Skip to content

Page 7. User Manual

Jump to bottom
Morsmalleo edited this page Jan 8, 2023 · 27 revisions

Table of contents

APK Builder

🐞 Standalone Payload

To build a standalone AhMyth payload, all you need to do is the following;

  1. Launch AhMyth

  2. Click the APK Builder Tab

  3. Type your IP address into the Server IP box

  4. Type your Port number into the Server Port Box. You can choose any port number between 1024 & 65535

  5. Click the Red ⚡|Build Button

If you face problems while building then consult the AhMyth Troubleshoot Wiki


🪲 Template an Original APK

To use a legit APK as a Template for your next AhMyth payload, all you need to do is the following;

  1. In the APK Builder Tab, click the Bind with another APK Check box

  2. Click the black Browse APK button and browse for the original APK you want to use a template for your next AhMyth Payload

  3. Type your IP address into the Server IP box

  4. Type your Port number into the Server Port Box. You can choose any port number between 1024 & 65535

  5. Select a Binding Method.

You can choose from two binding methods;

  • On Boot - This method requires the victim device to restart in order for the client to establish a connection to the server upon the infected APK being launched.

  • On Launch - This method establishes connection from the client to the server upon the infected APK being launched at any time after installation, No restart is required for the victim device using this method.

  1. Click the Green 🔨|Bind Button.

If you face problems while binding then consult the AhMyth Troubleshoot Wiki

Configuring Payloads With ngrok

📶 LAN OPERATIONS (Your Own/Current Network)

  • 01. Launch ngrok with the tcp flag followed by your IP address and a port number of your choice, refer to the example below for help.
ngrok tcp 10.0.2.15:4444
  • 02. Once you've done step 1, you'll be greeted with a terminal output, you'll want to focus on the section that looks something like the example below.
0.tcp.ngrok.io:19876 => 10.0.2.15:4444

  • 03. In the example in Step 2 where it reads 0.tcp.ngrok.io:19876, this is what your AhMyth Server IP address and Port number will be when we build an AhMyth payload, You'll want to copy 0.tcp.ngrok.io and paste it in the Server IP box in the APK Builder and then copy where it reads 19876 and paste it in AhMyth Port box.

  • 04. Go ahead and click the Red ⚡ | Build or Green 🔨 | Bind button


🌍 WAN OPERATIONS (Global)

  • 01. Launch ngrok with the tcp flag followed by your IP address and Port 443, refer to the example below for help.
ngrok tcp 10.0.2.15:443
  • 02. Once you've done step 1, you'll be greeted with a terminal output, you'll want to focus on the section that looks something like the example below.
0.tcp.ngrok.io:19876 => 10.0.2.15:443

  • 03. In the example in Step 2 where it reads 0.tcp.ngrok.io:19876, this is what your AhMyth Server IP address and Port number will be when we build an AhMyth payload, You'll want to copy 0.tcp.ngrok.io and paste it in the Server IP box in the APK Builder and then copy where it reads 19876 and paste it in AhMyth Port box.

  • 04. Go ahead and click the Red ⚡ | Build or Green 🔨 | Bind button


When using ngrok with AhMyth you should...

  • Take note that your ngrok terminal outputs will be different to the examples above but the steps will all be the same nonetheless.

  • Take note that when using ngrok for WAN operations, the Victim's Android Device needs to have a strong internet connection.

  • Take note that when using AhMyth for LAN operations, the Server (Attacker) and Client (Victim) machines need to be on the same network.

  • Take note that WI-FI is required on both the Server (Attackers) Side, and the Client (Victims) side for both LAN and WAN operations to work, regardless if you have used ngrok.

🎭 Payload URL
Masker

One of the newest features to AhMyth is simple URL masker, dubbed the Payload URL Masker because it masks download links to the AhMyth payload in order to remotely install the infected APK.

To use this feature just do the following;

  1. Build an AhMyth payload, either a standalone one or Bind with an original APK

  2. Upload the AhMyth APK to an anonymous file share website such as Anonfiles

  3. Once uploaded, copy the Download Link to the AhMyth APK and paste it into the URL Masking box

  4. Input any random website link such as https://YouTube.com into the Mask URL box

  5. Click the black Generate Link button to generate the Masked Payload URL

  6. Copy the generated URL displayed in the black Log box, and send it to your Victim.

  7. Wait for the victim to open the link and wait for connection

👂 Listening

AhMyth is very unique in the sense that it contains a MultiPort Listener which is capable of listening on and receiving multiple connections, from multiple Ports at the same time, all while keeping any of the connections received, alive with one another!

Using the MultiPort Listener is very simple.

  1. Type the Port number that was used when you built the payload APK
  2. Wait for the infected APK to be launched/opened on the Victim Device.

Standalone payloads will connect straight away, both on Boot and on Launch!

Bound payloads however, will only connect based on the Binding method you chose.

🔬 Victims Lab

📷 Camera Manager

The Camera option in the Victims Lab, allows the user to snap photos using the Victim Devices camera without a Preview.

It's simple, to snap photos from the Victim Device, just do the following;

  1. Click the Camera Tab in the Victims Lab

  2. In the Top-middle of the Camera Tab, click the small drop menu to select the Camera you want to snap from.

  • From here, you can choose two options;

    • Front Camera
    • Back Camera

  1. After selecting the Camera to be used, you can go ahead and click the Snap Button.

  2. Click the Red Save button at the top of the image holder, to save the the snapped photo.

Do take note that the payload APK must be in use (AKA open and running) for the Camera to work properly, this is not a bug, it's due to One-time Permissions in Android version 9 and up, a way to bypass this will be found for future use!

📂 File Manager

  1. Click the File Browser tab next to the Camera Tab in the Victims Lab,

  2. Start browsing the Victim Device's storage

  3. If you find a file you want to save then double click it, and click the red Save button.

Take note this feature is still beta, as it only grants access to storage/emulated/0/, this will be updated, so be patient!

🎙️ Microphone Manager

To record from the Victim Device Microphone, just do the following

  1. Input the amount of seconds to record in the Duration box

2 Click the Red Record button to start recording and be patient for the audio to return, the audio will return after the amount of time you inputted to record for, is up.

  1. Click the Red Save button to save the recording if you wish.

📍 Geolocation Manager

The Geolocation Manager will automatically display the current geographical whereabouts of the victim device while also displaying the Longitude and Latitude of the devices whereabouts in the black Log box.

Take note that the Labs location feature only works when the Victim Device's GPS is turned on.

If the Geolocation Manager fails to find the devices whereabouts, and you know for sure that devices GPS is active, then click the Black Refresh Button, if it still fails then open an Issue Ticket.

📝 SMS Manager

The SMS manager has 2 features;

  • Sending Messages
  • Reading Messages

Sending Messages:

  1. Input the message to be sent into the Large message box

  2. Input the number the message will be sent to, then click the Send button

Reading Messages:

  1. Click the Read Tab within the SMS tab in the Victims Lab

  2. Click any of the messages you see to read them

  3. Click the Red Save button to save the message being viewed if you wish.

👥 Contacts Manager

The Contacts Manager is very simple, to use the contacts manager just do the following;

  1. Click the Contacts Tab in the Victims Lab

  2. Click the Red Save Button to save any number you see.

Coming Soon

Coming Soon

Information

Source Code Setup

Binary Setup

Clone this wiki locally