Removes the android Trojan Horse

Today, someone in the Group sent me an Android mobile phone text message blocker Trojan. Ask me if I want to buy it. So I cheated on the test ..

First, a URL is found, and penetration begins.

This is the homepage disguised as a silly site
We will continue to look at some measures (this will not be announced here)
We got his background.
He is from wordpress.
Let's continue reading
After reading the story, we chose a user-defined template that is easier to use.
This is because Php is embedded at the bottom of the home page, but the php path is not found at the beginning.
Therefore, echo _ FILE __; is used to obtain the path.
Then write a sentence to connect

After entering, we were not interested in his code. The only thing that attracted us was his database. The author of this trojan was cool and uploaded all the client's text messages to the server, no morality

Through the PHP code, we found the connection address and account password of Mysql and connected it
I uploaded a single-page mysql management tool for convenience.
Let's look at his database.













This is his database, which stores text messages and uploads the customer's address book to shame!
What we need to do now is to avenge those innocent people.


It's too late. Today we are here to analyze the dozens of underground Android Trojans that I have captured recently.
I found that many Android Trojan sales authors do not understand android at all, but only understand reverse engineering and copy others' code.
During this time, many Trojans were also captured by the author's phone QQ, which directly appeared in the code in plain text. I will share it with you tomorrow. I will be able to make phone calls without harassment.

I am unemployed and want to study android security.
Old
Qq847771093