Want to put a "call home" or RAT on my laptop, phone

[drbombay]

I'm new at this so bear with me.

I'm looking for a Remote Admin/Access Tool that I can install on my own laptop in case it's lost of stolen. Not completely sure how RAT's work, but from what I've seen it can give me remote access to my own machine if it's stolen and connected to the internet.

I'd also like to install the same on one of my Android phones. Something that would "call home" when it connects to the internet to give me access to it and it's location.
For extra credit, can I put a PC RAT on the same phone that auto installs when the phone is plugged into a computer?

 

I've lost a few phones and a tablet over the years, and it just pisses me off to know someone is using my stuff. The Google device manager and other programs are kind of weak because you never really know if your device was wiped, or bricked. So i figure I'd go a different rout and try to install something that can't be bypassed, or disappears if they do a factory reset.

I know that's a lot of questions. Any help or a point in the right direction would be helpful.

Thanks

Edited June 11, 2017 by drbombay

[digip]

They make LoJack for laptops and phones, but it's not free. https://lojack.absolute.com/en

If you want remote access, you could try a solution like a VPN that auto connects to your own servers with a DynDNS update on each boot, and then set it up with SSH or such to remote into them. So long as they always connect back through you on boot, then you should be able to see what IP and location it is at all times. Just need to set this up in a way that always proxies through your own server or network. For phone, not sure what people use, but if it's rooted, then same deal, SSH with VPN/proxy configured to always connect back through your network at home with a DynDNS update to keep it's IP trackable. Then if stolen, you can remote in and wipe the device(s), shut them down, or track, etc.

There are other paid solutions as well, but we don't really call these RATs(remote admin tool) any more as a RAT generally refers more to malware when people use the term, although the context of use is similar. RAT tools generally are unwanted, caused from a virus or malware infections that cause harm on a system or device.

[drbombay]

Thanks. Will do some Googling on what you've suggested.

[drbombay]

Found some open source solutions that look as if they'll work for my purposes.Since they're my machines I have access to install them.  I guess now I need to figure out how to hide a script that will reinstall from a repository even if the phone is factory reset. 

On a laptop that may be harder since replacing the hard drive would take everything with it. Maybe hiding a script in the bios?

Maybe something with the Mac address or device ID?

The hunt continues.

Edited June 11, 2017 by drbombay

[digip]

With laptops, if they wipe the machine, nothing you can do, even same with a phone. Some of the tools out there, can lock them down pretty well and keep normal users out but at the end of the day, if they pull a HDD and go new one, no finding it short of hardware that calls home, which I don;t know of any that can do that. You're more than likely going to install something as admin on windows side. If linux, you're going to use some sort of cron job and scripts that on boot, start SSH and DynDNS update the IP for you and then call home. Phones, same deal, install the tools, let them do the work. If someone wipes it, not much you can do, but some apps, if installed on a rooted phone, may be able to prevent a factory reset short of overwriting a rom which not much you can do at that point. Best you can hope for, is remotely catching and then remotely wiping to safeguard your data, if not track it down to go and get it back.

[drbombay]

So I'm spit balling here.

With the phone a thief can't swap out the hard drive. So that gives me some leverage. And also assuming that not every thief is a technical mastermind past resetting the phone. Most just factory reset, and swap out the sim card.

So, maybe I could partition the SD card, hide the partition (or password protect it),  and then program something on the card that looks for the installed RAT when the phone is restarted and if it's missing re installs it?
But they could just remove the sd card. So what about some good old fashioned gorilla glue? It's hard enough to get out as it is, a drop of glue would make it impossible.

Again, I know there's no full proof method and of course you can't stop the pros. I'm just looking to make it as hard as possible for the amateurs. I'd rather them give up and chuck the phone, than the thought of someone just taking it and using it as their own.

Edited June 12, 2017 by drbombay

[digip]

I wouldn't go through extremes trying to glue in the SD card. Most apps can install directly to the phone, which don;t have to live on the sd card. I don't even have an SD card in my phone, but that limits space on the phone, which is a PITA if you do a lot of photos on the phone. My android phones that I've owned have always given me the option to install to SD or phone, but I don't own an iPhone so not sure how those work. The Tracking programs usually have some level of protection, but depends on the tools. Prey for example works across multiple devices https://www.preyproject.com/ and offers data recovery as well as remote wipe and lock.

