Hey readers, today we’ll see how to create a backdoor using EvilDroid. Since Android users have increased in the last decade and this led android devices to be more prone to getting hacked and for the same we have many tools for creating payloads. Earlier we’ve seen MSF venom for the same purpose but in that, we need a host so that the data could travel to the attacker. Here we’ll be using EvilDroid as we don’t need any host website to make the data travel to the attacker.
For installation of EvilDroid, Just write the below command on your terminal:
git clone https://github.com/M4sc3r4n0/Evil-Droid.git
By running the above command, the repository will be cloned on your local system.
For running the EvilDroid, you have to change the permissions of the script file to executable.
For the same, you have to run the below commands:
cd Evil-Droid/ sudo chmod +x evil-droid
Then for running the script, run the below command:
By running the above command, you’ll see that necessary dependencies will be downloaded by the EvilDroid itself as shown below.
For the next step, a prompt will come onto your screen asking for launching the executable service of EvilDroid like below.
Hit YES and you’ll see the interface of Evildrois as below.
Generating Payload and using it
Here we’ll select the 4th option, the BYPASS AV APK. Then a prompt will appear in front of you asking for the host IP and it will look like below:
Then it will ask you to enter the port number on which you want to listen to the traffic. and it will look like below:
After that, it will ask you the name of the APK file that is going to be built as below:
Now a new dialog box will appear asking for payload and we have to choose for android/meterpreter/reverse_tcp as it is an apk file so we have chosen so.
Later it will generate the payload and you’ll see your backdoor being generated like below:
Once this is done, then Evil-droid will present you with the communication protocol and you have to choose Multihandler. It will automatically start the Metasploit Multihandler and will be listening to the incoming connection. After that, navigate to /Evil-Droid/evilapk and you’ll find your payload over there.
Now you have to transfer that apk to the victim’s Android device and run that apk on that device. Just after that apk runs, it will look like a standard Instagram installation, and in the backend, it will send the attacker a reverse shell TCP connection. And there you go. For more information, click here.
Note: Use this for knowledge purposes only as hacking into someone else’s device comes under cybercrime.