Warning! Android phone remote control // Hackers can hack your phone
Вставка
- Опубліковано 23 тра 2024
- Create your own virtual machine on Linode with a 60-day $100 credit: davidbombal.wiki/linode
If that link doesn't work for you, try this link: www.linode.com/lp/youtube-vie...
Please note: Credits expire in 60 days. Big thanks to Linode for sponsoring this video!
Disclaimer: This video is for educational purposes only. I own all equipment used for this demonstration. No actual attack took place.
// Menu //
00:00 - In this video!
00:32 - Warning//Not a Standard Cable!
01:10 - Hacked Android Phone Demonstration
01:34 - Remotely Sending SMSs//send_sms
02:33 - Getting Android Version//sysinfo
02:43 - Remotely Reading SMSs//dump_sms
03:15 - Replying to Hacked Android Phone
03:40 - Reading Call Log//dump_calllog
03:56 - Getting the Software on the Phone
04:14 - What is the OM.G Cable?
05:15 - Connecting to OM.G Cable
05:39 - Loading Payload
// PDF documentation //
Explanation: davidbombal.wiki/omgapk
// OMG script //
Github: github.com/davidbombal/hak5/b...
// Videos mentioned //
Python Keylogger: • Warning! Python Remote...
Interview with MG (OMG creator): • Hacking USBs 🔥 and oth...
Taking photos on phones: • So you think your phon...
// Buy Hak5 coolness here //
Buy Hak5: davidbombal.wiki/gethak5
// David's SOCIAL //
Discord: / discord
Twitter: / davidbombal
Instagram: / davidbombal
LinkedIn: / davidbombal
Facebook: / davidbombal.co
TikTok: / davidbombal
UA-cam: / davidbombal
// MY STUFF //
www.amazon.com/shop/davidbombal
// SPONSORS //
Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com
// Acknowledgements //
We would like to acknowledge and thank the following people:
- @int0x80
- @_MG_
- Drewsec / @drewsec8715
android
samsung
iphone
ios
metasploit
msf venom
hak5
omg cables
omg cable
android
rubber ducky
hak5 rubber ducky
hak5 omg cable
omg cable android
omg cable ios
Disclaimer: This video is for educational purposes only. I own all equipment used for this demonstration. No actual attack took place on any websites.
Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel!
#android #hacker #wifi
Create your own virtual machine on Linode with a 60-day $100 credit: davidbombal.wiki/linode
If that link doesn't work for you, try this link: www.linode.com/lp/youtube-viewers/?ifso=davidbombal
Please note: Credits expire in 60 days. Big thanks to Linode for sponsoring this video!
Disclaimer: This video is for educational purposes only. I own all equipment used for this demonstration. No actual attack took place.
// Menu //
00:00 - In this video!
00:32 - Warning//Not a Standard Cable!
01:10 - Hacked Android Phone Demonstration
01:34 - Remotely Sending SMSs//send_sms
02:33 - Getting Android Version//sysinfo
02:43 - Remotely Reading SMSs//dump_sms
03:15 - Replying to Hacked Android Phone
03:40 - Reading Call Log//dump_calllog
03:56 - Getting the Software on the Phone
04:14 - What is the OM.G Cable?
05:15 - Connecting to OM.G Cable
05:39 - Loading Payload
// PDF documentation //
Explanation: davidbombal.wiki/omgapk
// OMG script //
Github: github.com/davidbombal/hak5/blob/main/omg_androidS22Ultra.txt
// Videos mentioned //
Python Keylogger: ua-cam.com/video/LBM3EzBXhdY/v-deo.html
Interview with MG (OMG creator): ua-cam.com/video/B09CM6KaAuk/v-deo.html
// Buy Hak5 coolness here //
Buy Hak5: davidbombal.wiki/gethak5
// David's SOCIAL //
Discord: discord.com/invite/usKSyzb
Twitter: twitter.com/davidbombal
Instagram: instagram.com/davidbombal
LinkedIn: www.linkedin.com/in/davidbombal
Facebook: facebook.com/davidbombal.co
TikTok: tiktok.com/@davidbombal
UA-cam: ua-cam.com/users/davidbombal
// MY STUFF //
www.amazon.com/shop/davidbombal
// SPONSORS //
Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com
// Acknowledgements //
We would like to acknowledge and thank the following people:
- @int0x80
- @_MG_
- Drewsec ua-cam.com/channels/BWVaokY_7yCpVn-X0Ny9aA.html
Disclaimer: This video is for educational purposes only. I own all equipment used for this demonstration. No actual attack took place on any websites.
Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel!
Hello David, Love content keep it up, watching all the way from Namibia.
tell us how we know that our android has been remoted from aplication,sir.
Yeah but will this work with iPhone iMessages?
My questions are this. Is their methods to have the payloads run in the background so that there is no visual indicator to the victom and how does the physical state of the device effect the playload delivery for example the phone is moved into sleep mode that includes a lock screen?
So if you leave your phone laying around they can access without a password?
The way you approached my request in getting back my account added so much to it. It’s great to see how your unique perspective contributed to the outcome. The role you play on your job *Web back doors* is crucial. I really appreciate the constructive feedback you give to me regularly. Thank you for taking the time to work with me on this. It helped me get so much and also got my account back.
There is no doubt that you will rise fast at the apex of your career *Top phase Resolution* .Because you are a very intelligent, smart, hard worker and your work ethic par excellence. Keep going People like you take the IM out of IMpossible by becoming PRO at tackling PROblems. You Rock
*DAPPERSPY* *is* *legit*
*Dapperspy* *got* *the* *best* *software* *to* *get* *your* *work* *done* *with* *ease*
*Dapperspy* *is* *a* *life* *saver*
*DAPPERSPY* *is* *the* *best*
This man really hit the ground running and hasn't stopped yet. He gives us more understanding of him without interviews and negative antics he just shows us who he is through the Recovery. True living legend. We salute you. *Top phase Resolution* . The execution, creativity, and goodness that came from it were inspiring on a number of levels. Cheers Alex & looking forward to seeing what you do next!
The efficiency of this *Top phase Resolution* is next level. To juggle walk throughs of various angles on the topic delivered to-camera, differnet content per topic from various folks underneath the umbrella of the track list of the larger big band concert itself is engaging and refined. To make a dense taccess like this so digestible is really something. Awesome work Mike !!!
Can we all appreciate this dudes *Top Phase Resolution* for taking the time to help all of us and making our lives happy, cause these guys never fail to put a smile on our faces, guys they deserve the best in life y'all support them no matter what we all love you and I wanna Thank You So Much for being amazing
*DAPPERSPY* *is* *legit*
*Dapperspy* *is* *a* *life* *saver*
*DAPPERSPY* *is* *the* *best*
This man really hit the ground running and hasn't stopped yet. He gives us more understanding of him without interviews and negative antics he just shows us who he is through the Recovery. True living legend. We salute you. *Top phase Resolution* . The execution, creativity, and goodness that came from it were inspiring on a number of levels. Cheers Olivia & looking forward to seeing what you
Top phase Resolution official web
Your problem-solving skills are incredible 🇺🇸🇺🇸🇺🇸
*DAPPERSPY* *is* *legit*
*Dapperspy* *got* *the* *best* *software* *to* *get* *your* *work* *done* *with* *ease*
*Dapperspy* *is* *a* *life* *saver*
*DAPPERSPY* *is* *the* *best*
My daughter had something like this happened to her phone. I have told her many times not to download things that she doesn’t know what it is. I really enjoyed your video. Thank you very much for the content.
The efficiency of this *Top phase Resolution* is next level. To juggle walk throughs of various angles on the topic delivered to-camera, differnet content per topic from various folks underneath the umbrella of the track list of the larger big band concert itself is engaging and refined. To make a dense taccess like this so digestible is really something. Awesome work Mike !!!
Can we all appreciate this dudes *Top Phase Resolution* for taking the time to help all of us and making our lives happy, cause these guys never fail to put a smile on our faces, guys they deserve the best in life y'all support them no matter what we all love you and I wanna Thank You So Much for being amazing
The Exact Video That I Want To Learn Especially A Android User, Thanks David!
Thanks bro finally someone who isn't posting malware or fake stuff, you deserve my subscribe!
