Android Hacking with Termux
If you want to immerse yourself more about how to hack with Android, then Termux is a very good “App” to use an discover. I have been using it for a long time and I still love to see what you can do with it! And that with or without root privileges.
Because the possibilities with Termux are almost unlimited, I would not be able to cover everything in this article, but I will try my level best to provide you a good start.
Termux is a terminal emulator for Android with a Linux environment. A minimal base system is installed automatically and additional packages are available using the apt and dpkg package management, similar to Debian or Ubuntu.
Termux is only available on Android 5.0 or later
Features Termux Application
- Secure
- Customizable
- Ready to Scale Up
- Programming
Termux has some Extra features
- Termux API
- Termux Boot
- Termux Float
- Termux Styling
- Termux Task
- Termux Widget
Rooting your Mobile Phone
There are so many types of Phones. All have a different way to root them. Also be aware that if you root your phone, you always have to be sure of whatever you do / download. “If you’re not familiar with Android’s tools and how to fix issues with a command line, you probably shouldn’t dive into rooting your phone. Root a phone can be a lot of fun to play around with, but it can also lead to plenty of frustration as you try to fix errors caused by overzealous modding.” Have fun But stay aware of the risks :-D
INSTALL TERMUX
DOWNLOAD Termux
Open the Termux App in the Google Play Store https://play.google.com/store/apps/details?id=com.termux and click on download. After the Termux App is installed, you first have to do an update and an upgrade exactly like in a normal Linux system.
INSTALLING PACKAGES FROM APT REPOSITORY
In Termux it is recommended to use package manager pkg which is a wrapper for apt. It simplifies installing or upgrading packages by automatically updating apt lists so you don’t have to type apt update when installing or upgrading packages.
For myself, I always use the apt instead of pkg a kind of getting used to it. Here in this article, I would give a good example using pkg, but as you can see on the pictures, I am using on my side aptÂ
|
|
For more information about available commands, you can either just run pkg without arguments or using help argument:
|
|
|
|
Warning
If you prefer to use apt over pkg - never run it as root as you will mess up file permissions and SELinux contexts so you won’t be able to use it as a normal user.
As you see above, Termux looks exactly like a Terminal in Linux and you can compare Termux with a minimal Linux Installation where you can install everything yourself and set up the way you like it.
Just like with Linux you can use the help function in Termux
|
|
Or install man for the manual pages
|
|
List all packages
|
|
PYTHON AND PIP
Termux has completely switched to python3. Python2 no longer has support. But you can still install python 2 scripts. How to install python2 on Termux, I show this below. Pip packages are now automatically installed with python.
PYTHON 3 AND PIP 3
Termux has completely switched to python3. This is the command to use.
|
|
PYTHON 2 AND PIP 2 TERMUX
For some scripts you still need python 2, this is how you install it. It is now not necessary to install pip 2, this is automatically included.
|
|
SOME TEXT EDITORS
|
|
|
|
|
|
|
|
Storage Settings
To grant storage permissions in Android go to Settings > Apps > Termux > Permissions and select storage, then run termux-setup-storage in Termux.
To access shared and external storage you need to run
|
|
You will then be prompted to “Allow Termux access photos, media, and files on your device”, which you should allow. Executing termux-setup-storage ensures that permission to shared storage is granted to Termux when running on Android 6.0 or later. That an app-private folder on external storage is created (if external storage exists).
INSTALL METASPLOIT FRAMEWORK
The world’s most used penetration testing framework.
Use the following commands to install the package (only for Android 7 or higher):
|
|
|
|
If your device running Android OS versions 5.x.x-6.x.x, use these commands instead (unstable-repo is not available for legacy installations):
|
|
|
|
|
|
|
|
Installation may take long time since additional Ruby gems will be installed. Do not close Termux sessions until installation finishes to avoid introducing of potential inconsistencies in $PREFIX.
Warning
Do not manually upgrade Metasploit installed through the package with editing contents of $PREFIX/opt/metasploit. This will likely break installation and result in dependency problems. Do not report issues if you did this.
To start simply type:
|
|
Metasploit Termux
Use Metasploit
|
|
Wlan’s Inet is the IP address your connection is currently using. To know your Wlan’s inet open a new session and type ifconfig and copy the inet of the Wlan and paste it into your payload (after LHOST=). Go to your file manager then find your payload name{test.apk} then send it to your victim.
The following step is to run metasploit-framework type this commands
|
|
|
|
|
|
|
|
|
|
If the target is downloading the payload, you will see the meterpreter session starting. As usual with the “help” function you can see all the available commands.
