Hacking Android Remotely Using Ghost Framework

n00bie
4 min readMay 28, 2020

Hey guys,

In this blog, we are going to see how to hack an Android Device remotely using Ghost framework, without even touching it.

Note : The device should have ADB port 5555 open and listening.
If you want to hack your girlfriend’s phone or a friend’s phone, don’t waste time here :)

We are going to use a framework called Ghost Framework.

Ghost Framework:

It is an android post-exploitation framework that exploits the Android Debug Bridge to remotely access an android device, Ghost framework gives you the power and convenience of remote android administration.

To begin with, we need to install the Ghost Framework in our device

That is a very simple process,

Do a git clone of the repository,

git clone https://www.github.com/entynetproject/ghost.git

Cloning the repository

Then you may change to that directory,

cd ghost

ls

Contents of the cloned repo

Next you see that install.sh shell script, we may take a look at it.

cat install.sh

install.sh file contents

Wow, it seems that this Ghost Framework is supported in almost many platforms

Especially termux.

This file seems just to install the dependencies python, git and adb / android-tools

then now you may run the installation script, if you don’t have python, git and adb else you may skip it.

./install.sh

running install.sh

Now having the installation complete, lets move on to the fun part.

Run the ghost file in the directory

./ghost

Ghost Framework main screen

If you have already used metasploit framework, most tools will be easier for you to use, because most other tools are based on the friendly feel of the metasploit framework.

Now that we are in the ghost framework, we need to get it to work, we just type in

help

to get to know how to use the tool.

Help options in Ghost

There is a neat description of the commands that can be used.

Using the connect command, we can connect to an android device. To get its usage,

Getting usage of a connect command

It seems that we need an IP address to connect to and note that port 5555 should be listening on the device to connect to it, else we can’t connect to a device.

Now, connecting to a device,

connect <IP_address>

Connecting to a device

It gives us a prompt back, as I told you before, if you are familiar with Metasploit, you can simply play around with most tools.

Now Lets fetch the help to see what we can do on the device,

Help after connecting to a device

It seems we can do a lot with the device, this is a simple screenshot, there is even a command to screenshot the remote device and return the result to us.

Lets try some simple commands like battery

battery command run on the device

Wow its crazy, right!

What more can we do with it.

We can even gain a remote shell on the device, type in shell in the prompt

Getting a shell on the device

press Ctrl+D to exit the Shell.

Exiting out of the shell

To get complete information about the remote device, type in the sysinfo command

Be careful, depending on the system you may get a lot of ouput to the screen.

To disconnect from the system, just type in the disconnect command

disconnecting from the device

Hahaha, hope you found out.

By android, we mean not only the mobile phones, even TVs run android, there are a lot of devices running Android that are misconfigured. Yeah, it means that we can hack not only Mobile Phones also TVs and other devices with ADB enabled, port 5555 open and listening.

Hope you learned something, thanks for reading.

Consider viewing this as a visual treat,
https://www.youtube.com/watch?v=XeIH-nAhJE4

--

--