Menu Search
Hacking Articles
Raj Chandel's Blog
Android Mobile Exploitation with Evil-
Droid
Hello friends! Today you will learn how to generate apk payload
with help of “Evil-Droid”. It is the tool used to compromise any
android deceive for attacking point, we are using it only for
educational purpose.
Evil-Droid is a framework that creates & generates & embed apk
payload to penetrate Android platforms.
Requirement:
Attacker: Kali Linux
Target: Android
Lets Begin !!
Open the terminal in your Kali Linux and execute given below
command to download it from git hub.
1 git clone https://github.com/M4sc3r4n0/Evil
Now open the downloaded folder in terminal and type given
below command to give all permission to the script “evil-droid”
1 chmod 777 evil-droid
Now execute given below command to run the script and lunch
the evil-droid application.
1 ./evil-droid
When you will execute above command evil-droid will start as
shown in given below image. Here it will start from testing
internet connection and its dependencies from available kali
Linux tool by its own.
Then a prompt will pop up to confirm the Evil droid framework
requirement, here select option “yes”.
Now Evil droid framework will get open to hack remote android
platform by executing given below options.
[1] APK MSF
[2] BACKDOOR APK ORIGINAL (OLD)
[3] BACKDOOR APK ORIGINAL (NEW)
[4] BYPASS AV APK (ICON CHANGE)
[5] START LISTENER
[c] CLEAN
[q] QUIT
[?] Select
From given below image you can perceive that we had chosen
the option as “BACKDOOR APK ORIGINAL”
After that again a prompt will pop up in order to set LHOST
[attacker’s IP] for reverse connection. Enter your Kali Linux IP in
the given text field as shown in given below image.
After that again a prompt will pop up in order to set LPORT for
reverse connection as shown in given below image.
In next prompt enter payload name, you want to give to your apk
payload as shown in given below image. Here I had given baidu-
broswer name to my payload.
Now when everything is set by an attacker for generating an apk
payload, at last, he will get a list for payload option to choose
the type of payload he wants to generate as shown in given
below image.
Here I had selected “android/meterpreter/reverse_tcp” as
payload.
Now download any original apk file from Google in order to hide
your payload in that file. Here I had downloaded baidu.apk to
hide my baidu-browser payload inside it; you can download any
other apk file of your choice.
This will now generate a malicious baidu.apk by hiding our
backdoor inside it as shown in the given below image. Now copy
this malicious apk from given path /root/Evil-
Droid/evilapk/baidu-browser.apk and send it to the victim.
On another hand another prompt will pop up to choose the
following option:
Multi-Handler
Attack-vector
Main menu
Exit
From given below image you can observe that I had chosen
“multi handler” for reverse connection of victims system.
Now it will lunch multi-handler and start reverse TCP handler on
attacker machine as shown in given below image. As soon as
the victim will download and run the malicious baidu.apk, the
attacker will get unauthorized access of his deceive on his
machine.
Great!! From given below image you can observe meterpreter
session 1 is opened
1 meterpreter> sysinfo
Author: Sanjeet Kumar is an Information Security Analyst |
Pentester | Researcher Contact Here
Share this:
Like this:
Loading...
November 27, 2017 Leave a reply
« Previous Next »
Leave a Reply
Your email address will not be published. Required fields are marked *
Comment
Name
*
Email
*
Website
Notify me of follow-up comments by email.
Notify me of new posts by email.
Post Comment
View Full Site
Proudly powered by WordPress