INSTALL UBUNTU ON ANDROID
Ubuntu chroot for Termux. This chroot provides the latest Ubuntu version (19.04 Disco Dingo). But before you use it, you need to install Wget and PRoot to install Ubuntu chroot in Termux.
|
|
After you install Wget and PRoot, you can install Ubuntu chroot using this command:
|
|
|
|
|
|
|
|
Or:
|
|
After Ubuntu chroot downloaded, you can run it by executing ./start-ubuntu.sh. If you are already inside your $HOME directory, you can run it with this command:
|
|
After installing the Ubuntu environment, you have to un-minimize the setup run:
|
|
To turn on our Termux with some good pentest tool we will need first to install some primary packages as well, which will be required later.
|
|
W3M INSTALL
w3m is a text-based web browser as well as a pager-like more' or less'. With w3m you can browse web pages through a terminal emulator window (xterm, rxvt or something like that). Moreover, w3m can be used as a text formatting tool that typesets HTML into plain text.
|
|
|
|
|
|
|
|
To exit press ctrl + z
SL INSTALL
You will see a moving train which you can control if the setup of Termux is running.
|
|
INSTALL TOP
“top” command allows you to see all the running processes. Type –help for more info / Type -q to quite the program.
|
|
FIGLET INSTALL
|
|
Usage
|
|
CMATRIX INSTALL
With this awesome terminal, you can really impress all your friends.
|
|
Install Toilet
|
|
Usage
|
|
|
|
Â
INSTALL VARIOUS HACKING TOOLS ON TERMUX
Warning: There are a lot of “Termux Hacking Tutorials” on the Internet which provide suspicious software meant to be used as hacking tools. Most of them are just clickbait and don’t actually work. Some of them force users to install malware on their devices.
Tools like aircrack-ng or tcpdump can be found in the Termux Root Packages repository. But remember that Aircrack-ng requires wifi monitor mode which is not available in most devices.
INSTALL NMAP
|
|
Utility for Network Discovery, Security Scanner, Port Scanner, & Network Exploration Tool.
Usage
|
|
INSTALL HYDRA
Hydra is one of the best password cracking and brute-forcing tool. It supports different services like telnet, ssh, ftp, etc. More information can be found in the official GitHub repository.
|
|
INSTALL SHODAN EYE ON TERMUX
Shodan Eye is a script I made in python. This tool collects all information about all devices that are directly connected to the internet with the specified keywords that you enter. This way you get a complete overview. The types of devices that are indexed can vary enormously: from small desktops, refrigerators to nuclear power plants, and everything in between. You can find everything using “your own” specified keywords.
A collection of search queries for Shodan has attached: “Shodan Dorks … The Internet of Sh*t” The information obtained with this tool can be applied in many areas, a small example: Network security, keep an eye on all devices in your company or at home that is confronted with the internet. Vulnerabilities. And so much more.
Shodan Eye can be installed and use very easy on Termux. This is a very big change, with old versions of Termux you had to make quite a few detours before you could install Shodan Eye. I have tested a lot, and it runs really well on Termux as well..!
|
|
|
|
|
|
Usage
|
|
You will be asked for a Shodan API key
Here in this article, you can read more about and the use of the Shodan Eye. Also, more info to find about the APK key that is needed. (Free)
Shodan Eye Ethical Hacking Tool Release
Install Dorks Eye on Termux
Dorks Eye can also be used in Termux ..!
Dorks Eye is a script I made in python 3. With this tool, you can easily find Google Dorks. Dork Eye collects potentially vulnerable web pages and applications on the Internet or other awesome info that is picked up by Google’s search bots. You can save the output in a file so that you can view it at a later time. You can determine the number of searches yourself. The number of websites to display
Dorks Eye Google Hacking Dork Scraping and Searching Script
|
|
|
|
|
|
Usage Termux
|
|
Video Android Hacking with Termux | Dorks Eye Google Dork Script
Become a member on Odysee.com
Earning on Odysee for watching videos ♥️
Here an invitation link, so that we both benefit.
In this way, you also support my work.
https://odysee.com/$/invite/@hackingpassion:9
INSTALLING GITHUB “HACKING TOOLS” ON YOUR TERMUX
There are a number of GitHub tools available. Please note, if your Android phone is not rooted then some of these tools will not work. In this article, we did not talk about rooting on a mobile phone. Maybe we will come back to this later in another article.
INSTALL LAZYMUX
Lazymux tools installer is very easy to use, only provided for lazy Termux users.
|
|
|
|
|
|
Install Toolx
Tool-XÂ is a Kali Linux Tool installer. In the Tool-X there are 250+ hacking tools available for Termux. You can install any tool by a single click. Tool-X is specially made for Termux and GNURoot Debian Terminal. Tool-X is also available for Ubuntu.
|
|
|
|
|
|
|
|
Or:
|
|
Usage
|
|
WANT TO SUPPORT THE WEBSITE
Dear people, I do a lot of things on the Internet and I do it all for free. If I don’t get enough to support myself, it becomes very difficult to maintain my web presence, which takes a lot of time, and the server costs also have to be paid. Your support is greatly appreciated.
Thanks guys ..!
https://paypal.me/hackingpassion
Use the link above to donate via PayPal.
IMPORTANT THINGS TO REMEMBER
âś“ This Video and Article is made for educational purposes and pentest only.
* You will not misuse the information to gain unauthorized access.
✓ This information shall only be used to expand knowledge and not for causing malicious or damaging attacks…!
Read also the Disclaimer
All the techniques provided in the tutorials on HackingPassion.com, are meant for educational purposes only.
If you are using any of those techniques for illegal purposes, HackingPassion.com can’t be held responsible for possible lawful consequences.
My goal is to educate people and increase awareness by exposing methods used by real black-hat hackers and show how to secure systems from these hackers.