Remote Android Hacking
This lab explores the process of remotely exploiting an Android device using custom payloads, focusing on tools like AhMyth and AndroRAT, and techniques for external network access via ngrok.
Learn More
Project Objective
Custom Payload Creation
The goal is to develop a specialized payload for Android exploitation.
Avoid Inbuilt Payloads
This exercise specifically requires creating a payload without relying on standard, pre-existing tools.
Remote Device Exploitation
Ensure the payload can successfully compromise an Android device over a network connection.
Pre-Setup for Task
Initial configuration involves setting up the Kali Linux environment, installing necessary tools, and preparing the Android target emulator.
Kali Linux Setup
Obtain Kali IP, update tools, and install/enable the apache2 server for hosting the app.
Payload Tools
Configure Veil for payload creation and install dependencies for AhMyth Android RAT.
Target Emulator & Ngrok
Create an Android 8.0 emulator. Set up an ngrok tunnel to make the IP globally reachable for out-of-network exploitation.
Android Hacking Using AhMyth
AhMyth is used to generate the malicious APK payload. The ngrok IP and port are configured within the APK builder to ensure remote connectivity.
APK Builder
Input the ngrok TCP-configured IP and port number.
Payload Creation
Generate the custom payload for remote exploitation.
Deployment and Hosting
The generated payload is hosted on the apache2 server, making it accessible to any host outside the local network via the ngrok tunnel. Privileges are configured for deployment.
Compromising the Host
The payload is downloaded on the Android emulator. Ngrok is essential for communication since the emulator uses NAT and Kali is on a bridged network. A victim is spotted and compromised, allowing access to file history.
The host was compromised, and file history was successfully obtained.
The payload was also embedded into a game APK and tested on an Android 9 Nokia smartphone, successfully detecting a new host.
Android Hacking Using AndroRAT
AndroRAT, a CLI-based tool, is used for an alternative hacking method. An ngrok tunnel is initialized. After downloading AndroRAT from GitHub, dependencies are installed in a virtual environment.
1
Setup & Environment
Initialize ngrok tunnel. Log in with root privileges and move to the AndroRAT directory. Create a virtual environment for the Python file.
2
Payload Generation
Build the Python file and run the script to generate "helloworld.apk." This APK is then hosted on the apache2 server.
3
Exploitation
Run the exploit, specifying the localhost IP and port. The exploit starts, and the host is compromised, demonstrating successful remote access.
Encrypted Payload Using Veil
Veil is utilized to create an encrypted payload, enhancing evasion capabilities. After installation, the evasion process is initiated to generate the secure payload.
Run Veil and select option 1 to start evasion.
The Veil interface guides the user through the payload encryption process.
Made with