Bypassing Android Permissions Android Payload

Muhammad Faizan
3 min readSep 20, 2020

--

Android Auto Permissions

Android permissions are based on Unix permission system. Before we get into detail let’s see that how Android permissions work.

so basically when we install an application in our Android device it will show you all permissions that are required. But this thing only work in Android 5.0 and the below one’s.

Bypassing Android Permissions

Bypassing Android permissions is one of the most challenging part for hackers. As after Marshmallow 6.1 update Android changes privacy bi disallowing applications to gain access of any kind of API permission such as camera microphone calls API.

How to Auto Allow Permissions ? Why we need this !

But as far if you look back on lollipop 5.1 or older versions of Android. The application is automatically set to allowed. There is just a pop up info during installation of that app. So all we need to do is downgrade our payload apk to Android SDK version 20 and api level 18. So that application installer thinks that it was a later version of application.

Grant All Permissions to Apk

Grant all permissions to apk. Apk must be minimum sdk 10 and maximum 20 or 18

If you set the minimum amount of SDK at 10 and the target SDK version to 18 are 20 then the application have access to auto allow all the permission but still it will ask the user to click allow for the first time in installation.

Here is a picture of SDK version the minimum and maximum target. This picture was taken as a screenshot of Apk Editor Pro.

Enable Android Permissions Automatically in Android Payload

who use auto permission. Of course auto allow permission use for accessing Android Data. The new version of Marshmallow as auto allow permission was automatically denied by the Google so hackers and Spiers in worry as they don’t have any access to victim data thats why they want to allow auto permission to their payload or fud persistent apk.

In short Big disadvantage of this feature for hackers. It is also help the end user to protect their data .

Android Payload Auto Allow Permissions Using Apk Editor Pro

And change app icon name and sdk version

--

--

Muhammad Faizan
Muhammad Faizan

No responses yet