Diese Webseite nutzt nur technisch notwendige Cookies.

How to Hack a Phone – 10 tricks for beginners + Tools 2024

How to hack a phone - Hacking Series Tutorial Steffen Lippke

I’ll show you how to hack a phone easily!

I explain 10 ways how you can hack a smartphones (iPhone / Android) without much computer knowledge.

Each strategy is explained step-by-step!

Let’s start.

Introduction for non-geeks

Choose between the following two paths if you want to hack a phone.

Both ways are used by spys to get price lists, customer data, patents, money and recipes. The criminals can cause great financial damage with both methods.

Path 1: Social engineering – manipulating people

You try to get the victim’s password or access via various psychological manipulations (social engineering).

This type of attack requires little or no technical knowledge about cybersecurity.

A good social engineer has…

  • Good timing
  • A lot of patience
  • Knowledge of human nature
  • Creativity

No IT security barrier in the world protects individuals or companies from a social engineering attack.

The weak point is not found in the flaws of the technology, but in the credulity of 98 % of humans. To me, this method of attack represents a mixture of Hollywood, tricks and acting. To carry out a social engineering attack, you need several attempts and a portion of luck.

Don’t give up so quickly!

[mc4wp_form id=”1045″]

Path 2: Exploiting vulnerabilities – Use exploits

If you are not an actor and prefer to “hack the phone”, you need to exploit the technical weaknesses in the devices and software.

Programmers unintentionally produce errors in the source code that criminals find and exploit (exploits).

Social Engineering – Best for Beginners

In the following, I explain the 10 ways you can hack into a smartphone of an (un)known person without knowing the password.

8 of the methods presented apply to all phone device types – 2 methods are device-specific (noted on the method).

#1 Pretexting – The art of acting

Difficulty: medium | technical understanding: none | device: universal

Make up a believable story to force your victim to reveal his/her password.

Try to be creative and use a personal reason to mislead the victim.

#2 Post-its trick – Custody security

Difficulty: easy | technical understanding: none | device: universal

Does your victim (always) write down his or her passwords? Does your victim often forget the credentials, so that they are written down somewhere?

Many users write their passwords on Post-its and stick them to their screen. Alternatively, the passwords can be found, for example, in the

  • Calendar
  • Journal / diary
  • Inside the mobile phone case
  • Notebook
  • in the paper pile next to the computer
  • under the work surface

#3 The Play – Improvise

Difficulty: high | technical understanding: none | device: universal

If the victim is typing on his/her mobile phone, create the impression of an emergency situation where haste is required. The victim is distracted and leaves his/her smartphone locked.

… typing on the smartphone….

Victim (smartphone junkie)

Standing by the cupboard and you fake an accident “Ah! I bumped into the cupboard! Can you hold the vase!”

You (Social Engineer)

Jumps up and instinctively helps you

Victim (smartphone junkie)

“Can you get me a cool pack from the basement ?”

You (Social Engineer)

goes to the basement

Victim (smartphone junkie)

You have 2 minutes to install a mobile phone monitoring app.

#4 Evil Quiz – Questioning Techniques

Difficulty: medium | technical understanding: none | device: universal

Try to ask the victim for his/her password using the following technique. Using clever questioning methods, the victim voluntarily reveals the password. The method doesn’t always work, but on YouTube you can find enough videos where the moderator “asked” for the password.

“What is the password of your mobile phone?”

You (impudent social engineer)

“It’s secret. My favourite food.”

Victim (IQ 130)

[Change of subject – you talk about cars for half an hour.]

“I was going to cook for you next Sunday. What do you like best of all the dishes?”

You (impudent social engineer)

“Spagetti”

Victim (despite IQ of 130)

This really works!

Vulnerability exploitation on the computer – Tools

#5 Path of the least resistance

Difficulty: easy | technical understanding: medium | tool: universal

Does your victim use a laptop without a password?

If the victim is logged into Google, you can reset the device password via Google. Many users do not lock their laptops during breaks. During the lunch break, you can work in peace for up to 1 hour and install malicious software until the victim comes back.

#6 Guessing a password – Bruteforce

Difficulty: easy | technical understanding: hardly any | device: universal

You can try to guess the password. The internet provides password lists with the hundred most common passwords. In 2019, the top 5 passwords were:

  1. 123456
  2. 123456789
  3. qwerty
  4. password
  5. 1234567

If you know the person, think of the victim’s personal characteristics e.g. birthday, name, pet name, husband / wife, boyfriend / girlfriend, number plate, favourite dish. Most people are very simple when it comes to passwords.

Most users do not think up complex passwords.

Steffen Lippke

Stop at more than 5 attempts, otherwise you risk a long password delay or a full lockout.

Pro-Tip: If you need more password ideas, check out rockyou.txt (130 MB+ plaintext passwords). These tools allow accelerated cracking with the GPU.

#7 Remove SIM card – Second spears

Difficulty: easy | technical understanding: little | device: universal

The smartphone will ask you for a PIN for the SIM or (and) a password for the smartphone when you start the device.

If your victim had set the PIN only for the SIM, remove the SIM card from the SIM slot. You can access the locally installed apps, pictures and documents.

Hacking can be this simple!

#8 Exploit vulnerabilities

Difficulty: high | technical understanding: high | device: universal

As soon as a flaw can be found in the software, black hats write programmes (exploits) for forced entry.

The hackers publish these for private use. Many hacking tools should only be used in a protected environment (risk of self-infection).

In the past, there have always been exploits for Instagram and WhatsApp. There will be more in the future (see Darknet).

#9 Hack against hackers – Rooted smartphones

Difficulty: medium | Technical understanding: high | Device: Android

If your victim is a geek, the probability increases that the device is rooted. You can reset the password via the console.

USB debugging or the recovery system must be activated for the hack. You need to install an Android Device Bridge (ADB) or an Android SDK on your computer.

  1. Connect the phone via USB
  2. Opens a terminal in Linux or the cmd in Windows
  3. Navigates to the platform-tools of the SDK folder
    cd C:/android/platform-tools
    or adb folder
    cd C:android
  4. Enter the following commands
    adb remount
  5. For a pattern
    adb shell rm /data/system/gesture.key
  6. For a password or PIN
    adb shell rm /data/system/password.key

#10 Non-patchable hack in Apple devices

Difficulty: medium | technical understanding: high | device: see below

This iPhone hack applies to all iPhones from 4S to X and many iPads. The Apple devices show a vulnerability when they are switched on (booting).

Affected are: iPhone 4S, iPhone 5, iPhone 5C, iPhone 5S, iPhone 6 & iPhone 6 Plus, iPhone 6S & iPhone 6S Plus, iPhone SE, iPhone 7 & iPhone 7 Plus, iPhone 8 & iPhone 8 Plus, iPhone X, iPad 2, iPad Mini, iPad Mini 2, iPad Mini 3, iPad Mini 4, iPad Air, iPad Air 2, iPad 5 (2017), iPad Pro (12.9 in), iPad Pro (9.7 in), iPad Pro (10.5 in), iPad Pro (12.9 in), iPad 6G, iPad 7G

Apple cannot solve these with a software update. They would have to collect all the devices and have the chips replaced (not economically sensible).

No iPhone owner can protect themselves from this. The user must never lose sight of the device. Hackers can get into the system via a jailbreak.

Which hack did you have (no) success with? Write me about your experiences below in the comments!

Leave a Reply

Your email address will not be published. Required fields are marked *


Jeden Monat teile ich mit Mitgliedern
4 neue praxisnahe Tutorials (je 1000+ Wörter).


Trage Deine Mail, damit Du
Deine Coding + Hacking Skills erweitern kannst!