I've been trying to play around with this, but I have not gotten anything working so far. I'm using Kail. Here are some issues:
spf> 1
Select An Option from the Menu:
1.) Attach Framework to a Deployed Agent
2.) Generate Agent App
3.) Copy Agent to Web Server
4.) Import an Agent Template
5.) Backdoor Android APK with Agent
6.) Create APK Signing Key
spf> 2
1.) MapsDemo
2.) BlankFrontEnd
spf> 2
Phone number of the control modem for the agent: 15555555555
Control key for the agent: KEYKEY1
Webserver control path for agent:
Control Number:15555555555
Control Key:KEYKEY1
ControlPath:
Is this correct?(y/n) y
Error: Target id 'Google Inc.:Google APIs:4' is not valid. Use 'android list targets' to get the target ids.
Error: Target id 'Google Inc.:Google APIs:4' is not valid. Use 'android list targets' to get the target ids.
Error: The project either has no target set or the target is invalid.
Please provide a --target to the 'android update' command.
It seems that there are sub-projects. If you want to update them
please use the --subprojects parameter.
Buildfile: /root/Scripts/Smartphone-Pentest-Framework/AgentTemplates/BlankFrontEnd/build.xml
BUILD FAILED
/root/Scripts/Smartphone-Pentest-Framework/AgentTemplates/BlankFrontEnd/build.xml:90: Cannot find /root/Smartphone-Pentest-Framework/android-sdk-linux/tools/ant/build.xml imported from /root/Scripts/Smartphone-Pentest-Framework/AgentTemplates/BlankFrontEnd/build.xml
Total time: 0 seconds
1.) MapsDemo
2.) BlankFrontEnd
"/root/Smartphone-Pentest-Framework/android-sdk-linux/tools/ant/build.xml" obviously doesn't exist because there is a "Scripts" folder within the "root" folder. Everything in the "config" file is set with this in mind.
It doesn't like common words very much:
spf> help
Traceback (most recent call last):
File "./framework.py", line 3369, in
main()
File "./framework.py", line 59, in main
agent_attach2()
File "./framework.py", line 685, in agent_attach2
choose_build()
File "./framework.py", line 865, in choose_build
pick = int(choice)-1
ValueError: invalid literal for int() with base 10: 'help'
spf> exit
Traceback (most recent call last):
File "./framework.py", line 3369, in
main()
File "./framework.py", line 59, in main
agent_attach2()
File "./framework.py", line 685, in agent_attach2
choose_build()
File "./framework.py", line 865, in choose_build
pick = int(choice)-1
ValueError: invalid literal for int() with base 10: 'exit'
Not sure if I was doing this right, but it doesn't like what I did.
root@Kali:~/Scripts/Smartphone-Pentest-Framework/frameworkconsole# ./framework.py
Welcome to the Smartphone Pentest Framework!
v0.2.6
Georgia Weidman/Bulb Security
Select An Option from the Menu:
1.) Attach Framework to a Deployed Agent/Create Agent
2.) Send Commands to an Agent
3.) View Information Gathered
4.) Attach Framework to a Mobile Modem
5.) Run a remote attack
6.) Run a social engineering or client side attack
7.) Clear/Create Database
8.) Use Metasploit
9.) Compile code to run on mobile devices
10.) Install Stuff
11.) Use Drozer
0.) Exit
spf> 1
Select An Option from the Menu:
1.) Attach Framework to a Deployed Agent
2.) Generate Agent App
3.) Copy Agent to Web Server
4.) Import an Agent Template
5.) Backdoor Android APK with Agent
6.) Create APK Signing Key
spf> 1
Attach to a Deployed Agent:
This will set up handlers to control an agent that has already been deployed.
