Open moonwolf63x opened 5 years ago
me too , i have kali linux 2018.3 and evildroid 0.3
iam also got this issue any solution for this?
Same
Use different types of apk's which are below 15mb to 10mb
On Sun, 14 Oct 2018, 12:23 pm moonwolf63x, notifications@github.com wrote:
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ] [
] Generating apk payload [ ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ] [] Removing 1.apk framework file... [ ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ] [
] Decompiling Original APK... [ ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ] [] Decompiling Payload APK... [ ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ] [
] Adding permission and Hook Smali [ +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ] ################################################################## inject Smali: com/dotgears/flappy/SplashScreen.smali In line:17 ################################################################## [ +++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ] [] Rebuilding Backdoored APK... [ +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ] [
] Checking for ~/.android/debug.keystore for signing... [ ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ] [] Attempting to sign the package with your android debug key [ +++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ] [] Verifying signed artifacts... [ +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ] [!] Failed to verify signed artifacts*
Is there any solution?? Help US..
— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/M4sc3r4n0/Evil-Droid/issues/25, or mute the thread https://github.com/notifications/unsubscribe-auth/AoC_-wW-sDwHfAI_AaiRrTY0np8j74IUks5ukt9rgaJpZM4Xa_Y5 .
Use different types of apk's which are below 15mb to 10mb … On Sun, 14 Oct 2018, 12:23 pm moonwolf63x, @.**> wrote: ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ] [ ] Generating apk payload [ ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ] [] Removing 1.apk framework file... [ ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ] [ ] Decompiling Original APK... [ ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ] [] Decompiling Payload APK... [ ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ] [ ] Adding permission and Hook Smali [ +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ] ################################################################## inject Smali: com/dotgears/flappy/SplashScreen.smali In line:17 ################################################################## [ +++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ] [] Rebuilding Backdoored APK... [ +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ] [ ] Checking for ~/.android/debug.keystore for signing... [ ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ] [] Attempting to sign the package with your android debug key [ +++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ] [] Verifying signed artifacts... [ +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ] [!] Failed to verify signed artifacts Is there any solution?? Help US.. — You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub <#25>, or mute the thread https://github.com/notifications/unsubscribe-auth/AoC_-wW-sDwHfAI_AaiRrTY0np8j74IUks5ukt9rgaJpZM4Xa_Y5 .
use 1.8 mb apk file and still not working, really need help here
I'm also gonna looking for the same issue, anyone please help me.
I find a solution which fixed the problem on my side. See here : https://github.com/M4sc3r4n0/Evil-Droid/issues/5#issuecomment-538182509
guys its gonna work for apks...with old versions...
For the newer versions it is not gonna work
need help on lower versions then I can... but higher versions not allowing for signed artifacts
Is this issue still considered? Because it's one of the worst bug for this tool, since it becames useless with the failure of the apk validation
Is this issue still considered? Because it's one of the worst bug for this tool, since it becames useless with the failure of the apk validation
you have any idea how to fix this ? and can you tell me other working tool? i try the rat but got some errors
Error still exists, is anyone working to fix this?
Finally Guys I've figured it out..... The indeed problem is that the Java sdk that is used by kali by default to recompile the App with the backdoor that we have genarated is the latest version and Evil droid or any backdoor creator can't exploit it to recompile....So we need to set the java version to JAVA SDK 8..To do so check out the following method.... Open Terminal and Type Following... update-alternatives --config java select java 8 number 3 root@Kalivil:~# update-alternatives --config java There are 3 choices for the alternative java (providing /usr/bin/java).
0 /usr/lib/jvm/java-13-openjdk-amd64/bin/java 1311 auto mode 1 /usr/lib/jvm/java-11-openjdk-amd64/bin/java 1111 manual mode 2 /usr/lib/jvm/java-13-openjdk-amd64/bin/java 1311 manual mode
Press
Facing the same problem
WHY!!!!! using these tools man......u can manually bink any apk to msfvenom apk ... 100% working with stable meterpreter ! Till victim uses it ... We can bind it with a chess application so make victim to play a game..mostly u will get 10 min or max 15 min ..in this u can download his internal memory ASAP!! I can help u with tht Select the apk according to victim! peace
I updated my linux and it kinda sucks, i try embedding my payload to an apk with msfveom and it doesn't go through. " jarsigner not found " and cant probe further.Evil-droid cant verify signed artifacts too.
On Mon, 11 May 2020, 08:41 hack69, notifications@github.com wrote:
WHY!!!!! using these tools man......u can manually bink any apk to msfvenom apk ... 100% working with stable meterpreter ! Till victim uses it ... We can bind it with a chess application so make victim to play a game..mostly u will get 10 min or max 15 min ..in this u can download his internal memory ASAP!! I can help u with tht Select the apk according to victim! peace
— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/M4sc3r4n0/Evil-Droid/issues/25#issuecomment-626481702, or unsubscribe https://github.com/notifications/unsubscribe-auth/APQPK3WVU7JI6WE4M6JLBULRQ6FXBANCNFSM4F3L6Y4Q .
Try the manual method
Am on it
On Mon, 11 May 2020, 12:09 hack69, notifications@github.com wrote:
Try the manual method
— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/M4sc3r4n0/Evil-Droid/issues/25#issuecomment-626575386, or unsubscribe https://github.com/notifications/unsubscribe-auth/APQPK3S7I5CCCGT43WFEDHDRQ66EDANCNFSM4F3L6Y4Q .
Yeah !
On Mon, 11 May 2020, 2:43 pm christopher241, notifications@github.com wrote:
Am on it
On Mon, 11 May 2020, 12:09 hack69, notifications@github.com wrote:
Try the manual method
— You are receiving this because you commented. Reply to this email directly, view it on GitHub < https://github.com/M4sc3r4n0/Evil-Droid/issues/25#issuecomment-626575386>, or unsubscribe < https://github.com/notifications/unsubscribe-auth/APQPK3S7I5CCCGT43WFEDHDRQ66EDANCNFSM4F3L6Y4Q
.
— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/M4sc3r4n0/Evil-Droid/issues/25#issuecomment-626577707, or unsubscribe https://github.com/notifications/unsubscribe-auth/AKAL76ZSFYLSRAAZK3K3BX3RQ66TNANCNFSM4F3L6Y4Q .
Finally Guys I've figured it out..... The indeed problem is that the Java sdk that is used by kali by default to recompile the App with the backdoor that we have genarated is the latest version and Evil droid or any backdoor creator can't exploit it to recompile....So we need to set the java version to JAVA SDK 8..To do so check out the following method.... Open Terminal and Type Following... update-alternatives --config java select java 8 number 3 root@Kalivil:~# update-alternatives --config java There are 3 choices for the alternative java (providing /usr/bin/java).
Selection Path Priority Status
0 /usr/lib/jvm/java-13-openjdk-amd64/bin/java 1311 auto mode 1 /usr/lib/jvm/java-11-openjdk-amd64/bin/java 1111 manual mode 2 /usr/lib/jvm/java-13-openjdk-amd64/bin/java 1311 manual mode
- 3 /usr/lib/jvm/java-8-openjdk-amd64/jre/bin/java 1081 manual mode
Press to keep the current choice[*], or type selection number: 3 Then Hit Enter The Problem will be Solved...
I already had java8 setted, do you have discord please so we can look deeper into this?
After looking into this, looks like Evil-Droid fails to verify artifacts only with original apk's. If you have the OS installed with english US, and you set your java version to 8, it will owrk good with msf-venom apk's and AV bypass (option 4). But for original apk's, you better use the nsfvenom option. The apk mustn't be big a lot or it will fail too.
