*URGENT*IMPORTANT*MSF*

[ETeissonniere]

Hello guys, Msf' gems packages can't be installed because ruby version is too old (~ 1.9.3). Currently, we need to compile the last version as soon as possible. If somebody know how to port it, please explain US; then, if somebody have write access to csploit's ruby repositorie he should merge it. Please, trust me, I think it can work. Sincerely, DeveloppSoft.

[tux-mind]

few hours I think. working on it right now

[hightechstl]

Happy to hear it. Sorry for the unsupportive attitudes of some. If I had more programming knowledge I would be happy to join your team and help. Sadly my programming knowledge is entry level at best. On Aug 29, 2015 10:25 AM, "tux-mind" notifications@github.com wrote:

few hours I think. working on it right now

— Reply to this email directly or view it on GitHub https://github.com/cSploit/android/issues/205#issuecomment-135999133.

[Rubenoo]

Yes I hope that you can make it work :))) goodluck with it.

[lief2]

Nice ;D

[hightechstl]

@tux-mind If there's anything that you need from me let me know. I'm here to help in anyway I can On Aug 29, 2015 11:01 AM, "lief2" notifications@github.com wrote:

Nice ;D

— Reply to this email directly or view it on GitHub https://github.com/cSploit/android/issues/205#issuecomment-136005294.

[Rubenoo]

@tux-mind Hey, are you making any progress? I wish you all the luck with making it work btw

[hightechstl]

Just wanted to check in and see if there was any progress with this?

[tux-mind]

I've encountered an issue. I miss some compiled native gem like nokogiri and pcaprub. I'm not at home right now and setting up the environment to cross compile them will require a lot of time compared to just copy and paste a file.

btw I want to share some good news with you. including the gems into the MSF package will speed up the installation process a lot with a small price: 20/30MB of extra space that can be freed after the installation. also we don't need a gem server.

I have the compiled gems at home, I'll get back around 5/9. If someone have a working MSF installation it will be great if he can zip/tar the ruby folder and share it there, so i can extract the missing native gems.

sorry for the inconvenience guys.

[Rubenoo]

Nicceeee keep on working @tux-mind you got this. I'm so happy that were getting closer to a fix :)

[fat-tire]

hey @tux-mind-- the latest work-in-progress nethunter apk beta build should auto-install those files right to /usr/share/metasploit-framework/vendor/bundle/ruby/ on your device's chroot, including nokogiri-1.6.6.2 and pcaprub-0.12.0. That might be the easiest way to easily access anything you need. You can probably also find them in the slightly-older premade nethunter roms, but those are big and device-specific. Still, you can dig through the chroot to find what you want.

Also kali's apt pulls from here (ms is here, etc.) if you need sources.

[tux-mind]

thanks for your efforts @fat-tire , but is not what we need.

those gems are compiled into the chroot environment, so they use the glibc, not the bionic one. I'll setup the cross-compile environment on my laptop when i get back home, making a nice howto into the wiki, so everything will be more clear to those great collaborators, like you, who want to help.

thanks anyway for the suggestion, really appreciated :heart:

[fat-tire]

@tux-mind Ah you're right, my bad. Well, I've definitely cross-compiled kernels/bootloaders and android before (using CROSS_COMPILE=/path/to/compiler/arm-linux-gnueabi- ARCH=arm ) but I'm not familiar with even which source you're using.. here? Makes sense to me to just wait for you to write up the steps so I know It'll be linking to bionic properly, etc.

[Rubenoo]

@tux-mind Are you making any progress and can you work on this today?

[bandwagonz]

@Rubenoo patience is a virtue. Tux already let us know that he will resume work on the 5th. Remember that you're free to help out as well :)

[tux-mind]

working on it right now. setting up the cross-compile environment is a very complex task... may I have to check if there is another way to achieve this. thanks for your patience guys.

[Rubenoo]

@tux-mind no problem , do what you have to do mate. I know that you can do it

[pmcdougal]

Excited to see what you come up with as a fix :)

[tux-mind]

wow, i reach a checkpoint :blush:

I'm taking so much because I'm working on it in my little free time, but I'm doing it :+1:

I successfully build the makefile for the nokogiri gem.

the following is the command i gave, just to give you an idea of the work spent searching for missing libraries and broken argument parsing functions.

CONFIGURE_ARGS="--with-ldflags='-lexslt -lxslt -lxml2 -licuuc -lstdc++'" ruby -r /media/data/documents/programs/csploit/android/cSploit/jni/ruby/rbconfig.rb /data/ruby/bin/gem compile nokogiri-1.6.0.gem -- --with-zlib-include=/media/data/documents/programs/csploit/android/cSploit/jni/zlib/src --with-xslt-include=/media/data/documents/programs/csploit/android/cSploit/jni/libxslt/include --with-xml2-include=/media/data/documents/programs/csploit/android/cSploit/jni/libxml2/include --with-opt-lib=/media/data/documents/programs/csploit/android/cSploit/obj/android-9/local/armeabi --with-opt-include=/media/data/documents/programs/csploit/android/cSploit/jni/icu4c/common

I'll keep you posted :wink:

[tux-mind]

gotcha :v:

Successfully built RubyGem
  Name: nokogiri
  Version: 1.6.0
  File: nokogiri-1.6.0-arm-linux.gem

[sorano]

Congrats! Well done tux-mind!

