Android Mobile Exploitation with Evil-Droid

Hello friends! Today you will learn how to generate apk payload with help of “Evil-Droid”. It is the tool use to compromise any android deceive for attacking point, we are using it only for educational purpose.

Evil-Droid is a framework that creates & generates & embed apk payload to penetrate android platforms.
Requirement:
Attacker: Kali Linux
Target: Android

Lets Begin !!
Open the terminal in your kali Linux and execute given below command to download it from git hub.

git clone https://github.com/M4sc3r4n0/Evil-Droid.git


Now open the downloaded folder in terminal and type given below command to give all permission to the script “evil-droid”
chmod 777 evil-droid


Now execute given below command to run the script and lunch the evil-droid application.
./evil-droid


When you will execute above command evil-droid will start as shown in given below image. Here it will start from testing internet connection and its dependencies from available kali Linux tool by its own.


Then a prompt will pop up to confirm Evil droid framework requirement, here select option “yes”.


Now Evil droid framework will get open to hack remote android platform by execute given below options.
[1] APK MSF                                    
[2] BACKDOOR APK ORIGINAL (OLD)                
[3] BACKDOOR APK ORIGINAL (NEW)                
[4] BYPASS AV APK (ICON CHANGE)                
[5] START LISTENER                             
[c] CLEAN                                       
[q] QUIT                                       
[?] Select

From given below image you can perceive that we had choose option as “BACKDOOR APK ORIGINAL”




After that again a prompt will pop up in order to set LPORT for reverse connection as shown in given below image.


In next prompt enter payload name you want to give to your apk payload as shown in given below image. Here I had given baidu-broswer name to my payload.


Here I had selected “android/meterpreter/reverse_http” as payload.


Now download any original apk file from Google in order to hide your payload in that file. Here I had downloaded baidu.apk to hide my baidu-browser payload inside it; you can download any other apk file of your choice.


This will now generate a malicious baidu.apk by hiding our backdoor inside it as shown in given below image. Now copy this malicious apk from given path /root/Evil-Droid/evilapk/baidu-browser.apk and send it to victim.


On other hand another prompt will pop up to choose following option:
·         Multi-Handler
·         Attack-vector
·         Main menu
·         Exit

From given below image you can observe that I had choose “multi handler” for reverse connection of victims system.




Great!! From given below image you can observe meterpreter session 1 is opened
Meterpreter> sysinfo


0 comments:

Post a Comment