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ] [] Generating apk payload [ ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ] [] Removing 1.apk framework file... [ ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ] [] Decompiling Original APK... [ ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ] [] Decompiling Payload APK... [ ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ] [] Adding permission and Hook Smali [ +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ] ################################################################## inject Smali: com/dotgears/flappy/SplashScreen.smali In line:17 ################################################################## [ +++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ] [] Rebuilding Backdoored APK... [ +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ] [] Checking for ~/.android/debug.keystore for signing... [ ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ] [] Attempting to sign the package with your android debug key [ +++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ] [*] Verifying signed artifacts... [ +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ] [!] Failed to verify signed artifacts
Is there any solution?? Help US..
same here how to solve this error
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ] [] Generating apk payload [ ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ] [] Removing 1.apk framework file... [ ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ] [] Decompiling Original APK... [ ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ] [] Decompiling Payload APK... [ ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ] [] Adding permission and Hook Smali [ +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ] ################################################################## inject Smali: com/dotgears/flappy/SplashScreen.smali In line:17 ################################################################## [ +++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ] [] Rebuilding Backdoored APK... [ +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ] [] Checking for ~/.android/debug.keystore for signing... [ ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ] [] Attempting to sign the package with your android debug key [ +++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ] [*] Verifying signed artifacts... [ +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ] [!] Failed to verify signed artifacts Is there any solution?? Help US..
same here how to solve this error
FIXED THIS ISSUE!
So I tried the replacing method of the apktool.jar to the latest from their website as described above, but the problem was persisting, then after a research, upon finding out the debug.keystore hidden in the /root/.android/ directory, i just deleted the file and started the whole process again and voila!
Hope this helps.
Originally posted by @officialbatman in https://github.com/M4sc3r4n0/Evil-Droid/issues/5#issuecomment-826084021
officialbatman can you please describe which version on apk tool you use and which version on kali linux you use
officialbatman can you please describe which version on apk tool you use and which version on kali linux you use
Everything is Up-To-Date 😎:
02 Dec 2020 - Apktool v2.5.0 Released _(Download - https://bitbucket.org/iBotPeaches/apktool/downloads/apktool_2.5.0.jar)_
January 2021 - Kali 2021.1 Released (Details - https://www.kali.org/downloads/)
* To Be Noted - Metasploit Vulnerabilities and be used on a target with Android 5.5.1 - 8.0** UNDETECTED, the newer versions have the security patches which can easily detect the Metasploit-Q and warns the users of the threat and grants no permissions to the payload - Hence No access, unless manually granted by the targets phone.
Hope this helps and saves your time 🤠
The problem comes from the use of an outdated apktool.jar by ED (Evil-droid)
By looking on the source code and Evil-droid files, we can notice than ED don't use system apktool software, but embed its own one. It is located in Evil-Droid-master/tools/apktool.jar.
The version of this specific file is apktool 2.2.4. But according to the main website, the version is 2.4.0 at the time of writing this (https://ibotpeaches.github.io/Apktool).
So you have to replace Evil-Droid-master/tools/apktool.jar by an updated apktool.jar downloaded directly from the main website.
In practice :
I just tested and it works on my side.
I too got this error I think the problem is in the apk file. Try to decompile and recompile the original apk using apktool if you get an error recompiling or decompiling the error is with the original apk
update apktool delete keystore update java None worked!!!! help please
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ] [] Generating apk payload [ ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ] [] Removing 1.apk framework file... [ ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ] [] Decompiling Original APK... [ ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ] [] Decompiling Payload APK... [ ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ] [] Adding permission and Hook Smali [ +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ] ################################################################## inject Smali: com/dotgears/flappy/SplashScreen.smali In line:17 ################################################################## [ +++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ] [] Rebuilding Backdoored APK... [ +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ] [] Checking for ~/.android/debug.keystore for signing... [ ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ] [] Attempting to sign the package with your android debug key [ +++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ] [*] Verifying signed artifacts... [ +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ] [!] Failed to verify signed artifacts
Is there any solution?? Help US..