A quick and dirty python script to embed a Metasploit generated APK file into another APK for fun.
Clone or download
Joff Thyer
Joff Thyer added presentation
Latest commit 037394d Oct 6, 2018
Type Name Latest commit message Commit time
Failed to load latest commit information.
DerbyCon-MobileApp-2018.pdf added presentation Oct 6, 2018
README.md added readme Oct 3, 2018
android_embedit.py added ability to generate self-signed keystore Oct 3, 2018



This script performs the following actions to embed a Metasploit generated APK file into another legitimate APK.

  • decompiles a Metasploit APK file, and any other APK file.
  • locates the main Activity entrypoint in the APK being targeted
  • copies all Metasploit APK staging code to destination APK
  • adjusts the main Activity entrypoint smali file with an invoke-static call to kick off the Metasploit stage.
  • adjusts the final AndroidManifest.xml with appropriate added permissions
  • recompiles, and resigns the final APK file.

All actions are performed within the "~/.ae" directory which is created during runtime. The script requires that keytool, jarsigner, and apktool are installed. A KALI distribution will work well to run this script on.