MITM not working on HTC M7

[michael86]

##DEVICE:

HTC ONE M7

##OS version:

Nougat 7.1.1

##cSploit version:

1.6.6-rc2

##busybox (installed or not):

Yes

##Rooted with supersu?

Yes

##logcat (filter it!):

---- 4 May 2017 21:21:30 ----

05-04 21:18:18.572 822 1180 I ActivityManager: START u0 {act=android.intent.action.MAIN cat=[android.intent.category.LAUNCHER] flg=0x10200000 cmp=org.csploit.android/.MainActivity (has extras)} from uid 10029 on display 0

05-04 21:18:18.621 822 834 I ActivityManager: Start proc 10156:org.csploit.android/u0a128 for activity org.csploit.android/.MainActivity

05-04 21:18:18.779 10156 10183 E CSPLOIT[core.System.errorLogging]: org.csploit.android.core.ChildManager$ChildNotStartedException: cannot start commands

05-04 21:18:18.779 10156 10183 E CSPLOIT[core.System.errorLogging]: at org.csploit.android.tools.Tool.async(Tool.java:48)

05-04 21:18:18.779 10156 10183 E CSPLOIT[core.System.errorLogging]: at org.csploit.android.tools.NMap.synScan(NMap.java:142)

05-04 21:18:18.779 10156 10183 E CSPLOIT[core.System.errorLogging]: at org.csploit.android.tools.NMap.synScan(NMap.java:146)

05-04 21:18:18.779 10156 10183 E CSPLOIT[core.System.errorLogging]: at org.csploit.android.services.NetworkRadar$2.run(NetworkRadar.java:90)

05-04 21:18:19.277 822 847 I ActivityManager: Displayed org.csploit.android/.MainActivity: +679ms

05-04 21:18:22.312 822 1681 I ActivityManager: START u0 {cmp=org.csploit.android/.ActionActivity} from uid 10128 on display 0

05-04 21:18:22.888 822 847 I ActivityManager: Displayed org.csploit.android/.ActionActivity: +556ms

05-04 21:18:24.599 10209 10209 W linker : /data/data/org.csploit.android/files/ruby/lib/ruby/gems/1.9.1/gems/nokogiri-1.6.0-arm-linux/lib/nokogiri/nokogiri.so: unused DT entry: type 0xf arg 0x12dc5

05-04 21:18:24.909 822 6097 I ActivityManager: START u0 {cmp=org.csploit.android/.plugins.mitm.MITM} from uid 10128 on display 0

05-04 21:18:25.197 822 847 I ActivityManager: Displayed org.csploit.android/.plugins.mitm.MITM: +261ms

05-04 21:20:22.025 822 1686 I ActivityManager: START u0 {cmp=org.csploit.android/.plugins.mitm.Sniffer} from uid 10128 on display 0

05-04 21:20:22.351 822 847 I ActivityManager: Displayed org.csploit.android/.plugins.mitm.Sniffer: +306ms

05-04 21:20:44.039 822 2386 I ActivityManager: START u0 {cmp=org.csploit.android/.ActionActivity} from uid 10128 on display 0

05-04 21:20:44.345 822 847 I ActivityManager: Displayed org.csploit.android/.ActionActivity: +250ms

05-04 21:20:48.110 822 1673 I ActivityManager: START u0 {cmp=org.csploit.android/.plugins.mitm.MITM} from uid 10128 on display 0

05-04 21:20:48.439 822 847 I ActivityManager: Displayed org.csploit.android/.plugins.mitm.MITM: +292ms

---- 4 May 2017 21:21:30 ----

##Issue:

No MITM attacks seem to work, I've tested it against my iphone, desktop and laptops. The traffic sniffing appears to work but the amount of data it collects is minimal considering the amount I imagine I'm generating.

Redirects and connection killing does nothing, same as replacing images and videos.

I'm using superSU and the app has been granted root access, busy box was also installed automatically when I flashed my nethunter build. It may be worth mentioning, the cSploit that was flashed as part of nethunter was outdated so I had to manually uninstall and install the latest version, not sure if this would have any effect on the MITM.

[tux-mind]

Hi, thanks for the report, can you attach the full logcat ?

It appears that a log of debug information is missing.

thank you in advance for your time 😊

[michael86]

@tux-mind Cheers for getting back to me, here's a full unfiltered log.

---- 5 May 2017 13:24:00 ----

05-05 13:22:45.815 373 630 I tfa9887 : tfa9887_power: Set amplifier power to 0

05-05 13:22:45.912 822 910 I ActivityManager: START u0 {act=android.intent.action.MAIN cat=[android.intent.category.HOME] flg=0x10200000 cmp=com.cyanogenmod.trebuchet/com.android.launcher3.Launcher (has extras)} from uid 1000 on display 0

05-05 13:22:46.142 822 832 I art : Background partial concurrent mark sweep GC freed 14150(757KB) AllocSpace objects, 2(40KB) LOS objects, 33% free, 19MB/29MB, paused 2.227ms total 192.382ms

05-05 13:22:46.579 1716 1863 W OpenGLRenderer: Incorrectly called buildLayer on View: ShortcutAndWidgetContainer, destroying layer...

