I'm trying android payload over WAN but If victim's connected to 3G / 4G / Mobil Network, payload doesn't work. It gives a session but you can't do anything with it and dies quickly. However, if the victim is connected to WiFi, Hotspot etc. Payload works fine.
I've opened port and forwarded my local IP for Metasploit. But it only works on non-mobile internet. It doesn't work data network of the phone. Yes, I'm sure nothing wrong with port and my dns forwarding. I've tried it on plenty of devices. It works only if the target's device connected to a wifi internet. If the phone on mobile data network, it also gives session but I can't do anything with it(help command doesn't list proper android payload commands) and it dies quickly.
Which payloads I've tried so far:
1) android/meterpreter/reversehttps
2) android/meterpreter/reversehttps
3)android/meterpreter/reversetcp
/ haven't tried http but they are no different I guess /
Here are some snaps:
1) Payload, if victims on mobile network / 3G (help command output):
2)The same payload with Wifi (help command):
As you can see the same payload acts differents depend on network type. About 6 months ago I was using same payload on mobile network and there was no problem. I don't know what has changed but doesn't work if victims on mobile internet. I asked a few people to try it and they also couldn't get successfull meterpreter session.
Operating system: Parrot OS 2.0.5 (32-bit).
Target-1: Android 4.4.1 Galaxy Note 2
p.s. I don't know the android versions of the other devices I've tried so far.
Comments
No Comments Exist
Be the first, drop a comment!