If you need to hack an Android device, try using a remote administration tool. Known as RAT, there are open source RATs that are barebones and exorbitantly rated RATs that are more polished. There are also cheap and polished RATs that are not supposed to be RATs at all, like Cerberus, an anti-theft solution available directly on Google Play.
Cerberus is distributed as an anti-theft product – theft program so that you or the police (with your help) can track your Android phone if it is lost or stolen. However, while phone users see an anti-theft tool, hackers see a RAT that costs only $ 5 a year (about $ 5.80). That's a hell of a lot cheaper than the $ 21
As an anti-theft tool, Cerberus offers all the features we expect from a good RAT, including locating the device, backup (aka stealing)) data, locking or changing the PIN, deleting data and taking pictures. All this and much more can be done from any web browser or by sending special SMS commands.
Other than the super low cost, there are other benefits as well: first, it's available on the Google Play Store, and secondly, it does not require root to get this tool up and running, although it does support certain features such as rebooting and restarting Cerberus is a top-tier company, so it's safe to assume that it logs everything – hackers should take steps to ensure anonymity when accessing the service and the target device. a VPN and a fake MAC address from a public Internet connection will help protect your identity.
If you're a white hat, pentester, or other security expert If you follow this guide, you should Do this on your own device for two reasons:
- It's a good exercise, you want to get there as fast as possible h, if you have the target device in your hand to minimize the chance of catching.
- For some reason, the Cerberus team decided that installing the app should be the only way to create an account. If you do this on your own device, you can skip the account creation part during an attack and make sure your subscription is set up successively.
The first time you create an account, you automatically receive a free seven-day trial that lets you try the features of the app before you pay. If you're only interested in one goal for a particular event, you can save a few bucks and just use the trial. There is no need to pay if you do not have to do this more than once.
First, you must gain physical access to the target Android phone. Without it, you will not be able to install the app without knowing the credentials for the user's Google Account. If you manage to hack the user's Google Account information, you can install the app online on the device in the Play Store. However, this does not change the need for access to the unlocked phone for future steps. To sign in to your Cerberus account
If you do not have the user's Google credentials at hand, you must have physical access to the device and it unlock. Let's take a look at a few scenarios that could help in both accessing and opening up:
- The simplest and most overlooked way is to tell the target something of what you are doing , Open the story a little bit. If the target is part of your family or extremely close, play as if you were installing an anti-theft app on every phone. Neglect to mention that you can use the same app to spy on them. If they are prone to losing their phone or paranoid if stolen, you could actually help them.
- If the target is not closely related, you can rotate it as though you plan to get an X number with your subscription and have some extras. Offer one of these extras to aim. You could even get her to pay you for it. That's the beauty of Cerberus, an anti-theft app – plausible deniability. And if you're ever caught on how to spy on them, it's much easier to play them out, as if you were just worried about them or did not know what you were doing.
Assuming these options did not work, you need to determine if they have a lock on their phone and, if so, what type. If it's a password or a PIN, be conscientious and remember over time, and write it down. If the target uses a pattern, you do the same thing, but you do not necessarily have to perfect it because you can quickly try different variations. You can also analyze the screen patches under a bright light and then align them with the dots displayed for the pattern lock.
If the target uses a face detection lock, you can try holding some sort of image of them and seeing if it unlocks the device. The easiest way is to simply go to your Facebook account on your device and hold it to the phone. However, this does not work if the device uses 3D face recognition. In this case, or if you use a fingerprint lock, it is best if you try to construct it socially to unlock your smartphone. Here are two more examples of how you might do it:
- Show your interest in their brand and their phone model. Suppose you are thinking about buying one.
- If you go into the car with them somewhere, offer help with navigation and say that your own phone has no service or is dead. You can also use SMS as an excuse because you do not want them to write and drive text messages while in the car – offer to do it for them.
Apart from that, the proven is up to you. Real classics when they grab or sleep in the shower. (Tyrell installed a RAT while his lover, aka Evil Corp's assistant to the CEO, was in the shower.) However, once you have physical access to an unlocked device, you can move to the next step  Step 2: Install Cerberus on the target device
Quickly open the Google Play Store and search for " Cerberus Anti-theft". Press "Install" and wait a few seconds to download. Approx. 6 MB file Als Next, tap Open, then Grant Permissions, and tap Allow seven times. With these permissions, you can, for example, B. track the device remotely. Therefore, it is very important that you allow everyone. When you're done, skip the "Battery Optimization" – you can do that later. Right now, you are trying to do all the necessary things as fast as possible, so if you suddenly lose access to the phone, the app still works. Tap "Change System Settings", switch to "On" and press "Finish". If you're on the main configuration page, navigate down and tap either "Back up your files in Dropbox" or "Back up your files on Google" and link the account you want to use to steal the target's data. Scroll on and make sure all the boxes under "Remote wipe" and "Location history" are checked. And that's all you need to do for the bare bones of this attack. You will be able to do things that most people are interested in, such as tracking the phone. However, this is obvious to the target as it receives a notification. In the next steps, we will take care of how to hide the characters.
Quickly open the Google Play Store and search for " Cerberus Anti-theft". Press "Install" and wait a few seconds to download. Approx. 6 MB file
Als Next, tap Open, then Grant Permissions, and tap Allow seven times. With these permissions, you can, for example, B. track the device remotely. Therefore, it is very important that you allow everyone.
When you're done, skip the "Battery Optimization" – you can do that later. Right now, you are trying to do all the necessary things as fast as possible, so if you suddenly lose access to the phone, the app still works. Tap "Change System Settings", switch to "On" and press "Finish".
