Attacking Android with Metasploit

The Android platform can be attacked either by creating a simple APK file, or by injecting the payload into the existing APK. We will cover the first one. Let's get started by generating an APK file with msfvenom, as follows:

On producing the APK file, all we need to do is either convince the victim (perform social engineering) to install the APK, or physically gain access to the phone. Let's see what happens on the phone as soon as a victim downloads the malicious APK:

Once the download is complete, the user ...

Get The Complete Metasploit Guide now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.