Wednesday, January 27, 2021

Android meterpreter reverse_tcp that work on the latest Android versions

Quality Android client used for Pentests


The App :











Change the Meterpreter host to your host,

If your device is not on the same network, you will need to configure port forwarding to your PC on your router.

Grant permissions to the app:








Start the Service.












If you use WSL, you will need to set a proxy to forward traffic from Windows machine 

To the WSL Kali machine:

D:\downloads\proxy-windows\proxy tcp -p ":4444" -T tcp -P "172.29.56.208:4444"


Here is a Video that shows how the app runs with Metasploit:

https://www.youtube.com/watch?v=3FS5v4cwi6c


Get source from here (pass protected, contact to get pass):

Android Studio App Source


Release Notes

------------------

1.4
---
Removed action bar.
Fixed some UI issues.

1.3
---
* Work on WAN
* Can work by manually giving permissions.

Tests
Android 11
Create files in the app location - OK
Create folders sdcard - OK
Get geolocation - OK
Get contacts - NOK
Start app - OK

Android 10
Create files in the app location - OK
Can create folders sdcard - OK
Can get geolocation - OK
Get contacts - NOK
Start app - OK

Android 9
Geolocate - OK
get contact - NOK
create folder - OK
create file - OK
start app - OK

Android 8.1
----------
Create file an edit in Any location - OK
Get contacts - OK
Geolocate - NOK
Run apps - OK


Wednesday, November 25, 2020

Spotify MOL for Wear OS

 


Spotify Wear MOL

Spotify MOL is a modded version of Spotify to run on Wear OS (Mol stands for modded Offline), and support Offline music playback.

You can see how it runs here:

https://www.youtube.com/watch?v=ikpLSdpgFzI

Features:

  1. Offline support.

  2. Much faster then the previous version (around x4 speed improvements).

  3. Much smaller then the previous version (only 10M in size).

  4. UI is much better for the small screen.

  5. Works great with the new Google Fit.

  6. change download quality.

  7.  Can download using cellular.


New version 1.66 supports:

  1.  Performance improvements.
  2.  Improved usability and layout.

Download the latest version from here (1.66):

Wi-Fi Installation (easy):
On the watch:
1. Enable developer options.
2. In the Developer options, enable ADB debug, and debug using Wi-Fi.
3. The IP address of the device will appear after a few seconds - remember it.
On the PC
1. Open console, go to the folder where you downloaded the app.
2. Make sure the PC is connected to the same Wi-Fi network as the watch.
3. Type the command (The IP is the one from step 3): adb connect 192.168.1.24:5555 (You my need to install ADB, or download directly from google).
4. Type the command: adb install spotify-wear-mol_1.65.apk
5. The installation will take a few minutes.


Bluetooth installation guide (For technical people):

Install on your Wear OS device: (Bluetooth) :

adb forward tcp:4444 localabstract:/adb-hub

adb connect 127.0.0.1:4444

adb -s 127.0.0.1:4444 install spotify-wear-mol_1.5.apk


Full installation guide (Bluetooth Method):

On the watch:

  1. Enable developer options (Go to config -> about -> tap the version umber 7 times (it will enable dev options)

  2. Enable ADB debugging

  3. Enable Debug over Bluetooth.


On the Computer:
  1. Install ADB, and copy the APK to the installed folder.

  2. Connect your phone to the computer using USB cable (make sure you enabled adb debugging on your phone in the developer options)

  3. On the Phone wear app go to advanced settings and click on the "Debugging over bluetooth switch)"

  4. From CMD, navigate to the ADB folder and type: 

adb forward tcp:4444 localabstract:/adb-hub

adb connect 127.0.0.1:4444

Should be "connected to 127.0.0.1:4444" 

Make sure your APK you donwloaded is in the folder you are using, and type:

adb -s 127.0.0.1:4444 install spotify-wear-mol_1.5.apk

It will take around 3-5 mins to install on your watch


Installation Video guide:

https://www.youtube.com/watch?v=s1tJTcXwhG4


Tips and Tricks
  • After login in some cases the app is stuck on the logo. to fix it, force close the app (or restart the watch).
  • You will not be able to download music with Bluetooth. To Download a playlist to the watch close the Bluetooth connection on your phone, and let the watch connect via WIFI. The playlist should now download (see the green progress).
  • in-case the adb connect to the device fails (for example: device offline), use the adb kill-server command to restart the connection.
  • Only Wear OS system versions H and above are supported.
  • You must have premium account to download music.