Agent URL Path:
Agent Control Key: t
Communication Method(SMS/HTTP): HTTP
URL Path:
Control Key: t
Communication Method: HTTP
Is this correct?(y/N): y
Traceback (most recent call last):
File "./framework.py", line 3369, in
main()
File "./framework.py", line 59, in main
agent_attach2()
File "./framework.py", line 681, in agent_attach2
agent_attach()
File "./framework.py", line 2271, in agent_attach
f = open(text, 'r+')
IOError: [Errno 2] No such file or directory: '/var/www/text.txt'
root@Kali:~/Scripts/Smartphone-Pentest-Framework/frameworkconsole# ./framework.py
It also doesn't like Metasploit:
root@Kali:~/Scripts/Smartphone-Pentest-Framework/frameworkconsole# ./framework.py
Welcome to the Smartphone Pentest Framework!
v0.2.6
Georgia Weidman/Bulb Security
Select An Option from the Menu:
1.) Attach Framework to a Deployed Agent/Create Agent
2.) Send Commands to an Agent
3.) View Information Gathered
4.) Attach Framework to a Mobile Modem
5.) Run a remote attack
6.) Run a social engineering or client side attack
7.) Clear/Create Database
8.) Use Metasploit
9.) Compile code to run on mobile devices
10.) Install Stuff
11.) Use Drozer
0.) Exit
spf> 8
Runs smartphonecentric Metasploit modules for you.
Select An Option from the Menu:
1.) Run iPhone Metasploit Modules
2.) Create Android Meterpreter
3.) Setup Metasploit Listener
4.) Run Android Metasploit Modules
spf> 2
Generate Android Meterpreter
IP to connect back to:192.168.1.75
Port to connect back to:4444
Is this correct(y/N):y
No platform was selected, choosing Msf::Module::Platform::Android from the payload
No Arch selected, selecting Arch: dalvik from the payload
Found 0 compatible encoders
Or this:
root@Kali:~/Scripts/Smartphone-Pentest-Framework/frameworkconsole# ./framework.py
Welcome to the Smartphone Pentest Framework!
v0.2.6
Georgia Weidman/Bulb Security
Select An Option from the Menu:
1.) Attach Framework to a Deployed Agent/Create Agent
2.) Send Commands to an Agent
3.) View Information Gathered
4.) Attach Framework to a Mobile Modem
5.) Run a remote attack
6.) Run a social engineering or client side attack
7.) Clear/Create Database
8.) Use Metasploit
9.) Compile code to run on mobile devices
10.) Install Stuff
11.) Use Drozer
0.) Exit
spf> 6
Choose a social engineering or client side attack to launch:
1.) Direct Download Agent
2.) Client Side Shell
3.) USSD Webpage Attack (Safe)
4 ) USSD Webpage Attack (Malicious)
spf> 2
Select a Client Side Attack to Run
1) CVE=2010-1759 Webkit Vuln Android
spf> exit
Select An Option from the Menu:
1.) Attach Framework to a Deployed Agent/Create Agent
2.) Send Commands to an Agent
3.) View Information Gathered
4.) Attach Framework to a Mobile Modem
5.) Run a remote attack
6.) Run a social engineering or client side attack
7.) Clear/Create Database
8.) Use Metasploit
9.) Compile code to run on mobile devices
10.) Install Stuff
11.) Use Drozer
0.) Exit
spf> 6
Choose a social engineering or client side attack to launch:
1.) Direct Download Agent
2.) Client Side Shell
3.) USSD Webpage Attack (Safe)
4 ) USSD Webpage Attack (Malicious)
spf> 3
Hosting Path:
Filename: test
Phone Number to Attack: 15555555555
mkdir: cannot create directory `/var/www': File exists
Traceback (most recent call last):
File "./framework.py", line 3369, in
main()
File "./framework.py", line 69, in main
social()
File "./framework.py", line 978, in social
ussdsafe()
File "./framework.py", line 1120, in ussdsafe
modem = get_modem()
File "./framework.py", line 1799, in get_modem
db.query("SELECT COUNT(*) from modems")
File "/root/Scripts/Smartphone-Pentest-Framework/frameworkconsole/lib/db.py", line 83, in query
return self._dbe.query(q, params)
File "/root/Scripts/Smartphone-Pentest-Framework/frameworkconsole/lib/db.py", line 18, in query
self.cur.execute(q, params)
File "/usr/lib/python2.7/dist-packages/MySQLdb/cursors.py", line 174, in execute
self.errorhandler(self, exc, value)
File "/usr/lib/python2.7/dist-packages/MySQLdb/connections.py", line 36, in defaulterrorhandler
raise errorclass, errorvalue
_mysql_exceptions.ProgrammingError: (1146, "Table 'framework.modems' doesn't exist")
Or this:
root@Kali:~/Scripts/Smartphone-Pentest-Framework/frameworkconsole# ./framework.py
Welcome to the Smartphone Pentest Framework!
