Closed ragavravi closed 6 years ago
peterpt
commented
6 years ago forget the apk tools i fatrat , they are giving a lot of issues and are only working with old apks . We will probably give a revision to fatrat soon , and remove the tools that are not working anymore . If you want to test an apk to connect to your system from an android device then follow this video and install the generated payload apk on your android device . https://youtu.be/PfUaCz-nzsU
ragavravi
commented
6 years ago Yes, I followed Your Video https://youtu.be/PfUaCz-nzsU but it only works if Both the Device are connected to the Same Wi-Fi network... (Android & Computer) Am I right...!
ragavravi
commented
6 years ago And also let Me know @peterpt if there is any Particular Time You come Online, so that I can be Ready next time when You are here so that You can Address me with the Issue, like at the Same Time which could solve the things faster... :-)
peterpt
commented
6 years ago everything works like that except if you are not connected to a router but to a modem . A router deliver a lan address , so if your computer is connected to a lan ip like 192.168.x.x. , android devices on that network will connect to you . If your android device is connected outside from your network , like a different lan , then you must config on the payload your external ip address and forward your router ports to the lan ip you are using metasploit script .
Example : Your ip : 192.168.1.4 current android device ip : inside some lan on another network
If you setup the payload to connect to your lan ip , then the payload will connect to that ip inside its network and not yours .
To connect to you , you must set your payload with your external ip address from ISP , and then go to your router and configure to forward your payload port (example 4444) to your lan ip address .
This way , when the android devices start it will connect to (example as if it was your external ISP address : 230.123.243.123) on port 4444 , witch you forward to your lan ip 192.168.1.4 .
Everything works like that , and many people have no idea why their backdoors do not connect to them on infected devices .
The smart ones create a free dns name in noip.com , and then run the noip tool in their linux . So when they configure the payload , they do not input their ISP addresses , but the noip dns name , like : myserver.ddns.net . This way , they only need to create a single payload even if their external ISP addresses changes , because the noip tool that they have installed will update their dns name with the new ip they have .
If you look into these images i did for fuzzbunch : https://camo.githubusercontent.com/17024747623ddf925291d41533c5381a02afb7f7/68747470733a2f2f73312e706f7374696d672e6f72672f346d6b327a3330306a7a2f6578702e6a7067
and
you will understand why .
But , if you have your computer connected to a modem and not a router , the the ip address that you have is directly the ISP ip dhcp address , witch means 230.123.123.123 , when it is like this , you dont need to forward anything .
ragavravi
commented
6 years ago I already did that, means created a NoIp dns hostname 6 days back...
I have Iball Router...
I tried with port 4444, 8080, 80... No one worked...
This is the Video I watched to install NoIp... https://www.youtube.com/watch?v=P89z9DvDmN0
This is the Video I watched to create NoIp Hostname... https://www.youtube.com/watch?v=ehGrN4ZhYD0
But it didn't work for Me...
Here I think the Problem could be with My Router...!! What You say @peterpt ...?
peterpt
commented
6 years ago you have to forward your router ports to your lan ip , and for that it is advised to have a lan static ip address , so it stays always the same .
your wan | Forward port | your lan ip wan interface | 4444 | 192.168.1.60
this is an example . So when a request from outside to that port 4444 on your router , will be reedirected to your lan ip where metasploit is listening . Same thing must be done to outside :
your lanip | forward port | Your wan 192.168.1.60 | 4444 | Wan interface
Best way is to see if your router supports a DMZ zone , if it supports then put your lan ip o dmz .
Note : Demilitarized zone means that your computer will be exposed directly to the web without any firewall protection .
ragavravi
commented
6 years ago This is the command I ran on Windows 7... I'm using Kali Linux in Virtual Box... DHCP Enabled = Yes in Windows 7... DHCP Enabled = No in Virtual Box (Kali Linux) It means I'm having Static Ip in Virtual Box...!! I hope that's correct...!
And in Kali Linux, iwconfig doesn't shows wlan network...
I'm confused, like what to do... Can You help Me with Port Forwarding @peterpt ...?
peterpt
commented
6 years ago Use DMZ in your router for testing . put your lan ip in dmz in the router , then configure the android payload with your isp ip or your domain name .
ragavravi
commented
6 years ago I don't get it but My Router does Support DMZ...
(put your lan ip in dmz in the router , then configure the android payload with your isp ip or your domain name) I don't get it... I'm new to this... Plss help @peterpt ...
peterpt
commented
6 years ago 1st of all : Fatrat is a pentest tool , witch means that should be used for penetration test . Penetration test , means that you will try to invade a device privacy with authorization of the victim . Fatrat was not build with the intention to harm other persons devices and privacy with less knowledge .
2nd - Hacking other persons devices is against the law and if the attacker ip is detected (witch is is all the times , specially with a reedirect domain address like noip) , the person that had the device hacked can go to the authorities , and make a claim on the attacker by its ip name . The authorities by themselves process by knowing first by knowing the isp name that belogs that IP address (by doing a traceroute they can get easily the current ip address) , secondly they process a law order to ISP to provide client name and address that belonged to a specific ip at a specific time and day . Your ISP have all that data , even if you have a dynamic ip address . Next process is to send you a letter for you to present yourself at a court so you can explain yourself why you hacked that person phone . Since you have no good excuse for that (no matter how much creative you are) , you are indicted of felony that will give a certain amount of money that you must pay to the victim , and you will go directly to jail . Jail time depends on how much damage you did to the victim device and much privacy you violated .
In other perspective , if you are a network administrator (witch you are not) , and if you are allowed by your company to invade the company network devices so you can know how to process a better network security for the employers working there , then there is no problem .
