MetaSploit Functionality

[Fnrs-Wlan]

Is there a Way to embedd the Metasploit payload into the AhMyth APK, practically opening the Connection to a Meterpreter Session via the Payload and a Connection to the AhMyth Server?

[Morsmalleo]

Is there a Way to embedd the Metasploit payload into the AhMyth APK, practically opening the Connection to a Meterpreter Session via the Payload and a Connection to the AhMyth Server?

You could probably achieve this doing the following:

1. Obtain your original APK file (if you haven't already)
2. Backdoor the original APK using Metasploit's msfvenom first.
3. After successfully backdooring the original APK with msfvenom go ahead and open AhMyth.
4. Select the APK Builder Tab and then select the "Boot" method
5. Select the APK file you backdoored with msfvenom earlier and then click the "Bind" button

NOTE: Don't use the "Activity" based method for this because it won't work because AhMyth uses the same method of hooking an original APK's Smali Class files in order to activate the payload after its been deployed and launched ever since the release of AhMyth v1.0-beta.4. it took me ages to implement this and it's very useful as well, currently only this official maintained repo uses it.

As for some actual metasploit integrations no I don't plan on doing this.

[Fnrs-Wlan]

Thanks for Answering! I tried these Steps (No Original APK): 1. Create Metasploit Payload APK with LOCAL IP - I use my Phone in the Same Network and Address Area so it should be no Problem - And Port 4444 2. Open AhMyth-Server APK Builder and insert Same LOCAL IP and Port 42474 3. Check Bind with Original APK, Check Boot Method - Browse for Payload APK 4. Create APK and Install using ADB to my Phone 5. Open APP and grant all Permissions Problem is that both the AhMyth Connection and Meterpreter Connection Dont work Normal AhMyth Apk does Work without Problems I decompiled the Combined AhMyth APK (Manifest is in the Email) and can see that no Metasploit Services are in there anymore. Aswell as all Smali files refering to the Metasploit payload. I guess Manual embedding of both payloads could be better. No Worries about the actual integration but i am having troubles with the persistence of the Metasploit Payload and cant get it to be persistent whilest ur APK works like a charm. Again Thx for the Quick Answer of yours Am Mo., 7. Okt. 2024 um 09:31 Uhr schrieb Morsmalleo < ***@***.***>:

…

Is there a Way to embedd the Metasploit payload into the AhMyth APK, practically opening the Connection to a Meterpreter Session via the Payload and a Connection to the AhMyth Server? You could probably achieve this doing the following: 1. Obtain your original APK file (if you haven't already) 2. Backdoor the original APK using Metasploit's msfvenom first. 3. After successfully backdooring the original APK with msfvenom go ahead and open AhMyth. 4. Select the APK Builder Tab and then select the *"Boot"* method 5. Select the APK file you backdoored with msfvenom earlier and then click the *"Bind"* button NOTE: Don't use the *"Activity"* based method for this because it won't work because AhMyth uses the same method of hooking an original APK's Smali Class files in order to activate the payload after its been deployed and launched ever since the release of AhMyth v1.0-beta.4. it took me ages to implement this and it's very useful as well, currently only this official maintained version uses it. As for some actual metasploit integrations no I don't plan on doing this. — Reply to this email directly, view it on GitHub <#586 (comment)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/ALYV3OW3JEOEJ5PT53LAYA3Z2I2FPAVCNFSM6AAAAABPPGWOZOVHI2DSMVQWIX3LMV43URDJONRXK43TNFXW4Q3PNVWWK3TUHMYTAOBWGQYDKNQ> . You are receiving this because you authored the thread.Message ID: ***@***.***>

[Fnrs-Wlan]

Forgot the Manifest its in this Email Am Mo., 7. Okt. 2024 um 10:29 Uhr schrieb Justtrying ***@***.***

…

: Thanks for Answering! I tried these Steps (No Original APK): 1. Create Metasploit Payload APK with LOCAL IP - I use my Phone in the Same Network and Address Area so it should be no Problem - And Port 4444 2. Open AhMyth-Server APK Builder and insert Same LOCAL IP and Port 42474 3. Check Bind with Original APK, Check Boot Method - Browse for Payload APK 4. Create APK and Install using ADB to my Phone 5. Open APP and grant all Permissions Problem is that both the AhMyth Connection and Meterpreter Connection Dont work Normal AhMyth Apk does Work without Problems I decompiled the Combined AhMyth APK (Manifest is in the Email) and can see that no Metasploit Services are in there anymore. Aswell as all Smali files refering to the Metasploit payload. I guess Manual embedding of both payloads could be better. No Worries about the actual integration but i am having troubles with the persistence of the Metasploit Payload and cant get it to be persistent whilest ur APK works like a charm. Again Thx for the Quick Answer of yours Am Mo., 7. Okt. 2024 um 09:31 Uhr schrieb Morsmalleo < ***@***.***>: > Is there a Way to embedd the Metasploit payload into the AhMyth APK, > practically opening the Connection to a Meterpreter Session via the Payload > and a Connection to the AhMyth Server? > > You could probably achieve this doing the following: > > 1. Obtain your original APK file (if you haven't already) > 2. Backdoor the original APK using Metasploit's msfvenom first. > 3. After successfully backdooring the original APK with msfvenom go > ahead and open AhMyth. > 4. Select the APK Builder Tab and then select the *"Boot"* method > 5. Select the APK file you backdoored with msfvenom earlier and then > click the *"Bind"* button > > NOTE: Don't use the *"Activity"* based method for this because it won't > work because AhMyth uses the same method of hooking an original APK's Smali > Class files in order to activate the payload after its been deployed and > launched ever since the release of AhMyth v1.0-beta.4. it took me ages to > implement this and it's very useful as well, currently only this official > maintained version uses it. > > As for some actual metasploit integrations no I don't plan on doing this. > > — > Reply to this email directly, view it on GitHub > <#586 (comment)>, > or unsubscribe > <https://github.com/notifications/unsubscribe-auth/ALYV3OW3JEOEJ5PT53LAYA3Z2I2FPAVCNFSM6AAAAABPPGWOZOVHI2DSMVQWIX3LMV43URDJONRXK43TNFXW4Q3PNVWWK3TUHMYTAOBWGQYDKNQ> > . > You are receiving this because you authored the thread.Message ID: > ***@***.***> >