Discuss

[peterpt]

I was unable to create the pull request from my git to yours because there are massive changes in my git that crashes my firefox when git is analyzing the differences . FatRat is originally your creation , so in good faith i believe that i should send you a pull request everytime some good changes are made .

FatRat becomes FatRat 1.9beta and the changes are :

• APK (5) rat rebuild totally changed . (adapted backdoor-apk script to fatrat to both work together)

• APKS have a new payload hiding method in rat apk to not be detected .

• Apktool will not be installed no more by setup.sh , the same thing applies to : dx , zipalign (apktool on debian repo is 2.2.1 , and that version have a bug that gives error on compiling the apks , so , apktool and android tools were updated to latest version 25.0.2 and embeded in (tools) directory of fatrat .

• Some other changes were made but i can not remember everything now because i have been doing the changes since beginning of last week .

The only way that i see for you to merge my git to yours is : -cloning my git to your hard disc -Enter hidden directory .git in my git and change from : https://github.com/peterpt/TheFatRat to https://github.com/Screetsec/TheFatRat

and then over the terminal do a git push to your account , so all files can be changed .

If you do not want to merge then there is no problem .

Anyway , here are the new changes
https://www.youtube.com/watch?v=Nj7AFEBjvdQ

[screetsec]

clean up your file in peterpt/thefatrat , like log,bug and trash . i will download your files and uploads som files to my github . this open source dude , we can work together for develop this

why you put createapk in outside ? i suggest put create apk on /tools

and give alias backdoorapk='tools/createapk' # exec script path

maybe i will fix some function and variable if you done with ( clean up log,bug and trash )

[peterpt]

Hi , thanks for pointing out the log folder , somehow when i updated the last time i forgot to clean that folder . If i change the location of createapk file to inside tools , then all script paths must be rebuild because that script was made to start looking for files after that directory path point .

i already cleared the log folder , all other folders are from fatrat originally except : "list" folder = where createapk goes get names to hide the real payload in rat apk . "java" folder = contains files that are needed to be copied during the rat apk creation "temp" folder = where all rat apk temporary files are created .

Important : i forgot to mention before , dockerfile was removed from fatrat because the way fatrat works now , user always have to execute setup.sh to configure tools paths . Fatrat does not rely itself only on system installed apps , apktool , proguard , etc... configs are set during the setup script . If we had docker file for instalation and user did not executed setup.sh , then fat rat could not be executed .

[peterpt]

Just another thing , if you find any bug on my changes then let me know , because from this minute i could not found any error executing fatrat or any of its current scripts or even the new apkcreate script .

The changes i made in last 15 minutes where the only minor bugs i found in apkcreate where path variable was not written properly for that script current path variable set .

[peterpt]

sorry for last hour changes , i just had to update readme.md in main directory because pictures were still from 1.8 version , and i also updated the tutorial video link related to how to create a rat apk . Everything is finished now .

[screetsec]

will be update

[peterpt]

i know , but now i got another idea to implement . Everyday that passes by i remember things to implement . I will see if i can implement in backdoor embeded menu a zenity popup with a window with user file explorer for user browse the app apk file . This way we will avoid manual write paths errors .

[peterpt]

ok , on my git , zenity will popup from now on everytime user selects an apk rat . -Zenity will popup a file browser that only shows files with extension (apk) -Zenity will popup a window to user write the LHOST and LPORT variables .

This idea just came up this morning to implement , and it is finished . Until you update your git with all these changes in my git i will not make any more updates to the code .

[screetsec]

dont use zenity to much { Graphic user interface ) , why im not using gui in located file and set flhost ? because i want thiss tool >> old school style .

[screetsec]

if you want create that , sure no problem . but . i suggest you , when you use use zenity for another features .the tools iits noot beatiful again :p

[peterpt]

yeah , i know . But i think that options like these where user have to write a path to a file manually , is better to use zenity file browser option to avoid errors . And yes you are right , too much zenity will break break fatrat original interface .

