Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Clarification #22

Open
DewNohMad opened this issue Feb 7, 2021 · 9 comments
Open

Clarification #22

DewNohMad opened this issue Feb 7, 2021 · 9 comments

Comments

@DewNohMad
Copy link

Hi, I would like to ask how does this library actually work. I've been looking through the codes both app and smsbackdoor folder but don't quite understand how the backdoor work. By now you may have guessed I'm a beginner. I came upon your library hoping it could work for a school assignment of mine.

Once I have downloaded this library and added into android studio and added the necessary code from the "User Instructions". Where does the user information (contacts, call_log, location) get stored at and how do I go about retrieving it.

@evilthreads669966
Copy link
Owner

evilthreads669966 commented Feb 7, 2021 via email

@evilthreads669966
Copy link
Owner

Okay, I'm sorry. Earlier today I thought this was a private discussion over email. I began developing an app named data gun to allow for sending binary sms messages. SmsBackdoor hasn't been tested in terms of actually receiving the messages as I state in another issue. The only thing it does is allow you to listen for binary sms messages over the port you specify. You initialize it in your activity or viewmodel. However, it runs in the background outside the context of your UI. What you do with these messages is implemented in the initialization of it as well. There is no other features to this library involving call log, contacts, or location.

I believe you have mistaken my demo app for the library itself. That is me playing around with developing a RAT. That is nothing more than example code. The data would be stored on a server if you were to actually implement the demo app in the real world. If you would like to use pickpocket library with it then it is up to you where it is stored. You could store it locally on the device or a server. Good luck to you. Check out data gun when I release it.

@evilthreads669966
Copy link
Owner

There is no COMMAND_GET_CONTACTS that is example code

SmsBackdoor.openDoor(this, "666:", payload = myPayload){ remoteCommand ->
    when(remoteCommand){
        "COMMAND_GET_CONTACTS" -> Log.d("SMS BACKDOOR", "WRITE CODE TO GET CONTACTS")
        "COMMAND_GET_CALL_LOG" -> Log.d("SMS BACKDOOR", "WRITE CODE TO GET CALL LOG")
        "COMMAND_GET_LOCATION" -> Log.d("SMS BACKDOOR", "WRITE CODE TO GET GPS LOCATION")
        else -> Log.d("SMS BACKDOOR", "COMMAND NOT FOUND")
    }
}

This is what you actually get as a user of the library

SmsBackdoor.openDoor(this, "666:", payload = myPayload){ remoteCommand ->
    when(remoteCommand){
        
    }
}

@evilthreads669966
Copy link
Owner

If you have any money I can do it all for you. Like if you want a demo RAT for class than I'll take bitcoins or paypal

@evilthreads669966
Copy link
Owner

$350

@evilthreads669966
Copy link
Owner

You don't necessarily need the library either. You could just register a broadcast receiver in a service that listens for DATA_SMS action. Add receive sms permission in manifest and then process the pdu.

@evilthreads669966
Copy link
Owner

I think you'll enjoy my library called pickpocket more. As it seems that your main interest is user data and that is what that library is specifically for.

@evilthreads669966
Copy link
Owner

@linghu258 good luck

@evilthreads669966
Copy link
Owner

casual talk I just discovered broadcast SMS messages and I find it interesting. Since you're doing research perhaps you should look into that as I plan to once I get this sms remote command app developed.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants