Today I bring you a very interesting topic.
Anyone who has developed a bit in Android
To connect our Android to the PC we can do it in two ways; by USB or by (and here comes the interesting thing) TCP. I will show you a very interesting tool in which you can exploit various functionalities.
To start configuring our Android, we will have to follow a series of steps (which may vary slightly from one smartphone to another). Therefore, we will have to go to Settings -> About the phone and once there, look for where it says “Compilation number” and press 7 times in a row. Done this you will see something similar to the following image.
You are now a developer! 😉
Now, we will only have to go Settings -> Developer options and search the option “USB Debugging“; We must activate this option. In case we have given an emergent message confirming, we confirm.
Ready, we will have our Android ready to play.
We go to the PC, because we will have to install the ADB tool.
For this step, we can go to the official Android page and we should download the SDK Platform-Tools for our OS. Since the ADB is integrated into the Platform-Tools (along with other utilities) we will have to download the package. In the rest of Linux, I do not know if ADB (or Platform-Tools) is uploaded in the Linux repository, but if you are in Kali, just do:
# apt-get install adb
You can install the tool easily and quickly.
Perfect, we have the PC and our Android ready; let’s connect them with USB.
Now we just have to ask ADB which devices are connected.
As you can see, it has recognized our Android connected, but it has no authorization to do anything. At that moment, a confirmation will appear to allow access to our Android.
After accepting, checking the option to always allow your PC (the message will not appear again every time we want to do something), if we ask ADB again for the connected devices, our Android will appear again, but now it will appear as “device” instead of “unauthorized“.
Next, we will enable the option to debug via TCP.
Once TCP debugging is enabled on port 5555 (by default), we can remove the USB cable.
To be able to connect with our Android, now, it is necessary that our Android has an internet connection, in my case, having it connected to WiFi, the associated IP is 192.168.1.37. (At this time there would also appear a request for permissions on the Android, if we remembered it, it will not appear).
Now we are going to use a Zucccs tool called PhoneSploit that will allow us to have an abstraction layer with our Android, where we can make interesting actions.
To connect to our Android, just use the options it shows.
Once connected, we can use a lot of options to our diposition, for example launch the shell to interact with our Android.
Also with the Shell, you could access the files of the SD, photos
In addition with PhoneSploit, for example, a screenshot will be made!
As you can see, there are more options; like
We could keep choosing options, but I’ll let you try it!
Now that you know the things that can be done, you can think, can an attacker make a capture of my mobile and I do not realize? Can an attacker do all that with my Android?
Well it is a sensitive issue, the truth is that yes and no. Everything mainly falls on whether you have granted permission to the PC, otherwise, you could not. But of course, have you ever thought about when you bought a second-hand mobile (if you have done so) if it already comes with developer options enabled and even with USB debugging? 😉
Without thinking that, there are products (mostly Chinese) type SmartBox TV that comes with debugging by TCP enabled by default. Yes, the SmartBox too.
In fact, if we look at Shodan and search for “Android Debug Bridge“
Almost 13000 Android devices that Shodan have found with debugging by TCP enabled, and you just have to take a quick look to see that there are all kinds, I would even dare that there are even Smart TVs!
You can say, ok, but you have to accept the request for permission to pair the PC with the Android, yes, but of almost 13000 devices, would they all deny access? Who has not accepted a message without reading it? By statistics there will be enough! Not to say that an attacker could “bomb” requests and not stop until it is accepted.
Will any of these Android devices, your device?
I hope I have explained myself clearly and that you liked it. If you want me to continue commenting on ADB & Android, you just have to tell me and I will continue to do more of this kind a little more
PS: I also remind you that the Allhacked including its posts (including this one), are also available in Spanish.
See you in the next post! 😉
15 thoughts on “Exploiting Android through ADB”
what about if the victim uses VPN?(tcp)
The tool repo is made private. Cant clone it
thats great stuff. I am trying this. I hope you will share another topic on adb used in reverse engineering.
https://lightbass.ru/ – это ваш надёжный друг в мире улучшения автомобиля !
Register and take part in the drawing, click here
TV online free
продажа пластиковых ёмкостей