If you enjoy the app, please consider a donation to support the development

Donate



Eli


Wednesday, June 27, 2018

KML file for Google Earth

So, you want to show your pictures on the map,
And you created nice KML file with the pictures, but it doesn't work on Google Earth

The problem is that Google currently, does not support links to its own photos service, nor embeding the photos in the KML file.
The solution is to put the pictures in Microsoft OneDrive, and use this link in the KML file.
You can continue to create the KML file using Earth pro:

Here is how the image should look in the KML file:

<img src="https://c7amuq.ch.files.1drv.com/y4mPm_VnoG3MeH0jVOZCv8iHvKENW4xw9BTJCYIieN6S0NbIsovbxymYVhFIec0J5ifu-DABItKTE7_JQzi8OGM5gtoRF7alrs0v4sbgw65UBynFVUO5vzGT8Qvtfmng5lHeY-zdev1TzvmBVpzCVd8EFX7bwcSQjQdHvVODDsxxIXLa5G89vT04vAsu-tkzDJsbpNgLEolthfiMKoviOkuuQ?width=1024&height=768&cropmode=none" width="1024" height="768" />


Here is the full my full KML file (you can also create it manualy without Earth pro):

https://drive.google.com/open?id=1-OpLPBgavkrMTgVjMhj-D3oDska9arH7

Sunday, March 11, 2018

Friends Locator

Tips and Tricks

Basic Usage

https://www.youtube.com/watch?v=58cqkr4t1R8

Parental Control



With this feature you can lock your child's phone simply by sending to the phone in the group (the child must be part of the group), a "Pause Child phone" command.

To be able to do this, set the child's phone as as a "Child's phone" by clicking the top right ...
and selecting this option:



And give the overlay permission to the child's phone (only the child's phone needs this permission):



Now you can send the "Pause Child's Phone" command to the child's phone, by long click on the groups member, and selecting this option. note that you will need to fill the phone number the first time its used, since this command is sent via SMS:



You can unlock the child's phone by clicking on the "Resume Child phone" option. 

Force Location phone support

  • Enable permission to send and receive SMS on your phone device.
  • Long click on the contact select "Force Location", and add his/her phone number.

The number is save securely on your device (not on our servers).
We take privacy very seriously.
This is why when you reinstall the app on another device, the phone numbers will not exist on the app, and you will need to set them again.

  • After setting the number, an SMS with your friend location will get back to you (Make sure your friend also set the SMS and location permissions in can you have problems). and you can view it on the Map by clicking on the notification, or on the specific friend.

Force Location Android Wear support

  • After setting phone numbers for some friends, clicking on the "Force Location" button on your android wear device will get the locations of your friends with phone numbers.




  • Click on the notification to view the map on your android wear device.



Thursday, February 16, 2017

AsyncTask & multithreading

Android runs all async tasks in a single thread, which means, if one task is blocking, the other task will need to wait till it finishes.
In some cases you will need you async tasks to run simultaneously.
In such a case use:
AsyncTask.THREAD_POOL_EXECUTOR

Here is an example:
new SomeAsyncTask().executeOnExecutor(AsyncTask.THREAD_POOL_EXECUTOR);

Tuesday, January 3, 2017

The Simplest Async Task possible

private class SomeAsyncTask extends AsyncTask<Void, Void, Void> {

    @Override    protected Void doInBackground(Void... voids) {
        Log.d(P.Tag, "doInBackground");
        return null;
    }
}

Sunday, November 20, 2016

Activity does not have the latest intent information put in the pending intent extras

It happens when the activity is resumed.

You need to:

1. In the intent:
    intent.setFlags(Intent.FLAG_ACTIVITY_SINGLE_TOP | Intent.FLAG_ACTIVITY_CLEAR_TOP);
  PendingIntent pendingIntent = PendingIntent.getActivity(this, 0 /* Request code */, intent,
        PendingIntent.FLAG_UPDATE_CURRENT);


  If you have more then one notification at a time, set the request code uniquely

  PendingIntent pendingIntent = PendingIntent.getActivity(this, uniqueIntForName, intent, PendingIntent.FLAG_UPDATE_CURRENT);

  
  This way you will have the correct extras for the specific notification when lunching the 
  Activity. 




2. In the Activity the pending intent is calling:

   @Override
   public void onNewIntent(Intent newIntent) {
    Log.i(P.Tag, "===onNewIntent called===");
    this.setIntent(newIntent);
   }