[swelit]

So does it work right now?

[Rubenoo]

Wow Congrats @tux-mind Your amazing. But when can we use the fully working csploit? i cant wait btw :P

[tux-mind]

ok, the bundle is complete, I've compiled both nokogiri and pcaprub gems.

Now I have to make some test, sadly my phone is in maintenance in these days, I'll try with the android emulator.

the size of the MSF package is around 47MB ( 128MB extracted ).

[Rubenoo]

Nicce but can we test it to for now? And send you the reports after?

[hightechstl]

I would be happy to test. Moto G, Galaxy S4, Nexus 5 32GB, as well as nexus 7 first and second gen. All I need is an apk and I can test away across multiple devices. On Sep 11, 2015 7:00 AM, "Rubenoo" notifications@github.com wrote:

Nicce but can we test it to for now? And send you the reports after?

— Reply to this email directly or view it on GitHub https://github.com/cSploit/android/issues/205#issuecomment-139528669.

[evertking]

I'm willing to test also.. S3, nexus 5 and OnePlus one. On Sep 11, 2015 7:02 AM, "hightechstl" notifications@github.com wrote:

I would be happy to test. Moto G, Galaxy S4, Nexus 5 32GB, as well as nexus 7 first and second gen. All I need is an apk and I can test away across multiple devices. On Sep 11, 2015 7:00 AM, "Rubenoo" notifications@github.com wrote:

Nicce but can we test it to for now? And send you the reports after?

— Reply to this email directly or view it on GitHub https://github.com/cSploit/android/issues/205#issuecomment-139528669.

— Reply to this email directly or view it on GitHub https://github.com/cSploit/android/issues/205#issuecomment-139529058.

[domenicoblanco]

I can also test on a Nexus 6 and a Samsung Galaxy Tab 3 8.0

[swelit]

I would like to test on my Samsung galaxy s5

[ghost]

Congratulations @tux-mind Nice job 😁

[tux-mind]

almost done, need to fix some little error.

root@generic:/mnt/media_rw/sdcard/msf # ./msfconsole                           
/mnt/media_rw/sdcard/ruby/lib/ruby/gems/1.9.1/gems/bundler-1.10.6/lib/bundler/shared_helpers.rb:78: warning: Insecure world writable dir /data/bb in PATH, mode 040777
WARNING: linker: nokogiri.so: unused DT entry: type 0xf arg 0x12dc5
WARNING: Nokogiri was built against LibXML version 2.7.8, but has dynamically loaded 20708.3.58
[*] Starting the Metasploit Framework console...WARNING: linker: pg_ext.so: unused DT entry: type 0xf arg 0x1af2
[-] WARNING! The following modules could not be loaded!
[-]     /mnt/media_rw/sdcard/msf/modules/post/multi/gather/lastpass_creds.rb: LoadError dlopen failed: cannot locate symbol "sqlite3_load_extension" referenced by "sqlite3_native.so"... - /mnt/media_rw/sdcard/ruby/lib/ruby/gems/1.9.1/gems/sqlite3-1.3.9-arm-linux/lib/sqlite3/sqlite3_native.so

/# cowsay++
 ____________
< metasploit >
 ------------
       \   ,__,
        \  (oo)____
           (__)    )\
              ||--|| *

       =[ metasploit v4.11.0-dev [core:4.11.0.pre.dev api:1.0.0]]
+ -- --=[ 1378 exploits - 773 auxiliary - 221 post        ]
+ -- --=[ 342 payloads - 37 encoders - 8 nops             ]
+ -- --=[ Free Metasploit Pro trial: http://r-7.co/trymsp ]

infocmp: couldn't open terminfo file /opt/android-ndk/platforms/android-9/arch-arm/usr/share/terminfo/v/vt100.
infocmp: couldn't open terminfo file /opt/android-ndk/platforms/android-9/arch-arm/usr/share/terminfo/v/vt100.
stty: standard input
infocmp: couldn't open terminfo file /opt/android-ndk/platforms/android-9/arch-arm/usr/share/terminfo/v/vt100.
infocmp: couldn't open terminfo file /opt/android-ndk/platforms/android-9/arch-arm/usr/share/terminfo/v/vt100.
msf > 

[ETeissonniere]

So good @tux-mind :smile: ! I am looking at adding wifi cracking with an external wifi card and maybe changing the ui

[maddog9696]

Please do this DeveloppSoft Sir! If someone adds the ability to use an external WiFi card like an ALPHA adapter to Csploit, this would make the application light years ahead of other penetrating applications currently available! So exited for a working build tux! Keep up the amazing work guys!

[ghost]

I .... can't .... wait!

[maddog9696]

Same!! I'v literally been looking forward to the release day of a working Csploit for weeks now! Is this weird/nerdy!?? Lol Please hurry tux! ;D I know I'm not supposed to ask this....Buuut any estimation on a working build, like hours, days, weeks, or months @tux-mind ? Thanks again for all of your work sir! Much appreciated!

