Hacky13 Posted October 2, 2020 Share Posted October 2, 2020 NOTE : THIS IS COMPLETELY FOR EDUCATIONAL PURPOSES AND I AM NOT TRYING TO HACK ANY DEVICE RIGHT NOW TO CREATE PROBLEM FOR SOMEONE .THE PHONE I AM TRYING TO EXPLOIT IS MY OWN SECOND DEVICE. I'm working with metasploit on TERMUX. So, My meterpreter session is open . I am able to access the SDCARD of the phone I am trying to exploit, but everytime I need to exploit the device, one needs to tap the app icon everytime for my meterpreter session to start. I want to create my payload persistent . So that, I don't have to wait for the user of the device to tap the icon again . So , I successfully created a bash file through "nano" which is named "syslogs.sh" and is placed in my sdcard. It works completely fine ; It contacts the device for my meterpreter session to start after a delay of every 20 seconds. So, I want to upload my syslogs.sh file from my SDCARD to sdcard of the device which I'm trying to exploit ; but it's just not happening!. I am getting an error like this >>>>> [-] 4 : Operation failed: 1 You can refer this image here . you can see here that I've also tried adding backslashes but it didn't seem to work. The location of my file is absolutely fine . If someone wants to exactly know what I'm trying to implement they can check this . I've honestly tried searching for solutions , I've seen previous solutions and posted my question on subreddits, stackoverflow, github but I'm not getting anything . I am really positive that you can guys can help me. I would highly appreciate ANY KIND OF SUGGESTION . I am absolutely new to this forum so if I've posted something wrong or I'm at a wrong place you can always let me know and I'll delete this post. Hoping for your replies. Link to comment Share on other sites More sharing options...
digininja Posted October 2, 2020 Share Posted October 2, 2020 It looks like the metasploit team have labelled your issue as a bug so if I were you I'd hang on till they work out a fix for it. Link to comment Share on other sites More sharing options...
Hacky13 Posted October 2, 2020 Author Share Posted October 2, 2020 1 minute ago, digininja said: It looks like the metasploit team have labelled your issue as a bug Thank you so much! digininja.. but do you have a source for it? Link to comment Share on other sites More sharing options...
digininja Posted October 2, 2020 Share Posted October 2, 2020 What do you mean? Link to comment Share on other sites More sharing options...
Hacky13 Posted October 2, 2020 Author Share Posted October 2, 2020 7 minutes ago, digininja said: What do you mean With due respect .... I mean how do you know that the metasploit team have labelled my issue as a bug? Link to comment Share on other sites More sharing options...
digininja Posted October 2, 2020 Share Posted October 2, 2020 Sorry, you labelled it as a bug, not them https://github.com/rapid7/metasploit-framework/issues/14210 Link to comment Share on other sites More sharing options...
Hacky13 Posted October 2, 2020 Author Share Posted October 2, 2020 4 minutes ago, digininja said: Sorry, you labelled it as a bug, not them Yeah that's me... LOL . I mean I didn't wanna label it as a bug.. It was my first time posting a question on github so I messed it up .. Link to comment Share on other sites More sharing options...
Hacky13 Posted October 2, 2020 Author Share Posted October 2, 2020 HERE IS WHAT I TRIED Is there a way to check for stack trace or log files? I tried to find them..but i was unsuccessful typed "pwd" to know my current location and it was /data/user/0/com.metasploit.stage/files Then I went to this location by using "cd" and searched for files.. but I got nothing! I am open to suggestions! tell me if i did something wrong Link to comment Share on other sites More sharing options...
digininja Posted October 2, 2020 Share Posted October 2, 2020 Looking at that, they don't have a second parameter on the upload command, just the file that they want to upload. Did you try that? Link to comment Share on other sites More sharing options...
Hacky13 Posted October 4, 2020 Author Share Posted October 4, 2020 I guess I found the solution now the file wasn't getting uploaded because I was trying to exploit a device having an "android version 6" I tried it in a device with android version 9 and it worked. So maybe metasploit does not support some versions of android. I appreciate all your efforts to help me solve this issue BUT I STILL THINK THAT THIS THREAD SHOULD NOT BE CLOSED BECAUSE IT'S PRETTY ASTOUNDING A FILE TRANSFER USING UPLOAD COMMMAND IS NOT GETTING EXECUTED IN METASPLOIT . AND THE PHONE THAT I AM TRYING TO EXPLOIT IS IN ANDROID VERSION 6 Link to comment Share on other sites More sharing options...
RaulHack Posted November 21, 2020 Share Posted November 21, 2020 Hola buenas noches bro, Hacky13, Gracias por la info, entonces el metasploit 6.0.1 para arriba, no es compatible con laa versiones de android 6 para abajo. Y tiene razon porque he tenido el mismo problema y no descarga ni sube archivos desde el meterpreter. Link to comment Share on other sites More sharing options...
manjunath Posted December 4, 2020 Share Posted December 4, 2020 Hi guys this is manjunath.I have similar issue and i have done some testing. Am working on Metasploit framework installed on 3 devices.1.Windows 10.2.Nethunter OS on android3.Kali linux virtual machine (Bridge network mode)AndI have one more Android device(remote) where msf payload is injected for testing purpose.Lets call it "device B"All devices are on same LAN network with IPs 192.168.#.#.Meterpreter session successfully opens on all 3 devices(nerhunter,windows,kali linux).I can browse files and folders during sessions.But while uploading and downloading files to remote android device(B) during session, only my nethunter device successfully does the job, but windows and kali linux cannot and throws error below[4]: operation failed: [1] Why uploading and downloading is successful on nethunter on android.. and why it is failing on windows and kali linux virtual machine during meterpreter sessions. Below is the framework.log file for reference.https://gist.github.com/manjunath7472/ab015e565de9df06a404eb6a26c2023a I think its not issue with Android version of victim or payload,but the OS or network settings itself. Kindly someone check the log above for reference. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.