HaxRat is a cloud based remote android management suite in simple word it is a Android RAT, powered by NodeJS. It works in Linux and Termux (Android).

Installing HaxRat on Kali Linux

The installation process is the same as we did in our L3MON tutorial. We have detailed discussion on our that post So we are not going to explain the commands.

First we install JRE in Kali by using following command:

sudo apt-get install openjdk-8-jre

Then we download NodeJs in our system by applying following command:

curl -sL https://deb.nodesource.com/setup_13.x | sudo bash -

Now we install NodeJs by preceding following command:

sudo apt-get install -y nodejs

Now we need pm2 process manager to install this we use following command:

sudo npm install pm2 -g

Now we clone haxRat from it’s GitHub repository by using following command:

git clone https://github.com/Hax4us/haxRat

Then we navigate to server directory under haxRat by using cd command:

cd /haxRat/server

Then we need to install dependencies by using following command:

npm install

Then we start the server by using following command:

node index.js

Now we can see our server in our browser http://localhost:22533 there will be a login page as following screenshot:

Now we stop this server by using CTRL+C command. Now what to do ? Login ? But where are the credentials? We have talked before how to create a custom credential on our older L3MON tutorial. Otherwise check the haxRat GitHub repository for default credentials.

After login we can see the main page as shown in the following screenshot:

Now we go to the APK Builder page and give our local IP address and click on build.

If got error like “Wrong java Version installed…..” this when building APK then try following command:

sudo update-alternatives --config java

Then Then we type 2 and enter.

Then we stop our running haxRat server by CTRL+C and start it again this problem will be solved.

Now we can build Spy APK and send it to victim, whenever victim install it and grant the permission. Or if we got victim’s phone in hand then we can implement this.

We got the victim in our haxRat dashboard like following screenshot:

Now in the manage section we can manage the Android device totally. Magics will start from here.

Installed Android Apps

File Manager

Recording from front Camera

Installing HaxRat on Android (using Termux)

This is easy to installed in Termux. We try following commands one after another to install and configure haxRat.

apt install nodejs

git clone https://github.com/hax4us/haxRat.git

cd haxRat/server

npm install

mkdir ~/haxrat

haxrat

node index.js

In our browser we navigate to http://<Local IP>:22533 and we will be the login screen of haxRat

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

HaxRat : cloud based remote android management suite

Installing HaxRat on Kali Linux

Installing HaxRat on Android (using Termux)

Leave a Comment Cancel Reply