WEB端Android控制台搭建与总结
作者:Adil | 发布时间: | 更新时间:
相关阅读
data-postsbox="{"id":2373,"title":"【视频教学】如何远程控制任何安卓设备?","author":"FancyPig","author_id":1,"cover_image":"","cover_video":"","views":21850,"comment_count":1000,"category":"sg","is_forum_post":false}">{"id":2373,"title":"【视频教学】如何远程控制任何安卓设备?","author":"FancyPig","author_id":1,"cover_image":"","cover_video":"","views":21850,"comment_count":1000,"category":"sg","is_forum_post":false}
data-postsbox="{"id":9833,"title":"如何远程控制任意安卓设备2.0(androRAT)","author":"FancyPig","author_id":1,"cover_image":"","cover_video":"","views":9228,"comment_count":32,"category":"knowledge","is_forum_post":false}">{"id":9833,"title":"如何远程控制任意安卓设备2.0(androRAT)","author":"FancyPig","author_id":1,"cover_image":"","cover_video":"","views":9228,"comment_count":32,"category":"knowledge","is_forum_post":false}
data-postsbox="{"id":11280,"title":"Metasploit框架远程控制入侵手机教程","author":"FancyPig","author_id":1,"cover_image":"","cover_video":"","views":6128,"comment_count":296,"category":"knowledge","is_forum_post":false}">{"id":11280,"title":"Metasploit框架远程控制入侵手机教程","author":"FancyPig","author_id":1,"cover_image":"","cover_video":"","views":6128,"comment_count":296,"category":"knowledge","is_forum_post":false}
data-postsbox="{"id":12044,"title":"如何通过一个exe文件远程控制整台计算机?","author":"FancyPig","author_id":1,"cover_image":"","cover_video":"","views":4428,"comment_count":16,"category":"knowledge","is_forum_post":false}">{"id":12044,"title":"如何通过一个exe文件远程控制整台计算机?","author":"FancyPig","author_id":1,"cover_image":"","cover_video":"","views":4428,"comment_count":16,"category":"knowledge","is_forum_post":false}
data-postsbox="{"id":14901,"title":"搭建web端远控平台 自带免杀功能","author":"Adil","author_id":292,"cover_image":"","cover_video":"","views":6102,"comment_count":25,"category":"vip","is_forum_post":false}">{"id":14901,"title":"搭建web端远控平台 自带免杀功能","author":"Adil","author_id":292,"cover_image":"","cover_video":"","views":6102,"comment_count":25,"category":"vip","is_forum_post":false}
data-postsbox="{"id":11572,"title":"使用Quasar远控Windows设备","author":"Adil","author_id":292,"cover_image":"https://static.pigsec.cn/wp-content/uploads/2022/03/20220317004620432.png","cover_video":"","views":4242,"comment_count":44,"category":"knowledge","is_forum_post":false}">{"id":11572,"title":"使用Quasar远控Windows设备","author":"Adil","author_id":292,"cover_image":"https://static.pigsec.cn/wp-content/uploads/2022/03/20220317004620432.png","cover_video":"","views":4242,"comment_count":44,"category":"knowledge","is_forum_post":false}
项目简介
L3MON是一个基于web端的远程安卓管理套件,可以通过web端管理以下资料访问:
手机短信(可从云端收发短信)
- 通话记录、通话时长
- 手机系统的文件
- 手机安装的程序
- GPS定位
- 浏览器页面访问记录
视频示例(搬运)
项目搭建
- 程序下载:
- 环境准备(windows,如果你是使用linux,请参见百度对应系统的环境安装)
- node环境:
- java环境(必须1.8):
- 开始安装
-
npm install pm2 -g<- 安装node保护程序 - cd 路径/L3MON <- 进入程序包
-
npm install<- 安装依赖 -
pm2 start index.js<-- 启动脚本 -
pm2 startup<- 在启动时运行 L3MON
-
- 配置程序
- pm2 stop index
-
maindb.json在文本编辑器中打开 - 设置账号密码
在admin项下:
- 设置`username`为纯文本
- 设置`password`为 小写32位 MD5 哈希
(找一个md5加密站,填写实际密码,转换32位MD5小写字符串填写)
-
pm2 start all<-启动程序 - 在您的浏览器中导航到
http://<SERVER IP>:22533
使用截图(实操)
设备管理
短信管理
文件管理
安卓端截图
- 安装报毒(建议使用
- 注意授权(权限全开)
-
后台权限使用情况(程序不出现桌面,默认隐藏自启动)
总结
本项目因为危害较大,已被各大手机厂商标记。故而安装需要输入手机密码方才能强制安装。同时,我们也可以通过其后台权限调用情况,大致获知目前大多安卓程序的严重信息违规问题。譬如许多程序都向您要求了太多非必要的手机权限,这极有可能造成您的信息被随意使用。
后续如果要对本程序进行处理的话,可以考虑加壳绕过杀软及手机厂商的标记,以达到成功上线的目的。但,也因为目前手机内较为严格的自启动管理服务,该项目的实际攻击意义不大。用以权限使用示例教学倒是一个不错的示例!
- 个人搭建的控制台:
- 安卓木马程序: (普通下载后其实没啥事,只要不授予权限就好!)
- 文章源: