Apk Infector - Advanced OpenSource Meterpreter APK Binder

Hello guys!

I have created a new tool in python 3, which can embed meterpreter payload in legitimate apk,

Also, it is capable to generate key and auto signing the infected apk using JarSigner or APKsigner, It also automatically zipalign apk

Main Features

  • Fully Automate Payload Creation Using MSFvenom
  • Creates a handler.rc File
  • Undetectable
  • Ofusticate Meterpreter APK
  • Binds/Embeds Meterpreter APK with Any Legitimate APK
  • Automatically Generates a Key which is used in signing
  • Capable to Sign APK Using Jarsigner or APKsigner
  • Zipalign the Signed APK
  • Shuffles the Permissions of Meterpreter APK for AV Evasion
  • Changes the default foldername and filenames which are being flagged by AV

GitHub repository: https://github.com/Technowlogy-Pushpender/apkinfector

This is just a version v1.0

More features will be added,

Help

I want to make payload persistence, how to make meterpreter apk persistence,

No bash script method, no post exploitation modules, any other method which i can implement in my code.

Also, If you know any other AV evasion methods, then please reply!

2 Likes

Does it works even on the latest version of Android a.k.a Android 10?

I have only tested this on my device only which is running android 9

You can test it on your own

Nice @MrRobot . Did you check https://github.com/oddcod3/Phantom-Evasion ?

Yes, I checked Phantom Evasion, It also does the same work, which APK infector does to prevent detection

Hello @MrRobot read up on crontab and startservice for android. Then implement it to your program.