Forum Thread: Metasploit Doesn't Work on Mobile Data Network

I'm trying android payload over WAN but If victim's connected to 3G / 4G / Mobil Network, payload doesn't work. It gives a session but you can't do anything with it and dies quickly. However, if the victim is connected to WiFi, Hotspot etc. Payload works fine.

I've opened port and forwarded my local IP for Metasploit. But it only works on non-mobile internet. It doesn't work data network of the phone. Yes, I'm sure nothing wrong with port and my dns forwarding. I've tried it on plenty of devices. It works only if the target's device connected to a wifi internet. If the phone on mobile data network, it also gives session but I can't do anything with it(help command doesn't list proper android payload commands) and it dies quickly.

Which payloads I've tried so far:
1) android/meterpreter/reversehttps
2) android/meterpreter/reverse
https
3)android/meterpreter/reversetcp

/ haven't tried http but they are no different I guess /

Here are some snaps:

1) Payload, if victims on mobile network / 3G (help command output):

Image via hizliresim.com

2)The same payload with Wifi (help command):

Image via hizliresim.com

As you can see the same payload acts differents depend on network type. About 6 months ago I was using same payload on mobile network and there was no problem. I don't know what has changed but doesn't work if victims on mobile internet. I asked a few people to try it and they also couldn't get successfull meterpreter session.

Operating system: Parrot OS 2.0.5 (32-bit).
Target-1: Android 4.4.1 Galaxy Note 2
p.s. I don't know the android versions of the other devices I've tried so far.

10 Responses

Anyone help? I'm still trying to figure it out.

hi i am thapa from japan...i hav tried to hack my gf phone but i cant sucess...how to hack how to use command on other phone....plz tell me...

Dude are u connected with your mobile hotspot??

My assumption is WIFI runs on LAN allowing for local private 192.168.0.0 IP's and Mobile has Public IP causing faults ?
Change Dynamic IP to Static?
Is your sources.list Repositories up to date?

Sorry that I was not clear at first. I'm talking about the victim's device not my own Internet conenction. If the victim is connected to WiFi it works well. But If he is on 3G or any mobile network payload doesnt work properly. Now, I've explained my issue more clear and edited first post.

how did you get on with this?

Im having the exact same issue...i was wondering if maybe there is some sort of filter on the mobile network

yap i dont know
i have the some things , the payload dont work in 3g ! :/
but i created it use android/....../tcp
i will try it http and https

What to Do When You are also on a mobile network.. Your Ip is Dynamic ..|

Changing and Changing..So How To Create a Payload with such a Home Ip..Even if the Victims is on WiFI.. or Mobile How do i m gonna receive it with an ip which doesn't look like "192.168.1.1".. searching on google i found my ip like "2405:205:430c:58dc:9c9f:f144:3b1:e397".. Now How Do We Create Payload with such ip.

How about using smartphone without sim while connected to a WiFi connection, same time as providing the hotspot my android has already installed. As only one antenna can be used at same time on every devices attempted on. Assuming OTG could support an external usb WiFi adapter if root & is & ported drivers, sure maybe, however what about simplicity? And functionality... a vpn firewall.. Device-to-router protection. Like your idea.

Share Your Thoughts

  • Hot
  • Active