Ticker

6/recent/ticker-posts

Header Ads Widget

Bhat Majid

Turn Your Android Device into Hacking Machine!! Hacking With Android

 

With just a few taps, the Android phone can be equipped with a hidden hacking tool that can use tools like Nap, Nikto, and Netcat - all without hacking the device.

UserLAnd, developed by UserLAnd Technologies, is a free Android app that makes installing Linux distribution faster and less powerful, without divination. With this, it is possible to use the ARM64 Debian app next to the current Android OS. Sometimes referred to as "AARCH64," this ARM art is used in much the same way as the Kali Linux Raspberry Pi ARM graphics, which make it easy to import the Kali toolbar. Above all, the UserLAnd team recently installed a dedicated Kali file system so importing archives will not be required for all users.


All file systems are simplified. While most Kali tools work without problems, UserLAnd is still a new project and can cause some tools (such as Nmap) to break or fail when certain commands are executed. It is worth mentioning, these problems may be solved soon.


For technological trends, UserLAnd uses custom and authentication scripts that allow you to create Debian and Ubuntu file systems. One example of this is PRoot, an open source software that uses chroot-like functionality. PRoot allows you to run programs with another root directory, no root required. Normally, the user space application will communicate directly with Kernel via system calls. With UserLAnd, PRoot works in the background, translates these system calls, and will make and use them when needed to emulate users and permissions in the file system


We will start by installing an SSH client, which will be the main application for working with Debian OS. After that, I will go through the OS setup tips and import the Kali Linux repository to turn Android into a hacking tool. As some readers may not know, Kali Linux is based on the Debian operating system, so importing their storage will not cause anything to break or be unreliable.


Step 1: Install the ConnectBot App (Optional)



UserLAnd has recently added a built-in SSH functionality, so this step is no longer necessary. However, third-party SSH clients can be used when selecting.

Don't Miss: How to Hack Facebook without Phishing Sop

ConnectBot is an open source SSH client designed for Android smartphones, allowing you to securely connect to SSH servers. This will be a great way to connect with the new UserLAnd Debian program. If you do not use or have access to Google Play, ConnectBot is available through the F-Droid repository.

JuiceSSH is also a great alternative to ConnectBot because it has many features, so you can use it if you like. ConnectBot is constantly updated and easy for beginners, so we went with that.


Step 2: Install UserLAnd App



I've already covered what UserLAnd does and what it does above, so I won't go into too much detail here. The important thing is to install it, and you can do that using Google Play or F-Droid.

Disclaimer: UserLAnd has limitations. Without root access, the Android Wi-Fi interface cannot be switched to monitoring mode, so traditional Wi-Fi hacking tools like Aircrack-ng will not work. However, there is still much to be done with UserLAnd, as you will see in future guidelines, and using Kali without rooting or deleting Android OS is not an easy success. So make sure you give the UserLAnd app a good rating on Google Play - developers deserve some feedback.


Step 3: Create a new file system

When the installation is complete, open UserLAnd, and look for the "Applications" tab. Restart the tab and wait a few minutes for the distribution to complete.



Kali Linux OS was recently added to the list of available distributions. Select "Kali" or "Debian" and the UserLAnd app will notify you of details. Create a VNC username, password, and password. "Password" will allow access to the SSH server to start when the file system has finished installing. "VNC password" will not be used in this course but is required to proceed with installation.


UserLAnd will be downloading the required material and documents to its GitHub repository used for creating file systems. The time it takes to download and uninstall the required assets will vary depending on the Android CPU and the speed of the internet connection. The installation process took 20 minutes to complete some tests, so be patient.

Don't Miss: How to Hack Android Phone Remotely 2020

In my first attempt, UserLAnd returned the following "Could not uninstall file. Something went wrong" error. Deleting and reinstalling the UserLAnd app seems to solve the problem. If this error persists, open a new GitHub issue.


Step 4: Interact with Filesystem



When the installation is complete, go to the "Sessions" tab, and select the newly created option. UserLAnd will automatically try to open ConnectBot and ask "Are you sure you want to continue to connect?" Tap "Yes," and enter the password created in the previous step.

In the meantime, synchronizing the Bluetooth keyboard to the phone will make setting up the OS easier, but not necessarily. If you are not using Bluetooth Keyboard, I recommend installing the Hacker Keyboard from Google Play Store, you will see why we continue.


Step 5: Update the OS

The first thing to do after installing the new operating system on your Android phone is to make sure the system is completely up to date. This can be done by using the first strategy to form the root shell. Next, use the apt-get update && apt-get dist-upgrade command.


distortion@localhost:~$ su
root@localhost: /home/distortion# apt-get update && apt-get dist-upgrade
Ign:1 http://cdn-fastly.deb.debian.org/debian stable InRelease
Get:2 http://cdn-fastly.deb.debian.org/debian stable-updates InRelease [91.0 kB]
Hit:3 http://cdn-fastly.deb.debian.org/debian stable Release
Get:4 http://cdn-fastly.deb.debian.org/debian stable Release.gpg [2434 B]
Get:5 http://cdn-fastly.deb.debian.org/debian stable-updates/main arm64 Packages [5096 B]
Get:6 http://cdn-fastly.deb.debian.org/debian stable-updates/main Translation-en [4512 B]
Get:7 http://cdn-fastly.deb.debian.org/debian stable/main Translation-en [5393 B]
Get:8 http://cdn-fastly.deb.debian.org/debian stable/contrib arm64 Packages [29.9 kB]
Get:9 http://cdn-fastly.deb.debian.org/debian stable/contrib Translation-en [45.9 kB]
Get:10 http://cdn-fastly.deb.debian.org/debian stable/non-free arm64 Package [50.8 kB]
Get:11 http://cdn-fastly.deb.debian.org/debian stablenon-free Translation-en [80.6 kB]
Fetched 5714 kB in 31s (183 kB/s)
Reading package lists... Done
Reading package lists... Done
Building dependency tree... Done
Calculating upgrade... Done
The following packages will be upgraded:
  tzdata
1 upgraded, 0 newly intalled, 0 to remove and 0 not upgraded.
Need to get 270 kB of archives.
After this operation, 1024 B of additional disk space will be used.
Do you want to continue? [Y/n]