05-05 13:22:48.202 373 630 I msm8960_platform: platform_send_audio_calibration: sending audio calibration for snd_device(2) acdb_id(15)

05-05 13:22:48.203 373 630 I tfa9887 : tfa9887_power: Set amplifier power to 1

05-05 13:22:49.074 822 1685 I ActivityManager: START u0 {act=android.intent.action.MAIN cat=[android.intent.category.LAUNCHER] flg=0x10200000 cmp=org.csploit.android/.MainActivity bnds=[645,1228][855,1466] (has extras)} from uid 10029 on display 0

05-05 13:22:49.131 822 836 W BroadcastQueue: Permission Denial: broadcasting Intent { act=com.android.launcher3.action.LAUNCH flg=0x10 (has extras) } from com.cyanogenmod.trebuchet (pid=1716, uid=10029) requires com.google.android.launcher.permission.RECEIVE_LAUNCH_BROADCASTS due to receiver com.google.android.gms/.icing.proxy.ApplicationLauncherReceiver

05-05 13:22:49.132 822 836 W BroadcastQueue: Permission Denial: receiving Intent { act=com.android.launcher3.action.LAUNCH flg=0x10 (has extras) } to com.google.android.gms/.chimera.GmsIntentOperationService$GmsExternalReceiver requires com.android.launcher3.permission.RECEIVE_LAUNCH_BROADCASTS due to sender com.cyanogenmod.trebuchet (uid 10029)

05-05 13:22:49.132 822 836 W BroadcastQueue: Permission Denial: broadcasting Intent { act=com.android.launcher3.action.LAUNCH flg=0x10 (has extras) } from com.cyanogenmod.trebuchet (pid=1716, uid=10029) requires com.google.android.launcher.permission.RECEIVE_LAUNCH_BROADCASTS due to receiver com.google.android.googlequicksearchbox/com.google.android.apps.gsa.reflection.ReflectionReceiver

05-05 13:22:49.185 822 22531 I ActivityManager: Start proc 22664:org.csploit.android/u0a128 for activity org.csploit.android/.MainActivity

05-05 13:22:49.297 22664 22664 I art : Starting a blocking GC AddRemoveAppImageSpace

05-05 13:22:49.424 22664 22699 W CSPLOIT[tools.Tool.async]: nmap: disabled

05-05 13:22:49.424 22664 22698 W CSPLOIT[tools.Tool.async]: nmap: disabled

05-05 13:22:49.426 22664 22699 E CSPLOIT[core.System.errorLogging]: cannot start commands

05-05 13:22:49.426 22664 22699 E CSPLOIT[core.System.errorLogging]: org.csploit.android.core.ChildManager$ChildNotStartedException: cannot start commands

05-05 13:22:49.426 22664 22699 E CSPLOIT[core.System.errorLogging]: at org.csploit.android.tools.Tool.async(Tool.java:48)

05-05 13:22:49.426 22664 22699 E CSPLOIT[core.System.errorLogging]: at org.csploit.android.tools.NMap.synScan(NMap.java:142)

05-05 13:22:49.426 22664 22699 E CSPLOIT[core.System.errorLogging]: at org.csploit.android.tools.NMap.synScan(NMap.java:146)

05-05 13:22:49.426 22664 22699 E CSPLOIT[core.System.errorLogging]: at org.csploit.android.services.NetworkRadar$2.run(NetworkRadar.java:90)

05-05 13:22:49.426 22664 22699 E CSPLOIT[core.System.errorLogging]: at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1133)

05-05 13:22:49.426 22664 22699 E CSPLOIT[core.System.errorLogging]: at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:607)

05-05 13:22:49.426 22664 22699 E CSPLOIT[core.System.errorLogging]: at java.lang.Thread.run(Thread.java:761)

05-05 13:22:49.499 22664 22698 W CSPLOIT[tools.Tool.async]: nmap: disabled

05-05 13:22:49.499 22664 22699 W CSPLOIT[tools.Tool.async]: nmap: disabled

05-05 13:22:49.528 22664 22664 I CSPLOIT[services.NetworkRadar.onAutoScanChanged]: autoScan has been set to true

05-05 13:22:49.546 22664 22714 I CSPLOIT[net.RemoteReader.run]: fetching 'https://api.github.com/repos/cSploit/android/releases'

05-05 13:22:49.552 22664 22708 I cSploitClient: start_command: child #1 started

05-05 13:22:49.560 22664 22714 W System : ClassLoader referenced unknown path: /system/framework/tcmclient.jar

05-05 13:22:49.563 22664 22698 I cSploitClient: start_command: child #2 started

05-05 13:22:49.581 22664 22699 I cSploitClient: start_command: child #3 started

05-05 13:22:49.652 22664 22733 W CSPLOIT[services.NetworkRadar$Receiver.onHostFound]: target '"Doormat-1"' changed it's mac address from '1C:67:58:5A:D3:E4' to '1C:67:58:5A:D3:DB'

