-
Notifications
You must be signed in to change notification settings - Fork 210
Page 7. User Manual
- APK Builder
- Configuring Payloads With ngrok
- 🎭 Payload URL Masker
- 👂 Listening
- 🔬 Victims Lab
- Manually Template Original APK Files
To build a standalone AhMyth payload, all you need to do is the following;
-
Launch AhMyth
-
Click the
APK Builder
Tab -
Type your IP address into the Server IP box
-
Type your Port number into the Server Port Box. You can choose any port number between 1024 & 65535
-
Click the Red
⚡|Build
Button
If you face problems while building then consult the AhMyth Troubleshoot Wiki
To use a legit APK as a Template for your next AhMyth payload, all you need to do is the following;
-
In the APK Builder Tab, click the Bind with another APK Check box
-
Click the black Browse APK button and browse for the original APK you want to use a template for your next AhMyth Payload
-
Type your IP address into the Server IP box
-
Type your Port number into the Server Port Box. You can choose any port number between 1024 & 65535
-
Select a Binding Method.
You can choose from two binding methods;
-
On Boot - This method requires the victim device to restart in order for the client to establish a connection to the server upon the infected APK being launched.
-
On Launch - This method establishes connection from the client to the server upon the infected APK being launched at any time after installation, No restart is required for the victim device using this method.
- Click the Green
🔨|Bind
Button.
If you face problems while binding then consult the AhMyth Troubleshoot Wiki
- 01. Launch ngrok with the
tcp
flag followed by your IP address and a port number of your choice, refer to the example below for help.
ngrok tcp 10.0.2.15:4444
- 02. Once you've done step 1, you'll be greeted with a terminal output, you'll want to focus on the section that looks something like the example below.
0.tcp.ngrok.io:19876 => 10.0.2.15:4444
-
03. In the example in Step 2 where it reads
0.tcp.ngrok.io:19876
, this is what your AhMyth Server IP address and Port number will be when we build an AhMyth payload, You'll want to copy0.tcp.ngrok.io
and paste it in the Server IP box in theAPK Builder
and then copy where it reads19876
and paste it in AhMyth Port box. -
04. Go ahead and click the Red
⚡ | Build
or Green🔨 | Bind
button
- 01. Launch ngrok with the
tcp
flag followed by your IP address and Port443
, refer to the example below for help.
ngrok tcp 10.0.2.15:443
- 02. Once you've done step 1, you'll be greeted with a terminal output, you'll want to focus on the section that looks something like the example below.
0.tcp.ngrok.io:19876 => 10.0.2.15:443
-
03. In the example in Step 2 where it reads
0.tcp.ngrok.io:19876
, this is what your AhMyth Server IP address and Port number will be when we build an AhMyth payload, You'll want to copy0.tcp.ngrok.io
and paste it in the Server IP box in theAPK Builder
and then copy where it reads19876
and paste it in AhMyth Port box. -
04. Go ahead and click the Red
⚡ | Build
or Green🔨 | Bind
button
-
Take note that your ngrok terminal outputs will be different to the examples above but the steps will all be the same nonetheless.
-
Take note that when using ngrok for WAN operations, the Victim's Android Device needs to have a strong internet connection.
-
Take note that when using AhMyth for LAN operations, the Server (Attacker) and Client (Victim) machines need to be on the same network.
-
Take note that WI-FI is required on both the Server (Attackers) Side, and the Client (Victims) side for both LAN and WAN operations to work, regardless if you have used ngrok.
One of the newest features to AhMyth is simple URL masker, dubbed the Payload URL Masker because it masks download links to the AhMyth payload in order to remotely install the infected APK.
To use this feature just do the following;
-
Build an AhMyth payload, either a standalone one or Bind with an original APK
-
Upload the AhMyth APK to an anonymous file share website such as Anonfiles
-
Once uploaded, copy the Download Link to the AhMyth APK and paste it into the URL Masking box
-
Input any random website link such as
https://YouTube.com
into the Mask URL box -
Click the black Generate Link button to generate the Masked Payload URL
-
Copy the generated URL displayed in the black Log box, and send it to your Victim.
-
Wait for the victim to open the link and wait for connection
AhMyth is very unique in the sense that it contains a MultiPort Listener which is capable of listening on and receiving multiple connections, from multiple Ports at the same time, all while keeping any of the connections received, alive with one another!
Using the MultiPort Listener is very simple.
- Type the Port number that was used when you built the payload APK
- Wait for the infected APK to be launched/opened on the Victim Device.
Standalone payloads will connect straight away, both on Boot and on Launch!
Bound payloads however, will only connect based on the Binding method you chose.
The Camera option in the Victims Lab, allows the user to snap photos using the Victim Devices camera without a Preview.
It's simple, to snap photos from the Victim Device, just do the following;
-
Click the
Camera Tab
in the Victims Lab -
In the Top-middle of the
Camera Tab
, click the small drop menu to select the Camera you want to snap from.
-
From here, you can choose two options;
- Front Camera
- Back Camera
-
After selecting the Camera to be used, you can go ahead and click the Snap Button.
-
Click the Red Save button at the top of the image holder, to save the the snapped photo.
Do take note that the payload APK must be in use (AKA open and running) for the Camera to work properly, this is not a bug, it's due to One-time Permissions in Android version 9 and up, a way to bypass this will be found for future use!
-
Click the
File Browser
tab next to theCamera
Tab in the Victims Lab, -
Start browsing the Victim Device's storage
-
If you find a file you want to save then double click it, and click the red Save button.
Take note this feature is still beta, as it only grants access to storage/emulated/0/
, this will be updated, so be patient!
To record from the Victim Device Microphone, just do the following
- Input the amount of seconds to record in the Duration box
2 Click the Red Record button to start recording and be patient for the audio to return, the audio will return after the amount of time you inputted to record for, is up.
- Click the Red Save button to save the recording if you wish.
The Geolocation Manager will automatically display the current geographical whereabouts of the victim device while also displaying the Longitude and Latitude of the devices whereabouts in the black Log box.
Take note that the Labs location feature only works when the Victim Device's GPS is turned on.
If the Geolocation Manager fails to find the devices whereabouts, and you know for sure that devices GPS is active, then click the Black Refresh Button, if it still fails then open an Issue Ticket.
The SMS manager has 2 features;
- Sending Messages
- Reading Messages
-
In the "Send SMS" Tab, type out the message to be sent into the Large Blank Message Box
-
Input the Phone Number the message will be sent to, then click the "Send" button
-
Click the "SMS List" Tab within the SMS tab in the Victims Lab
-
Click any of the messages you see to read them
-
Click the Red "Save" button to save the message being viewed if you wish.
The Contacts Manager is very simple, to use the contacts manager just do the following;
-
Click the Contacts Tab in the Victims Lab
-
Click the Red Save Button to save any number you see.