Exploit for AnSploit

Name: Exploit for AnSploit
Rating: 5 (9 reviews)
2026-06-08 | CVSS 5.6
## https://sploitus.com/exploit?id=29A48C49-7B3C-5300-BA09-ACFF4B645FFE
# Ansploit v2.0 — Android Network Security & Exploitation Toolkit

**13 integrated modules for discovery, exploitation, post-exploitation, payload generation, obfuscation, and reporting**  
*Cross-platform — Windows, Kali Linux, and Termux (Android)*

---

## Quick Start

### Windows
```bash
git clone https://github.com/yourusername/ansploit.git
cd ansploit
pip install -r requirements.txt
python ansploit.py
```
Or double-click `run.bat`.

### Linux (Kali / Debian / Ubuntu)
```bash
git clone https://github.com/yourusername/ansploit.git
cd ansploit
pip install -r requirements.txt
python ansploit.py --platform linux
```
Or use the launcher: `./run.sh`

### Termux (Android)
```bash
pkg update && pkg upgrade
pkg install python git openssh nmap
pip install -r requirements.txt
python ansploit.py --platform termux
```

---

## CLI Arguments

```
python ansploit.py --platform windows|linux|termux   Force platform
python ansploit.py --version                         Show version
python ansploit.py --no-banner                       Skip banner
python ansploit.py --no-disclaimer                   Skip legal disclaimer
```

---

## Startup Flow (v2.0)

```
1. Banner → Legal Disclaimer
2. Platform Selection:
   [1] Windows       — ADB, BT (BLE), WiFi (netsh, no WPS), WebView, MSF, Reports
   [2] Kali Linux    — Full toolkit (all features + WPS + monitor mode)
   [3] Termux        — On-device Android hacking (ADB, Shodan, WiFi, Reports)
   [4] Auto-detect
3. Missing Python Dependencies → Auto-install via pip
4. Missing Tools Detection →
      "Install ADB now? (Y/N)"    → Auto-download & install
      "Install Nmap now? (Y/N)"   → Auto-download & install
      "Install Metasploit now?"   → ~300MB, download from Rapid7
5. Shodan API Key prompt → saves to ~/.ansploit/config.json
6. Main Menu (only supported modules are active)
```

---

## 13 Modules

| # | Module | Windows | Linux | Termux | Description |
|---|--------|:-------:|:-----:|:------:|-------------|
| 1 | **Shodan Discovery** | Y | Y | Y | Internet-wide Android device discovery via Shodan (ADB, cameras, TV boxes, web servers, custom queries, batch audit) |
| 2 | **ADB Exploitation** | Y | Y | Y | ADB connect, device info, interactive shell, screenshot, SMS/contacts dump, app manager, LAN scanner, key events |
| 3 | **Bluetooth Recon** | BLE only | Y | — | Nearby BT/BLE device discovery, vulnerability assessment, known-vuln database |
| 4 | **WiFi Audit** | netsh (no WPS) | Y | Y | WiFi network scanning, security audit (WEP/WPA/WPA2), WPS vulnerability check |
| 5 | **WebView Scanner** | Y | Y | Y | Android app WebView configuration audit — checks JavaScript, file access, SSL, and more |
| 6 | **Default Credentials** | Y | Y | Y | 9-vendor default credential database, per-vendor lookup, batch audit against Shodan targets |
| 7 | **Metasploit Arsenal** | Y | Y | Y* | Android/payload generation (Meterpreter TCP/HTTPS, Python), ADB delivery, multi/handler |
| 8 | **Payload Obfuscation** | Y | Y | Y | Python & shell script obfuscation — AES encryption, base64, XOR, variable renaming, comment stripping |
| 9 | **APK Backdoor** | Y | Y | Y | Decompile APKs, inject Meterpreter/shell backdoors, rebuild & sign with uber-apk-signer |
| 10 | **File Pumper** | Y | Y | Y | Inflate APK file size to bypass upload limits, smart zero-compress fill, size verification |
| 11 | **Multi-Platform Payloads** | Y | Y | Y | Cross-platform payload generation — Android APK, Windows EXE/DLL, Linux ELF, batch all |
| 12 | **Post-Exploitation** | Y | Y | Y | System recon, credential dumping, persistence setup, lateral movement, cleanup & cover tracks |
| 13 | **Report Generator** | Y | Y | Y | Pentest report in HTML, TXT, and JSON — aggregates Shodan, ADB, BT, WiFi scan data |