05-05 13:22:49.670 22664 22713 I CSPLOIT[services.MsfRpcdService.connect]: successfully connected to MSF RPC Daemon

05-05 13:22:49.679 22664 22713 W CSPLOIT[services.MsfRpcdService.start]: connected to a lost instance of the msfrpcd

05-05 13:22:49.680 22664 22719 I Adreno-EGL: <qeglDrvAPI_eglInitialize:379>: QUALCOMM Build: 10/21/15, 369a2ea, I96aee987eb

05-05 13:22:49.692 22664 22719 I OpenGLRenderer: Initialized EGL, version 1.4

05-05 13:22:49.743 358 1781 E QC-NETMGR-LIB: Received nl msg, recvmsg returned 56

05-05 13:22:49.744 358 793 E QC-NETMGR-LIB: Processing RTM_NEWLINK

05-05 13:22:49.744 358 793 E QC-NETMGR-LIB: Metainfo: Index=22 Family=0 Type=0x1 Change=[0x0] Flags=[0x11043]UP BROADCAST RUNNING MULTICAST LOWER_UP

05-05 13:22:49.767 22664 22699 I cSploitClient: start_command: child #4 started

05-05 13:22:49.860 22664 22678 I art : Background sticky concurrent mark sweep GC freed 78140(2MB) AllocSpace objects, 12(240KB) LOS objects, 20% free, 8MB/10MB, paused 7.141ms total 103.240ms

05-05 13:22:49.909 822 847 I ActivityManager: Displayed org.csploit.android/.MainActivity: +735ms

05-05 13:22:49.946 22664 22699 I cSploitClient: start_command: child #5 started

05-05 13:22:49.988 22664 22699 I cSploitClient: start_command: child #6 started

05-05 13:22:50.277 22664 22714 I CSPLOIT[net.RemoteReader.run]: fetching 'https://api.github.com/repos/cSploit/android.native/releases'

05-05 13:22:50.484 22664 22707 W CSPLOIT[services.UpdateChecker.getCoreUpdate]: unsupported platform ( android25.armeabi-v7a )

05-05 13:22:50.488 22664 22714 I CSPLOIT[net.RemoteReader.run]: fetching 'https://api.github.com/repos/cSploit/android.native.ruby/releases'

05-05 13:22:50.625 22664 22707 W CSPLOIT[services.UpdateChecker.getRubyUpdate]: unsupported platform ( android25.armeabi-v7a )

05-05 13:22:50.627 22664 22714 I CSPLOIT[net.RemoteReader.run]: fetching 'https://api.github.com/repos/cSploit/android.MSF/releases'

05-05 13:22:50.965 822 839 E BatteryStatsService: power: Missing API

05-05 13:22:50.970 822 950 E wifi : wifi_get_supported_feature_set returned error = 0xffffffa1

05-05 13:22:51.009 822 839 E BatteryStatsService: no controller energy info supplied

05-05 13:22:51.009 822 839 E BatteryStatsService: no controller energy info supplied

05-05 13:22:51.054 822 839 E BatteryStatsService: modem info is invalid: ModemActivityInfo{ mTimestamp=0 mSleepTimeMs=0 mIdleTimeMs=0 mTxTimeMs[]=[0, 0, 0, 0, 0] mRxTimeMs=0 mEnergyUsed=0}

05-05 13:22:51.106 822 836 W ProcessCpuTracker: Skipping unknown process pid 22765

05-05 13:22:51.664 822 822 W WindowManager: Attempted to remove non-existing token: android.os.Binder@bf4cc1e

05-05 13:22:52.267 373 630 I tfa9887 : tfa9887_power: Set amplifier power to 0

05-05 13:22:54.694 822 1684 I ActivityManager: START u0 {cmp=org.csploit.android/.ActionActivity} from uid 10128 on display 0

05-05 13:22:54.701 373 630 I msm8960_platform: platform_send_audio_calibration: sending audio calibration for snd_device(2) acdb_id(15)

05-05 13:22:54.704 373 630 I tfa9887 : tfa9887_power: Set amplifier power to 1

05-05 13:22:54.916 22664 22664 W System : ClassLoader referenced unknown path: /system/app/webview/lib/arm

05-05 13:22:54.924 22664 22664 I WebViewFactory: Loading com.android.webview version 55.0.2883.105 (code 1)

05-05 13:22:55.060 22664 22664 I cr_LibraryLoader: Time to load native libraries: 7 ms (timestamps 7961-7968)

05-05 13:22:55.060 22664 22664 I cr_LibraryLoader: Expected native library version number "55.0.2883.105", actual native library version number "55.0.2883.105"

05-05 13:22:55.066 22664 22664 I cr_LibraryLoader: Expected native library version number "55.0.2883.105", actual native library version number "55.0.2883.105"

05-05 13:22:55.067 22664 22664 I chromium: [INFO:library_loader_hooks.cc(163)] Chromium logging enabled: level = 0, default verbosity = 0

05-05 13:22:55.097 22664 22664 I cr_BrowserStartup: Initializing chromium process, singleProcess=true

05-05 13:22:55.294 822 847 I ActivityManager: Displayed org.csploit.android/.ActionActivity: +549ms

05-05 13:22:56.696 822 822 W WindowManager: Attempted to remove non-existing token: android.os.Binder@961500b

05-05 13:22:56.757 822 833 I ActivityManager: START u0 {cmp=org.csploit.android/.plugins.mitm.MITM} from uid 10128 on display 0

05-05 13:22:57.060 822 847 I ActivityManager: Displayed org.csploit.android/.plugins.mitm.MITM: +263ms

05-05 13:22:58.757 822 822 W WindowManager: Attempted to remove non-existing token: android.os.Binder@24c5de2

05-05 13:22:59.900 373 630 I tfa9887 : tfa9887_power: Set amplifier power to 0

05-05 13:23:01.342 373 630 I msm8960_platform: platform_send_audio_calibration: sending audio calibration for snd_device(2) acdb_id(15)

05-05 13:23:01.343 373 630 I tfa9887 : tfa9887_power: Set amplifier power to 1

05-05 13:23:02.555 1004 1004 W SubtypeLocaleUtils: KeyboardLayoutSet not found, use QWERTY: locale=en_AU extraValue=TrySuppressingImeSwitcher,AsciiCapable,SupportTouchPositionCorrection,EmojiCapable

05-05 13:23:02.556 1004 1004 W SubtypeLocaleUtils: KeyboardLayoutSet not found, use QWERTY: locale=hu_ZZ extraValue=AsciiCapable,SupportTouchPositionCorrection,EmojiCapable

05-05 13:23:02.560 1004 1004 W RichInputMethodSubtype: Can't find emoji subtype

05-05 13:23:02.560 1004 1004 W RichInputMethodSubtype: No input method subtype found; returning dummy subtype: Multi-lingual subtype: android.view.inputmethod.InputMethodSubtype@d78b2ed0, zz

05-05 13:23:02.658 1004 1004 I EmojiCategory: Last Emoji category id is 8

05-05 13:23:02.669 1004 1004 W ViewPager: Requested offscreen page limit 0 too small; defaulting to 1

05-05 13:23:02.736 1004 1004 I LatinIME: Starting input. Cursor position = 0,0

05-05 13:23:04.522 373 630 I tfa9887 : tfa9887_power: Set amplifier power to 0

05-05 13:23:10.002 373 630 I msm8960_platform: platform_send_audio_calibration: sending audio calibration for snd_device(2) acdb_id(15)

05-05 13:23:10.004 373 630 I tfa9887 : tfa9887_power: Set amplifier power to 1

05-05 13:23:10.045 22664 22664 I cSploitClient: start_command: child #7 started

05-05 13:23:10.072 22664 22664 I cSploitClient: start_command: child #8 started

05-05 13:23:10.102 22664 22664 I cSploitClient: start_command: child #9 started

05-05 13:23:10.150 22664 22664 I cSploitClient: start_command: child #10 started

05-05 13:23:10.169 22664 22664 I cSploitClient: start_command: child #11 started

05-05 13:23:10.187 22664 22664 I cSploitClient: start_command: child #12 started

05-05 13:23:10.208 22664 22664 I cSploitClient: start_command: child #13 started

05-05 13:23:10.226 22664 22664 I cSploitClient: start_command: child #14 started

05-05 13:23:10.245 22664 22664 I cSploitClient: start_command: child #15 started

05-05 13:23:10.582 22664 22664 I cSploitClient: start_command: child #16 started

05-05 13:23:10.585 22664 22664 I cSploitClient: start_command: child #17 started

05-05 13:23:10.621 22664 22664 I cSploitClient: start_command: child #18 started

05-05 13:23:10.641 22664 22664 I cSploitClient: start_command: child #19 started

05-05 13:23:10.667 22664 22664 I cSploitClient: start_command: child #20 started

05-05 13:23:10.685 22664 22664 I cSploitClient: start_command: child #21 started

05-05 13:23:10.704 22664 22664 I cSploitClient: start_command: child #22 started

05-05 13:23:10.724 22664 22664 I cSploitClient: start_command: child #23 started

05-05 13:23:10.779 22664 22664 I Choreographer: Skipped 46 frames! The application may be doing too much work on its main thread.

