Access & Manage Android Phone Remotely – L3MON Tutorial

There is software available, like Metasploit, to gain remote access to any android phone. But other than that, we have the L3MON tool (A Cloud-based Remote Android Management Suite) for the same purpose.

Let’s discover how to install, set up, and utilize L3MON on the Kali Linux system.

L3MON gives a web-based interface to interact with the victim’s smartphone. The process is to create an APK payload, deliver it to the victim’s phone, and boom attacker got the victim’s phone session.

The features with L3MON deals are:

L3MON Tutorial

Install and Configure L3MON on Kali Linux

Update your system once before starting installation. As per the Prerequisites, the first thing we need to install is Java Runtime Environment

sudo apt-get install openjdk-8-jre

Once installed, you can issue the “java –version” command to check the JRE version.

After that, we need to install NodeJs , and for that, first, we will download the NodeJs package into our system.

curl -sL https://deb.nodesource.com/setup_13.x | sudo bash –

Now, we will install the NodeJs.

sudo apt-get install -y nodejs


Lastly, we need to install the pm2 process manager. If you don’t have “npm” installed in Kali Linux, you can install it with “apt-get install npm.”

sudo npm install pm2 -g

After installing all prerequisites, git clone the L3MON tool from Github.

wget https://github.com/D3VL/L3MON/releases/download/1.1.2/L3MON-v1.1.2.zip

Once the L3MON zip file downloads in Kali Linux, move and extract it to another folder created on Desktop.

Right-click on the extracted folder and open the terminal from there.

Install dependencies for L3MON.

npm install

Start the server with the following command and go to the localhost to check if the L3MON is loading up fine.

pm2 start index.js

To set up the password for login, first, stop the server.

pm2 stop index.js

Open the “JSON” file in any editor and set the login password.

The tool uses the MD5 hash of the password instead of plain text. For that, generate the hash of your desired password from any website.


Save the MD5 hash in the password field of the “maindb.json” file.

L3MON Tutorial

Again, start the server with the following command.

pm2 start index.js

Navigate to localhost in a browser with 22533 port.

Android Management Dashboard & APK builder

After successfully logging, go to the APK builder tab and set your system’s local IP address as we are trying this tutorial over LAN.

But if you want to use this tool over the WAN, you can use your public IP with port forwarding.

Once the APK builds, download and transfer it to the target’s android phone.

When the victim installs the malicious payload and gives all permissions to the application, the device will show up on the “Device tab.” Click on the manage button, and bang, you can control the targets device from there.

We can easily spy on the victim’s Android phones from this manager, like seeing contacts.

In Nutshell

L3MON is a cloud-based remote android management suite where we can spy on any android phone over LAN or WAN. We can install and configure the tool on Kali Linux, create a payload, transfer it to the target’s phone, and spy on the android phone.

Sana Qazi
Sana Qazi is a technical writer specialized in Information Security. She enjoys writing about technology and reading multiple genres like suspense. When not writing, she can be found traveling, dinning out, watching series etc. She manages her medium blog as well.

Most Popular

What Makes ICS/OT Infrastructure Vulnerable?

Infrastructure security for operational technologies (OT) and industrial control systems (ICS) varies from IT security in several ways, with the inverse confidentiality, integrity, and...

Everything You Must Know About IT/OT Convergence

What is an Operational Technology (OT)? Operational technology (OT) is a technology that primarily monitors and controls physical operations. It can automate and control machines,...

Understand the OT Security and Its Importance

This article discusses OT security and why it is essential for protecting industrial systems from cyberattacks. We will also discuss common control objectives that can...

What is Deepfake, and how does it Affect Cybersecurity?

Producing deepfake is easy. It is hard to detect. They operate with a description of reality rather than reality itself (e.g., a video). Any...