1 00:00:00,900 --> 00:00:02,610 Instructor: Okay, small pause. 2 00:00:02,610 --> 00:00:05,760 I just want to notify you that this is an update section 3 00:00:05,760 --> 00:00:09,630 and that here we're going to cover Android hacking. 4 00:00:09,630 --> 00:00:11,100 So in this small section 5 00:00:11,100 --> 00:00:15,120 we will cover the exploitation of the Android devices. 6 00:00:15,120 --> 00:00:18,210 Now, even though this is considered mobile hacking, 7 00:00:18,210 --> 00:00:20,430 compared to what we already covered by now 8 00:00:20,430 --> 00:00:22,380 in Metasploit Framework and other tools 9 00:00:22,380 --> 00:00:24,120 used for payload creation, 10 00:00:24,120 --> 00:00:27,900 Android hacking won't be much different than that. 11 00:00:27,900 --> 00:00:29,752 As usual, we will craft the payload 12 00:00:29,752 --> 00:00:32,040 with our Kali Linux machine 13 00:00:32,040 --> 00:00:35,760 and we will try to gain access to an Android device. 14 00:00:35,760 --> 00:00:40,410 However, you'll see that this isn't quite easy or practical 15 00:00:40,410 --> 00:00:43,980 in real life as hacking a Windows machine, for example. 16 00:00:43,980 --> 00:00:45,750 Why, you might be asking. 17 00:00:45,750 --> 00:00:48,150 Well, you will see there are many steps 18 00:00:48,150 --> 00:00:49,860 the target has to perform 19 00:00:49,860 --> 00:00:52,320 in order to execute our payload. 20 00:00:52,320 --> 00:00:54,600 However, if we make them do it somehow 21 00:00:54,600 --> 00:00:58,770 we will have complete access to their Android device. 22 00:00:58,770 --> 00:01:01,500 Another thing is some of you probably won't have 23 00:01:01,500 --> 00:01:03,000 an Android device laying around. 24 00:01:03,000 --> 00:01:06,750 So to make this accessible to anyone, we will be downloading 25 00:01:06,750 --> 00:01:10,320 and creating an Android virtual machine. 26 00:01:10,320 --> 00:01:13,140 That's right, we are simulating a mobile phone 27 00:01:13,140 --> 00:01:15,810 with this virtual machine. 28 00:01:15,810 --> 00:01:17,730 If you actually have an Android device 29 00:01:17,730 --> 00:01:19,680 feel free to use that one instead 30 00:01:19,680 --> 00:01:21,510 to test this payloads out 31 00:01:21,510 --> 00:01:23,280 as that would be the best practice 32 00:01:23,280 --> 00:01:26,640 since some of the post exploitation options won't work 33 00:01:26,640 --> 00:01:28,350 on a virtual machine. 34 00:01:28,350 --> 00:01:31,500 Once we set up our virtual machine as mentioned 35 00:01:31,500 --> 00:01:34,500 we will deliver the payload to the target, 36 00:01:34,500 --> 00:01:36,930 but what is it that we are after 37 00:01:36,930 --> 00:01:40,230 on their device besides just having an access to it 38 00:01:40,230 --> 00:01:42,180 and being able to control it? 39 00:01:42,180 --> 00:01:43,980 Well, we want to, for example 40 00:01:43,980 --> 00:01:48,480 extract all of the contacts from that mobile phone. 41 00:01:48,480 --> 00:01:50,880 We could also read the messages as well 42 00:01:50,880 --> 00:01:52,920 as send messages from that phone, 43 00:01:52,920 --> 00:01:56,340 and we can check if the device is rooted and we could 44 00:01:56,340 --> 00:02:00,630 as usual download and upload files on that system. 45 00:02:00,630 --> 00:02:03,840 Those files can be images, applications, 46 00:02:03,840 --> 00:02:06,330 and other file types that we want. 47 00:02:06,330 --> 00:02:09,270 You can try opening a camera and recording, 48 00:02:09,270 --> 00:02:10,470 but most of this stuff 49 00:02:10,470 --> 00:02:13,080 we won't be able to do on a virtual machine. 50 00:02:13,080 --> 00:02:15,540 However, I will show you how to run those attacks 51 00:02:15,540 --> 00:02:18,420 nonetheless, just in case you try gaining access 52 00:02:18,420 --> 00:02:20,880 to a real Android device later on. 53 00:02:20,880 --> 00:02:22,440 Most of these things we will achieve 54 00:02:22,440 --> 00:02:25,530 using our Metasploit framework tool. 55 00:02:25,530 --> 00:02:27,870 We will create a payload for Android devices 56 00:02:27,870 --> 00:02:31,500 using Msfvenom and we will catch the connection back 57 00:02:31,500 --> 00:02:33,390 with Msfconsole. 58 00:02:33,390 --> 00:02:35,340 All of this stuff we already know, 59 00:02:35,340 --> 00:02:37,740 so we will just get straight into that. 60 00:02:37,740 --> 00:02:41,610 But besides all of this, there is one more interesting thing 61 00:02:41,610 --> 00:02:43,830 that we will learn for the first time, 62 00:02:43,830 --> 00:02:47,460 and that is how we can gain access to a target device 63 00:02:47,460 --> 00:02:50,040 that is not on our network. 64 00:02:50,040 --> 00:02:50,910 That's right. 65 00:02:50,910 --> 00:02:54,060 For now, we only attack and exploit the targets 66 00:02:54,060 --> 00:02:57,660 that are on our own local network. 67 00:02:57,660 --> 00:03:00,900 But what if we, for example, want to send our payload 68 00:03:00,900 --> 00:03:02,970 to the target in a different country 69 00:03:02,970 --> 00:03:06,510 with different router and different devices on its network? 70 00:03:06,510 --> 00:03:08,190 Is it the same process? 71 00:03:08,190 --> 00:03:12,120 Well, you will see that it isn't actually quite the same 72 00:03:12,120 --> 00:03:14,520 but it's not a hard process either. 73 00:03:14,520 --> 00:03:17,400 You can later apply this for any target whatsoever 74 00:03:17,400 --> 00:03:20,700 whether it runs Windows, Linux, or even Android. 75 00:03:20,700 --> 00:03:22,500 This will work on all of them 76 00:03:22,500 --> 00:03:25,170 in case they're on a different network. 77 00:03:25,170 --> 00:03:26,880 Nonetheless, enough of talking 78 00:03:26,880 --> 00:03:30,213 and let's get straight into hacking Android devices.