12. Tool
● Decompile both the exploit and the original apks
● Random renaming of exploit file names
● Inject the meterpreter into the original apk
● Pack the original
● Sign
13. Meterpreter
features
Anything an app can do
● Record Audio
● Record Video
● Take screenshots
● Steal passwords
● Impersonate SMS
● Read call / sms logs
14. How to be aware
● Only use app store to download apps
● Use only the apps that are well known
● Look at their permissions before installing
● Use sandboxing techniques to try out applications
Disclaimer
Before I start, Everything shown here are only for
I am sure some of you are here to learn how to hack a random phone?
Well there nothing to learn it doesnt exists. There’s no silver bullet that works for all.
But there are tricks
Well in this era more relevant question would be not to hack the phones but to how to hack apps
Applications are distributed compiled
If you can read and write in this language, all the android applications are open source :D
There are multiple motivations as to why reverse engineer apps.
Good reasons
Translate apps
Security research
Perks and features
piracy
Keep Access - How to keep on accessing the machine
Hub -- use it to hack other targets
Use features
-- use the camera
-- record audio
Download APK
Generate metepreter payload with correct IP and Port
Sandboxing
-- different user
-- Parallel Space app