If you're on the main configuration page, navigate down and tap either "Back up your files in Dropbox" or "Back up your files on Google" and link the account you want to use to steal the target's data. Scroll on and make sure all the boxes under "Remote wipe" and "Location history" are checked.
And that's all you need to do for the bare bones of this attack. You will be able to do things that most people are interested in, such as tracking the phone. However, this is obvious to the target as it receives a notification. In the next steps, we will take care of how to hide the characters.
Step 5: Hide Notifications on the Target Device
It's pretty easy to hide Cerberus notifications on Android. Long press on the Cerberus app icon on the home screen or in the app tray, tap "App Info", then tap "Notifications" and uncheck "Show notifications." Alternatively, you may be able to manually navigate to the "app information" on older Andriod devices, for example, by going to "Settings" and then "Apps" and then "Cerberus."
This prevents the target from receiving notifications. You perform Cerberus actions, such as location tracking.
Once you've done that, the app is pretty secretive – most people will not notice another app buried in their app folder, especially with the number of bloatware Apps that are available on cell phones these days. If for any reason there is a shortcut on the home screen, tap and hold it, then drag it to Remove.
If time permits, you can do even more things to make them even fainter
While doing the " App Information ", tap" Data Usage "and then" Unlimited Data Consumption. " Next, go back and tap on "Battery usage". Tap on "Battery Optimization", search for "Cerberus" in the available lists, tap on it and select "Do not optimize" and then "Done".
If you change these two settings, you can easily handle large amounts of data, such as pictures and exfiltrate files. In addition, data restrictions are guaranteed and battery optimization will never cause you any problems.
For example, you may have problems if the device of the target device is flat and silent for more than a few minutes, in this case Doze The mode turns on. The device is looking for ways to save power, including Cerberus app services, that will prevent you from tracking the destination.
Step 7: Avoid Removing Cerebrus (Optional)
If you really have a lot of time with the device, for example, more than an hour, you can turn the Cerberus app into a system app and prevent that from happening User removes them, even if reset to factory defaults. It must be a rooted device, or you will need to roaster it, so I say an hour or more of time.
For those of you who have time and want to make sure the goal can never come free from this RAT, just before buying a new phone, this step is highly recommended. Dallas from Gadget Hacks has already gone through the options available for this process. Therefore, read complete instructions from step 3 to convert Cerberus to a system app.
Step 8: Return the target device as received
Everything is done on the phone side of things. Try resetting the device to the same screen it was when you lifted it and returning it to the same place you found it. It is unlikely that a user would notice, but you can never be too careful.
You can now take control of the target device. Open the Cerberus website and use your credentials in the upper-right corner.
Once you log in, Cerberus will immediately try to connect to the devices associated with your account. If the device is not displayed, the most likely reason is that the device is off or has no data / Wi-Fi service, so be patient
On the right side you can see a log that will be sent with all and received commands. When the device is connected, it will be displayed in the log and its location will be displayed on the map.
It is important to note that this location is not always accurate. Above all, there are the natural limits of GPS and Cerberus is kind enough to give you this accuracy estimate. However, remember that it is the location where the phone thinks. That is, if the user of the device is the type of person using a GPS spoofing app, the actual location of the device is not displayed, only the location where the user is spoofing.
On the left side you will find the drop-down menu for the command. It does not tell you immediately which options are available and which are not, based on the settings and root status of the device. So you need to play around with a couple by clicking on it in the drop-down menu and then selecting "Send command" If you want to check the in-app settings or forget to change them during setup, click "Change app settings" and "send command".
The last thing you want to do is hide the app so the target can not just stumble over it. It is unlikely that you would notice if you did not, but it is best practice to do it anyway. From the Command drop-down list, select Hide from App Drawer, then choose Send Command. If you scroll through the list of all your apps, Cerberus will not show up.
Bonus: Take control of the target device via SMS texts  Cerberus has the ability to send any of his commands via SMS to the app on the To send the target device. Send a text to the phone number of the destination starting with cerberus spaces, your password and a command. This feature is useful if the device has a cellular service but no data service.
Listed below are some of the most useful commands. Note that these SMS texts are not hidden so the user will see them and will probably find out what's going on. This is more fun, and may be useful for those who actually use it for theft.
find cerberus password (to find the device) cerberus password startemergency hours (for any number of hours to locate) cerberus password screenshot (to get a screenshot and send it to your e-mail address) cerberus password capture video (to record a video and send it to your e-mail address) Cerberus password speak text (to let the device speak a message) cerberus password alarm text (to display a message and trigger a loud alarm) Clear cerberus password (to clear device memory)
How to protect yourself from Android RATs
There are only a few basic guidelines that you can follow to prevent anyone from doing this type of attack on you , First and foremost, lock your phone.
- If you're using one of the last two generations of flagship Android phones, then the fingerprint sensor is your best option. They are usually fast and reliable and offer the best security.
- Fingerprint sensor not an option? Try to avoid facial recognition unless it is 3D capable, otherwise the attacker can simply display a picture of your face in front of the phone and unlock it.
- Patterns are equally useless because an attacker can easily analyze your cell phone spots, bright light and a good idea of the pattern to unlock it.
- Your next best option besides fingerprint scanner or 3D facial recognition software is to use at least a six-digit PIN, preferably a full password. Second, do not let anyone touch your phone for any reason. It is quite difficult for someone to download a RAT if they can not touch the phone. Also, always try to keep your phone within sight even if you're in the shower or the phone is charging.
Remember an attacker might try to get you to download a malicious code APK from them, as always, be careful what you type on your phone and suspect unknown sources immediately.
If you have questions, you can ask here or on Twitter @The_Hoid .