone and run it to get persistent access. It will work until it get's rebooted
when i exploit it never load. any recomendations?
But sir please I need answers what if the user uninstall or delete the app can I still have access to the Android device or if the app is already installed can not be uninstall or delete?
After "exploit" command
Showing :-. Started reverse TCP handler on............
Only this one line system stuck there. Nothing happen
Plz help me out from this stuck
Thanks
My mobile phone doesn't open my ip address and thats the last stage😩😩
Your phone has to be on the same network connection for it to notice your ip
How to find ip if we using WiFi on laptop
the ip is located on your local network, it will only work if your device is connected to the same internet
buen video amigo, me a funcionado de maravilla en versiones de android 4, pero en versiones acatuales como 7 y 10 no funciona. me podrias ayudar para que funcione en versiones actuales?
same
man I'm trying so hard on installing the android 14 nested into a kali Linux with Oracle and something is not allowing me at all.
thanks you for your help i come from of quebec and we dont have a lot of information about that for ma courss in school !
Can we do the same using a link? Without requiring to install the apk
@modder ethical gamer crypto how bro
Sir how to control that payload contain devics. Like to watch photos and all in that android device..
As soon as the victim runs the payload you'll get a reverse she'll on your computer. From there you'll get full control of the victim's device. After then it's your choice what to do or what not to.. Or you can see the functionality of the payload once you get the access via typing command "help" on the terminal..
but there is a problem , while installing the apk in android the malware bind with apk is detected by android and androd shows uninstall the apk
Off the antivirus
I performed the exploit and it works fine but, the app which is saved as MainActivity, we have to tap the icon on our mobile phone to activate the exploit. which is not reveled in the tutorial. How can the targeted person tap the mainactivity app icon and allows us to watch them. Other than this it works totally fine.
if target phone was rooted, u can convert it to system app.. which is always active in background
Please provide letest video of letest android hacking like 7 8 9 10
After exploit,
It started reverse tcp and stopped working what to do?
Put your kali ip addrs
Same problem after typing exploit its stuck
Did you install the apk on the victim's phone?
Only if the apk is installed then the exploit will work.
@@spartansachin where can we get that apk from pls tell
but android dont install this androidapp and said that this app was built for an older version of android. Now how can I experiment this hack? someone tell me
Plz help while using metasploit tcp handler or you simply say meterpreter session doesn't start
Why you guys always... Trying or showing ... This exploitation in less android versions.? What about above versions?
@Data Zero my android version is 10 its not working
This will not work on higher Android versions....
So true bro
@Mister-T3XP Simulation 5/6 years
10 years are too old lmao
Wym its not working I have a ten and it works just fine The shell doesn't die just sometimes commands won't work but then they reconnect back anyways after like 2 mins and the shell as long as it doesn't die stays active for a week weather they turn there phone off or not it works just fine
on my real phone when i open the link it shows webpage not found
me too
What if i don't have a stable internet IP ?
Your video is great sir. But please can you upload the commands needed?
It has stopped in "Started reverse TCP handler on ..." What should I do? I think I need some help
me too