Ethical Hacking With Termux: Android Hacks. With the help of this course you can Make Your Android Device as a Hacking Machine With Termux.
1. What is Termux?
Contents
Termux is an Android terminal emulator and Linux environment app that works directly with no rooting or setup required. A minimal base system is installed automatically – additional packages are available using the APT package manager.
Termux combines powerful terminal emulation with an extensive Linux package collection. Commands to use in Termux App. Termux is primarily a command-line environment. Termux uses the same package installer as found in Kali, Debian, Ubuntu, and related Linux distros. Advanced Packaging Termux Tools is used to find, install, and remove software in Termux.
2.Termux Installation:-
#Android:-you can install termux on android using google play store or click here.
3.Setup:-
1.open termux apk2.now install some pakages for termux , Use Below commands step by step
apt update && apt upgrade
apt install git -y
apt install python3
apt install python2
apt install python
apt install php
pkg install wget
pkg install curl
pkg install clang
now setup is complete.
4.Some Basic commands :
COMMANDS USAGE
cp -v | used to prints informative massage |
cp -r | used to copy any directory |
mv -u | update-move when source is newer than destination |
mv -v | to move any directory |
ls -n | to display UID and GID directory |
ls –version | to check the version of ls command |
cd — | show last working directory from where we moved |
ls -l | show file action like – modified, date and time, owner of file, permissions Etc. |
ls help | show display how to use “ls” command |
cp -n | no file overwrite |
cd ~ | move to users home directory from anywhere |
mv [file1 name] [new file2 name] | move or rename two file at a time |
cd – | move one directory back from current location |
mv [file name] | move any file and folder |
ls | list directory |
ls -a | list all files including hidden files |
pwd | it show your current working directory |
mv -i | interactive prompt before overwrit |
wget [url] | install tool , apt install wget |
git clone [url] | install any tools with git clone, apt install git |
ls -al | formatted listing with hidden files |
mv -f | force move by overwriting destination files without prompt |
ls -i | Display number of file or directory |
cp | copy any file |
cd / | change to root directory |
cd | change directory |
cd .. | change current directory to parent directory |
curl -O [url] | apt install curl |
rm | remove or delete files |
rm [filename] | remove any text files |
rmdir [dir name] | remove any directory |
rm -rf | force remove a directory or a folder |
rm -r [name] | delete a directory called name |
apt remove [package name] | uninstall / remove a package |
touch [file name] | create new file |
mkdir [name] | create a directory or folder |
more [file name] | output the contents of file |
head [file name] | output the first 10 line of file |
tail -f [file name] | output the contents of file as it grows |
apt install zip | install zip file tool |
zip name.zip [file] | compress file using this commands |
unzip [zip file] | to unzip file |
ftp | launch ftp client from terminal |
-p | use passive mode |
bye | terminate current ftp session, exit |
ascii | set file transfer to ascii protocols |
bell | bell sound after each command |
status | shows current status about ftp server |
open host | open a connection to remote host |
remotehelp [cmdname] | request help from ftp server |
account [password] | supply a password required by remote |
uname -m | used to find the architecture of your device |
du | display directory space usage |
df | display disk usages |
cal | show display calendar |
w | show display who is currently online |
cat /proc/meminfo | show memory related information |
cat /proc/cpuinfo | show cpu information |
whoami | show your login name |
fingure username | shows information about user |
date | show the current date and time |
uptime | show the system current uptime |
man command | show manual a command |
free | display memory and swap usage |
kill | send signal to process |
kill- l | list all of the signal that are possible to send with kill |
lspci | show PCI devices |
lsusb | show usb devices |
apt search [qurey] pkg search [qurey] | find a package |
locate [file] | find all files with filename |
locate [query] | find all path names contains a pharse |
whereis [command] | find location binary /source/man file for a command |
which [command] | find of an executable |
grep pattern [files] | searching for pattern in files |
grep -r pattern files | searching for certain pattern in files |
command | grep pattern | search for pattern in the output of command |
find / -atime40 | to find all the files, which are accessed 40 days back |
find / -cmin -60 | find change files in last 1 hour |
find / -type d -name mll | find all directories whose name is mll in directory |
find . -type f -perm 0777 -print | find all tghe files, whose permission are 777 |
ifconfig | shows all configuration a network interface like ip, mac |
ifconfig eth0 | used view the network setting on the interface eth0 |
ifconfig wlan0 | view the network setting on wlan0 |
ping [host] | to ping host ip and show results |
arp | check network card & show ip adress |
host | display specific server |
netstat | review network connection |
nslookup | find out DNS related query |
tracerout ipadress | display number of hops & respone time to get to a remote system and website |
whois domain | get whois information of domain |
telnet [ip address [post] | telnet connection |
dig domain | get DNS information of domain |
scp | copies file, over a source |
uname -a | used to display kernal information |
whereis app | shows possible location for an app |
nano [file name] | display and edit text files |
apt show | view package information |
append [local-file] remote file | append a local file to one on the remote |
$ | execute a macro |
5.Tool Installation :
Metasploit
The Metasploit framework is a very powerful tool which can be used by cybercriminals as well as ethical hackers to probe systematic vulnerabilities on networks and servers. Because it’s an open-source framework, it can be easily customized and used with most operating systems.
