Android Hacking Made Easy: AndroRAT Tutorial

This article is a summary of the YouTube video ‘How to Hack Android by simply sending an APK – AndroRAT Tutorial’ by CIP Cyber

Written by: Recapz Bot

Written by: Recapz Bot

AI Summaries of YouTube Videos to Save you Time

How does it work?
The video presents Andro RET, an educational tool for testing Android device security, explaining its usage, installation requirements, APK creation, and device access, both within and outside a LAN, using tools like ng-rog and port map.

Key Insights

  • The video discusses an educational tool called Andro RET for testing the security awareness and access controls of Android devices.
  • The speaker explains the process of using Andro RET within a local area network (LAN) and then outside the LAN.
  • The required software includes Kali, Parrot, or Ubuntu machine, Python 3.6 or 3.8, and Java version 8.
  • The speaker demonstrates how to clone the Andro RET application using the Git clone command.
  • Installation of Python 3-PIP is recommended, and the requirements can be checked and installed using the command: pip install -r requirements.txt.
  • The Andro RET tool has two main commands: "build" to create a malicious APK and "shell" to start an interactive session with an Android device.
  • The speaker shows how to build an APK by providing a local IP, port number, and output file name.
  • The malicious APK file can be sent to the target device through various means such as email or file upload.
  • The speaker sets up a listener using the Andro RET shell command and provides the local loop IP and the same port number.
  • The APK is installed on the target device, and the speaker demonstrates various commands that can be used through the interactive session, including grabbing device information, accessing camera, taking pictures or recording audio, accessing inbox and call logs, and getting a shell access.
  • The video mentions the possibility of binding the malicious APK with other files, which is not shown in detail but can be explored in another tutorial.
  • The speaker discusses accessing Android devices over the internet using tools like ng-rog or port map.
  • Port map is recommended, and the speaker explains how to set up an account, generate an OpenVPN configuration file, and create a mapping rule on the port map website.
  • The generated configuration file is downloaded and used with the OpenVPN command to establish a secure tunnel.
  • A new APK is built using the URL and port number provided by the port map rule, enabling access to the Android device from the internet.
  • The video concludes by encouraging viewers to like, subscribe, and share, and thanks them for watching.

Seedless Grapes: Are They GMOs?

Annexation of Puerto Rico: ‘Little Giants’ Trick Play Explained

Andrew Huberman’s Muscle Growth and Strength Workout Plan

AMG Lyrics – Peso Pluma

Alex Lora: Rising Passion

Ahsoka Recap: Season 1 in Brief

Transcript

Opening the file. Wow wow there you can see that. There you can see that I got the interactive session of the target Android phone easy peasy, and of course we can take pictures, we can start video recording, we can start audio recording, we can see the inbox and send logs. Hackers use many malicious applications in the wild to hack or access Android devices. Being cybersecurity professionals, we also need to test the security awareness and the access controls of the company’s Android devices.

This video tutorial discusses an educational purposes tool called Andro RET. At first, I will explain how to hack within the LAN, and then we will discuss how to do this outside the local area network.

A quick disclaimer before moving further, this is not a hacking tutorial nor does the tool or this technique discussed in this video suggest hacking. This video is for educational and training purposes only. Moving forward, open your Kali, Parrot, or Ubuntu machine. I’m using my Ubuntu machine here, so the program that I was talking about is called Andro RET.

First of all, what we are going to do now is clone this application so that we can work further. Open your terminal. “Git clone” is the command that you should use and paste the URL here. It’s cloning done.

If you do not have PIP installed, I recommend you install it because we will be using or utilizing the PIP command. To install it, simply type “sudo” if you are not logged in as root, just like me, and install so get the Python 3-PIP.

Also, another requirement is that you need to have Python 3.6 or at least 3.8 installed. Oops, sorry, let me do it again. Then I already have it. Now, as I said, you need to have Python version 3.6 or 3.8. Apart from this, you should also have Java version 8 installed on your operating system. To install Java, you need to simply type, let me clear this first, let’s type “sudo”, since I’m not logged in as root, “sudo install openjdk-8-jdk”. So, this is how you install Java version 8. It’s already installed on my operating system, that’s it.

