Discuss about thefatrat HOT 16 CLOSED

clean up your file in peterpt/thefatrat , like log,bug and trash . i will download your files and uploads som files to my github . this open source dude , we can work together for develop this

why you put createapk in outside ? i suggest put create apk on /tools

and give alias
backdoorapk='tools/createapk' # exec script path

maybe i will fix some function and variable if you done with ( clean up log,bug and trash )

from thefatrat.

Hi , thanks for pointing out the log folder , somehow when i updated the last time i forgot to clean that folder .
If i change the location of createapk file to inside tools , then all script paths must be rebuild because that script was made to start looking for files after that directory path point .

i already cleared the log folder , all other folders are from fatrat originally except :
"list" folder = where createapk goes get names to hide the real payload in rat apk .
"java" folder = contains files that are needed to be copied during the rat apk creation
"temp" folder = where all rat apk temporary files are created .

**Important : **
i forgot to mention before , dockerfile was removed from fatrat because the way fatrat works now , user always have to execute setup.sh to configure tools paths .
Fatrat does not rely itself only on system installed apps , apktool , proguard , etc... configs are set during the setup script .
If we had docker file for instalation and user did not executed setup.sh , then fat rat could not be executed .

from thefatrat.

Just another thing , if you find any bug on my changes then let me know , because from this minute i could not found any error executing fatrat or any of its current scripts or even the new apkcreate script .

The changes i made in last 15 minutes where the only minor bugs i found in apkcreate where path variable was not written properly for that script current path variable set .

from thefatrat.

sorry for last hour changes , i just had to update readme.md in main directory because pictures were still from 1.8 version , and i also updated the tutorial video link related to how to create a rat apk .
Everything is finished now .

from thefatrat.

will be update

from thefatrat.

i know , but now i got another idea to implement .
Everyday that passes by i remember things to implement .
I will see if i can implement in backdoor embeded menu a zenity popup with a window with user file explorer for user browse the app apk file .
This way we will avoid manual write paths errors .

from thefatrat.

ok , on my git , zenity will popup from now on everytime user selects an apk rat .
-Zenity will popup a file browser that only shows files with extension (apk)
-Zenity will popup a window to user write the LHOST and LPORT variables .

This idea just came up this morning to implement , and it is finished .
Until you update your git with all these changes in my git i will not make any more updates to the code .

from thefatrat.

dont use zenity to much { Graphic user interface ) , why im not using gui in located file and set flhost ? because i want thiss tool >> old school style .

from thefatrat.

if you want create that , sure no problem . but . i suggest you , when you use use zenity for another features .the tools iits noot beatiful again :p

from thefatrat.

yeah , i know .
But i think that options like these where user have to write a path to a file manually , is better to use zenity file browser option to avoid errors .
And yes you are right , too much zenity will break break fatrat original interface .

from thefatrat.

android-sdk-25 ( larger file ? am i right ?

from thefatrat.

yes , and that folder contains sub-folders with libraries and all the android tools , so apktool does not have to depend on system old incompatible tools .
I think that just that folder have near 100M .
we have to use this way until debian compiles the new apktool and android-build-tools to their repository , witch will not be in a very near time frame .
apktool in debian is at 2.2.1 and 2.2.2 is on experimental .
https://tracker.debian.org/pkg/apktool

Android build tools on kali repository is still on 23
http://http.kali.org/kali/pool/contrib/g/google-android-build-tools-installer/

the same thing happens to debian sid repo :
https://packages.debian.org/sid/google-android-build-tools-installer

because jessie repository is still on version 20
https://packages.debian.org/jessie/google-android-build-tools-installer

So , they will first go to version 24 and then after sometime they will go to 25 witch is the version we use .
But when they get to 25 version then we are already at version 27 or whatever .

from thefatrat.

200 mb ?

from thefatrat.

android-sdk-25 : 246Mb
apktool2.2.2 : 8.1Mb
proguard 5.3.2 : 7Mb

the reason why android sdk is so big is because an apk is not for only a particular device or resolution .
And android sdk to compile those rat apks must have the libraries for that specific device .

Anyway , if users install this package from apt , it will be downloaded from google or any other mirror because of its size .

look here at the file tools_r25.2.5-linux.zip in one of the android repositories .
http://mirrors.neusoft.edu.cn/android/repository/

I had i comply with backdoor-apk requirements used by dana james at his github .
https://github.com/dana-at-cp/backdoor-apk/tree/master/backdoor-apk/third-party/android-sdk-linux

one of the other reasons why it is so big , it is because proguard interacts with the compiled apk , and proguard requires the file "android.jar" witch is not in build tools but it is in sdk , and this is why the folder is so big in size .
look here the android.jar file :
https://github.com/dana-at-cp/backdoor-apk/tree/master/backdoor-apk/third-party/android-sdk-linux/platforms/android-25

and look here the call for that file in proguard config , line 15 in the original project :
https://github.com/dana-at-cp/backdoor-apk/blob/master/backdoor-apk/android.pro

the original script is from him and i just adapted it to fatrat directory structure and tools paths .

from thefatrat.

add in main fatrat folder on the readme.md the credits to :
https://github.com/dana-at-cp/backdoor-apk

also , remove the docker , because it will not work if user relies on docker to install fatrat , without running setup.sh the config.path will be not created , and if config.path is not created then nothing will work and every script in fatrat will say to user execute setup.sh

Change picture of fatrat on readme.md , the current picture is still at 1.8 version .

you did considerable changes in setup.sh .
I have no idea if we will have issues with the current old aapt version from user system interface with the new apktool .

You are mixing apktool2.2.2 with an aapt tool from android 23 (in case user have some installed on his system) , where dx is from 25 .

You should get in consideration the fact that when i rebuild the setup script , i did it thinking that user may have or not a kali system installed , while you considered that every user that will use fatrat is using a pentest distribution .
the reason i say this is because :
pentest distros have aapt already instaled by default
non pentest distro dont have it installed by default .

One of these things will happen on the next days or weeks when users start to clone the git and using it :

• on rat apk creation errors will appear in apk.log file related to aapt (users with pentest distros)
• aapt not found and apks will get an error on compiling .

the thing is that i write a variable path for aapt in config.path , but in reality that variable is never called in any script .
aapt is called automatically by apktool2.2.2 to system path .
This is the reason i added the code to uninstall current user aapt version , and created a simlink to aapt in android25 folder on fatrat .
This way when apktool2.2.2 call the aapt it will be reedirected to latest aapt tool on android 25 and not any old one that user may have already installed , or don have it installed .

Well ..... , we will know in the bugs in future .

from thefatrat.

lets discuss in email dude , this issue will be close

from thefatrat.