05-05 13:23:10.787 1004 1004 W InputMethodService: Window size has been changed. This may cause jankiness of resizing window: -1 -> -2

05-05 13:23:10.821 22664 22664 W IInputConnectionWrapper: finishComposingText on inactive InputConnection

05-05 13:23:10.821 22664 22664 W IInputConnectionWrapper: finishComposingText on inactive InputConnection

05-05 13:23:10.821 22664 22664 W IInputConnectionWrapper: finishComposingText on inactive InputConnection

05-05 13:23:13.209 373 630 I tfa9887 : tfa9887_power: Set amplifier power to 0

05-05 13:23:13.557 822 822 W WindowManager: Attempted to remove non-existing token: android.os.Binder@cebe619

05-05 13:23:13.918 822 13976 W IpReachabilityMonitor: ErrnoException:

05-05 13:23:13.918 822 13976 W IpReachabilityMonitor: android.system.ErrnoException: read failed: ENOBUFS (No buffer space available)

05-05 13:23:13.918 822 13976 W IpReachabilityMonitor: at libcore.io.Posix.readBytes(Native Method)

05-05 13:23:13.918 822 13976 W IpReachabilityMonitor: at libcore.io.Posix.read(Posix.java:161)

05-05 13:23:13.918 822 13976 W IpReachabilityMonitor: at libcore.io.BlockGuardOs.read(BlockGuardOs.java:226)

05-05 13:23:13.918 822 13976 W IpReachabilityMonitor: at android.system.Os.read(Os.java:368)

05-05 13:23:13.918 822 13976 W IpReachabilityMonitor: at android.net.netlink.NetlinkSocket.recvMessage(NetlinkSocket.java:123)

05-05 13:23:13.918 822 13976 W IpReachabilityMonitor: at android.net.netlink.NetlinkSocket.recvMessage(NetlinkSocket.java:94)

05-05 13:23:13.918 822 13976 W IpReachabilityMonitor: at android.net.ip.IpReachabilityMonitor$NetlinkSocketObserver.recvKernelReply(IpReachabilityMonitor.java:510)

05-05 13:23:13.918 822 13976 W IpReachabilityMonitor: at android.net.ip.IpReachabilityMonitor$NetlinkSocketObserver.run(IpReachabilityMonitor.java:466)

05-05 13:23:13.918 822 13976 W IpReachabilityMonitor: at java.lang.Thread.run(Thread.java:761)

05-05 13:23:14.271 822 835 W SyncManager: Detected sync making no progress for startTime 77341928, mTimeoutStartTime 77341928, mHistoryRowId 171, syncOperation JobId: 109260, michael8t6@gmail.com u0 (com.google), com.android.contacts, LOCAL, reason: 10002. cancelling.

05-05 13:23:14.577 3920 21583 W GDataClient: Unable to execute HTTP request.java.net.SocketTimeoutException: Read timed out

05-05 13:23:14.663 373 630 I msm8960_platform: platform_send_audio_calibration: sending audio calibration for snd_device(2) acdb_id(15)

05-05 13:23:14.665 373 630 I tfa9887 : tfa9887_power: Set amplifier power to 1

05-05 13:23:14.859 22664 22678 I art : Background partial concurrent mark sweep GC freed 79620(3MB) AllocSpace objects, 9(480KB) LOS objects, 40% free, 10MB/18MB, paused 10.467ms total 153.472ms

05-05 13:23:15.800 1004 1004 W InputMethodService: Window size has been changed. This may cause jankiness of resizing window: -1 -> -2

05-05 13:23:15.889 1004 1004 I LatinIME: Starting input. Cursor position = 0,0

05-05 13:23:17.860 373 630 I tfa9887 : tfa9887_power: Set amplifier power to 0

05-05 13:23:23.049 22664 22664 I cSploitClient: start_command: child #24 started

05-05 13:23:23.060 373 630 I msm8960_platform: platform_send_audio_calibration: sending audio calibration for snd_device(2) acdb_id(15)

05-05 13:23:23.062 373 630 I tfa9887 : tfa9887_power: Set amplifier power to 1

05-05 13:23:23.099 22664 22664 I cSploitClient: start_command: child #25 started

05-05 13:23:23.128 22664 22664 I cSploitClient: start_command: child #26 started

05-05 13:23:23.158 22664 22664 I cSploitClient: start_command: child #27 started

05-05 13:23:23.178 22664 22664 I cSploitClient: start_command: child #28 started

05-05 13:23:23.197 22664 22664 I cSploitClient: start_command: child #29 started

05-05 13:23:23.229 22664 22664 I cSploitClient: start_command: child #30 started

05-05 13:23:23.250 22664 22664 I cSploitClient: start_command: child #31 started

05-05 13:23:23.268 22664 22664 I cSploitClient: start_command: child #32 started

05-05 13:23:23.288 22664 22664 I cSploitClient: start_command: child #33 started

05-05 13:23:23.292 22664 22664 I cSploitClient: start_command: child #34 started

05-05 13:23:23.314 22664 22664 I cSploitClient: start_command: child #35 started

05-05 13:23:23.334 22664 22664 I cSploitClient: start_command: child #36 started

05-05 13:23:23.352 22664 22664 I cSploitClient: start_command: child #37 started

05-05 13:23:23.372 22664 22664 I cSploitClient: start_command: child #38 started

05-05 13:23:23.392 22664 22664 I cSploitClient: start_command: child #39 started

05-05 13:23:23.414 22664 22664 I cSploitClient: start_command: child #40 started

05-05 13:23:23.466 1004 1004 W InputMethodService: Window size has been changed. This may cause jankiness of resizing window: -1 -> -2

