Bug Fixes
- Fixed issue signing a recompiled APK with the original APK not in the same directory as the backdoor-apk.sh script
Improvements
- Removed proguard as the Metasploit msfvenom tool used to create the Android RAT payloads now uses it
- Hooking and injection logic
Bug Fixes
- Fixed various issues identified with RAT payloads generaeted with more recent versions of msfvenom
- Fixed issue with the const-string obfuscation technique that could silently break recompiled APKs
Improvements
- Provided an option to keep original Android manifest permissions or to merge with those found in the Metasploit Android APK
Bug Fixes
- Fixed a bug that resulted in duplicate permissions in the Android manifest when merged
Improvements
- Upgraded const-string obfuscation technique used in RAT smali files
Improvements
- Updated third-party software and tools
Bug Fixes
- Fixed smali file to hook logic to properly handle shorthand class names in activity elements in the APK manifest
- Fixed smali file to hook logic to handle cases where a super class must be hooked
Bug Fixes
- Fixed smali file to hook logic to handle multidex APK files
Improvements
- Dynamic obfuscation of const-string values in RAT smali code
Bug Fixes
- Fixed invalid date bug in the original cert info extraction logic
Improvements
- The generated signing cert uses the valid from date and validity value from the original APK cert
Bug Fixes
- Fixed various issues with the original cert info extraction logic
- Fixed minor issue with the proguard configuration file
- Fixed namelist values that include dashes causing Apktool recompilation errors
Improvements
- Automatic generation of Metasploit resource script to handle selected payload (credit to John Troony for the suggestion)
Bug Fixes
- Fixed persistence hook breakage caused by upstream changes in Metasploit
Bug Fixes
- Fixed breakage caused by upstream changes in Metasploit
Bug Fixes
- The logic used to extract the original certificate dname value no longer breaks with non-English versions of keytool
Improvements
- New UI enhancements allow selecting Android payloads and entering LHOST and LPORT values
- New ascii art is displayed on script execution
- First attempt at improving the readability of logging output
- Apktool is no longer provided as a third-party tool, backdoor-apk.sh now expects apktool to be properly setup on the system
Miscellaneous
- README and HISTORY file updates
Bug Fixes
- Proguard processing no longer breaks the Metasploit android/meterpreter/reverse_https payload in repackaged APKs
Bug Fixes
- Placeholder logic no longer fails on Linux systems configured for 32 bit long values
Miscellaneous
- Added AUTHORS and HISTORY files
Improvements
- Added obfuscation of const-string values in smali files obtained via msfvenom Android payload generation
- Improved proguard obfuscation of smali files obtained via msfvenom Android payload generation
- Minor code refactoring
Miscellaneous
- README file updates
Notes
- First time repackaged APKs avoid detection by all mobile antivirus vendors on virus total
Improvements
- Added persistence hook via broadcast receiver
- Cleaned up persistence logic code
Miscellaneous
- README file updates
Improvements
- Added multi (metasploit/msfvenom Android) payload support
- Changed how payload details are displayed in console output
Miscellaneous
- README file updates
Bug Fixes
- Fixed the smali file to hook locator logic
Improvements
- General error detection and handling enhancements
Improvements
- A new RSA key and self-signed cert is created with dname info from original APK on each script run
Miscellaneous
- README file updates
Improvements
- Now using proguard to obfuscate smali files obtained via msfvenom Android payload generation
- Removed dependency on openssl
Miscellaneous
- README file updates
Bug Fixes
- Fixed bad smali file to hook locator logic
Miscellaneous
- README file updates
- Birth
- Conception