Processed WhatsApp APK crashes on start

dana-at-cp / backdoor-apk

backdoor-apk is a shell script that simplifies the process of adding a backdoor to any Android APK file. Users of this shell script should have working knowledge of Linux, Bash, Metasploit, Apktool, the Android SDK, smali, etc. This shell script is provided as-is without warranty of any kind and is intended for educational purposes only.

Apache License 2.0

2.21k stars 702 forks source link

Processed WhatsApp APK crashes on start #58

Closed meblack closed 7 years ago

meblack commented 7 years ago

the infected apk its not running on android 6

meblack commented 7 years ago

after install the apk , the program is not running and stopped and no session has was created

dana-at-cp commented 7 years ago

@meblack Need more information.

What is the APK?
Where did you download the APK?
Does the APK work before injection via backdoor-apk?
Does the APK (injected/not injected) work on any other versions of Android?

meblack commented 7 years ago

i tried with whatsapp i download it from whatsapp website thats first try for injection test the problem is: its installed but not running i test it on android 5 and 6 in both of them its not run and got the stopped error

dana-at-cp commented 7 years ago

@meblack I confirmed the same behavior for WhatsApp on an emulated Android 4.4 device. The problem seems to be isolated to the WhatsApp APK. This will be a low priority for me to review. How are your Android app debugging skills? Do you know the Android SDK and smali well?

meblack commented 7 years ago

i tried it with many apk files and none of them have not run at all. could you please give me an apk file that work with this method properly ? i have to say. i tried all apk files on android 6

dana-at-cp commented 7 years ago

@meblack I use Pandora as a benchmark. It's still working as of today. Are you getting all of the APKs from the Google Play Store or from sites like apkmirror?

meblack commented 7 years ago

i get them from apkmirror

dana-at-cp commented 7 years ago

@meblack That could be part of your problem. I only use APKs from the Google Play Store.

dana-at-cp commented 7 years ago

@meblack Did you ever try a legit version of Pandora?

I tested it earlier today on an emulated Android 6 device and it worked fine:

meterpreter > sysinfo
Computer    : localhost
OS          : Android 6.0 - Linux 3.10.0+ (i686)
Meterpreter : dalvik/android

meterpreter > getuid
Server username: u0_a55

meterpreter > pwd
/data/user/0/com.pandora.android/files

meterpreter >

Abdulmalik5371 commented 7 years ago

@dana-at-cp for some reason the backdoor Whatsapp apk stops running after installation on victim phone...kindly help me solve the issue

dana-at-cp commented 7 years ago

@meblack @Abdulmalik5371 This no longer appears to be an issue. I tested with the latest version of the WhatsApp APK directly from WhatsApp:

https://www.whatsapp.com/download/

The APK file was processed properly and I got a stable meterpreter session:

meterpreter > pwd
/data/user/0/com.whatsapp/files
meterpreter > ls
Listing: /data/user/0/com.whatsapp/files
========================================

Mode              Size    Type  Last modified              Name
----              ----    ----  -------------              ----
40666/rw-rw-rw-   4096    dir   2017-03-15 12:35:21 -0400  Logs
100666/rw-rw-rw-  196608  fil   2017-03-15 12:35:21 -0400  wam.wam

meterpreter > sysinfo
Computer    : localhost
OS          : Android 6.0 - Linux 3.10.0+ (i686)
Meterpreter : dalvik/android
meterpreter >