In the case of the above release, there is only one package that needed to be updated, but this may not always be true.

Step 6: Install Essential Software

This new file system is less advanced and doesn't add as much software as it should. Below are a few packages recommended for daily Debian and Kali users. Some packages are not required but will make it easier to follow up on future articles where Android is used as a primary hacking device.
  • screen - The screen is a deadly duplicate that allows users to work and switch between the last several times at the same time. This is one of the most important packages to install when using UserLAnd. Android phones do not treat SSH times well and often break the connection for no reason. Such a breakup can cause startup commands to fail without having to reconnect to the session to monitor progress. Use Screen to save endless Shell times.
  • net-tools - Net tools are a set of tools that contain ifconfig, netstat, router, and other useful communication applications.
  • netcat - Netcat is a rich UNIX resource designed to be a reliable tool for making TCP and UDP connections. Netcat can be used to create and interact with simple macOS backgrounds.
  • Neofetch - Neofetch (shown in the cover photo) is a cross-sectional data collection tool. Displays system details next to the distribution logo. There is no real functionality for this package other than to show distribution to colleagues and friends or to create  cover images. Neofetch is a small bug with UserLAnd distros, but you might want to know how I created the cover image, so I'm posting it here.
  • gnupg - GnuPG (sometimes called gpg) is commonly used to encrypt files and protect email communications. Some input documents (such as Metasploit) use gpg to import its software signing keys. It is possible to install Metasploit manually without gpg, but it will make the process more difficult.
  • curl - cURL is a command line tool that can download files over HTTP and other popular protocols. This is a useful tool you have for downloading files online.
  • wget - Like cURL, wget is a command line tool used to download files online. Some developers prefer wget over cURL, so it helps to keep both installed and accessible.
  • git - Git is a popular version control software and is often used to integrate (download) GitHub projects. Git is often recommended by Null Byte users.
  • nano - Nano is a command line text editor. Nano will make editing files with SSH much easier. If you choose Vim or Emac, download those text editors instead (or in addition to nano).
The above packages can be installed using the apt-get command.

apt-get update && apt-get install net-tools netcat neofetch gnupg curl wget git nano screen

After that, add the Kali signature key using the following wget command.

Step 7: Import Kali Linux Repository (Conditions)

If you install Kali OS in Step 3, this step can be skipped. For Debian OS users, importing a Kali repository into your distribution is not mandatory. However, doing so will allow faster installation of applications such as sqlmap, Commix, Bettercap, Nikto, dnsmap, and hundreds of packages not available in Debian default repositories.


To start importing the Kali Linux repository, use nano to insert Kali's location into the /etc/apt/sources.list file.

nano /etc/apt/sources.list

Enter the bottom line of the file (shown below), then use Ctrl + X to exit and save the changes. ConnectBot has on-screen buttons such as Ctrl and Shift. Alternatively, a Bluetooth keyboard or hacker keyboard application will be logged out of the nano Terminal.


deb http://http.kali.org/kali kali-rolling main contrib non-free


After that, add the Kali signature key using the following wget command.
wget -q -O - https://www.kali.org/archive-key.asc | apt-key add -
If the command is successful, the terminal will return "OK" (shown below). Finally, update the APT cache using the apt-get update command.

root@localhost:/home/distortion# wget -q -O - https://www.kali.org/archive-key.asc | apt-key add -
OK
root@localhost:/home/distortion# apt-get update
Ign:1 http://cdn-fastly.deb.debian.org/debian stable InRelease
Hit:3 http://cdn-fastly.deb.debian.org/debian stable-updates InRelease
Hit:4 http://cdn-fastly.deb.debian.org/debian stable Release
Ign:2 http://ftp.halifax.rwth-aachen.de/kali kali-rolling InRelease
Get:6 http://ftp.acc.umu.se/mirror/kali.org/kali kali-rolling Release [29.6 kB]
Get:7 http://ftp.acc.umu.se/mirror/kali.org/kali kali-rolling Release.gpg [833 B]
Get:8 http://ftp.acc.umu.se/mirror/kali.org/kali kali-rolling/main arm64 Packages [16.4 MB]
64% [8 Packages 9415 kB/16.4 MB 57%]                               546 kB/s 13s

More Weponized Android Comming Soon

With UserLAnd, converting Android into hacking devices is easy. While Android is slower in data processing than Raspberry Pis, it makes it a beautiful, easily hidden tool that can use Kali software.


In future articles, I will show you how to hack websites, Wi-Fi passwords, and Windows 10 using Kali only on Android. If you have Kali software applications that you would like to see running on Android, be sure to leave a comment below.

Post a comment

0 Comments