Installation:-
wget https://raw.githubusercontent.com/gushmazuko/metasploit_in_termux/master/metasploit.sh
chmod +x metasploit.sh
./metasploit.sh
After installation complete:-
1.Start postgresql
./postgresql_ctl.sh start
2.And run msfconsole
msfconsole
now your metasploit is complete use it for exploit.
SET (Social Engineering Toolkit)
The Social-Engineer Toolkit (SET) is an open-source penetration testing framework designed for social engineering. SET has a number of custom attack vectors that allow you to make a believable attack in a fraction of time. These kind of tools use human behaviors to trick them to the attack vectors.
Installation:-
curl -LO https://raw.githubusercontent.com/Hax4us/setoolkit/master/setoolkit.sh
./setoolkit.sh or bash setoolkit.sh
cd setoolkit
chmod +x setup.py
./setup.py
and run using below command
./setoolkit
Hydra (bruteforce attack)
Hydra Tool is a password detection tool (cracking) that can be used in a wide range of situations, including authentication-based forms commonly used in web applications. … When you need brute force cracking remote authentication, Hydra Tool is a service often a tool of choice.
Installation:-
apt install hydra
How to attack with hydra:-
we can perform lots of bruteforce attacks on websites and gmail accounts using hydra.
Example:-
hydra -l user -ppasslist.txt ftp://192.168.0.1
Here:-
-l = list of user
-p = list of password
user = usernames
passlist.txt = password list
ftp://192.168.0.1 = attacking website url
Nexphisher (phishing Tool)
NexPhisher is an automated Phishing tool made for Termux & Linux .The phishing Pages are Taken from Zphisher under GNU General Public License v3.0 . This tool has 37 Phishing Page Templates of 30 Websites.There are 5 Port Forwarding Options including Localhost !!
Installation:-
git clone git://github.com/htr-tech/nexphisher.git
cd nexphisher
bash setup or bash tmux_setup
and run using below command:-
bash nexphisher
open your mobile Hotspot when nexphisher generate port forwarding Link
Sqlmap (website database hacking)
sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lasting from database fingerprinting, over data fetching from the database, to accessing the underlying file system and executing commands on the operating system via out-of-band connections.
Installation:-
git clone https://github.com/sqlmapproject/sqlmap
cd sqlmap
chmod +x sqlmap.py
now run using below commands
python2 sqlmap.py or ./sqlmap.py
Xerxes DDos Tool
XerXeS is an extremely efficient DoS tool, developed by the hacker The Jester (th3j35t3r) to automate DoS attacks. It provides the capacity to launch multiple independent attacks against several target sites without necessarily requiring a botnet.
Installation:-
git clone https://github.com/zanyarjamal/xerxes.git
cd xerxes
clang xerxes.c -o xerxes
run using below command
./xerxes
Usage Example:-
attack on a website like www.website.com using http port 80
./xerxes www.website.com 80
Tool-X (All In One Hacking Tools)
Tool-X is a Kali Linux hacking tools installer for Termux and linux system. Tool-X was developed for Termux and linux based systems. Using Tool-X, you can install almost 370+ hacking tools in Termux (android) and other Linux based distributions. Now Tool-X is available for Ubuntu, Debian etc.
Installation:-
git clone https://github.com/rajkumardusad/Tool-X.git
cd Tool-X
chmod +x install
sh install if not work than use ./install
Type Tool-X or toolx from anywhere in your terminal to open Tool-X.
How to Use ?
Enter a Number for a specific output:
- (1) : To show all available tools and type the number of a tool which you want to install.
- (2) : To show tools category.
- (3) : If you want to update Tool-X.
- (4) : If you want to know About Us.
- (x) : To exit the tool.
Maskphish (Hide your Phishing Link)
It is a simple Bash Script to hide phishing URL under a normal looking URL(google.com or facebook.com).
Installation:-
git clone https://github.com/jaykali/maskphish
cd maskphish
run using below command
bash maskphish.sh
- Web Developer Roadmap in 2024
- Free USA Ethical Hacking Course for Beginner
- Facebook Ethical Hacking Complete Tutorials Free for Beginner: Learn Online Hacking Course 2022
- SSTI (Server Side Template Injection)|Detect|Idenfify|Exploit
- Explore Hackthebox Walkthrough
- PowerShell for Pentester: Windows Reverse Shell
- How Hackers Access Using IDOR | How To Find | Examples » TechNoCP
- TODAYZOO PHISHING KIT USED TO SWIPE MICROSOFT CREDENTIALS » TechNoCP
- Information Gathering – First Step Of Hacking » TechNoCP
- Sensitive data of 400,000 German students exposed by API flaw » TechNoCP
FAQ
Termux is an Android terminal emulator and Linux environment app that works directly with no rooting or setup required. A minimal base system is installed automatically – additional packages are available using the APT package manager. Read the wiki to learn more. Secure.
It is safe. Just do not execute random scripts from the Internet unless you well understand what they do. If you still decide to execute one, make sure that storage permission is revoked and root (if device is rooted) is not allowed for Termux app. Termux is as safe as any app that has been responsibility developed.
Termux is an Android terminal emulator and Linux environment app that works directly with no rooting or setup required. A minimal base system is installed automatically – additional packages are available using the APT package manager. Read the wiki to learn more. Secure.
TechNo CP is a ethical hacking & cyber security website.
1 Comment