[MuradMathematics]

Wow @tux-mind is a hero. He is using his time to give us a good reliable programm. Thank you and just like @maddog9696 I look forward to the fixed release of csploit.

Just dont forget your study and stuff,ok? ^^

[tux-mind]

Looks like android dropped sqlite3_enable_load_extension function from the sqlite library starting from lollipop. I have to change the way we use the sqlite library in cSploit native stuff, not a long task anyway.

After this fix the MSF package should be ready.

I cannot give you an ETA, but from 5 October I start attending my master degree courses. this means that I will have much more free time to spend for cSploit.

For the wireless feature I remember that we already talked about it in another issue. cSploit is born with that feature as TODO, sadly I haven't got enough time for implementing it. BTW every part of the core has been designed to support this feature and we will certainly develop it.

@DeveloppSoft basically we need a program that:

• list wifi-capable interfaces ( iwconfig/iw/airmon-ng )
• try to enable monitor and promiscous mode ( airmon-ng )
• give a easy to parse list of found networks ( airodump-ng + wash )
• deauth client for sniffing WPA handshakes ( aireplay-ng )
• send fake packets to generate IVs ( aireplay-ng )
• sniff raw 802.11 packets ( airodump-ng )
• crack sniffed IVs ( aircrack-ng )
• bruteforce WPS ( reaver )

I'll personally prefer to convert the aircrack suite into many small libraries rather than get crazy on parsing an interactive cli program output.

as pointed out by @Avamander in #52 this solution is clean but require too much work. on the other side displaying a console on a touch device is something to avoid as much as possible IMHO.

If you are interested contact me via email, I'm sure you'll find it somewhere in the internet :wink:

[ETeissonniere]

@tux-mind, at the moment, I am adding RouterKeygen Le 19 sept. 2015 03:16, "tux-mind" notifications@github.com a écrit :

Looks like android dropped sqlite3_enable_load_extension function from the sqlite library starting from lollipop. I have to change the way we use the sqlite library in cSploit native stuff, not a long task anyway.

After this fix the MSF package should be ready.

I cannot give you an ETA, but from 5 October I start attending my master degree courses. this means that I will have much more free time to spend for cSploit.

For the wireless feature I remember that we already talked about it in another issue. cSploit is born with that feature as TODO, sadly I haven't got enough time for implementing it. BTW every part of the core has been designed to support this feature and we will certainly develop it.

@DeveloppSoft https://github.com/DeveloppSoft basically we need a program that:

• list wifi-capable interfaces ( iwconfig/iw/airmon-ng )
• try to enable monitor and promiscous mode ( airmon-ng )
• give a easy to parse list of found networks ( airodump-ng + wash )
• deauth client for sniffing WPA handshakes ( aireplay-ng )
• send fake packets to generate IVs ( aireplay-ng )
• sniff raw 802.11 packets ( airodump-ng )
• crack sniffed IVs ( aircrack-ng )
• bruteforce WPS ( reaver )

I'll personally prefer to convert the aircrack suite into many small libraries rather than get crazy on parsing an interactive cli program output.

as pointed out by @Avamander https://github.com/Avamander in #52 https://github.com/cSploit/android/issues/52 this solution is clean but require too much work. on the other side displaying a console on a touch device is something to avoid as much as possible IMHO.

If you are interested contact me via email, I'm sure you'll find it somewhere in the internet [image: :wink:]

— Reply to this email directly or view it on GitHub https://github.com/cSploit/android/issues/205#issuecomment-141606057.

[tux-mind]

:heart:

[Rubenoo]

♡ <3😘❤

[doringr]

I need to ask you guys one thing what knowledge do i need to have so i can help. (Like progrming, i dont know).

[MuradMathematics]

@doringr app dev skills and programming knowledge (probably java or c#). Also msf knowledge would be good. All other aspects knows @tux-mind

[Rubenoo]

You have to know ruby to, I quess so

[gustavo-iniguez-goya]

@doringr , besides programming knowledges, you still can help by testing pull requests, versions and new ideas. feedback about all of this is also very important. You'll have to install android studio, learn how to import github repositories , apply patches, change between branches, and compile the app to run it on your mobile.

[doringr]

OK thanks for the replies i really apreciate it, going to start practicing now.

[tux-mind]

@doringr thanks for your efforts, really appreciated. you can contribute by helping in tens ways, from translating the app on transifex on finding duplicate issues.

@gainan thanks for your help, it's nice to have you onboard.

[tux-mind]

I just found the problem why i cannot cross compile gems on my notebook, now I can fix the sqlite problem, just give me some hour.

[MuradMathematics]

@tux-mind I dunno if i am late but is the website layout new? Have u made it? Looks nice, kind of sleek ;)

[tux-mind]

@MuradTroll say thanks to @DominikTV , a new cSploit contributor :heart:

[tajnymag]

Thanks @DominikTV :+1: :smiley:

[DominikTV]

No problem :wink: