There’s tool to be had, like Metasploit, to know a long way flung get entry to to any android telephone. Alternatively as opposed to that, we have were given the L3MON device (A Cloud-based A long way off Android Keep an eye on Suite) for a similar function.
Let’s uncover easy how you can prepare, prepare, and make the most of L3MON at the Kali Linux instrument.
L3MON supplies an web interface to interact with the sufferer’s smartphone. The method is to create an APK payload, ship it to the sufferer’s telephone, and enlargement attacker were given the sufferer’s telephone consultation.
The decisions with L3MON supplies are:
Prepare and Configure L3MON on Kali Linux
Trade your instrument as soon as prior to beginning prepare. As consistent with the Necessities, the very first thing we want to prepare is Java Runtime Atmosphere
sudo apt-get prepare openjdk-8-jre
As soon as put in, you’ll be able to factor the “java –kind” command to test the JRE kind.
After that, we want to prepare NodeJs , and for that, first, we will be able to obtain the NodeJs bundle deal deal into our instrument.
curl -sL https://deb.nodesource.com/setup_13.x | sudo bash –
Now, we will be able to prepare the NodeJs.
sudo apt-get prepare -y nodejs
After all, we want to prepare the pm2 procedure supervisor. When you don’t have “npm” put in in Kali Linux, you’ll be able to prepare it with “apt-get prepare npm.”
sudo npm prepare pm2 -g
After putting in place all must haves, git clone the L3MON device from Github.
As temporarily for the reason that L3MON zip document downloads in Kali Linux, transfer and extract it to a couple of other folder created on Desktop.
Proper-click at the extracted folder and open the terminal from there.
Prepare dependencies for L3MON.
Get started the server with the next command and move to the localhost to test if the L3MON is loading up environment friendly.
pm2 get started index.js
To prepare the password for login, first, save you the server.
pm2 save you index.js
Open the “JSON” document in any editor and set the login password.
The device makes use of the MD5 hash of the password instead of simple textual content. For that, generate the hash of your required password from any internet website.
Save the MD5 hash right through the password box of the “maindb.json” document.
All over again, get started the server with the next command.
pm2 get started index.js
Navigate to localhost in a browser with 22533 port.
Android Keep an eye on Dashboard & APK builder
After effectively logging, move to the APK builder tab and set your instrument’s native IP care for as we are attempting this instructional over LAN.
As temporarily for the reason that APK builds, obtain and switch it to the objective’s android telephone.
When the sufferer installs the malicious payload and offers all permissions to the appliance, the tool will display up at the “Tool tab.” Click on on on at the prepare button, and bang, you’ll be able to regulate the targets tool from there.
We can simply undercover agent at the sufferer’s Android telephones from this supervisor, like seeing contacts.
L3MON is a cloud-based a long way flung android keep an eye on suite the place we will be able to undercover agent on any android telephone over LAN or WAN. We can prepare and configure the device on Kali Linux, create a payload, switch it to the objective’s telephone, and undercover agent at the android telephone.