A lot of people do not prefer to select the Windows platform as it has many open ports. It is difficult to manage all these ports and that leads to serious security flaws.
But windows has the ability to be compatible with different tools used for hacking. In the field of ethical hacking, using windows is only safe if it is used for practicing just for educational purposes.
At the begining of learning ethical hacking, it is hard to go with the Linux distributions as they do not provide GUI options as much as the Windows platform does.
It becomes harder for beginners to understand the tools with CLI. That is why, for educational purposes, using windows is okay.
Here we are going to discuss how we can get access to an Android smartphone using Windows 10.
We are going to use a RAT(Remote Administrator tool) here.
Let's get into the tutorial.
Hacking Android Smartphone using Windows 10
First of all, we have to understand what a RAT is. In simple words, the RAT is a program that has two parts-client and server. We install the client on the target device and it stores the information on the server. We keep the server to collect the information.
Here we are going to use the SpyNote RAT. This RAT has the ability to create persistent payloads.
Buy Spynote from its official website Spynote.us or you can manage it for free by searching through the internet!
Before installing it make sure that you have java installed on your computer. Without java, you will not be able to create a payload.
Now install it and open it.
Let's create a payload and test it
You can create a payload very easily but it will not work outside your local network i.e it will work only on the devices connected to the same network you are connected to.
To make it work over the Internet, you have to do port forwarding by going through your router's configuration.
If you don't have a router, don't worry.
In this case, we can use a tool called Ngrok. We can forward our port using this tool. We don't have to buy any router.
Download the Ngrok from here, unzip it.
Now, switch back to Spynote and go to the 'Tools' section and here you can customize and build the payload you wish.
If you are getting an error saying 'unable to find Java', don't worry, just select the path of the Java you've installed. By default, Java gets installed on system drive/program files(x86)/Java. If Java is installed on this path then select this path- system drive/program files(x86)/Java/bin/java.exe.
Now customize the payload info. You can set the victim's name, app name, service name, and the version.
Configuring DNS info to make the payload work over WAN
Open up the Ngrok tool. It will be opened on CMD. If you didn't verify your authentication token, do it now by giving the command- ngrok.exe authtoken 'your token'.
Now, forward a TCP port by using the command- ngrok.exe tcp 5214. Replace the port with your desired port number.
We are all set. Copy the forwarded port and paste it on the 'Port' section of the payload. Again, copy the public ngrok host, open up a new CMD and ping it to get its IP address by using the command- ping 'ngrok URL'
Okay, we got the IP address. Now copy the IP address and paste it on the 'IP' section and save it.
Continuing to the Payload building process
From the 'properties' section, you can select the privileges you want. You can turn on the keylogger, you can make the payload administrator, and you can also access the root.
If you want to merge the payload with other trusted applications so that the victim trusts your payload, you can do that on the 'Merging app' section. Select the application you want to merge with your payload.
All done! proceed to the 'build' section and click on Build.
The build process takes some time. It calls the apktool package to build the android apk file. Wait until it finishes. The output file will be found in the system drive>Build 6.01>Apktool>out.
Connecting to the target device
As Android is very strict about installing apps from unknown sources, the play protects will prevent it from installing. You have to convince the victim. It's on you, how you convince him.
If the victim installs the app, you will get the device listed on the dashboard of the Spynote server.
Right-click on the device and you will get the commands you can apply on the device. We tried the 'File Manager' option and we got access to the stored files on the device.
Sometimes the session may expire if the victim restarts or switch off the phone. You have to right-click on the listed device and select the 'victim' and click on 'reconnect'.
The use of RATs to take control of any device is an effective idea. We just have to create an undetectable payload and apply some social engineering to convince the victim to install the payload.
RATs do not remain functional for long. As a RAT becomes popular, manufacturers release patches for it.
What's your opinion? let us know in the comment box below. If you are facing any problem regarding the installation of the tool, feel free to leave a comment below by explaining the problem with a screenshot.