search

dana-at-cp / backdoor-apk

backdoor-apk is a shell script that simplifies the process of adding a backdoor to any Android APK file. Users of this shell script should have working knowledge of Linux, Bash, Metasploit, Apktool, the Android SDK, smali, etc. This shell script is provided as-is without warranty of any kind and is intended for educational purposes only.
Apache License 2.0
2.21k stars 702 forks source link

Improve version 0.1.4 #40

Closed JohnTroony closed 8 years ago

JohnTroony commented 8 years ago

Change log:

1) Add colors for different program message output

green="\033[32m"
blue="\033[34m"
red="\033[0;31m"
yellow="\033[33m"
normal="\033[0m"
if [ $rc != 0 ]; then
  echo "[!] Failed to decompile original APK file"
  cleanup
  exit $rc
fi

The above error checking code has been replaced by an exception_handler function below;

function exception_handler {
  if [ $1 != 0 ]; then
    echo -e "$red $2 $normal"
    cleanup
    exit $1
  fi
}

It take the error status code ($rc) and the error message, as inputs.

3) Add function to check if required packages/libs have been installed.

function checkLibs {
if [ $(dpkg-query -W -f='${Status}' $1 2>/dev/null | grep -c "ok installed") -eq 0 ];
then
  apt-get install "$1";
else
  echo -e "$blue $1 installed $normal"
fi
}

If a required package is not available, it's going to be installed.

GOTCHA:

Here I've assumed the user is on a Debian based Linux distro - (Kali).

4) Generate Metasploit RC file

After creating the backdoor APK file, the option used for payload generation is later used for creating a Metasploit rc file. This automates the process of setting up the required listener for the backdoor APK.

To execute the file:

run msfconsole -r backdoorApk.rc.

JohnTroony commented 8 years ago

screenshot from 2016-09-30 20-02-04

dana-at-cp commented 8 years ago

@JohnTroony Thanks for the work here. I'll make some time to review.

JohnTroony commented 8 years ago

No problem @dana-at-cp

dana-at-cp commented 8 years ago

@JohnTroony FYI. I really like the Metasploit RC file generation idea.

JohnTroony commented 8 years ago

Nice! @danta-at-cp

dana-at-cp commented 8 years ago

@JohnTroony Thanks again for this pull request. I'm incorporating your Metasploit resource script suggestion in the next release. I'll give you credit for the suggestion in the "AUTHORS" file if that is alright with you.

This pull request will be closed.

JohnTroony commented 8 years ago

No problem! Thank you for your time to review the PR.