[screetsec]

android-sdk-25 ( larger file ? am i right ?

[peterpt]

yes , and that folder contains sub-folders with libraries and all the android tools , so apktool does not have to depend on system old incompatible tools . I think that just that folder have near 100M . we have to use this way until debian compiles the new apktool and android-build-tools to their repository , witch will not be in a very near time frame . apktool in debian is at 2.2.1 and 2.2.2 is on experimental . https://tracker.debian.org/pkg/apktool

Android build tools on kali repository is still on 23 http://http.kali.org/kali/pool/contrib/g/google-android-build-tools-installer/

the same thing happens to debian sid repo : https://packages.debian.org/sid/google-android-build-tools-installer

because jessie repository is still on version 20 https://packages.debian.org/jessie/google-android-build-tools-installer

So , they will first go to version 24 and then after sometime they will go to 25 witch is the version we use . But when they get to 25 version then we are already at version 27 or whatever .

[screetsec]

200 mb ?

[peterpt]

android-sdk-25 : 246Mb apktool2.2.2 : 8.1Mb proguard 5.3.2 : 7Mb

the reason why android sdk is so big is because an apk is not for only a particular device or resolution . And android sdk to compile those rat apks must have the libraries for that specific device .

Anyway , if users install this package from apt , it will be downloaded from google or any other mirror because of its size .

look here at the file tools_r25.2.5-linux.zip in one of the android repositories . http://mirrors.neusoft.edu.cn/android/repository/

I had i comply with backdoor-apk requirements used by dana james at his github . https://github.com/dana-at-cp/backdoor-apk/tree/master/backdoor-apk/third-party/android-sdk-linux

one of the other reasons why it is so big , it is because proguard interacts with the compiled apk , and proguard requires the file "android.jar" witch is not in build tools but it is in sdk , and this is why the folder is so big in size . look here the android.jar file : https://github.com/dana-at-cp/backdoor-apk/tree/master/backdoor-apk/third-party/android-sdk-linux/platforms/android-25

and look here the call for that file in proguard config , line 15 in the original project : https://github.com/dana-at-cp/backdoor-apk/blob/master/backdoor-apk/android.pro

the original script is from him and i just adapted it to fatrat directory structure and tools paths .

[peterpt]

add in main fatrat folder on the readme.md the credits to : https://github.com/dana-at-cp/backdoor-apk

also , remove the docker , because it will not work if user relies on docker to install fatrat , without running setup.sh the config.path will be not created , and if config.path is not created then nothing will work and every script in fatrat will say to user execute setup.sh

Change picture of fatrat on readme.md , the current picture is still at 1.8 version .

you did considerable changes in setup.sh . I have no idea if we will have issues with the current old aapt version from user system interface with the new apktool .

You are mixing apktool2.2.2 with an aapt tool from android 23 (in case user have some installed on his system) , where dx is from 25 .

You should get in consideration the fact that when i rebuild the setup script , i did it thinking that user may have or not a kali system installed , while you considered that every user that will use fatrat is using a pentest distribution . the reason i say this is because : pentest distros have aapt already instaled by default non pentest distro dont have it installed by default .

One of these things will happen on the next days or weeks when users start to clone the git and using it :

• on rat apk creation errors will appear in apk.log file related to aapt (users with pentest distros)
• aapt not found and apks will get an error on compiling .

the thing is that i write a variable path for aapt in config.path , but in reality that variable is never called in any script . aapt is called automatically by apktool2.2.2 to system path . This is the reason i added the code to uninstall current user aapt version , and created a simlink to aapt in android25 folder on fatrat . This way when apktool2.2.2 call the aapt it will be reedirected to latest aapt tool on android 25 and not any old one that user may have already installed , or don have it installed .

Well ..... , we will know in the bugs in future .

[screetsec]

lets discuss in email dude , this issue will be close