datajumper Posted December 14, 2016 Posted December 14, 2016 hey guys ive been exploiting my OWN !!! tablet and phone recently my phone is running marshmellow 6.0.1 the tablet uhmm ...kit kat ? something lol 4.4 i think lol ok ive created a payload with msfvenom and made the .apk payload and u have to accept the permisions and install and open the payload to run the binary right ?? ok what i want to know is just like in windows u can create shellcode and drop it into the cmd or drop it into a jpg file and it just runs your binary no questions asked lol is there any way to run somekind of shellcode "like" payload on android so i can send the payload via sms or email ect ... so when the user clicks on it it just runs the binary ? so basically what i would like is to embed a payload for android into a jpg /jpeg/png it has to be a picture i know about the pdf deal i want to do this with a picture ...if ive been unclear in any way feel free to ask i will try my best to explain better of what i want thanks in advance i cant wait to hear all your feed back good or bad i accept it all ty ....and special thanks to the whole hak5 community for just being here u all are great who else would i be able to ask questions like this to lmao Quote
datajumper Posted December 14, 2016 Author Posted December 14, 2016 4 hours ago, datajumper said: hey guys ive been exploiting my OWN !!! tablet and phone recently my phone is running marshmellow 6.0.1 the tablet uhmm ...kit kat ? something lol 4.4 i think lol ok ive created a payload with msfvenom and made the .apk payload and u have to accept the permisions and install and open the payload to run the binary right ?? ok what i want to know is just like in windows u can create shellcode and drop it into the cmd or drop it into a jpg file and it just runs your binary no questions asked lol is there any way to run somekind of shellcode "like" payload on android so i can send the payload via sms or email ect ... so when the user clicks on it it just runs the binary ? so basically what i would like is to embed a payload for android into a jpg /jpeg/png it has to be a picture i know about the pdf deal i want to do this with a picture ...if ive been unclear in any way feel free to ask i will try my best to explain better of what i want thanks in advance i cant wait to hear all your feed back good or bad i accept it all ty ....and special thanks to the whole hak5 community for just being here u all are great who else would i be able to ask questions like this to lmao i guess what im asking is there a payload i can drop on a device and all you have to do is open it without permisions ..install like a app ? just by opening it Quote
0phoi5 Posted December 19, 2016 Posted December 19, 2016 (edited) Because of the way that Android always confirms whether you want to download and install an APK file, with multiple warnings, plus the fact that there's a setting on most phones that has to be enabled to allow installation of unknown APKs, this is a difficult one. I would say no, generally know there is not a way to install an APK file on to a user's phone without the phone either being in the physical hands of the person attacking it, or via some heavy social engineering from the attacker (that I know of). *edit* I am unaware of any method to get an image file to download anything to a user's mobile phone, at present. Yes, a PC. Not a phone. A MITM attack of some sort could be a possibility, but some social engineering would still be required. Edited December 19, 2016 by haze1434 Quote
0phoi5 Posted December 19, 2016 Posted December 19, 2016 (edited) MITM attack basic synopsis (one potential idea); Using an RPi (or similar), create replica of a WiFi access point that the user regularly connects to (spoof MAC, SSID). Make sure signal strength of RPi access point is stronger than that of real AP, or DOS the real AP. User connects to your RPi. Spoof download of updates to user's phone (exact method would need some research), essentially with the idea being that they are then happy to press 'yes' to any downloads they are offered, thinking it's an important security update. APK is now on their phone. Profit. Edited December 19, 2016 by haze1434 Quote
0phoi5 Posted December 19, 2016 Posted December 19, 2016 (edited) Of course, with physical access, a rubber ducky and 30 seconds, this would be a piece of cake. Edited December 19, 2016 by haze1434 Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.