There are two parts to this hack. The first part is a server-side application based on Electron framework, in our case, just our desktop or laptop, but this could be scaled up to some degree if needed. This acts as a control panel which we use to create and connect the RAT. The second part is a client-side, which is the infected Android application we will use as a backdoor. Below is a quick demonstration of how AhMyth is used to access the victim's Android devices.
1. There are two ways to download and install AhMyth. The first is to download the source code directly from Github and the second is to use the binaries they provided.
Method One: Linux
First, check whether your system has all of the requirement installed.
Java JDK - is used to generate the APK backdoor
Electron - is used to start the desktop application
Electron-builder and Electron-packer - used to build the binaries for MacOS, Windows or Linux.
Once you have all of the requirement installed you are ready to proceed. First clone the code from Github using the following command
Then move to the AhMyth-Android-Rat directory with the following
cd AhMyth-Android-RAT/AhMyth-Server
Once you're in, start AhMyth with the command below.
npm start
This program is still in beta development, and as such, it isn't as robust as it could be. Some users have gotten errors when attempting to start it. If you do, try again running it as root, as seen below
sudo npm start --unsafe-perm
You'll know it's working when you see the GUI launch
Method Two: Windows and Using Binaries
1. The second method is installing on Windows. This method is very similar to the first method but since you are installing this on a Windows machine you can skip a most of command lines by just downloading the .exe files and double click on them to install all of the requirement. The only thing you have to change is when you are installing Git make sure you choose the option Use Git and optional Unix tools from the Command Prompt because this changes most of the Windows command to Unix which will make things a lot easier when we are using the command lines to install AhMyth.
2. Once you got all of the requirement above installed go ahead and open Git Bash like I have below.
3. Now type in git clone https://github.com/AhMyth/AhMyth-Android-RAT.git and press Enter
4. Now type in npm install electron-packager -g like I have below and press Enter.
Note that you can also get the instruction here as well, on how to install electron-packager.
4. Type in ls and press Enter. Look for the AhMyth-Android-RAT directory.
5. Use the cd command to change to the AhMyth-Android-RAT directory like I have below.
7. Type in npm start and press Enter
8. If you did everything correctly you should see a screen like below.
9. Once the tool is opened you will see two tabs. One is the Victims and the other is APK Builder. Click on APK Builder tab.
11. Type in the Source Port number. This port number can be any number you would like to listen on. For my example, I just put in port 4444 but you can put in any port number you want and click on Build. Now navigate to the directory C:\Users\UserName\AhMyth\Output and your APK file should be there.
Note: AhMyth also gives you the option to bind this trojan to an APK file but for this tutorial, I will only be using the standard option but if you were to use this to perform a pentest on a real victim it would be best to bind the trojan to an actual APK file like a game or an app.
12. To deploy this simply upload it to any file hosting site and send it to the victim and convince them to download and install it. Once the victim installed the APK file it will be completely hidden and all you have to do is go back to AhMyth, click on the Victims tab type in the port number you assigned to the APK earlier and click on Listen
0 comments:
Post a Comment