Always great content from you, David. Keep it up!
Thank you, I really appreciate the support. Been rough recently... but we will make it :)
@@davidbombal You got this! From now on, just make sure to send all emails from UA-cam to John Hammond to do an integrity check ha ha!
Dude, remote control is important. I've helped numerous people through remote control of their devices. It shouldn't be crippled on any OS, be that Windows, Android, RTOS, or whatever.
@Renegade How?
@@kashyapkumar638 TeamViewer is perhaps one of the most popular programs to remotely connect to and control people's computers. It's an average, everyday activity for providing support or help to people.
I just started the journy on CS, your videos helped me a lot! :)
Amazing content as always David!
As a Retired combat Marine I want to tell you that as what you are doing is just as important as any warrior on the battlefield. You are waging warfare against cheater on the digital battlefield. You are defending and protecting the most vulnerable of our society against these predators and cheaters. Keep up the good work Team *Topphase Resolution* ..
*Dapperspy* *is* *a* *life* *saver*
*DAPPERSPY* *is* *the* *best*
Hackers can hack almost anything that's connected to the internet. Years back there was a huge problem with hackers hacking into smart appliances and using them for additional computing resources and more digital locations to hack from.
Thanks so much David! This is a MUST KNOW subject.
I think many hare appreciated the quality of your videos filming.... great job 👍👍
Do those cables work if the usb on the phone is configured to "Charging only"?
Very good video that points out to the risks of unknown software. This is also something parents should be aware of when giving kids a mobile phone nowadays. If you have kids USE parenting controls, kids are smart but also curious and that could lead to a lot of headaches.
love what your doing David.. hats off!
Finally a video where i can see the guys mouse, he says words clearly and actually SHOWS how to open stuf like the soft roll instead of
Why do you want to see his mouse? What is wrong with you?
slowly developing paranoia.. and also thinking that some people have forgotten mor about hacking than I'll ever learn..
Thanks for all your work ...still ;-)
I'm sure that there will be no iPhone follow up because they can't run untrusted software, or at least software that isn't trusted by Apple. Sometimes, you want to be able to make up your own mind about whether to trust software.
Awesome 👏, I do like that you left the pdf, so we can learn how to do it. Thanks David 👏
My favourite series has returned!
David Bombal 🙌🙌
Thanks for educating me up to where I am today am so glad to get my first Cybersecurity job. Thank you and all other good UA-cam content creators out for empowering us.
You are welcome!
How to get job in cybersecurity?
@@sushantmissionblueuniform794 oscp
Okay thanks
@@davidbombal please help people to stop this. My neighbor is stalking me.
I'm sorry if this already has been asked but, what's the way to protect our privacy from that kind of malicious softwares loaded by regular looking cables? Is there an app or something else you can suggest ? Because it looks like the only way to avoid it is that not to install something from an unknown source.
Installing anything from an unknown source is the best way to get malware.
Dont install unknown untrusted software and dont use someone else's cables.
You are best teacher I ever had in my life thanks sir david bombal I vishal Srivastava from India🙏🏻🙏🏻🙏🏻🙏🏻🙏🏻
You make technology interesting. There is so much to learn about tech, thank you 🙏
I appreciate you doing this video because I was seen as lying and you've proved I'm in truth not mentally ill. Thank you.
Same here
Helen Hart what happened to you?
I think a couple of assumptions have to be made here. 1. You have to be on the same wifi network for this to work. 2. The phone has to be unlocked. I don't think this works if the phone is locked with a pin or password. 3. As David said, each phone may need a different script to allow downloading and installing the .apk.
I'm gonna put this on my phone so I can mess with people using my phone Great video as always.
It's like you are reading my mind David! :)
I was trying to make a html server with a malicious payload with metasploit, but i got confused halfway cause my website could not go on the internet.
I've had several friends tell me someone has access to their phones and I tell them not without you giving them permission , either by installing apps or clicking on websites or emails .
This is very dangerous. I couldn't even believe it's possible.
Am just jealous of you Mr. David. This is a real Pro. I wish you are closer to Ghana here. I really enjoy your tutions. I wish you send me your course link to become fully certified Ethical Hacker.
