*what you shoud have*
1. Backtrack 5 r3 (utilizing backtrack for this case as SPF is pre-introduced),
2. Portforwarding (on the off chance that you are utilizing this outside of your own system)
3. Xampp for linux (manual for introducing this will be in the instructional exercise)
4. A telephone (for instance I will be utilizing my Android Phone)
Step 1) Installing Xampp:
As a matter of first importance, go Here to get Xampp.
Once xampp has completed the process of downloading, go to your home index and you ought to have a record called "download.php?xampp-linux-1.7.3a.tar.gz" rename it to something such as "xampp.tar.gz".
In your terminal window run
tar xvfz xampp.tar.gz - C/pick
Everything ought to be introduced and you can discover xampp in/pick/lampp/registry.
Step 2) Configuring Xampp:
Use
/pick/lampp/lampp begin
/pick/lampp/lampp stop
To begin and stop the Xampp administration
Once Xampp has begun, go to "localhost" in your program and select your dialect. Explored to "Phpmyadmin" and make another database called "system".
Next include another client by setting off to the "benefits" tab then "include another client".
Utilize whatever username and secret key you need and select "nearby" from the hosts list.
Ensure you "Check All" worldwide benefits, then snap go.
Presently erase the htdocs envelope in/select/lampp/
Step 3) Configuring SPF Files:
Explore to the SPF config record
/pentest/abuses/cell phone pentest-structure/frameworkconsole/config and Replace
Ip Address For Websrever – with your neighborhood/open ip.
Ip Address TO Listn on for Shells – with your nearby/open ip.
Ip Address of SQL Server 127.0.0.1 if Localhost – with 127.0.0.1
Username of the MYSQL User to utilize – with the username you made in phpmyadmin
Secret word of the MYSQL User to utilize – with the watchword of the client you set
Step 4) Configuring SPF:
Open up the cell phone pentest-structure window by going to:
applications>backtrack>exploitationtools>wirelessexploitationtools>gsmexploitation>Smartphone-pentest-structure.
Select alternative 4 then select choice 2.
Data your telephone number, then info a 7 digit control key to associate with your casualties and after that enter the way you need your application to situated on your webserver (I will be utilizing/). Presently don't anticipate that anything will happen just yet, you have to arrange your telephone with SPF.
Find the document:
/pentest/misuses/cell phone pentest-system/FrameworkAndroidApp/canister/FrameworkAndroidApp.apk
What's more, move it over to your telephone by transferring it to dropbox or simply associating your telephone to your PC.
Introduce it then open it up. Put in the subtle elements you rounded out a moment prior in
SPF and your ip the webserver is setup on and press setup.
Step 5) Attacking People:
Open up cell phone pentest-system and select choice 6 then pick between the direct download (just sends a content to the individual from your telephone with a direct download to the document) or customer side shell (utilizes a program abuse as a part of android telephones to give you shell access).
On the off chance that you select choice 1 you should move the record
/pentest/abuses/cell phone pentest-system/AndroidAgent/receptacle/AndroidAgent.apk
To your root catalog.
When you get a casualty, simply open up cell phone pentest-system once more, select choice 1, fill in the subtle elements and you can then control the casualty from your cellular telephone.
No comments:
Post a Comment