Hello friends! Today you will learn how to generate apk payload with help of “Evil-Droid”. It is the tool use to compromise any android deceive for attacking point, we are using it only for educational purpose.
Evil-Droid is a framework that creates & generates & embed apk payload to penetrate android platforms.
Attacker: Kali Linux
Lets Begin !!
Open the terminal in your kali Linux and execute given below command to download it from git hub.
git clone https://github.com/M4sc3r4n0/Evil-Droid.git
Now open the downloaded folder in terminal and type given below command to give all permission to the script “evil-droid”
chmod 777 evil-droid
Now execute given below command to run the script and lunch the evil-droid application.
When you will execute above command evil-droid will start as shown in given below image. Here it will start from testing internet connection and its dependencies from available kali Linux tool by its own.
Then a prompt will pop up to confirm Evil droid framework requirement, here select option “yes”.
Now Evil droid framework will get open to hack remote android platform by execute given below options.
 APK MSF
 BACKDOOR APK ORIGINAL (OLD)
 BACKDOOR APK ORIGINAL (NEW)
 BYPASS AV APK (ICON CHANGE)
 START LISTENER
From given below image you can perceive that we had choose option as “BACKDOOR APK ORIGINAL”
After that again a prompt will pop up in order to set LHOST [attacker’s IP] for reverse connection. Enter your kali Linux IP in given text field as shown in given below image.
After that again a prompt will pop up in order to set LPORT for reverse connection as shown in given below image.
In next prompt enter payload name you want to give to your apk payload as shown in given below image. Here I had given baidu-broswer name to my payload.
Now when everything is set by attacker for generating an apk payload at last he will get a list for payload option to choose type of payload he wants to generate as shown in given below image.
Here I had selected “android/meterpreter/reverse_http” as payload.
Now download any original apk file from Google in order to hide your payload in that file. Here I had downloaded baidu.apk to hide my baidu-browser payload inside it; you can download any other apk file of your choice.
This will now generate a malicious baidu.apk by hiding our backdoor inside it as shown in given below image. Now copy this malicious apk from given path /root/Evil-Droid/evilapk/baidu-browser.apk and send it to victim.
On other hand another prompt will pop up to choose following option:
- Main menu
From given below image you can observe that I had choose “multi handler” for reverse connection of victims system.
Now it will lunch multi-handler and start reverse TCP handler on attacker machine as shown in given below image. As soon as victim will download and run the malicious baidu.apk, attacker will get unauthorized access of his deceive on his machine.
Great!! From given below image you can observe meterpreter session 1 is opened
Author: Sanjeet Kumar is a Information Security Analyst | Pentester | Researcher Contact Here