ANDROID POC HACKING WITH AHMYTH (ANDRORAT)

ANDROID POC HACKING WITH AHMYTH (ANDROID RAT)

I will teach you how to hack Android phone step by step. You will learn how to use AhMyth , a ANDRORAT to gain remote access.

In this tutorial we will work with a tool called AhMyth , an open source remote access tool.

INTRODUCTION TO AHMYTH AND REQUIREMENTS

AhMyth has many features that you would expect to see in a RAT like geo-location monitoring, SMS modules, contact list viewer, file manager, camera snapshots, microphone recorder and much more. This RAT is very easy to use due to its simple and efficient GUI design. AhMyth is a cross-platform remote access tool available for Linux, Windows, and Apple OS.

  • Server side : electron framework based desktop application (control panel)
  • Client side : Android application (backdoor or backdoor)

Multi platform

In this tutorial, I will be using a Linux (Kali) based operating system. If you are using Windows, AhMyth also has a version available.

First of all we need to install AhMyth.

Previous requirements:

  • Electron (to start the application)
  • Java (to generate apk backdoor)
  • Electron-builder and electron-packer

INSTALLATION OF AHMYTH

  • First we clone AhMyth on your system

git clone https://github.com/AhMyth/AhMyth-Android-RAT.git

  • With the cd command we go to the AhMyth-Android-Rat directory.

cd AhMyth-Android-RAT

cd AhMyth-Android-Server

  • Start AhMyth using the command below.

npm start

  • If you start AhMyth with npm and get errors you can try the following command:

sudo npm start –unsafe-perm

Alternative installation

Download the binary.

INSTALLATION REQUIREMENTS

You probably won’t be able to start AhMyth if you don’t have electron installed and so we need to install node.js. Follow the steps below:

  • Open the terminal and type:

curl -sL https://deb.nodesource.com/setup_9.x | sudo -E bash

  • Subsequently:

sudo apt-get install -y nodejs

We also need to install electron, we do it as follows:

git clone https://github.com/electron/electron-quick-start

cd electron-quick-start

npm install

npm start

  • We start by launching the application, inside the AhMyth-Android-Server folder :

npm start

//o también

sudo npm start –unsafe-perm

  • If for some reason the npm start command doesn’t work, you can run the following command to install the dependency manually.

DEVPLOIT: TOOL FOR INFORMATION GATHERING

npm install electron-prebuilt

  1. HACK ANDROID WITH AHMYTH RAT
  • As you can see from the screenshot below, AhMyth has started successfully.

Installing AhMyth on Linux

Now that AhMyth is running, you know that this is a desktop application based on the electron framework (your control panel) and that it will be used to create a listener for the attacking device.

  • In the top menu, click on “APK Builder”

default back door

In this tutorial I will use the basic backdoor that is generated by AhMyth. You can also embed a backdoor into an original apk using the Bind With another APK option.

  • Choose which port you would like to run the AhMyth server on. The default port is 42472
  • If you plan to use AhMyth within your own network, use your local IP address. If you plan to use AhMyth outside of your own network, use your public IP address.

AhMyth APK Builder

  • Once the APK file has been successfully generated, it’s time to move it to the target Android device. Use any of the delivery methods you want to send the malicious backdoor. Social engineering methods can often work better. Once the target installs the malicious Android app and launches it, the target device will appear from the AhMyth target menu.
  • Once a port has been chosen, click the “ Listen ” button at the top right of the AhMyth app.

If we open the compromised Android device from the target list, you can use various AhMyth modules to perform various evaluations of the target Android device.

  1. Camera: Take control of the front camera and rear camera in real-time.
  2. File Manager – Allows file access from compromised Android devices.
  3. Mic: you can use the microphone
  4. Location: Geographic location of the target Android device.
  5. Contacts: contact list of the compromised device
  6. SMS – SMS messages can be sent from compromised Android devices to other mobile devices
  7. Calls logs: You can view the call logs.
By Olivia Bradley

Leave a Reply

Your email address will not be published. Required fields are marked *

You May Also Like