i Evil-Droid – Create, Generate and Embed APK Payloads – All things in moderation

Evil-Droid – Create, Generate and Embed APK Payloads

Evil-Droid is a framework that create & generate & embed apk payload to penetrate android platform.

Install

Dependencies :

metasploit-framework
xterm
Zenity
Aapt
Apktool
Zipalign

Download the tool from github:

 
git clone https://github.com/M4sc3r4n0/Evil-Droid.git

Set script execution permission:

cd Evil-Droid
chmod +x evil-droid

Run Evil-Droid Framework :

./evil-droid

Demo
Choose option. I choose
[1] APK MSF

Set LHOST:
Enter IP your host. In this post i choose IP local my virtual machine.

Set LPORT:

Select Payload:
In this post i will set default:

Choose payload option:

After completing the selection. Framework starts generating the apk file:

Done! Apk payload save in /root/Downloads/Evil-Droid/evilapk/evilapk.apk (in this post).

Now, I will select attack-Vector.

I will clone CH Play. I paste link CH Play(https://play.google.com/store?hl=vi)

Enter index name:

Next, Metasploit will start:

I access http://192.168.186.143/alvasky.html
Apk payload will download.

I installed apk payload on my emulator.

Apk payload install success.
We will see the session created:

You can execute commands to exploit:
Select sessions:

Execute commands to exploit:

The evil-droid also has other great functions. I will stop here for you to learn more about evil-droid. If you have any difficulties or comments below.
You can refer to here:

Download evil-droid.

Leave a Reply