Hacking Android Using ADB

Hey guys,
In this blog, we are going to see about hacking android using a simple misconfiguration of opening the ADB port 5555.

ADB:
Android Debug Bridge (adb) is a versatile command-line tool that lets you communicate with a device. The adb command facilitates a variety of device actions, such as installing and debugging apps, and it provides access to a Unix shell that you can use to run a variety of commands on a device.

We are going to gain a shell on a remote android device, only sky is the limit, if you know to do things from the shell. Even connecting to an android using ADB is itself a lot more useful, with a shell you can expand it even more.

That said, lets see how to exploit the android device.

We need some packages installed on our device.

if you are using debian,
sudo apt-get install android-tools-adb android-tools-fastboot

if you are using any arch distribution,
pacman -S android-sdk-platform-tools

The beauty is that you can perform these in termux also,
pkg install android-tools

Installing the necessary tools

Now all consequent steps are same irrespective of the distribution.

Now you can verify if you have installed it correctly,
adb version

Verifying Installation using ADB version

Now, we can jump into the hack,

Note that if ADB is enabled on the device, it would have port 5555 open. We are going to exploit that misconfiguration. What we are gonna do is connect to that port and issue commands to the target.

connect to the device using its ip address
adb connect <ip>

Connecting to Androind Device using ADB

If you get this connected message back, congrats! you gained access to that device.

Now we could get into a shell on the device,
adb shell

Getting Android Shell via ADB

This is similar to a linux shell because android itself has a linux kernel. Yeah some linux commands work in android as well like ls, cd etc.., for some complex operations read about the android shell.

You can only connect to one device using ADB, for a next connection you should disconnect from the current connection and then proceed.

Error when connecting multiple devices

If the device you gained access allows you to su as root, then you can fully control the device.

su as root

To get you started I have some ADB commands that will be useful,

ADB Commands

ADB Application installation commands

ADB File Management Commands

ADB Device Information Commands

ADB Device Commands

Thanks for reading, hope you learned something.

Happy Hacking.

If you have any problems, please watch this video,

https://www.youtube.com/watch?v=gWlUH7jPKXQ&t=102s