Android persistence backdoor

What is TheFatRat ?? 

An easy tool to generate backdoor with msfvenom (a part from metasploit framework) and easy tool to post exploitation attack like browser attack,dll . This tool compiles a malware with popular payload and then the compiled malware can be execute on windows, android, mac . The malware that created with this tool also have an ability to bypass most AV software protection .

   


Automating metasploit functions 

·                     Checks for metasploit service and starts if not present 

·                     Easily craft meterpreter reverse_tcp payloads for Windows, Linux, Android and Mac and another 

·                     Start multiple meterpreter reverse_tcp listners 

·                     Fast Search in searchsploit 

·                     Bypass AV 

·                     File pumper 

·                     Create backdoor with another techniq 

·                     Autorunscript for listeners ( easy to use ) 

·                     Drop into Msfconsole 

·                     Some other fun stuff :) 

Autorun Backdoor 

·                     Autorun work if the victim disabled uac ( user acces control ) or low uac ( WINDOWS )

·                     What is uac ? you can visit ( http://www.digitalcitizen.life/uac-why-you-should-never-turn-it-off )

·                     I have also created 3 AutoRun files

·                     Simply copy these files to a CD or USB

·                     You can change the icon autorun file or exe in folder icon ( replace your another ico and replace name with autorun.ico )

HOW CHANGE THE ICONS ? 

·                     Copy your icon picture to folder /TheFatrat/icons

·                     Change the name into autorun.ico

·                     And Replace

·                     Done

Changelog 
Be sure to check out the [Changelog] and Read CHANGELOG.md 

Getting Started 

1.                  git clone https://github.com/Screetsec/TheFatRat.git

2.                  cd TheFatRat/setup

3.                  chmod +x setup.sh && ./setup.sh

How it works 

·                     Extract The lalin-master to your home or another folder

·                     chmod +x fatrat

·                     chmod +x powerfull.sh

·                     And run the tools ( ./fatrat )

·                     Easy to Use just input your number

Requirements 

·                     A linux operating system. We recommend Kali Linux 2 or Kali 2016.1 rolling / Cyborg / Parrot / Dracos / BackTrack / Backbox / and another operating system ( linux ) 

·                     Must install metasploit framework 

READ 

·                     if prog.c file to large when create backdoor with powerfull.sh , you can use prog.c.backup and create another backup when you running option 2

Catch a cheater

You have observed your partner and noticed some significant changes in behavior. They are more secretive about using their phone; they are working late or on the weekend; or they are not connecting with you like they used to. Do you have a cheater in the house? How can you find out? There are some old school methods and then there are some ways technology can help you with.

Tried and True from the Past

While some of these techniques may be a little too much cloak and dagger for you, they have worked many times in the past to catch cheaters. And they may suit your style of operation.

1.                Show up at a known location unexpectedly and assess the situation. Drop into the baseball practice to see if they are present. If they are not there, ask the team members about the absence. Listen carefully. Sometimes friends are willing to share their suspicions. Sometimes they try to cover up. If the suspected cheater is present, watch from a distance to see if anything is going on.

2.                  Check the garbage and recycling in your home and at their work for incriminating evidence.

3.                  Look through the phone bills, bank account statements, or charge card statements for charges that are suspicious. Are there restaurant charges that are unfamiliar?

4.                  Check the odometer of the car to see if there is extra mileage that would signal extra trips to an unknown location.

5.                  Set your spouse up by planning a trip (business or family) and then stay close to home to observe what is happening. Use a camera to log the evidence.

Technological Solutions   There are Apps for That! ???

You may want to use a technological solution for tracking behaviour for a variety of reasons. The evidence has already been recorded. All you have to do is locate it. It is easier to use technology, instead of a more physical solution. You will have evidence that you can use to confront the cheater. You are too embarrassed to go sneaking about. 

1.                  Everyone's phone is full of personal information that is of a very telling nature. If you know the password, great. If you don't see if you can learn it by watching your partner unlock the phone. Or try some educated guesses. And then go through the phone looking for incriminating evidence. Review recent calls for repeated numbers, review the photos for people you don't know, look through messages and the app histories.

2.                  If you can get into a computer your partner uses look for the same things you have done on the phone - any call history from programs like Skype and  also look at History on the web browser. Check out the photos there as well.

3.                  On social media sites that are used by the cheater look for unusual items, such as a review of a restaurant you don't recognize and comments that don't make any sense to you, such as “Great Game with the Red Sox, Friday night.” when you thought working late was was the excuse.

4.                  If you do not know the passwords, take advantage of the opportunity to loan your phone to your partner in hope that they forget to log out. Then you can use that  for access to complete searches.

5.                  Installing tracking software on phones is another possibility, once you can get into the phone. Programs such as Contact Spy can track activity. Also you can track your spouse's cell phone by using the GPS function.

6.                  If you can get access to the computer, you can install  software that will pull up incriminating  evidence such as key loggers that track keystrokes, 

7.                  Make a fake idea for a dating website to see if you can find your partner there. If you are insistent, set up a date.

8.                  Use an audio recording device in a location where the cheater usually talks on the phone set to voice activate for those conversation that you are not allowed to hear.  Many of these devices look like something else to make them appear to be innocuous. Put it in the home office, workshop, kitchen or bedroom.

9.                  Put a hidden GPS on the car to track the journeys taken.

Raven – Linkedin Information Gathering Tool

Raven is a Linkedin information gathering tool that can be used by pentesters to gather information about an organization employees using Linkedin. Usage of this is application is pretty simple. It requires at least three parameters. The first one is the company name , the second one is the country initials and the domain name.  Please do not use this program to do stupid things. The author does not keep any responsability of what damage has been done by this program.

Installation

• Run setup.sh as root
• Adjust Linkedin credentials in raven.py or pass them as parameters.
• If you are running in Kali Linux , to avoid problems with selenium update firefox to the latest version.

Usage

raven.py [-h] -c COMPANY -s STATE -d DOMAIN [-p PAGES] [-lu LUSERNAME] [-lp LPASSWORD]
-c COMPANY, --company COMPANY  Input the Company name. Ex: Pizzahut        
-s STATE, --state STATE Input  the State initials. Ex: uk , al , etc...           
-d DOMAIN, --domain DOMAIN     Input the domain name. Ex: gmail.com
-p PAGES, --pages PAGES        Number of google pages to navigate. Ex: 3
-lu LUSERNAME --lusername LUSERNAME    The linkedin username to use.
-lp LPASSWORD, --lpassword LPASSWORD   The linekdin password to use.

For example , if the company that you want to search is Evil Corp and the state is Albania the parameters would be:
python raven.py -c 'Evil Corp' -s al -d evilcorp.al


You can also specify how many pages of Google Search you want to search with the -p parameters
python raven.py -c 'Evil Corp' -s al -d evilcorp.al -p 3


The command above will search for results on 3 first pages of google.




Tool Internals

The tool actually is a scraper that works with selenium. It uses a google dork to extract the LinkedIn url’s and then it exctracts data from them. As you may know Linkedin has different subdomains for country-s.
For example : al.linkedin.com is for Albania, uk.linkedin.com is for United Kingdom etc. 


The state parameter is actually the subdomain of the LinkedIn website.