\* Termux MSF requires separate manual installation via `pkg install metasploit`

---

## Auto-Install Tools

| Tool | Windows | Linux | Termux | Size |
|------|---------|-------|--------|------|
| ADB | Download platform-tools ZIP | `apt install adb` | `pkg install android-tools` | ~10 MB |
| Nmap | Launch .exe installer | `apt install nmap` | `pkg install nmap` | ~30 MB |
| Metasploit | Launch .msi installer | `apt install metasploit-framework` | `pkg install metasploit` | ~300 MB |
| AAPT | Download build-tools ZIP | `apt install aapt` | `pkg install aapt` | ~20 MB |

Access from main menu: **I → Install Missing Tools**

---

## Requirements

| Tool | Required? | Download |
|------|:---------:|----------|
| Python 3.10+ | Required | python.org |
| ADB | Required | Auto-download or [Platform Tools](https://developer.android.com/studio/releases/platform-tools) |
| Nmap | Recommended | Auto-download or [nmap.org](https://nmap.org/download.html#windows) |
| Shodan API Key | Required (Module 1) | [Register free](https://account.shodan.io/register) |
| Metasploit | Optional | Auto-download or [metasploit.com](https://www.metasploit.com/download) |
| AAPT (Android SDK) | Optional | Auto-download or [build-tools](https://developer.android.com/studio/releases/build-tools) |

---

## Config & Data Locations

| Location | Purpose |
|----------|---------|
| `~/.ansploit/config.json` | Platform choice, API key, preferences |
| `~/.ansploit/cache/shodan_cache.json` | Cached Shodan results |
| `~/.ansploit/ansploit.log` | Application log |
| `~/.ansploit/tools/` | Downloaded external tools |
| `./reports/` | Pentest reports |
| `./payloads/` | MSF payloads |
| `./wordlists/` | Default credential wordlists |
| `./config/` | Additional configuration files |

---

## Project Structure

```
Ansploit/
├── ansploit.py              Main entry point (CLI args, version)
├── run.bat / run.sh         Platform launchers
├── requirements.txt         Python dependencies
├── README.md                This file
├── tests/                   Unit tests
├── core/
│   ├── config.py            Config persistence + platform capabilities
│   ├── console.py           ANSI-based console UI + banner
│   ├── tools.py             Tool detection & resolution
│   └── installer.py         Auto-download ADB/Nmap/MSF/AAPT
├── modules/
│   ├── shodan_scanner.py    6 preset Shodan queries + custom search
│   ├── adb_exploit.py       ADB exploitation toolkit
│   ├── bt_recon.py          BLE + Classic BT recon
│   ├── wifi_audit.py        WiFi scanner + auto-detect interface
│   ├── webview_scanner.py   WebView vulnerability checklist
│   ├── default_creds.py     9-vendor credential DB
│   ├── metasploit.py        ARM64 payloads + handler + ADB delivery
│   ├── obfuscator.py        Python/shell payload obfuscation (AES, XOR, base64)
│   ├── apk_backdoor.py      APK decompile, inject, rebuild, sign
│   ├── pumper.py            APK file size inflator
│   ├── multipayload.py      Cross-platform payload generator
│   ├── post_exploit.py      Post-exploit recon, dump, persist, lateral, cleanup
│   └── report.py            HTML/TXT/JSON report engine
├── cli/
│   └── menu.py              Platform-aware interactive menu (13 modules)
├── config/                  Additional configuration
├── payloads/                Generated payload output
├── reports/                 Pentest report output
└── wordlists/               Default credential wordlists
```

---

## Legal Disclaimer

**FOR EDUCATIONAL USE AND AUTHORIZED SECURITY TESTING ONLY.**

Unauthorized access to computer systems is illegal under applicable laws including the Computer Fraud and Abuse Act (CFAA, 18 U.S.C. § 1030), Indonesia's UU ITE, the UK Computer Misuse Act, and similar legislation worldwide. By using this tool you agree that you have explicit written authorization from the system owner. The authors assume no liability for misuse or damage.

---

*Built for offensive security professionals — Shodan-powered Android target discovery, ADB exploitation, and a full red-team module chain from recon through post-exploitation.*