Androrat is a client/server application developed in Java Android for the client side and in Java/Swing for the Server.

The name Androrat is a mix of Android and RAT (Remote Access Tool).

It has been developed in a team of 4 for a university project. It has been realised in one month. The goal of the application is to give the control of the android system remotely and retrieve informations from it.

Technical matters

• The android application is the client for the server which receive all the connections.
• The android application run as a service(not an activity) that is started during the boot. So the user does not need to interact with the service (Even though there is a debug activity that allow to configure the IP and the port to connect to).
• The connection to the server can be triggered by a SMS or a call (this can be configured)

By successfully running the tool one can get the following details of the victim.

• Get contacts (and all theirs informations)
• Do vibrate the phone
• Get call logs
• Open an URL in the default browser
• Get all messages
• Send a text message
• Location by GPS/Network
• Do a toast
• Monitoring received messages in live
• Streaming video (for activity based client only)
• Monitoring phone state in live (call received, call sent, call missed..)
• Stream sound from microphone (or other sources..)
• Take a picture from the camera

Software to download to start hacking with AndroRAT

You can Download the AndroRAT from here : LINK

Router Port Forwarder (If you are using a wireless router) Download it from here : LINK

Add an android device to deploy the package.

Here are Steps to follow if you are using a wireless Router

Install Router Port Forwarder in your PC.

The Software is designed to detect your Router model number and display’s it.

Now in the “Port forwarding” tab click “Add“.

• In the next window enter the name of the port as you like, leave the protocol as tcp, enter the port you would like to open (Ex. 8080,1234,4444…).
• And finally the internal ip address.
• To know your internal IP address open Start > Run, and then enterncpa.cpl, this opens active network connections.(you must be connected to the internet)
• Right click on the connected network and click status and then clickdetails.
• In the details windows check the Ipv4 address, it should be something like 192.168.XX.XX.

How to deploy a Package

• Download the AndroRAT zip and install it.
• Download a game like Temple Run or Mini Militia to which you can bind the AndroRAT to it.
• Open the extracted folder and then run the application AndroRat Binder.
• just like shown below

• Once you have successfully installed the result apk that was generated by AndroRat, you can control the victim’s Android device through a well designed GUI.
• In the AndroRat folder, again open the AndroRat folder.
• In that folder you will find a java application named “AndroRat“.
• When you open it for the first time, allow the firewall exception for the application.

• Click on the Server at the top and enter the port which you have opened before.
• Now Restart the Application and the applications starts listening to the new port.
• In the App Dashboard you will find a list of devices connected to the internet.
• Double click in the device your want to access which will open a window with built in controls.

Note: 

• If the application does not work and no devices are listed in the AndroRat application, try building just the Hacking application instead of binding it other application.
• For the users who are using wireless routers, port forwarding is a must.
• Before trying it on others devices try it on your own Android first.
• Turn off the Anti-virus before extracting the AndroRat zip which you have downloaded.
• If possible turn off Firewall too.
• Make sure you have a Good internet connection.