05-05 13:23:23.499 22664 22664 W IInputConnectionWrapper: finishComposingText on inactive InputConnection

05-05 13:23:23.499 22664 22664 W IInputConnectionWrapper: finishComposingText on inactive InputConnection

05-05 13:23:23.499 22664 22664 W IInputConnectionWrapper: finishComposingText on inactive InputConnection

05-05 13:23:26.268 373 630 I tfa9887 : tfa9887_power: Set amplifier power to 0

05-05 13:23:26.608 822 822 W WindowManager: Attempted to remove non-existing token: android.os.Binder@d499ec1

05-05 13:23:29.857 822 834 I ActivityManager: START u0 {flg=0x10804000 cmp=com.android.systemui/.recents.RecentsActivity} from uid 10033 on display 0

05-05 13:23:30.154 822 832 I art : Background partial concurrent mark sweep GC freed 81018(3MB) AllocSpace objects, 15(344KB) LOS objects, 33% free, 19MB/29MB, paused 2.868ms total 233.978ms

05-05 13:23:30.979 373 630 I msm8960_platform: platform_send_audio_calibration: sending audio calibration for snd_device(2) acdb_id(15)

05-05 13:23:30.980 373 630 I tfa9887 : tfa9887_power: Set amplifier power to 1

05-05 13:23:30.996 822 1681 E ActivityManager: applyOptionsLocked: Unknown animationType=0

05-05 13:23:34.165 373 630 I tfa9887 : tfa9887_power: Set amplifier power to 0

05-05 13:23:49.456 822 942 W ConnectivityExtension: ConnectivityExt jar file not present

05-05 13:23:49.655 358 1781 E QC-NETMGR-LIB: Received nl msg, recvmsg returned 56

05-05 13:23:49.656 358 793 E QC-NETMGR-LIB: Processing RTM_NEWLINK

05-05 13:23:49.656 358 793 E QC-NETMGR-LIB: Metainfo: Index=22 Family=0 Type=0x1 Change=[0x0] Flags=[0x11043]UP BROADCAST RUNNING MULTICAST LOWER_UP

05-05 13:23:54.364 22148 22148 I AppCompatDelegate: The Activity's LayoutInflater already has a Factory installed so we can not install AppCompat's

---- 5 May 2017 13:24:00 ----

[michael86]

And here's a new filtered log just incase I forgot to copy a part of it yesterday.

05-05 13:22:49.074 822 1685 I ActivityManager: START u0 {act=android.intent.action.MAIN cat=[android.intent.category.LAUNCHER] flg=0x10200000 cmp=org.csploit.android/.MainActivity bnds=[645,1228][855,1466] (has extras)} from uid 10029 on display 0

05-05 13:22:49.185 822 22531 I ActivityManager: Start proc 22664:org.csploit.android/u0a128 for activity org.csploit.android/.MainActivity

05-05 13:22:49.424 22664 22699 W CSPLOIT[tools.Tool.async]: nmap: disabled

05-05 13:22:49.424 22664 22698 W CSPLOIT[tools.Tool.async]: nmap: disabled

05-05 13:22:49.426 22664 22699 E CSPLOIT[core.System.errorLogging]: cannot start commands

05-05 13:22:49.426 22664 22699 E CSPLOIT[core.System.errorLogging]: org.csploit.android.core.ChildManager$ChildNotStartedException: cannot start commands

05-05 13:22:49.426 22664 22699 E CSPLOIT[core.System.errorLogging]: at org.csploit.android.tools.Tool.async(Tool.java:48)

05-05 13:22:49.426 22664 22699 E CSPLOIT[core.System.errorLogging]: at org.csploit.android.tools.NMap.synScan(NMap.java:142)

05-05 13:22:49.426 22664 22699 E CSPLOIT[core.System.errorLogging]: at org.csploit.android.tools.NMap.synScan(NMap.java:146)

05-05 13:22:49.426 22664 22699 E CSPLOIT[core.System.errorLogging]: at org.csploit.android.services.NetworkRadar$2.run(NetworkRadar.java:90)

05-05 13:22:49.426 22664 22699 E CSPLOIT[core.System.errorLogging]: at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1133)

05-05 13:22:49.426 22664 22699 E CSPLOIT[core.System.errorLogging]: at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:607)

05-05 13:22:49.426 22664 22699 E CSPLOIT[core.System.errorLogging]: at java.lang.Thread.run(Thread.java:761)

05-05 13:22:49.499 22664 22698 W CSPLOIT[tools.Tool.async]: nmap: disabled

05-05 13:22:49.499 22664 22699 W CSPLOIT[tools.Tool.async]: nmap: disabled

05-05 13:22:49.528 22664 22664 I CSPLOIT[services.NetworkRadar.onAutoScanChanged]: autoScan has been set to true

