Think before installing apps – Kali Linux and Android Exploitation

Android is a very popular operating system that has many features. One very big feature is the ability to install APKs (Android Package Files) from any sources. These APKs are also known as Android apps. However, not all apps are safe, as they can contain malware that can infect your device and steal your information.

Kali Linux is a Debian-derived Linux distribution designed for digital forensics and penetration testing. It is used by many security professionals to analyze and protect networks and devices, but can also have nefarious purposes. Hackers use it to steal data and gain unauthorized access to networks and devices that have not been protected. To do these things, Kali Linux has many tools built in, such as aircrack-ng (WiFi hacking), burpsuite (password brute forcing), and more.

For Android Exploitation, there is a tool in Kali Linux called Metasploit, which is designed to create things called payloads and use them to run exploits on a remote target machine. Using Metasploit, it is possible to create a payload for Android and then distribute the exploit using a simple .apk file. It can have access to almost every service and component on your phone, including the microphone, camera, and storage.

screen-shot-2016-10-15-at-6-43-37-pm

The attacker sets up his machine to receive information from the target by creating a multi handler for his local IP address. He also specifies a port number for which the information is sent over. This is typically 8080 for HTTP traffic or 443 for HTTPS traffic. He then uses makes sure to setup a listener on this specific port. Once the app is open on the victim’s device, it is compromised and the attacker can do almost anything he wishes. Before this however, he needs to distribute it, which requires him to convince the user. He can do this by naming it something very inconspicuous, such as Game.apk. Once it is opened, it will be granted all the permissions require by the Android System.

help-1

As I shared above, you should be very careful about what apps you download from sources other than trusted marketplaces, such as Google Play or the Amazon App Store. Make sure to install a virus scanner to analyze what you are about to install and prevent your device from giving the app all your personal information.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s