How to Hack android phone – Droid Jack and How to protect ourself ?

10
2751

My previous post is about How to Hack Android Phone using Metasploit as you can see how easily anyone can hack android smartphone using metasploit but the whole thing was in Linux and everyone is not familiar and comfortable with Linux.But no worries ,this time we came back with another tutorial ” How to Hack android phone – Droid Jack and How to protect ourself ? ” which is totally based on Windows .

Why Windows ?

Windows is fully GUI(Graphical User Interface) based as you all know .In Linux you have to get familiar with terminals and other developer things which are lack of GUI and thats why most of the people gives up with Linux .Even if you are going to install a program over Linux then you have to install it via Terminal .It doesn’t mean Linux not worths ,see our post on How to get familiar with Linux easily .

Why we are writing this tutorial ?

Previously we’ve posted a article about ” Malicious Android adware campaign tries to exploit root access ” and thats ridiculously true everything written on that post .After analyzing whole scenario we decided to write a tutorial on exploiting and defending android devices to aware innocent victims .We recommend you to take a look of that post and understand the hazards of third party malicious apps.

What is Droid Jack ?

Droid Jack is what you need for that. Droid Jack gives you the power to establish control over your beloveds’ Android devices with an easy to use GUI and all the features you need to monitor them.Droid Jack is a client/server application developed in Java Android for the client side and in Java/Swing for the Server.

See also : How to Hack android using metasploit in Kali Linux .

 

 

Please read disclaimer : Here i’m using RAT[remote administration tool] software in windows for educational use ,all devices have been faked.This tutorial is for learning purposes only and should not be used for any illegal activities.It’s only for awareness.Don’t break someone privacy who not belongs to you , i’m not liable for any illegal activity…

Following are the requirements to get started.

  1. Internet Enabled Windows Machine.
  2. Java Installed ,if not then download it from here.
  3. Net-framework Installed ,if not then download it from here.
  4. DroidJack (Remote Administration Tool)
  5. Dynamic IP (noip.com host)
  6. DUC for windows (noip.com client) .Get it from here
  7. Android Device for testing.

Features of this Android HACK :

  • Get contacts from remote android device.
  • Click snaps using front or back camera.
  • Get real-time pin point location.
  • Record real-time sound by using microphone of android device.
  • and lots more……..

Hack Android using Droid Jack

Step 1 : Download Droid Jack from here and make sure all requirements are installed as described above.

Step 2 : Now open Droid Jack.jar and jump to “ Generate apk ” tab .Now it’s time to create a app for over tutorial ,basically it’s a pre-configured payload .

  • App name : stack4   // anything you want
  • File name : stack4   // anything you want
  • Dynamic DNS : 192.168.1.4  // LAN IP
  • Port : 1337  // you can use any port but it should be available or open for listening
  • Bind with another apk : Leaving blank.You can bind this apk with another apk like whatsapp , viber , or any other android package.Here i’m not using this feature.
  • Stealth mode : Leaving blank.You can hide this app from launcher.Make it hidden.
  • Use custom icon : leaving blank.Use as  desired app icon.

Step 3 :  After successfully generating newly apk.Send and install it on Android device.

Step 4 : Goto ‘Devices’ tab.Enter you port and turn on reception .Now leave your system open and wait for device capture on our droidjack dashboard .As soon victim opens the app on his mobile ,it will immediately reflects in devices section .

Step 5 : Open app in Android device.As soon as you open the app in the device, you can see the connected device in Droid jack device console.

See also : How to root android without PC

 

 

Step 6 : Now you have full access over victim device.You grab messages ,call log,pin point location , listen real time calls , access data from file manager and much more .

 

Conclusion :

This demonstration is really intense and describes about how anyone can easily take control over your device .We are pentester ,it’s our formal and social duty to spread awareness about security flaws .

Now it’s time to tighten your device security to defend such type of malware and attacks .Read our quick post about ” How to protect you Android Phone ? ”

If you have any doubt about your device security ,please feel free to ask

10 COMMENTS

  1. How can I embed the “generated apk” in image and send it through whatsapp and when on the other side he opens image the apk get installed anonymously ?

    • u can send apk thru whatsapp,by rename it into .txt or .pdf
      but the receiver wont able to read it(or install) without rename it again into .apk
      also the receiver won able to install without uncheck security setting for third party app

  2. Created the android package. and Installed it on my own phone for testing, but in the devices tab there is nothing. Can you Please help me

  3. dear there is no executable file in the folder , please help me . but there was droidjack.jar when i open it it show in winrar archive , how to get on main screen please tell me .!

  4. @danish
    It needs java to run.make sure u have latest java software installed. Then go to properties , click on ” open with” option and select java .

LEAVE A REPLY

Please enter your comment!
Please enter your name here