05-05 13:22:49.546 22664 22714 I CSPLOIT[net.RemoteReader.run]: fetching 'https://api.github.com/repos/cSploit/android/releases'

05-05 13:22:49.552 22664 22708 I cSploitClient: start_command: child #1 started

05-05 13:22:49.563 22664 22698 I cSploitClient: start_command: child #2 started

05-05 13:22:49.581 22664 22699 I cSploitClient: start_command: child #3 started

05-05 13:22:49.652 22664 22733 W CSPLOIT[services.NetworkRadar$Receiver.onHostFound]: target '"Doormat-1"' changed it's mac address from '1C:67:58:5A:D3:E4' to '1C:67:58:5A:D3:DB'

05-05 13:22:49.670 22664 22713 I CSPLOIT[services.MsfRpcdService.connect]: successfully connected to MSF RPC Daemon

05-05 13:22:49.679 22664 22713 W CSPLOIT[services.MsfRpcdService.start]: connected to a lost instance of the msfrpcd

05-05 13:22:49.767 22664 22699 I cSploitClient: start_command: child #4 started

05-05 13:22:49.909 822 847 I ActivityManager: Displayed org.csploit.android/.MainActivity: +735ms

05-05 13:22:49.946 22664 22699 I cSploitClient: start_command: child #5 started

05-05 13:22:49.988 22664 22699 I cSploitClient: start_command: child #6 started

05-05 13:22:50.277 22664 22714 I CSPLOIT[net.RemoteReader.run]: fetching 'https://api.github.com/repos/cSploit/android.native/releases'

05-05 13:22:50.484 22664 22707 W CSPLOIT[services.UpdateChecker.getCoreUpdate]: unsupported platform ( android25.armeabi-v7a )

05-05 13:22:50.488 22664 22714 I CSPLOIT[net.RemoteReader.run]: fetching 'https://api.github.com/repos/cSploit/android.native.ruby/releases'

05-05 13:22:50.625 22664 22707 W CSPLOIT[services.UpdateChecker.getRubyUpdate]: unsupported platform ( android25.armeabi-v7a )

05-05 13:22:50.627 22664 22714 I CSPLOIT[net.RemoteReader.run]: fetching 'https://api.github.com/repos/cSploit/android.MSF/releases'

05-05 13:22:54.694 822 1684 I ActivityManager: START u0 {cmp=org.csploit.android/.ActionActivity} from uid 10128 on display 0

05-05 13:22:55.294 822 847 I ActivityManager: Displayed org.csploit.android/.ActionActivity: +549ms

05-05 13:22:56.757 822 833 I ActivityManager: START u0 {cmp=org.csploit.android/.plugins.mitm.MITM} from uid 10128 on display 0

05-05 13:22:57.060 822 847 I ActivityManager: Displayed org.csploit.android/.plugins.mitm.MITM: +263ms

