- Today, I`m here with a new Guide about Embedding MSF Payload in Original APK Files , specially for those people, who are having trouble with this. Actually, the main problem is with APKTool and AAPT Tool, so we are going to fix it first (in 1st step, actually, this guide has only 2 steps).
DISCLAIMER: This Thread is O.N.L.Y for Education Purposes.
I will not be Responsible of Any Negative and Illegal use of
this information. Try not to HACK the Devices, other than
your`s. Or you will be in PRISON (I`m not joking). Only Use
this information for testing purposes/impressing your friends.
- Okay, So LetS Do ThiS , Here are the Requirements:
1). Kali LinuX (Latest Version is preferred), sorry, not using TermuX this time :)
2). Active Internet (TheFatRAT can be activated without Internet, but on the first time, Internet is required).
3). TheFatRAT Package (Download method below).
4). aapt & apktool Installed (Instructions in 'Setup the Program' Section).
- First of all, Download & Install TheFatRAT by executing the following commands in Terminal (one by one, one after another):
git clone github.com/Screetsec/TheFatRat.git
chmod +x setup.sh && ./setup.sh
- This may take some time. It may also ask for making command shortcut, then press y for confirmation.
- Visit TheFatRAT`s GitHub Page for more details about Updating TheFatRAT.
- Q: What is the actual Problem ...?!?!?
Okay... Now, I`m gonna tell you what the problem actually is. APKTool v2.2.2 is very buggy, in Re-Compilation of an APK File. It always (yes ALWAYS) fails to Re-Compile the APK File, whether you edited it or not. Newer versions of APKTool just fix this glitch (i.e. v2.3 and up). So now, in this step, we are going to Update our old APKTool of v2.2.2 into APKTool 2.3.4 (in my case) MANUALLY.
- Follow the instructions very carefully, because this is the most important step of this Tutorial. Following instructions are actually taken from HERE . I`ve only simplified the whole process :)
- Okay... First, download the latest version of APKTool from HERE . In my case, it is like this:
- Download apktool_(Latest version).jar , after downloading it, rename it to apktool.jar .
- Then, Download this File , and rename it to apktool (better copy all the script inside the link and save it as apktool).
- Move both files (apktool.jar & apktool) to /usr/local/bin (root needed).
- Make them Executable by executing this command in Terminal (anywhere):
chmod +x /usr/local/bin/apktool
chmod +x /usr/local/bin/apktool.jar
- Alright, now move to /usr/local/sbin and delete the apktool , and aapt files from there (these are the fake files, created by TheFatRAT).
- Now, update the APKTool from the command line also:
sudo apt-get install apktool aapt
- Now, enter the command apktool anywhere to verify the version you have downloaded before.
As you can see, we have now APKTool v2.3.4 .
- This Step was the MAIN STEP of this Guide (Tutorial). All the Other steps are very easy to follow.
- Alright, Now it is time to embed our payload in an Original APK File. First of all, Activate TheFatRAT by executing this command in Terminal:
The TheFatRAT will take a few seconds to start up (Internet is not Required).
- Finally, it will look like this:
- Select option #5 from there, and fill the required fields for the Payload file, which is to be embedded in the original .apk file (Here I`m gonna use LHOST=0.0.0.0 , LPORT=4444 , Just for an example), as shown in screenshot:
- Now, it will ask about the location (Path) of the apk file. Give it the path of Original APK File (most annoying thing at all!). Mine original apk file` name is voice.apk , which is located in root directory, that`s why, I`m giving this path:
- Then it will ask about the type of payload. Choose the desired option (Option #3 is Highly Recommended!). I`m also gonna select option #3.
- Now, the important thing comes; 'The Use of METHOD'. Method #1 is recommended, but if it does`nt work , try to Use 2nd Method (TheFatRAT`s Method). Anyways, Method #1 mostly works fine for me.
- After selecting the method, wait for a minute, and your APK File with Embedded Payload will be created in /root/TheFatRat/backdoored/apk-backdoor.apk .
- If you see the screen, as shown above, then
BINGO!!!!! You have successfully embedded the msf payload in an original apk file.
- But, if it fails to Recompile, or failes to find hook in smali files, then use the OLD THEFATRAT's METHOD to do so. If it also fails, then Follow the Part #2 of this Tutorial (Coming Soon).
- Now start the Meterpreter session or not (when asked by TheFatRAT at the end), it is your choice (I`m not gonna opening it, because I`ve already explained the whole process in detail, in my previous Guides).
New Guide Coming Soon: Embed MSF Payload in Original APK Files | Part #2 - U???g ????-??o?D
This information is for Educational Purposes ONLY. I`ll not be responsible of any Negative or Illegal use of this information. Also if you face any type of errors, or if you think that I`ve missed something, then tell me in Comments Section. I`ll find the Suitable Solution for that. Anyways, Just use these tricks for FUN... Not for doing Illegal work. We are all Eth1c4L H4ck3Rs, and we never invade people` Privacies.
Alright..., Thanks for reading my Thread (You can also join our WhatsApp Group for more information and Guides). BEST OF LUCK ...!!!
!!!...===> Best Of Luck <===...!!!
- Your Brother (with a new look!):