search

dana-at-cp / backdoor-apk

backdoor-apk is a shell script that simplifies the process of adding a backdoor to any Android APK file. Users of this shell script should have working knowledge of Linux, Bash, Metasploit, Apktool, the Android SDK, smali, etc. This shell script is provided as-is without warranty of any kind and is intended for educational purposes only.
Apache License 2.0
2.21k stars 702 forks source link

Connecting via Public IP (meterpreter on WAN) #35

Closed Mr-KIYFD closed 8 years ago

Mr-KIYFD commented 8 years ago

I can backdoor apps and they work and connect back to the meterpreter flawlessly when I use my LAN IP. The problem starts when I use my public IP, I do not get a meterpreter connection.

Additional Info : 1)The app still works as it should 2)I configured and tested portforwarding on my router (e.g on my vitcim phone i can open a browser and point it to http://my.public.ip:2223 (which is the port I'm using for it) and get a meterpreter seesion, but it dies as it is obviously not a valid session) 3)I double checked the parameters on the backdoor-apk.sh 4)On the victim phone's terminal emulator I ran "netstat -t tcp", I can see the app does send a packet which my meterpreter doesn't seem to accept for some reason...the output has "SYN_SENT" for that particular connection 5)I even disabled the router firewall and gufw on Kali (Kali Rolling 2016.02)

I will appreciate any help in this regard.

and also, can this be used with DDNS like no-ip.com?

dana-at-cp commented 8 years ago

I can't provide direct support for Metasploit or any of the other open source tools that are leveraged in the backdoor-apk project.

It sounds like the meterpreter session is unstable in this NAT'd environment.

Have you checked the Metasploit community for more information? There may be other folks who have seen this behavior.

https://community.rapid7.com/community/metasploit?linkid=blue

To answer your other question: Yes. The LHOST option accepts hostnames and IP addresses. That is a feature of Metasploit.