Forum Thread: Metasploit, Android, and Windows! (For Newbies W/ Scripts)

*Boring Stuff About Me! (Skip This if You Wanna Head to the Juicy Stuff!)*

I'm Null and I've been here for quite a long time now. Viewing posts, learning things i need, etc.
Being new and having almost no knowledge on how to do things can be discouraging!
So i made some scripts to make making payloads a lot easier for newbies.

*Common Problems with Payload Making*

When i say common, i mean common as in i see questions like this EVERYWHERE yet some
users don't answer them leaving whoever asked the question, clueless.

"Does it matter what port i use? does it have to be open?"
Well.. Yes AND No, while there are common ports user for services, (such as FTP and SMTP)
when using Metasploit you can pretty much add in whatever port you want. (except for common
ports.) I usually use port 444 or 4444, since those are the ports mostly used in How-to's.

"I just made a .apk with metasploit, how come when i try to install it it says 'parse error' or something"
That's because it isn't signed yet! :D
but don't worry, i made a script for that too.

"Do i have to port forward for this?"
nope
Unless you want to hack on WAN, then you really need to port forward.
(make sure that your IP is static. Dynamic IP is the bane of port forwarding)
Here, I'm just gonna show you how to hack on LAN
Pros and Cons of LAN and WAN:

LAN-
Pros: Easy, no need to port forward.
Cons: Temporary session, needs the victim to be on the same network as you are.

WAN-
Pros: if you run persistence once you've exploited your victim, you will ALWAYS have access to the victim's device.
Cons: Port forwarding (Call me an idiot, but this is what made me go ape sh!t)

*Null's Scripts*

Exe Maker
Download: http://www.mediafire.com/file/3kps9d8b5ig59w1/exe_gen.sh

VirusTotal: https://virustotal.com/en/url/da6dd141fad8b971ba929466680dc8c6a9c57b186e754a12368b494a8636d724/analysis/1481970684/

Apk Maker
Download: http://www.mediafire.com/file/9j1u4b1cuoye755/apk_gen.sh

VirusTotal: https://virustotal.com/en/url/32e08ccefbe1c14666f1dd33916f85bb503001c41736d2d592775a6b4ecf9c31/analysis/1481970570/

You're gonna need these.

*Permissions*

Once you've downloaded both of the scripts, move them to root, and give them execution permission
by typing in your console:

*Hold on! An Important Note on the apk__gen.Sh Script!*

Before you use the Apk maker script, you're going to need something to sign it with.
copy-paste this in your console:

keytool -genkey -v -keystore my-release-key.keystore -alias aliasname -keyalg RSA -keysize 2048 -validity 10000

Then just answer the questions it gives you. As for the password, whatever you want, just be sure to remember it. when you're done it should make a file called "my-release-key.keystore'

*And That's It!*

Fire up metasploit!
Fire up meterpreter!
Flame on!

Thank you for reading!
Sorry if my English seems "shaky".
It isn't my first language.

Sorry if this is all written poorly too!
and sorry if i can't explain much, it's either I'll be doing it on another How-To
or i still have yet to learn it.

Like you, I'm also here to learn more.

Stay awesome.

1 Response

Pretty good tutorial! I've used MSF before, but I did not know all of this.

Share Your Thoughts

  • Hot
  • Active