Persistent backdoor for Android

I am exploting my android smartphone in same network. I have installed malicious APK in my android phone and I have also put a shell script for persistent backdoor.
But after every 30 seconds, the app automatically pop up on to screen, which is very suspicious.
Also whenever I FORCE STOP the app, the connection died.
Hiding app is of no use.

Is there is any other persistent backdoor for Android?

@imEH Tell us more about the app name. Give us all info of android and apk. What os are you using for it?

2 Likes

Attacker: kali Linux
Victim: Redmi note 4
Android version: 7.0 NRD90M
APK: random
Payload created using Evil- droid

The backdoor is working fine when app is working in open.
I have also uploaded the shell script onto the sdcard and also run it.
But as I go to home page of android (APK is still running in background) then the app pop (app restart on the screen) after every 30 seconds, as I have set in shell script.

And if I stop the app in background, the backdoor terminated.
I also hide app icon, but of no use.

If you need some more information, please tell me. I will send you all photos.

If you have kali linux installed then create a proper apk using metasploit and don’t go for apps like apk-droid etc.

@imEH Have you tried Pupy . In my opinion it is better.

3 Likes

I am currently working on a video on this, i know it has taken a while but my research has been extremely successful and i have various methods i will showcase. The video will be scheduled for release next week.

10 Likes

@alexis Cool cant wait to see it.

1 Like

Please also demonstrate the importance of shell script for persistent backdoor and ethical hacking.
I see a huge benefit of shell script but unfortunately I don’t know how to use it for android exploitation or android ethical hacking.

@imEH you can set your app as a service in the manifesto
you should take a look a this code https://github.com/frameproject/gpstracker
also, remember that an android phone is just a linux with a fancy java interface…
you can send and execute efl binnary via adb

1 Like

@alexis Hello, where can we check out your video when its ready? Thank you.

@weitz11 You can check out at Hackersploit official youtube channel.

It very easy to hack android using msfvenom
But i hate to do it on Lan cuz its sucks so i use ngrok to hack android on wan + u can also use apkbackdor or evil droid or Fat rat to bind with other apk application

Need Help
if possible… Advanced Web Attacks and Exploitation (AWAE) new video tutorial link can u send me. Thank u

Its funny, you guys are trying/doing the hacking and im trying to learn how to reverse the remote hack…i know that whoever got me, they are REALLY good. Using the Google Play Services platform to remote install apps to my device, manage my Verizon account(and not through My Account) divert texts, mirror my IMEI, ICCID and then disable my access to calls/text network. Control my device screen remotely and monitor use, not only did they install the apps, but they configured them as hidden system apps with gray buttons. The worst part? They modified my Settings App to prevent Search, Network, Permissions Access and Notification Access. I really need help. Its definitely a challenge.

Your problem is totally irrelevant to asked question. it’s not our fault if you do not understand of if you are hacked. You can try to factory reset your handset. Maybe you will get those unwanted codes off your phone.

Hey man, I was not being accusatory. I admire you guys’ technical prowess. I thought it had some relevance since the guy asked how you can remote hack… I may have personalized a bit and used the reply as a platform for stating my dilemma, but there’s more than one way to skin a cat, right? If, by chance, someone could reverse engineer the hack, voila! He has his solution. Also, what tech-junkie doesnt appreciate a good challenge to beat someone elses work? But your probably right, What do I know? Im just a #dudewithcomissues. Also, do you think Im THAT big of a noob? Ive tried soft & hard reset, ive wiped data partition, installed numerous un install apps, disabled the apps i could, exhausted my Droid K. (droid knowledge), tried to root(unfortunately, i don’t have access to a pc due to my deployment) and now trying the termux route. Itd be great if you had a little bit more advanced advice than “do a reset”. You’re the man!

hi
would you please send video you prepared to me
thank you

That just sounds like an OTA Update, like I got on my Obama-phone after activating it : )