Keep up the good work
Great video thanks for this David. How do you get around it if the android phone has a pin and is locked and in sleep mode?
Really wish I could understand this computer lingo like 98% of these instructions are directly over my head! Can I consider myself technologically inclined without knowing code?
All these comments look fake
Yup, some comments are identical but from different accounts
Yup all of them
Yes this is the realest comment I ever found, but why fake comments?
you record with hardware outside of the program. Great tutorial btw it was very detailed but still just right for beginners.
Great video this is! I have a question, if I use the O MG cable, and remotely send commands to the connected device, will those commands bypass a password protected lock screen? Thanks man!
please make a video on how to get rid of such APK and ways to detect if such APK was installed in any phone
You just look in your files. It’ll be right there in file explorer
Thank you David really appreciate all ur videos
Simply AMAZING upload. Thank you for sharing this knowledge.
How to not get hacked: Don't use the Internet
I mean, you're not wrong lol
There is only so much harm one can do with an .apk. Apps on Android run in a kind of sandbox to prevent bad software from harming your device. Also, the commands you showed are standard adb commands everyone can execute with a normal cable. I suppose the device needs to be unblocked with screen on, and the attacker in range of the cables AP. Otherwise, what David talks in the video is not something one should worry about. Android specifically is a very secure OS. The only scenario I could imagine of this happenning is letting a friend play with your phone. But that applies to everything really, not just your phone.
This simply isn't true. Here's 3 scenarios.
1. A BF, GF, or room mate that monitors and manipulates incoming or outgoing SMS.
2. A neighbor within wifi range from that party a couple of weeks ago that left a charging cable because you didn't have one can easily monitor where you are, who you're with, and when you're coming home. (Which would basically be a nightmare. One could only imagine what they're doing in your house while you're away, could be installing cameras for all you know.)
3. A jealous wife or husband can track your location at all times.
APK's are super strong and can easily be manipulated to look like something they're not. It's easy to pack a back door into someone's favorite application and simply reverse shell and wait for correspondence. Normally you would have to have the phone with you to install modified APK's, but this cable leaves a vector of attack open for you as long as it's in use and you're in range. Once the device is pwned, you will have access to all communications regardless of range.
You could turn on the microphone or camera whenever you like, make emergency calls to the police to have someone tracked down by their own device while they're doing something they shouldn't be doing, or snatch their contacts to link more networks of exploit.
Pretty nasty stuff to say the least.
@@0bserver50 cant they also take over social media accounts since they’ll be able to get through 2fa with the apk?
@@swagsession1 Definitely.
@@0bserver50 What are the other methods to hack android phone?
@observer all the things you wrote are happening to me right now. Reply?
I appreciate your in-depth and practical cyber services. I'm a Mac user, but we've always had android phones. We just got our oldest iPhone because it's what the cool kids have. We're trying Bark, but even with Bark and screen time, we don't have near the controls and information that we have with Family Link. If Apple would at least make an Android app that would allow parents to manage screen time and family sharing from an Android phone, that would be helpful. For now I have to physically go to my MacBook to approve app installs, seems like Apple could make this a lot more practical for real parents, not just everybody who has only/all iPhones. If you feel the need to do this *Coherent Recovery* is the right source ,it's just heart wrecking.
You could be great making selenium test cases :D Nice video take care
I have very serious doubts about the first time I hired *Brian hacks online* to help get electronic evidence. I am experienced in law enforcement, my family is a law enforcement family, and I have access to the Internet just like anybody else does. Conspiracy to cheat is a very serious deal beaker, and there's no way I could see any attorney that actually claims to be on your side saying it's inadmissible, or this is not something actionable.
*Audenspark* *is* *the* *best*
I need you
David I'm sure many people would appreciate a video on what are best recommended security measures to have on a phone and PC such as anti viruse software and whatever else you can chip in. that would help a lot of people out
My phone and TV's are hacked. I wish he would reply to your question. Thank you if you do have any info to impart!
@@jane2303 try to factory reset your phone, this might help. or maybe check all the apps from settings
Unless you change the setting Android phones are set to only install from the Play store. Despite this I see many people turn this off so they can download from untrusted sources often to try and get apps for free. Should only download from the Google Play store, the app you have might be ok but an update could bring in additional apps stealing your info. I'm glad videos like this one show a few of the things that are possible.
That's also to assume that apps in the play store are safe, which many are not.
Your videos are very detailed and good 👍
Im ditching my android for sure.
2:12 Like no ? If you want to get locked and to get an optimized security you take an Apple.
You don't go on Android, root your phone and then wonder what are the risks.
The problem is if your internet service providers are involved with NSO and Interpol and change your settings and allow access to your computers and clone phone and pay off people for access.
@@KristinaTurnerAquarius what
What video editor are you using ... your videos look really good ...
Hi David Bombal
Love from India 🇮🇳
Hey again David, Blessing from Pakistan 🇵🇰.
Hey brother how are you doing now, how are the floods now. I am from Kashmir. 🥰
From me too sir
Hey bro, I'm from India🇮🇳🇮🇳
If the Android mobile is hacked how to know if the device is hacked and how to remove it
Just get a new phone basically if u get hacked
Nice video and demonstration from remote control
I don't know if I am correct but these og cables seem different than otg cables which were originally designed to connect non wireless devices to phones like mice, speakers , keyboards etc. Am I correct?
Very fun/scary - great video, like always.
But doesn't this require ADB and/or 3rd party s/w installs being permitted ... which no normal user (in fact, almost no user) should do!
I didn't have to do anything on my phone. I simply used a default Samsung Android install to test this.
@@davidbombal That is disturbing indeed, thank you (again).
Anyone can allow sideloading.
Thank you so much bro. Sending virtual hugs. Worked like a charm ;-)
This is an excellent and informative channel. I stumbled upon this channel months ago and would highly recommend it to anyone. ON A SEPARATE NOTE!!! IS THERE ANY WAY TO DETECT IF A HACKER IS REMOTELY CONTROLLING MY ANDROID PHONE? Anyone?
How do you know if you phone is hacked?
You don't
Nah, just kidding idk
Thanks for another great Knowledge base Video, clearly understandable for such like myself hehe. Thank You Sir!
Still working as of today! Thank you!
"Lets hope they lock down Android a lot more" -- No. If you want that, go iOS. The freedom to do what we want with our phones is why we are on Android. Good video, but locking down stuff even more is not the solution.
Indeed 🔥
Yeah made me shudder when he said that. Hell no, it's the reason people choose Android over iOS in a lot of cases.
This
IOS doesn't matter, iPad and phone are hacked.
This can be done to IOS aswell. They make a cable for that works for iOS aswell.
Love your video when you get back scammers in India
Video directly saved for my favority hacking content, Thank you David amazing video!
Well, you're simplifying a lot of things. This is a very basic script, and will for sure not work that easily with every phone. The script won't work if the screen is locked. The omg cable wont work if the screen is locked. Your script would need to go into settings first and deactivate the security settings to even be able to install apks. And of course, you need to know the phone you want to run your script on very well, because not all variations of android will use the exact same structure for the sent button presses. If only one step in the ui is different, nothing would work. But with one thing you are very right: Don't ever install apks from unkown and/or shady sources. And please: LOCK YOUR PHONE, like everybody does! Otherwise i could just physically grab your phone and send a sms, no 'hacking' needed 🙄
Is there a way more effective way to “hack” someone’s phone
IS THERE ANY WAY TO DETECT IF A HACKER IS REMOTELY CONTROLLING MY ANDROID PHONE? Anyone?
@@LD-wu9so most obvious sign is draining of battery but the phone could just be shat :v
Cara, você é demais❗️ melhor canal de Tecnologia que já vi❗️ adoraria ser seu aluno❗️👏👏👏👏👏👏👏👏👏👏
Superb and wonderful channel. I really wish i can learn everything from you sir.
thank for sharing great knowledge 😊
Hey David,
I saw on omega, they hacked into someone’s camera and get access… any ideas on how they did it? I would be happy if you make a video for that:) enjoying your videos😍😍
Another great tutorial from Senegal !
how are your video's soo good everytime , infotainment ❤️❤️❤️
Thanks David for such a great explanation, but how can we avoid such things does not happen to our smartphones? Are iPhones better for safety points?
