Exploitation with Reverse_tcp Method on Android Device using Metasploit

Authors

DOI:

https://doi.org/10.26418/jp.v5i1.26893

Keywords:

Exploit, Android Device, Metasploit, Kali linux, Bash script shell

Abstract

Android is a popular operating system on smartphone which run on linux kernel. Android operating system allows developers to access and modify source code, but this advantage also increases the security issue. One of the various attack is exploit, that many attacker carry out this type of attack to get sensitive user information. In this research, exploit attacks are done used some tool such as metasploit framework and this experiment is done on android device which one be a target attack. The result obtained from this exploit attack in the form of an understanding of how to conduct exploit attack, analyze the interaction of attacker with victim, analyze the workings of exploit attack and how long will it take to set up a payload with bash script shell. All the details of the analyze will give us the conclusions and strategies to make the android operating system more secure.

References

K. Shivam, S. Rupal, Android backdoors, vol. 4 no. 2, hal 1-2, Feb.2017.

R. Chandel. (2016). Penetration testing in smb protocol using metasploit. [Online]. Available : http://www.hackingarticles.in/penetration-testing-in-smb-protocol-using-metasploit.

T. N. Manjunatha,M. S. Shashindhar,G. Vinay, S. Vittal, “Survery on metasploit framework,†vol. 4, no. VIII, hal 1, Agustus.2016.

R. Choudhary, M. Khurana, “Exploitation of PDF Reader Vulnerabilites using metasploit tool,†hal 2-4. Sept.2017.

U. Timalsina, K. Gurung, “Metasploit framework with kali linux,†April 2015.

A. Gonsalves, C. Kulkarni, Ketankokane, P. Mali, M. Mehra, “a tool for preventing the metasploit attack on the android OS,†vol. 5. ISSN 2249-5789, hal 326.

H. Shewale, S. Patil, V. Deshmukh, P. Singh, “Analysis of android vulnerabilities and modern exploitation techniques,†vol. 05 no. 1, Maret 2014.

Dana, (2016), October 10. Backdoor Apk. [Online]. Available : https://github.com/dana-at-cp/backdoor-apk/.

K. A. Zaabi, “android device hacking tricks and countermeasuresâ€.

Z. T. Brunner, “Buffer Overflow in multple android DRM service,†, [Online], Available : https://blog.zimperium.com/cve-2017-13253-buffer-overflow-multiple-android-drm-services/.

buffer overflow, [Online], Avaiable : https://www.enisa.europa.eu/topics/csirts-in-europe/glossary/buffer-overflow.

android.drm, [Online] , Available : https://developer.android.com/reference/android/drm/package-summary.

R. Shenoy, “Metasploit For beginners,†Jan, 2017.

A. Feizollah, B. N. Anuar, R. Salleh,â€The evolotuion of android malware and android analysis techniques,†Vol. 49, No. 4, Jan 2017.

script ezsploit, [Online], Available : Juli) https://github.com/rand0m1ze/ezsploit.

I. Mardianto,Kuswandi, “Implementasi keamanan pada transaksi data menggunakan sertifikat Digital X.509.†Vol. VIII, No.1, Juni 2016.

Downloads

Published

2019-04-28