Injecting Payload into an Android Application | Msfvenom (TheFatRat) Tutorial

Msfvenom is a command-line instance of Metasploit that is used to generate and output all of the various types of shellcode that are available in Metasploit.

Metasploit Project

The Metasploit Project is a computer security project that provides information about security vulnerabilities and aids in penetration testing and IDS signature development.

TheFatRat

TheFatRat a massive exploiting tool: Easy tool to generate backdoor and easy tool to post exploitation attack like browser attack, dll. This tool compiles a malware with popular payload and then the compiled malware can be executed on windows, android, mac. The malware that created with this tool also has an ability to bypass most AV software protection.

For this tutorial, you need to install Lazy Script.

Procedure:

1. Open terminal in kali, type “l” and press enter.

2. Type “9” and press enter.

3. Type “2” and press enter.

4. Type “5” and press enter.

5. Press Enter.

6. Type “1” and press enter.

7. Type “3” and press enter.

8. Enter the local IP address and press enter. Type the Local Port and press enter.

9. Enter the base name of the output file.

10. Type “1” and press enter.

11. Enter “y” and press enter.

12. Press Enter.

13. Type “15” and press enter.

14. Enter the filename and press enter.

15. Type “sessions” and press enter.

16. Type “sessions -i 1” and press enter.

17. Type “webcam_snap” and press enter.

Photo from the back camera of the android phone.

Make sure your internet connection is strong otherwise you might face some errors.

In recent years, numerous security professionals and others have acquired criminal records and ended their careers by experimenting on or actively attacking computer systems without permission. I urge you to use the information contained in this article only for lawful purposes.

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store