• ✨Always Use Forum Private Messages PM For Deal With Vendors✨

    Admin Contacts Jabber: megiddo@jabber.sk Telegram: @Megiddo1

Hacking Android Smart Phone

✨ DeeZNuTz

✨ Master ✨
Staff member
Joined
May 15, 2017
Messages
983
Likes
759
Points
1,045
Welcome back, Today I will show you how to hack an Android smart phone to gain remote access. In this tutorial we will be working with a tool called AhMyth an open source remote access tool AhMyth has many features you would expect to see in a RAT such as Geo location monitoring, SMS modules, Contact Lists Viewer, File Manager, Camera Snapshots, Microphone recorder and much more. AhMyth is very easy to use due to its simple and effective GUI design. AhMyth is multi-platform remote access tool it is available for Linux, Windows & Apple OS.
AhMyth consists of two parts.

  • Server side : desktop application based on electron framework (control panel)
  • Client side : android application (backdoor)
In this tutorial I will be using a Linux based operating system if your using Windows AhMyth also has a Windows version available.
First of all we need to install AhMyth.
Prerequisite :
  • Electron (to start the app)
  • Java (to generate apk backdoor)
  • Electron-builder and electron-packer (to build binaries for (OSX,WINDOWS,LINUX)
First clone AhMyth to your device.

git clone https://github.com/AhMyth/AhMyth-Android-RAT.git

Next cd in to AhMyth-Android-Rat directory.

cd AhMyth-Android-RAT

Start AhMyth using command below.

npm start

When i first started AhMyth with npm I got errors I then used this command to launch AhMyth.

sudo npm start --unsafe-perm
What is the –unsafe-perm tag and what are the drawbacks of using it.
Thanks sam-github for explaining the –unsafe-perm tag.
  • con: install scripts are run as root, and you probably did not read them all to make sure they are safe first.
  • pro: without them, no install script can write to disk in its own module folder, so unless the install script does nothing but print some things to standard out, the modules you need will not install.
Install Method 2
As you can see from the screen shot below AhMyth has successfully started.

Screenshot_20170715_212129.png



Now we have AhMyth running its time to configure the server this is a desktop application based on electron framework (control panel) it will be used to create a listener back to the attacking device.
Choose what port you would like to run AhMyth server on. Default port is 42472
once a port has been chosen click button “Listen” from the top right of AhMyth application.

Screenshot_20170715_212851.png

Screen shot shows Ah

Myth server running on port 42474
Now that a server has successfully started a listener on the selected port we can now use “APK Builder” to create a Android apk backdoor.
From the top menu click on “APK Builder”
In this tutorial I will be using the basic backdoor that is generated by AhMyth. You can also embed a backdoor in to an original apk by using bind APK option.
If you plan on using AhMyth within your own network use your local IP address, If you plan on using AhMyth outside of your own network use your public IP address.

Screenshot_20170715_215725.png



Image shows backdoor APK file being successfully generated and displayed in its output directory.
Once APK file has been successfully generated its time to move it over to the target Android device. Use what ever method of delivery you like to send the malicious backdoor it is completely up to yourself Social Engineering methods can often work best while delivering a payload. Once the target installs the malicious Android application and launches it the target device will appear from within AhMyth target menu.
If we open up the compromised Android device from the target list you can then use various modules from within AhMyth to conduct various assessments of the target Android device.

Screenshot_20170715_233633.png



Once an Android device has been compromised. Each time you open a session with the device a windows will be displayed with the the words “Stay Educated”. From the menu within the window we can use various exploit modules.
File Manager allows files to be access from within the compromised Android devices.

Screenshot_20170715_233734.png



Image shows file browser of compromised Android device.
Image below shows Geo location module and the location of the target Android device.

Screenshot_20170715_233804.png



Image shows location of compromised Android device. For privacy reasons I have turned GPS off while demonstrating this RAT.
Using AhMyth SMS messages can be sent from the compromised Android devices to other mobile devices. AhMyth can also view SMS Lists from the target Android devices.

Screenshot_20170715_233844.png



Image shows send SMS module that is used to send SMS messages and view SMS lists of compromised Android devices.
 
Top Bottom