v0.2.6
Georgia Weidman/Bulb Security
Select An Option from the Menu:
1.) Attach Framework to a Deployed Agent/Create Agent
2.) Send Commands to an Agent
3.) View Information Gathered
4.) Attach Framework to a Mobile Modem
5.) Run a remote attack
6.) Run a social engineering or client side attack
7.) Clear/Create Database
8.) Use Metasploit
9.) Compile code to run on mobile devices
10.) Install Stuff
11.) Use Drozer
0.) Exit
spf> 4
Choose a type of modem to attach to:
1.) Search for attached modem
2.) Attach to a smartphone based app
3.) Generate smartphone based app
4.) Copy App to Webserver
5.) Install App via ADB
spf> 3
Choose a type of control app to generate:
1.) Android App (Android 1.6)
2.) Android App with NFC (Android 4.0 and NFC enabled device)
spf> 2
Phone number of agent: 15555555555
Control key for the agent: KEYKEY1
Webserver control path for agent:
Control Number:15555555555
Control Key:KEYKEY1
ControlPath:
Is this correct?(y/n): y
sh: 1: Syntax error: Unterminated quoted string
Error: The project either has no target set or the target is invalid.
Please provide a --target to the 'android update' command.
It seems that there are sub-projects. If you want to update them
please use the --subprojects parameter.
Buildfile: /root/Scripts/Smartphone-Pentest-Framework/FrameworkAndroidAppwithNFC/build.xml
-check-env:
[checkenv] Android SDK Tools Revision 22.0.1
[checkenv] Installed at /usr/share/android-sdk
-setup:
[echo] Project Name: FrameworkAndroidAppActivity
[gettype] Project Type: Application
-pre-clean:
clean:
[delete] Deleting directory /root/Scripts/Smartphone-Pentest-Framework/FrameworkAndroidAppwithNFC/bin
[delete] Deleting directory /root/Scripts/Smartphone-Pentest-Framework/FrameworkAndroidAppwithNFC/gen
[getlibpath] Library dependencies:
[getlibpath] No Libraries
[subant] No sub-builds to iterate on
-set-mode-check:
-set-debug-files:
-check-env:
[checkenv] Android SDK Tools Revision 22.0.1
[checkenv] Installed at /usr/share/android-sdk
-setup:
[echo] Project Name: FrameworkAndroidAppActivity
[gettype] Project Type: Application
-set-debug-mode:
-debug-obfuscation-check:
-pre-build:
-build-setup:
BUILD FAILED
/usr/share/android-sdk/tools/ant/build.xml:479: SDK does not have any Build Tools installed.
Total time: 1 second
cp: cannot stat `/root/Scripts/Smartphone-Pentest-Framework/FrameworkAndroidAppwithNFC/bin/FrameworkAndroidAppActivity-debug-unaligned.apk': No such file or directory
It seems, in general, Python errors are quite abundant. I am just going through some of the things at random and this is what I have encountered. Also, "exploit/android/browser/webview_addjavascriptinterface" should be added.