Best thing to do is search for known tools, compare features and device compatibility, read reviews and ratings, and then work out which one does the most of what you need for your budget.

[drbombay]

I have tools. Google device manager, Avast Mobile, Lookout, and I've used a few others. The problem is, do we really ever know if they work once the phone is no longer in your possession?

I've lost 3 phones over the years, and pressed that button to wipe, or factory reset, or brick it and never really know if it did it, or if my phone is across town now with a prepaid sim in it. Lost a tablet in a cab once, again, never really sure it was wiped or if the cabbie just got a new tablet that he just signed on with his own account.

Part of this is experimentation, i also have an old phone that I'd like to drop ( like a USB drop) to see where it goes, as a test.

Your feedback has been helpful. Thanks.

[digip]

Quote

I have tools. Google device manager, Avast Mobile, Lookout, and I've used a few others. The problem is, do we really ever know if they work once the phone is no longer in your possession?

Well, testing this is probably worth doing, before putting important things on the device, but try locating the phone with some of those tools, and also seeing if it gets the right location. Test it in different places, as someone in a city might show better or worse triangulation from the apps. Also try remote wiping, seeing which apps do what they say in regard to remote wipe, lock, etc. You'll only know by actually testing it yourself. Waiting to have it happen to test, probably isn't the ideal way to do this.

[Acetroubleshooter]

Cerberus for mobile check it out has all types of functionality

[Dave-ee Jones]

Aerohive has an interesting thing with their hardware. Their routers, switches and APs phone home constantly, even when factory reset, so they can get their pre-configured data from the Aerohive database. How does the database know what data that one router is getting in the billions of them? Well, it grabs the S\N and MAC address. You could do something similar. 

One thing could be having some kind of background ROM that acts as a virtual machine so when you're running Android OS in there the thief doesn't realise that when they factory reset it they are only really factory resetting a VM that's above a ROM (the actual OS). Pretty clever and they won't even know until they do a hard look, depending on how you got the ROM there in the first place.

[digip]

Other than chroot scripts for phones, like what you would do with say, Kali NetHunter, what phone do you know of that runs virtual OS's or Virtual ROM's on them? I never heard of a virtual machine on a phone before, but then again, I've never really looked into it.

[drbombay]

12 hours ago, Dave-ee Jones said:

Aerohive has an interesting thing with their hardware. Their routers, switches and APs phone home constantly, even when factory reset, so they can get their pre-configured data from the Aerohive database. How does the database know what data that one router is getting in the billions of them? Well, it grabs the S\N and MAC address. You could do something similar. 

One thing could be having some kind of background ROM that acts as a virtual machine so when you're running Android OS in there the thief doesn't realise that when they factory reset it they are only really factory resetting a VM that's above a ROM (the actual OS). Pretty clever and they won't even know until they do a hard look, depending on how you got the ROM there in the first place.

This sounds like it's doable. Seems like if I have full access to the phone I should be able to alter the OS. Especially for older phones that are not getting Android updates anymore. Again, there's also that SD card.

Edited June 14, 2017 by drbombay

[digip]

I wonder, can you make an encrypted SD card, that also has boot info on it. Like the password/unlock data on the SD card, so phone can't boot without it. If someone removes it, the phone essentially becomes a brick, and since they don't know the password(if booting off of an encrypted disk that does the login process)then no real way to get in. This assumes you can completely root and mod the phone to boot custom code with an encrypted filesystem like LUKS on the phone with the boot manager on the SD card, but this is purely hypothetical, no clue if that is possible. Would make phones much more secure if they could have an EFS setup to begin with.

[Dave-ee Jones]

It's possible. When you boot from the SD card it could first boot into a login screen to decrypt the SD card's data first (assuming you got the password right). Then once you've done that it'll unlock the SD card and boot properly into Android, with which you could have a lock screen as well :P