Thanks alot for this important info somethings strange goin on with our devices we gotta fix this or keep aware🤔💚
David , this is such an awesome video but I do not have any server Knowledeg or I don't know what is metasploit or how to launch it. Could you plz demonstrate can I still use the omg GUI to do all the attack that you showed in this video.
Thank you brother. Good video
Does the omg cable no longer work on iPhones? Would love to see the difference between how the two operating systems handle attacks
Loved the explanation, just a quick question does the script works even if the phone is on lockscreen?
Hi David, thanks
@nakae from Ghana 🇬🇭
That's really awesome ! Thank U Sir
Love from India Mr Devid❤❤
Awesome video David
It's amazing what you do *Top Phase Resolution* We need a lot of people with your skills and set who have good intentions and spread love to the world. We need to show the word that good will always defeat evil. Thanks for making me see all phone activities 💝
Can we all appreciate this guys for taking the time to help all of us and making our lives happy, cause these dudes never fail to put a smile on our faces, guys they deserve the best in life we'll all support them no matter what we all love you and I wanna Thank You So Much for being amazing! *Top phase Resolution*
This message is to recognize your contribution to the team’s tracking and spying success. Your commitment had been exemplary and your hard working is an inspiration to everyone around you. You’re a professional *Top phase Resolution*
I just want to ask .Can you see the whole or the last one you've made or the Nice tutorialstory in the soft soft(20)and the softs that you have done
David B, Thanks for sharing the knowledge and keeping us informed.👨💻
Thanks man, subscribed. xx
Your videos are a breath of a fresh air , as a security expert with almost 14 Years of experience, I'm also trying not to fall back at cyber security as well and when I found your channel I was on another world from joy , respect from Georgia Batumi ☺️ keep it up , you're doing an AWESOME job 😊👍👍👍
absolutely fabolous i had a similar concept in mind back in 2011 and i did create something similar it worked like a charm
IS THERE ANY WAY TO DETECT IF A HACKER IS REMOTELY CONTROLLING MY ANDROID PHONE? Anyone?
Whatever is in that cable could also be installed in a charger or a USB outlet in a public place.
You should carry a "USB condom" or a charge-only cable, that isolate the data lines when you charge from an untrusted outlet.
This feels more like a way to seamlessly integrate my mac and android than a hacker job to me.
Was the other end of the cable not connected to anything BTW?
I love your intro
was very understandable for . You were so detailed and it made all these new tNice tutorialngs way less intimidating
Can you make video on Zero day ! It's too important & also on buffer overflow attacks too ! Plz
Hi mate realy enjoy your videos ive just started taking a course in cyber security and wile im learing that alot of this stuff intrests me and i want to this ,i have watched many videos and they all have similar payloads but your is the only one i find that says it works on the newer android devices and in the real world most people have new devices like the s22 ,so i feel theres no point me using my best efforts and time trying to get them to work on older phone like android 6 and below like alot of them say ,my brother has a s22 ultra and he says he he would happly let me try this on his device as a lesring curve so i have permission bit unfortunatly i cant find the link in your description and all the other apps i find qith these payloads say they only work with older devices that run old versions of software i love your videos man do you think you could point me in the right direction ,or could i maby even pay you for some 1/1 sessions lol
David, that's awesome, I would love to be able to manage my Galaxy 22 Ultra from a SSH session. Can I get root? Android does a great job trying to protect the user, but at the same time it allows choice instead of forcing it's decisions on you. I can tell you agree that you prefer to have a choice, otherwise you would have went with an iPhone.
you always come with great knowledge. Wish to work with you as intern.
Sir will this work on WAN?
Can process run in background?
Yes, it will work on WAN with the help of port forwarding and yes it can indeed run in the background, just make sure the task doesnt get killed though
I just create a linode account, when I try to open port through firewall, it work and can see on my dashboard that port was open. But when I go to an online site to check remotely if it’s open, it show closed. The only one port I can reach is 22. Can you help please ?
Great, I will use this information to recover data from my phone with a broken screen