Thinking that every person that gets a backdoor in their device is stupid because will never know who hacked its device can not be consider valid these days .
ragavravi
commented
6 years ago I Agree with what You said... And that literally created Laughter around the Space here... I guarantee, I have no such intention... By Profession I'm a Photographer, Short Films Director & Video Editor... But this side of "Networking" has always amazed Me and the Power it Possess has No Boundaries...
I would be straight here & won't say that, I want to learn so that I can Protect Myself from others who would Love to Hack Me ;-) Nah, the answer here would be "Never Install 3rd Party Apps or any Apps from Links or Websites & Never Give Your Phone to a Stranger..."
I just want to Learn for the Sake of Knowledge... Bcoz it's so Gr8 and I don't want to Miss all the stuff that it Holds...
For Example: Messi is the Best Player in The World... I can't do much there, Except Enjoy Watching Him Play... I can't Skip that Part, I just Love watching Him... And will do that again tomorrow when Barcelona faces Chelsea... ;-)
But with the knowledge & resources available to Learn Linux or any kind of System, why to miss that chance...I hope You understand the Feelings here & would Help Me... :-) By the way, I Love the Way You Reply... Funny & Sensible... ;-)
peterpt
commented
6 years ago if you search google "configure an ip on dmz router" you will find what you are looking for .
ragavravi
commented
6 years ago I Enabled the DMZ with My Local Ip...
And as You said earlier (put your lan ip in dmz in the router , then configure the android payload with your isp ip or your domain name) I followed Your Video again here... https://www.youtube.com/watch?v=PfUaCz-nzsU&feature=youtu.be
So I did... I used My Public Ip... (while creating Payload & also as a listener)
It fails to Bind... I also installed the apk... Several clicks to open it, but there was No activity in msf exploit handler... What am I doing Wrong here @peterpt ...?
ragavravi
commented
6 years ago I gave a call to My Internet Service Provider... Person came & changed few settings...
Now instead of a Router, The Cable is directly connected to My PC... My Public Ip & MAC Address has been Changed... So, I created another Payload with My new External Ip (Public Ip) And for Listener, I used LHOST = new Public Ip
But still it says, "Handler failed to Bind to (new Public Ip:4444)" I don't have any Idea what am I doing wrong here, I'm missing something but What, I just don't know... Plss Help @peterpt ...
ragavravi
commented
6 years ago Help @peterpt ...
peterpt
commented
6 years ago There is no more help that i can possibly give to you at this point . After this , only if i take a plane and get into your house and do the job for you . You should really search more in google in how to configure in your router how to forward ports or put devices in DMZ .
ragavravi
commented
6 years ago But as You said earlier, "everything works like that except if you are not connected to a router but to a modem"
That is the reason I called My Internet Service Provider and Disconnected The Router...
So if it is Directly connected to My PC (Broadband Connection), do I still need to Port Forward...? If No, then Why does the Binding Fails... And if Yes, than 1 TeamViewer session can be Helpful @peterpt ...
peterpt
commented
6 years ago you dont need to disconnect the router , DMZ in routers are there for that reason . If you have your pc directly to the web then you dont need portforward.
Best way to test it is loading on windows a Linux VM with metasploit framework , that VM must be in bridge mode and not in NAT , NAT is the same thing has having 2 subnets working on the same lan . Bridge mode is the same thing as a new network interface connecting to your modem without using the windows actual lan interface . Behind a router , if your windows is 192.168.1.23 , then your VM bridge mode will be 192.168.1.24 or any other ip on same subnet . Same thing applies if you are connected to a modem directly to the web .
But if your VM is configured as a NAT , then your windows will have behind a router ex : 192.168.1.23 while your VM could have 192.168.0.4 or 10.0.0.3 , this means that they are not on the same subnet and you will never get a communication from the payload .
Team viewer is out of the question , i barely have time to come here . You see , i have also my personal life , this is not Microsoft support .
ragavravi
commented
6 years ago My VM is in the Bridge mode. I'm having a Static Ip.
I tried both methods...
1. Direct connection to PC so that I don't have to Port Forward... (Disconnecting the Router here)
But still the Binding Failed... What could be the Reason here...? (If You can make a Video on such, having direct web connection to your PC & making the Payload with some explanations, it would be the Best Tutorial on the Web ever... You can blur all your Ip address & other Info, but do mention which Ip you used to do so. )
2. Using NoIp to Port Forward for "Apache" Application with iBall Router Here the Ports shows that they are not open, I tried many ports, same error always... Screenshots here...
I even switched Ip address from Static to Local Ip in Virtual Servers, just to see if that could be causing problem, still same...
Port is not open... Tried many different Ports still same output...
I also tried DMZ...?
Really need a Help here @peterpt ...
ragavravi
commented
6 years ago I'm out until 4th March...
@peterpt Plss do make a video about I discussed Earlier, (If You can make a Video on such, having direct web connection to your PC & making the Payload with some explanations, it would be the Best Tutorial on the Web ever... You can blur all your Ip address & other Info, but do mention which Ip you used to do so. )
It's 4:15 am here, I tried many solutions but didn't found the Right one for Me... I have to leave today Aftn & will be returning on 4th March, so if You get Time, plss plss Do make a Tutorial on it... Been stuck with this from around 15 Days... Help will really be Appreciated @peterpt ...
ragavravi
commented
6 years ago Any help @peterpt ...!
This is the Video I watched to make the Apk File. https://www.youtube.com/watch?v=9T3fCT0v2fw
This are the 2 Apks
I tried 1st with Flappybird.apk... But it didn't worked, so following the issue/74 below, I tried on Pandora.apk but still it doesn.t work...
https://github.com/dana-at-cp/backdoor-apk/issues/74
I also watched your Video @peterpt https://www.youtube.com/watch?v=qqFORedd-oE&feature=youtu.be
What could be the Problem...?