Home
|
|
| Creator: | Ahmed Al "AhMyth" Hadjri |
| Maintainer: | Morsmalleo |
| First Release: | 1.0-beta.1 |
| Latest Release: | 1.0-beta.5a |
| Server OS: |
|
| Client/Payload OS: |
|
| Language(s): |
|
| Framework(s): |
|
| Library / Runtime: |
|
AhMyth is a powerful open-source Remote Administration Tool that can be used to access informational data from an Android device. Through it, an attacker can access critical information such as the current geographical location of the device being attacked. In advanced use cases, it can be used to hack the victim’s microphone, launch recordings, get camera snapshots, and also read personal messages on the attacked device.
As a remote administration tool, AhMyth has two parts which enable it to effectively perform its functions. It has a server-side which acts like a desktop application that is built with electron framework which is based on Node.js & Chromium and is used by the Atom editor and many other apps. The server side is used by the attacker as the control panel through which connections are made to the AhMyth software that is installed on the victim’s Android device. The client-side of AhMyth, which is written in smali, works as the Android application and can be used as a backdoor.
AhMyth was designed with a GUI interface which makes use of HTML & CSS to render its Tabs, as well as JavaScript to allow the user to control the GUI and its functions, making AhMyth one of the easiest RATs to use.
For this tool to be used to carry an attack, the client-side must be installed on the targeted Android device. Upon successful installation as well as launch by the victim, the attacker will be able to have a view of the victim's device from the tool's target menu. After this, the attacker simply selects a favorable port from which an attack can be launched and begins to listen on the targeted Android device.
When deployed on a target device this tool can be used to access personal information such as the victim's passwords and call logs. The attacker can also gain access to the victim's browser cookies and know the web pages that have been visited using the device. Apart from allowing an attacker to view the victim's personal messages, AhMyth can also enable messages to be sent from the victim's Android device to another phone without the consent of the victim.
| APK Payload Binder | Capable of backdooring original APK files (with some exceptions) using methods similar to Metasploit’s msfvenom -x template for APKs. |
| File Manager | View and browse the target device’s file system, including firmware. |
| Remote Mic & Camera Access | Snap pictures without preview and record audio remotely from the victim’s device. |
| Call Logs Access | Retrieve and view the victim’s call history. |
| SMS Access | Read and send SMS messages from the target device. |
| Device GPS Location | Track the victim’s geographical location in real time. |
| Supported Operating System & Distributions | Version / Distribution |
|---|---|
| Windows | 10 |
| 11 | |
| Linux | Debian |
| Ubuntu | |
| Mint | |
| Kali | |
| Parrot OS | |
| Arch Linux | |
| BlackArch Linux | |
| Manjaro Linux | |
| macOS | Catalina |
| Big Sur | |
| Monterey |