Blog


Bad Guys - Android: how steal the contact list

Through Meterpreter for Android we can do many operations, but why not learn to do them manually?
We are programmers!

Requirements:
- Need to know how to program Android and Java
- Android Studio
- Malicious web Server

Let's see the finished code:
activity_main.xml
image

AndroidManifest.xml
image

MainActivity.java
image

image

image

image

Make apk file and download it to your android device; this app shows contact list, but meanwhile sends
your contact list to my malicious web server!

data.php
image

Users should be careful to read the permissions of the app,
but a hacker can simply create an app that uses all the permissions on the user side and
in the meanwhile send the information to his server!

Study hard :)