There are hundred’s of Android Users now because of its customizations, ease of use, affordability and the flexibility but we all know one thing for sure that Android isn’t the operating system to count on when it comes to security. But who cares, right? So let’s begin with an application that was made by 4 students for a University Project to control our Android Phones Remotely i.e Remote Access Tool (Rat) which later on became Androrat. Let’s now know a little about it, shall we?
What is AndroRAT?
AndroRAT or Android Remote Access Tool (RAT) allows users to remotely control another phone and access data, contacts, call logs, messages, and files stored on another phone. It also allows you to obtain phone information like IMEI number and phone location. Here’s a full list of features:
You can see all the Contacts and all their information,
Call logs, Messages.
You can access the Location by GPS/Network via Androrat
It’s quite fascinating to know that you can also monitor received messages live, phone state live whether the phone is receiving a call or a call is sent!
Well not only this but also you can give access to the phone to capture photos remotely (Now, that’s awesome tbh)
Now, if you think that’s impressive, here you go with some more features of Androrat…
Stream Sound from the microphone
Streaming Video (for activity based client only)
Do a Toast
Send a Text message
You can also call someone using Androrat!
Open an URL in the default browser
If you are interested in vibrating the phone then Andorat can do this too :P
Things you will need to use Androrat :
You’ll need to download androrat from the link here: Androrat Download File
You will also need a No IP account to download DUC Client, you can create a NO-IP account here
A DynDNS client (we will be using DUC which is NO-IP’s client)
Ever wondered what you should look for while buying a router? Well, security is one of the features that you should look for! Here’s our full guide on Things To Consider While Choosing a Router For Home!
Steps to use Androrat :
- Port forward your router (open port 6667)
- Make an account on No-IP
- Download DUC from the No-IP website
- Open DUC. Log in and click refresh now (important)
- Download Androrat from above link and open Androrat Binder after extracting (Don’t forget to disable your antivirus, Windows Firewall, and Windows Defender)
- In Androrat Binder, switch to No-IP tab and enter your credentials of No-IP
- Then click update (Press update again if it gives you an error on the first attempt)
- Go to build tab (The difference between build and build+bind is that in build only the framework of the malware is created while in build+bind the malware is hidden in the app specified and the victim will not be suspicious of the app)
- In IP, enter your hostname from No-IP. In port, enter the port that you have forwarded in step 1. If you don’t want the app icon to appear in the app drawer then check hidden
- Before pressing the go button, install Java from here even if you have installed it before – Java
- Now press go. You will see a new file “framework.apk” in the Androrat folder. This is the malware your victim needs to install. You can upload the malware on free file sharing sites such as ZippyShare or mail it to the victim
- Open androrat.jar from the Androrat folder. Click on Server->Select Port. And input the port that you forwarded in Step 1. You will need to restart the jar file after this step
When someone installs your malware into their phone, you will see this and will now be able to view their data and do all those functions that are mentioned above.
Notice: This tutorial is for educational purposes only. We are not responsible for misuse of the apk in any way.