Installation
First of all install the termux application from F-droid if you haven't installed it already.
Then update and upgrade it's repositories by the command given below.
apt-get update && apt-get upgrade
Give the storage permission to termux by running the command given below.
termux-setup-storage
Download apkmod .deb file and Lemon rat .deb file.
After downloading the two files copy them to the termux home directory.
Copy lemon rat Deb file by this command.
cp /sdcard/Download/lemon_2.1-2_all.deb $HOME
Copy apkmod2 Deb file by this command.
cp apkmod2_1.3-4_aarch64.deb $HOME
Now Install the lemon rat and apkmod2 by running these two commands one by one.
lemon.
dpkg -i lemon_2.1-2_all.deb
Apkmod2
dpkg -i apkmod2_1.3-4_aarch64.deb
That's it you have successfully installed lemonrat in termux.
Now let's set the password. Go to this site Md5hash generator enter password the which you want to set to lemon then click on generate.It will generate the MD5 hash of your password . Copy the hash of your password
Open termux and go the directory /data/data/com.termux/files/usr/share/lemon/server.
cd /data/data/com.termux/files/usr/share/lemon/server
Type ls you will see a file with name maindb.json
ls
We have to edit this file inorder to set the password with command nano.
nano maindb.json
Paste the hash you have copied in the line password it have to be look like this
"password": "your hash",
After pasting the hash save the file by clicking the CTRL+S the CTRL+X to exit
That's it we had set the password
Creating the payload with lemon
Run lemonrat by executing the command lemon
open your browser and navigate to the url localhost:22553
localhost:22553
Go to build section and enter the ip 127.0.0.1 then click on build wait until the payload gets builded
After payload get builded open termux and go to the directory lemonrat there you will the find the payload with name L3MON.apk copy it to your internal storage
cp L3MON.apk /sdcard
Let's test the payload is undetectable or not
When we try to install the payload it is easily detected by the Google Play Protect.
Let's make the payload undetectable
Making the payload undetectable
Open playstore and search for apksigner Download the app
Open it.At bottom right side you can see two options sign a live app and sign a file click on sign a file and select the payload which we want to make undetectable
It will sign the apk after signing was completed you can find the signed apk with name L3MON.signed.apk
Try to install it .We can see that it was not detected by Google Play Protect
That's it for today guys hope you learnt something new let's meet in another post until the keep reading other posts bye.