Now, cross-check the Python version as well. So, let’s see “Python 3 version” and let’s cross-check it. So, I have 3.8.10, which is good enough. So, all the prerequisites are done. Now, let’s cross-check the requirements. To do this, let’s get into the directory that we have just downloaded, which is “andro-ret”. So, it should be “andro-ret”. That’s it.

So, there you can see this is the Python script that we will be using, and this is the “requirements.txt” file that needs to be fulfilled. To check this, simply type “pip install -r requirements.txt”. It’s gonna check all the prerequisites and the required files, whether they are installed or not, and if not, it will install them. So, there you can see that I have already satisfied all the requirements. If you have not, then it will automatically satisfy or install all the required files or configurations.

Now, don’t worry about the commands; I will share them in the description. Well, it’s ready. This tool has two main commands. The first command is “build” to actually build the malicious APK. The second command is a “shell” command to start an interactive session with an Android device. In real life, attackers usually bind their APK with other APKs or other files. This could be the next tutorial. Let me know in the comments if you want that particular tutorial.

Now, anyway, let’s move further to create the APK. So, let me just clean it first, and I’m going to use, first of all, I’m going to check my IP, and this is my local IP. I’m going to open a new tab here, “ifconfig,” to check my local IP, which is 192.168.8.101. So, let’s run the Python script, Python version 3, and the script that I’m going to use is “andro-ret.py”. So, what I’m going to do, I’m going to build it, and I mention your local IP, 192.168 (I forgot it, let me just cross-check) 8.101, 8.101, and then “-P” mention the port number that you want to listen to, for example, port number anything, 8282, which is not a common port number, and “-O” mention the output file, so for example, my test or anything else, dot APK. So, this is the output file name. Let’s build it now. Perfect! There you can see that it has built the APK and it has also signed the APK as well. So, this is the application and “mytest.dot APK” file that needs to be sent to the target or the victim’s phone.

So, what you can do, you can, I mean, just email it, you can upload it to a drive, you can bind it with another file, do whatever you want to do. For this demonstration, I will install it on my Android emulator. Let’s first check this file, “ls”. There you can see where it is. Oh yep, there you can see, this is the file that I have, and if you get into the directory, you will also see this. So, there you can see, “mytest.dot APK” file. It needs to be sent to the target machine. Alright, so before sending that file, I’m starting my listener so that I can listen whenever the connection, whenever the target installed that particular malicious file.

So, to install, to start the listener, we just need to install, as I said before, the shell service of that particular tool Android. So, this is the script, and here rather “build”, I’m gonna use the shell. So, shell, and I can mention the IP, “0.0.0.0” is my local, means the local loop IP, and the port number. Make sure that to mention the same port number that you have mentioned while creating the malicious APK. Now, just start the listener service. It’s waiting for the connection.

Now, let’s send this particular file to the mobile or the Android emulator that I have here. As I said, you can use any means that you want to send that particular APK. I’m just uploading it, you know, the traditional way. So, let me just upload it into my mobile, and I will install it. It’s installing here. There you can see. And meanwhile, you should keep an eye on this terminal as well. Once I open that program, I will get the shell. So, keep an eye on this one.

Opening the file. Wow, wow! There you can see that. There you can see that I got the interactive session of the target Android phone easy peasy. What you can do now, let’s check the help and let’s see what we can do. A lot of things we can grab the device information, we can see the camera list, I mean, how many cameras this particular device has, either the front camera or the back camera. And of course, we can take pictures, we can start video recording, we can start audio recording, we can see the inbox and send logs, oh my god, call logs. And we can also get the shell access, which is very interesting because once you get the shell access, you can do whatever you want to do. You can also get the location, the IP. For example, let me just say “device info”. So, there you can see that this particular device information. And let’s say, get… I don’t know, “get MAC address” or “let’s see get make MAC address”, okay, if I’m spelling it correctly. So, that is it. This is the MAC address, and I can exit.

I can see the camera as well, so what’s this? “cam list”, alright. So, let’s see the camera of the back camera, front camera. Well, since it is an empty emulator, it doesn’t have messages that I can grab. But to test, I can do, I think, a picture. So, let’s say “take picture”. What

This article is a summary of the YouTube video ‘How to Hack Android by simply sending an APK – AndroRAT Tutorial’ by CIP Cyber