Offensive Security Tool: PhoneSploit Pro

Offensive Security Tool: PhoneSploit Pro

Premium Content

Reading Time: 4 Minutes

Description

PhoneSploit Pro by AzeemIdrisi, its an all-in-one tool designed to exploit Android devices remotely. It leverages the power of ADB (Android Debug Bridge) and Metasploit-Framework to gain control over the target device and establish a Meterpreter session. With PhoneSploit Pro, users can perform a wide range of actions on the compromised Android device, giving them complete control and access to its functionalities. PhoneSploit Pro provides a convenient and efficient solution for penetration testers looking to exploit Android devices remotely.

 

Complete Automation to get a Meterpreter session in One Click

This tool can automatically Create, Install, and Run payload on the target device using Metasploit-Framework and ADB to completely hack the Android Device in one click if the device has open ADB port TCP 5555.

The goal of this project is to make penetration testing on Android devices easy. Now you don’t have to learn commands and arguments, PhoneSploit Pro does it for you. Using this tool, you can test the security of your Android devices easily.

PhoneSploit Pro can also be used as a complete ADB Toolkit to perform various operations on Android devices over Wi-Fi as well as USB.

See Also: So you want to be a hacker?
Offensive Security Courses

Features

 

Requirements

python3: Python 3.10 or Newer
adb: Android Debug Bridge (ADB) from Android SDK Platform Tools
metasploit-framework: Metasploit-Framework (msfvenom and msfconsole)
scrcpy: Scrcpy
nmap: Nmap

 

Run PhoneSploit Pro

PhoneSploit Pro does not need any installation and runs directly using python3

PhoneSploit Pro requires Python version 3.10 or above. Please update Python before running the program to meet the requirement.

 

On Linux / macOS:

Make sure all the required software are installed.

Open terminal and paste the following commands:

git clone https://github.com/AzeemIdrisi/PhoneSploit-Pro.git

cd PhoneSploit-Pro/

python3 phonesploitpro.py

 

On Windows:

Make sure all the required software are installed.

Open terminal and paste the following commands:

git clone https://github.com/AzeemIdrisi/PhoneSploit-Pro.git

cd PhoneSploit-Pro/

 

Download and extract latest platform-tools from here.
Copy all files from the extracted platform-tools or adb directory to PhoneSploit-Pro directory and then run:

 

python phonesploitpro.py

Screenshots

 

Tutorial

Setting up Android Phone for the first time

Enabling the Developer Options

Open Settings.
Go to About Phone.
Find Build Number.
Tap on Build Number 7 times.
Enter your pattern, PIN or password to enable the Developer options menu.
The Developer options menu will now appear in your Settings menu.

 

Enabling USB Debugging

Open Settings.
Go to System > Developer options.
Scroll down and Enable USB debugging.

 

Connecting with Computer

Connect your Android device and adb host computer to a common Wi-Fi network.
Connect the device to the host computer with a USB cable.
Open a terminal in the computer and enter the following command:

adb devices

4. A pop-up will appear in the Android phone when you connect your phone to a new PC for the first time: Allow USB debugging?.
5. Click on Always allow from this computer check-box and then click Allow.
6. Then in the terminal enter the following command:

adb tcpip 5555

7. Now you can connect the Android Phone with the computer over Wi-Fi using adb.
8. Disconnect the USB cable.
9. Go to Settings > About Phone > Status > IP address and note the phone’s IP Address.
10. Run PhoneSploit Pro and select Connect a device and enter the target’s IP Address to connect over Wi-Fi.

 

Connecting the Android phone for the next time

Connect your Android device and host computer to a common Wi-Fi network.
Run PhoneSploit Pro and select Connect a device and enter the target’s IP Address to connect over Wi-Fi.

 

This tool is tested on

✅ Ubuntu
✅ Linux Mint
✅ Kali Linux
✅ Fedora
✅ Arch Linux
✅ Parrot Security OS
✅ Windows 11
✅ Termux (Android)

All the new features are primarily tested on Linux, thus Linux is recommended for running PhoneSploit Pro. Some features might not work properly on Windows.

Installing ADB

ADB on Linux:

Open the terminal and paste the following commands:

Debian / Ubuntu

sudo apt update

sudo apt install adb

Fedora

sudo dnf install adb

Arch Linux / Manjaro

sudo pacman -Sy android-tools

For other Linux Distributions : Visit this Link

 

ADB on macOS:

Open the terminal and paste the following command:

brew install android-platform-tools

or Visit this link: Click Here

ADB on Windows:

Visit this link: Click Here

ADB on Termux:

pkg update

pkg install android-tools

 

Installing Metasploit-Framework

On Linux / macOS:

curl https://raw.githubusercontent.com/rapid7/metasploit-omnibus/master/config/templates/metasploit-framework-wrappers/msfupdate.erb > msfinstall &&
chmod 755 msfinstall &&
./msfinstall

or Follow this link: Click Here

or Visit this link: Click Here

 

On Windows:

Visit this link: Click Here

or Follow this link: Click Here

 

Installing scrcpy

Visit the scrcpy GitHub page for latest installation instructions: Click Here

On Windows: Copy all the files from the extracted scrcpy folder to PhoneSploit-Pro folder.

If scrcpy is not available for your Linux distro like Kali Linux, then you can either manually install it: Manual Guide, or build it with a few simple steps: Build Guide

 

Installing Nmap

Nmap on Linux:

Debian / Ubuntu

sudo apt update

sudo apt install nmap

Fedora

sudo dnf install nmap

Arch Linux / Manjaro

sudo pacman -Sy nmap

For other Linux Distributions: Visit this Link

 

Nmap on macOS:

Open terminal and paste the following command:

brew install nmap

or Visit this link: Visit this Link

Nmap on Windows:

Download and install the latest stable release: Click Here

Nmap on Termux:

pkg update

pkg install nmap

 

 

Clone the repo from here: GitHub Link

Recent Tools

Offensive Security Tool: Octopus

June 9, 2023

Octopus is an open source pre-operation C2 server based on …

Offensive Security Tool: Pypykatz

June 2, 2023

PyPyKatz is the Mimikatz implementation in pure Python. It can …

Offensive Security Tool: Pyramid

May 26, 2023

Pyramid is a tool to perform post-exploitation task in an …

Recon Tool: Dome

May 19, 2023

Dome is a fast and reliable Subdomain Enumeration Tool that …

Offensive Security & Ethical Hacking Course

Begin the learning curve of hacking now!

Information Security Solutions

Find out how Pentesting Services can help you.

The post Offensive Security Tool: PhoneSploit Pro first appeared on Black Hat Ethical Hacking.

About The Author