Evil-Droid is a framework that create & generate & embed apk payload to penetrate android platform.
metasploit-framework xterm Zenity Aapt Apktool Zipalign
Download the tool from github:
git clone https://github.com/M4sc3r4n0/Evil-Droid.git
Set script execution permission:
cd Evil-Droid chmod +x evil-droid
Run Evil-Droid Framework :
Choose option. I choose
 APK MSF
Enter IP your host. In this post i choose IP local my virtual machine.
In this post i will set default:
Choose payload option:
After completing the selection. Framework starts generating the apk file:
Done! Apk payload save in /root/Downloads/Evil-Droid/evilapk/evilapk.apk (in this post).
Now, I will select attack-Vector.
I will clone CH Play. I paste link CH Play(https://play.google.com/store?hl=vi)
Enter index name:
Next, Metasploit will start:
I access http://192.168.186.143/alvasky.html
Apk payload will download.
I installed apk payload on my emulator.
Apk payload install success.
We will see the session created:
You can execute commands to exploit:
Execute commands to exploit:
The evil-droid also has other great functions. I will stop here for you to learn more about evil-droid. If you have any difficulties or comments below.
You can refer to here: