Nytro Posted November 15, 2011 Report Share Posted November 15, 2011 Android Data Stealing with Metasploit by creaturesNovember 15, 2011This vulnerability was found by Thomas Cannon back in 2010, I think. I just thought this is interesting to share to Android users . I tried this exploit on Marvell tablets with Android versions 1.6 – 2.2. The big one is using 1.6 and small is using 2.2. For some reason this tablet has been customize by a private company which is used for a project. Screenshot1: http://www.theprojectxblog.net/wp-content/uploads/2011/11/319-1024x768.jpgFiring up metasploit then using android_htmlfileproviderScreenshot2: http://www.theprojectxblog.net/wp-content/uploads/2011/11/305-1024x768.jpgScreenshot3: http://www.theprojectxblog.net/wp-content/uploads/2011/11/300-768x1024.jpgWhen the user accesses the malicious url that we have setup, consequences are the attacker will able to get any data including any sensitive data from/proc, browser files such as history,bookmarks and maybe even sessions. Also you can grab data from sdcards, As explained by Thomas Cannon in his blog: The Android browser doesn’t prompt the user when downloading a file, for example"payload.html", it automatically downloads to /sdcard/download/payload.html It is possible, using JavaScript, to get this payload to automatically open, causing the browser to render the local file. When opening an HTML file within this local context, the Android browser will run JavaScript without prompting the user. While in this local context, the JavaScript is able to read the contents of files (and other data).Screenshot4: http://www.theprojectxblog.net/wp-content/uploads/2011/11/293-1024x768.jpgMajority are now using Android Phones and Tablets especially here in PHL. Google should not be the only one who needs to fix this but also other companies producing or manufacturing Android Phones and Tablets with same version but most companies that I know just dont give a damn about fixing and updating, etc.PS: I also tried it on android 2.3 Archos and the exploit doesnt work Take care guys and be awareSursa: http://www.theprojectxblog.net/android-data-stealing-with-metasploit/ Quote Link to comment Share on other sites More sharing options...
wildchild Posted November 15, 2011 Report Share Posted November 15, 2011 Awesome post!Can't wait to try Quote Link to comment Share on other sites More sharing options...
