Open h00die opened 2 weeks ago
3. the payload seems to be losing newer compatibility while trying to maintain older compatibility. I have a ZTE android 6.0.1 I use for demos, and all the payload stuff works great on there. a Samsung galaxy a03s on android 13 installs and some things work, but many give unexpected permissions errors (I believe part of [android payload permissions not registered #16208](https://github.com/rapid7/metasploit-framework/issues/16208) is related). Maybe let a user pick which SDK version(s) they want to use. It could even be simple like 'pre android 6' and 'post android 6' kind of thing. I think the new android permission model is actually better for what we want anyways since it wont list an entire screen of permissions, but pop them up as we call things that need them. Likely a better scenario.
https://github.com/rapid7/metasploit-payloads/issues/695#issuecomment-1898051502
I wanted to start documenting some issues/enhancements for Android, as per slack convo.
The android payload was amazing, but @timwr (and whoever else has been working on it) hasn't had time to keep it up to date. I haven't played around with it for a while either, but am using it now for a presentation to children.
Some ideas:
Just throwing this out there as it seems like a neglected, but still often used feature of metasploit. happy to hear some thoughts, but I don't know java, and haven't messed around with android phone hacking much.