PhoneSploit-Pro - An All-In-One Hacking Tool To Remotely Exploit Android Devices Using ADB And Metasploit-Framework To Get A Meterpreter Session
An all-in-one hacking tool written in Python
to remotely exploit Android devices using ADB
(Android Debug Bridge) and Metasploit-Framework
.
Complete Automation to get a Meterpreter session in One Click
This tool can automatically Create, Install, and Run payload on the target device using Metasploit-Framework and ADB to completely hack the Android Device in one click.
The goal of this project is to make penetration testing on Android devices easy. Now you don't have to learn commands and arguments, PhoneSploit Pro does it for you. Using this tool, you can test the security of your Android devices easily.
PhoneSploit Pro can also be used as a complete ADB Toolkit to perform various operations on Android devices over Wi-Fi as well as USB.
Features
v1.0
- Connect device using ADB remotely.
- List connected devices.
- Disconnect all devices.
- Access connected device shell.
- Stop ADB Server.
- Take screenshot and pull it to computer automatically.
- Screen Record target device screen for a specified time and automatically pull it to computer.
- Download file/folder from target device.
- Send file/folder from computer to target device.
- Run an app.
- Install an APK file from computer to target device.
- Uninstall an app.
- List all installed apps in target device.
- Restart/Reboot the target device to
System
,Recovery
,Bootloader
,Fastboot
. - Hack Device Completely :
- Automatically fetch your
IP Address
to setLHOST
. - Automatically create a payload using
msfvenom
, install it, and run it on target device. - Then automatically launch and setup Metasploit-Framework to get a
meterpreter
session. - Getting a
meterpreter
session means the device is completely hacked using Metasploit-Framework, and you can do anything with it.
- Automatically fetch your
v1.1
- List all files and folders of the target devices.
- Copy all WhatsApp Data to computer.
- Copy all Screenshots to computer.
- Copy all Camera Photos to computer.
- Take screenshots and screen-record anonymously (Automatically delete file from target device).
- Open a link on target device.
- Display an image/photo on target device.
- Play an audio on target device.
- Play a video on target device.
- Get device information.
- Get battery information.
- Use Keycodes to control device remotely.
v1.2
- Send SMS through target device.
- Unlock device (Automatic screen on, swipe up and password input).
- Lock device.
- Dump all SMS from device to computer.
- Dump all Contacts from device to computer.
- Dump all Call Logs from device to computer.
- Extract APK from an installed app.
v1.3
- Mirror and Control the target device.
v1.4
- Power off the target device.
Requirements
python3
: Python 3.10 or Neweradb
: Android Debug Bridge (ADB) fromAndroid SDK Platform Tools
metasploit-framework
: Metasploit-Framework (msfvenom
andmsfconsole
)scrcpy
: Scrcpy (Screen Copy)
Run PhoneSploit Pro
PhoneSploit Pro does not need any installation and runs directly using python3
On Linux / macOS :
Make sure all the required software are installed.
Open terminal and paste the following commands :
git clone https://github.com/AzeemIdrisi/PhoneSploit-Pro.git
cd PhoneSploit-Pro/
python3 phonesploitpro.py
On Windows :
Make sure all the required software are installed.
Open terminal and paste the following commands :
git clone https://github.com/AzeemIdrisi/PhoneSploit-Pro.git
cd PhoneSploit-Pro/
-
Download and extract latest
platform-tools
from here. -
Copy all files from the extracted
platform-tools
oradb
directory to PhoneSploit-Pro directory and then run :
python phonesploitpro.py
Screenshots
Installing ADB
ADB on Linux :
Open terminal and paste the following commands :
- Debian / Ubuntu
sudo apt update
sudo apt install adb
- Fedora
sudo dnf install adb
- Arch Linux / Manjaro
sudo pacman -Sy android-tools
For other Linux Distributions : Visit this Link
ADB on macOS :
Open terminal and paste the following command :
brew install android-platform-tools
or Visit this link : Click Here
ADB on Windows :
Visit this link : Click Here
ADB on Termux :
pkg update
pkg install android-tools
Installing Metasploit-Framework
On Linux / macOS :
curl https://raw.githubusercontent.com/rapid7/metasploit-omnibus/master/config/templates/metasploit-framework-wrappers/msfupdate.erb > msfinstall && \ chmod 755 msfinstall && \ ./msfinstall
or Follow this link : Click Here
or Visit this link : Click Here
On Windows :
Visit this link : Click Here
or Follow this link : Click Here
Installing scrcpy
Visit the scrcpy
GitHub page for latest installation instructions : Click Here
On Windows : Copy all the files from the extracted scrcpy folder to PhoneSploit-Pro folder.
If scrcpy
is not available for your Linux distro, then you can build it with a few simple steps : Build Guide
Tutorial
Setting up Android Phone for the first time
- Enabling the Developer Options
- Open
Settings
. - Go to
About Phone
. - Find
Build Number
. - Tap on
Build Number
7 times. - Enter your pattern, PIN or password to enable the
Developer options
menu. - The
Developer options
menu will now appear in your Settings menu.
- Enabling USB Debugging
- Open
Settings
. - Go to
System
>Developer options
. - Scroll down and Enable
USB debugging
.
- Connecting with Computer
- Connect your Android device and
adb
host computer to a common Wi-Fi network. - Connect the device to the host computer with a USB cable.
- Open terminal in the computer and enter the following command :
adb devices
- A pop-up will appear in the Android phone when you connect your phone to a new PC for the first time :
Allow USB debugging?
. - Click on
Always allow from this computer
check-box and then clickAllow
. - Then enter the following command :
adb tcpip 5555
- Now you can connect the Android Phone over Wi-Fi.
- Disconnect the USB cable.
- Go to
Settings
>About Phone
>Status
>IP address
and note the phone'sIP Address
. - Run PhoneSploit Pro and select
Connect a device
and enter the target'sIP Address
to connect over Wi-Fi.
Connecting the Android phone for the next time
- Connect your Android device and host computer to a common Wi-Fi network.
- Run PhoneSploit Pro and select
Connect a device
and enter the target'sIP Address
to connect over Wi-Fi.
This tool is tested on
- ✅Ubuntu
- ✅Linux Mint
- ✅Kali Linux
- ✅Fedora
- ✅Arch Linux
- ✅Parrot Security OS
- ✅Windows 11
- ✅Termux (Android)
All the new features are primarily tested on Linux, thus Linux is recommended for running PhoneSploit Pro. Some features might not work properly on Windows.
Disclaimer
- Neither the project nor its developer promote any kind of illegal activity and are not responsible for any misuse or damage caused by this project.
- This project is for the purpose of penetration testing only.
- Please do not use this tool on other people's devices without their permission.
- Do not use this tool to harm others.
- Use this project responsibly on your own devices only.
- It is the end user's responsibility to obey all applicable local, state, federal, and international laws.
Source: www.kitploit.com