05-05 13:23:10.045 22664 22664 I cSploitClient: start_command: child #7 started

05-05 13:23:10.072 22664 22664 I cSploitClient: start_command: child #8 started

05-05 13:23:10.102 22664 22664 I cSploitClient: start_command: child #9 started

05-05 13:23:10.150 22664 22664 I cSploitClient: start_command: child #10 started

05-05 13:23:10.169 22664 22664 I cSploitClient: start_command: child #11 started

05-05 13:23:10.187 22664 22664 I cSploitClient: start_command: child #12 started

05-05 13:23:10.208 22664 22664 I cSploitClient: start_command: child #13 started

05-05 13:23:10.226 22664 22664 I cSploitClient: start_command: child #14 started

05-05 13:23:10.245 22664 22664 I cSploitClient: start_command: child #15 started

05-05 13:23:10.582 22664 22664 I cSploitClient: start_command: child #16 started

05-05 13:23:10.585 22664 22664 I cSploitClient: start_command: child #17 started

05-05 13:23:10.621 22664 22664 I cSploitClient: start_command: child #18 started

05-05 13:23:10.641 22664 22664 I cSploitClient: start_command: child #19 started

05-05 13:23:10.667 22664 22664 I cSploitClient: start_command: child #20 started

05-05 13:23:10.685 22664 22664 I cSploitClient: start_command: child #21 started

05-05 13:23:10.704 22664 22664 I cSploitClient: start_command: child #22 started

05-05 13:23:10.724 22664 22664 I cSploitClient: start_command: child #23 started

05-05 13:23:23.049 22664 22664 I cSploitClient: start_command: child #24 started

05-05 13:23:23.099 22664 22664 I cSploitClient: start_command: child #25 started

05-05 13:23:23.128 22664 22664 I cSploitClient: start_command: child #26 started

05-05 13:23:23.158 22664 22664 I cSploitClient: start_command: child #27 started

05-05 13:23:23.178 22664 22664 I cSploitClient: start_command: child #28 started

05-05 13:23:23.197 22664 22664 I cSploitClient: start_command: child #29 started

05-05 13:23:23.229 22664 22664 I cSploitClient: start_command: child #30 started

05-05 13:23:23.250 22664 22664 I cSploitClient: start_command: child #31 started

05-05 13:23:23.268 22664 22664 I cSploitClient: start_command: child #32 started

05-05 13:23:23.288 22664 22664 I cSploitClient: start_command: child #33 started

05-05 13:23:23.292 22664 22664 I cSploitClient: start_command: child #34 started

05-05 13:23:23.314 22664 22664 I cSploitClient: start_command: child #35 started

05-05 13:23:23.334 22664 22664 I cSploitClient: start_command: child #36 started

05-05 13:23:23.352 22664 22664 I cSploitClient: start_command: child #37 started

05-05 13:23:23.372 22664 22664 I cSploitClient: start_command: child #38 started

05-05 13:23:23.392 22664 22664 I cSploitClient: start_command: child #39 started

05-05 13:23:23.414 22664 22664 I cSploitClient: start_command: child #40 started

[tux-mind]

wow, it looks like a fork bomb, it spawn a lot of processes... 😅

cat you attach the /data/data/org.csploit.android/files/cSploitd.log file ?

thank you in advance.

[michael86]

@tux-mind hahaha yeah, that was my thoughts as well 😥

I've just finished flashing an update to the rom I'm using, gotta finish setting it up, then I'll run the MITM and send you the log. 👍

[michael86]

@tux-mind Here it is, this is all that was contained in that file. If it's missing anything, let me know and I'll try again. I pulled the file with adb, assuming that should pull the file in it's entirety??

[DEBUG ] nrdr_output_parser: HOST_ADD { mac: 1C:67:58:5A:D3:DB, ip: 192.168.1.1, name: }
[DEBUG ] nrdr_output_parser: HOST_ADD { mac: 00:C0:CA:90:21:15, ip: 192.168.1.15, name: }
[DEBUG ] nrdr_output_parser: HOST_ADD { mac: 58:48:22:39:F0:60, ip: 192.168.1.2, name: }
[ERROR ] write_wrapper: write: Broken pipe
[ERROR ] connection_writer: cannot send the following message
[DEBUG ] connection_writer: { seq = 42, size = 8, id = 0, data = '\x08\x00\x1B\x00\x0F\x00\x00\x00' }
[ERROR ] write_wrapper: write: Broken pipe
[ERROR ] connection_writer: cannot send the following message
[DEBUG ] connection_writer: { seq = 43, size = 177, id = 0, data = '\x09\x00\x09\x00WARNING: linker: /data/data/org.csploit.android/files/ruby/lib/ruby/gems/1.9.1/gems/nokogiri-1.6.0-arm-linux/lib/nokogiri/nokogiri.so: unused DT entry: type 0xf arg 0x12dc5\x00' }
[ERROR ] write_wrapper: write: Broken pipe
[ERROR ] connection_writer: cannot send the following message
[DEBUG ] connection_writer: { seq = 44, size = 100, id = 0, data = '\x09\x00\x09\x00WARNING: Nokogiri was built against LibXML version 2.7.8, but has dynamically loaded 20708.3.58\x00' }
[ERROR ] write_wrapper: write: Broken pipe
[ERROR ] connection_writer: cannot send the following message
[DEBUG ] connection_writer: { seq = 45, size = 59, id = 0, data = '\x09\x00\x09\x00[*] MSGRPC starting on 127.0.0.1:55553 (NO SSL):Msg...\x00' }
[ERROR ] write_wrapper: write: Broken pipe
[ERROR ] connection_writer: cannot send the following message
[DEBUG ] connection_writer: { seq = 46, size = 8, id = 0, data = '\x08\x00\x09\x00\x0F\x00\x00\x00' }
[ERROR ] write_wrapper: write: Broken pipe
[ERROR ] connection_writer: cannot send the following message
[DEBUG ] connection_writer: { seq = 47, size = 6, id = 0, data = '\x07\x00\x01\x00\x00\x00' }
[ERROR ] write_wrapper: write: Broken pipe
[ERROR ] connection_writer: cannot send the following message
[DEBUG ] connection_writer: { seq = 48, size = 6, id = 0, data = '\x07\x00\x13\x00\x00\x00' }

[michael86]

Just noticed, it's also trying to send the redirect to 192.168.1.2, I had only issued the attack against the 192.168.1.15 device. Imagine my mate wouldn't be to impressed if I had started redirecting his playstation to another site 😆

Looks like it was trying to redirect the whole network instead of just the device I selected.

[skleveno]

Yes, I am on 1.7 using Sony Xperia xa ultra. Rooted. Latest busy box. Mitm doesn't work on mine either. Doesn't let you click button in app. I press it and nothing happens. All the rest of buttons work

[godse69]

cant be done UNtill you unlock your htc boot loader by HTC DEV METHOD