10 KiB
{% hint style="success" %}
Leer & oefen AWS Hacking:
HackTricks Opleiding AWS Red Team Expert (ARTE)
Leer & oefen GCP Hacking: 
HackTricks Opleiding GCP Red Team Expert (GRTE)
Ondersteun HackTricks
- Kyk na die subskripsieplanne!
- Sluit aan by die 💬 Discord-groep of die telegram-groep of volg ons op Twitter 🐦 @hacktricks_live.
- Deel hacking truuks deur PRs in te dien na die HackTricks en HackTricks Cloud github repos.
Adb is gewoonlik geleë in:
#Windows
C:\Users\<username>\AppData\Local\Android\sdk\platform-tools\adb.exe
#MacOS
/Users/<username>/Library/Android/sdk/platform-tools/adb
Inligting verkry van: http://adbshell.com/
Verbinding
adb devices
Dit sal die gekonnekte toestelle lys; as "onbevoeg" verskyn, beteken dit dat jy jou mobiele moet ontsluit en die verbinding moet aanvaar.
Dit dui aan die toestel aan dat dit 'n adb-bediener op poort 5555 moet begin:
adb tcpip 5555
Verbind met daardie IP en daardie Poort:
adb connect <IP>:<PORT>
As jy 'n fout soos die volgende in 'n Virtuele Android-sagteware (soos Genymotion) kry:
adb server version (41) doesn't match this client (36); killing...
Dit is omdat jy probeer om met 'n ADB-bediener van 'n ander weergawe te verbind. Probeer net om die adb-binary te vind wat die sagteware gebruik (gaan na C:\Program Files\Genymobile\Genymotion en soek vir adb.exe)
Verskeie toestelle
Wanneer jy verskeie toestelle wat aan jou masjien gekoppel is vind, sal jy moet spesifiseer in watter een jy die adb-opdrag wil uitvoer.
adb devices
List of devices attached
10.10.10.247:42135 offline
127.0.0.1:5555 device
adb -s 127.0.0.1:5555 shell
x86_64:/ # whoami
root
Port Tunneling
In die geval waar die adb poort slegs toeganklik is vanaf localhost op die Android-toestel, maar jy het toegang via SSH, kan jy die poort 5555 voordeur en via adb aansluit:
ssh -i ssh_key username@10.10.10.10 -L 5555:127.0.0.1:5555 -p 2222
adb connect 127.0.0.1:5555
Pakketbestuurder
Installeer/Verwyder
adb install [opsie] <pad>
adb install test.apk
adb install -l test.apk # forward lock application
adb install -r test.apk # replace existing application
adb install -t test.apk # allow test packages
adb install -s test.apk # install application on sdcard
adb install -d test.apk # allow version code downgrade
adb install -p test.apk # partial application install
adb uninstall [options] <PACKAGE>
adb uninstall com.test.app
adb uninstall -k com.test.app Keep the data and cache directories around after package removal.
Pakkette
Druk alle pakkette af, opsioneel slegs dié waarvan die pakketaan naam die teks in <FILTER> bevat.
adb shell pm list packages [options] <FILTER-STR>
adb shell pm list packages <FILTER-STR>
adb shell pm list packages -f <FILTER-STR> #See their associated file.
adb shell pm list packages -d <FILTER-STR> #Filter to only show disabled packages.
adb shell pm list packages -e <FILTER-STR> #Filter to only show enabled packages.
adb shell pm list packages -s <FILTER-STR> #Filter to only show system packages.
adb shell pm list packages -3 <FILTER-STR> #Filter to only show third party packages.
adb shell pm list packages -i <FILTER-STR> #See the installer for the packages.
adb shell pm list packages -u <FILTER-STR> #Also include uninstalled packages.
adb shell pm list packages --user <USER_ID> <FILTER-STR> #The user space to query.
adb shell pm path <PACKAGE>
Druk die pad na die APK van die gegewe .
adb shell pm path com.android.phone
adb shell pm clear <PACKAGE>
Verwyder alle data wat met 'n pakket geassosieer is.
adb shell pm clear com.test.abc
File Manager
adb pull <remote> [local]
Laai 'n spesifieke lêer van 'n emuleerder/toestel na jou rekenaar af.
adb pull /sdcard/demo.mp4 ./
adb push <local> <remote>
Laai 'n spesifieke lêer van jou rekenaar na 'n emuleerder/toestel op.
adb push test.apk /sdcard
Screencapture/Screenrecord
adb shell screencap <filename>
Neem 'n skermskoot van 'n toestel se skerm.
adb shell screencap /sdcard/screen.png
adb shell screenrecord [options] <filename>
Opname van die skerm van toestelle wat Android 4.4 (API-vlak 19) en hoër draai.
adb shell screenrecord /sdcard/demo.mp4
adb shell screenrecord --size <WIDTHxHEIGHT>
adb shell screenrecord --bit-rate <RATE>
adb shell screenrecord --time-limit <TIME> #Sets the maximum recording time, in seconds. The default and maximum value is 180 (3 minutes).
adb shell screenrecord --rotate # Rotates 90 degrees
adb shell screenrecord --verbose
(druk Ctrl-C om opnames te stop)
**Jy kan die lêers (beelde en video's) aflaai met **adb pull
Shell
adb shell
Kry 'n shell binne die toestel
adb shell
adb shell <CMD>
Voer 'n opdrag binne die toestel uit
adb shell ls
pm
Die volgende opdragte word binne 'n skulp uitgevoer
pm list packages #List installed packages
pm path <package name> #Get the path to the apk file of tha package
am start [<options>] #Start an activity. Whiout options you can see the help menu
am startservice [<options>] #Start a service. Whiout options you can see the help menu
am broadcast [<options>] #Send a broadcast. Whiout options you can see the help menu
input [text|keyevent] #Send keystrokes to device
Processes
As jy die PID van die proses van jou aansoek wil kry, kan jy uitvoer:
adb shell ps
En soek vir jou aansoek
Of jy kan doen
adb shell pidof com.your.application
En dit sal die PID van die aansoek druk
Stelsel
adb root
Herstart die adbd daemon met worteltoestemmings. Dan moet jy weer aan die ADB-bediener koppel en jy sal wortel wees (indien beskikbaar)
adb sideload <update.zip>
flashing/restoring Android update.zip pakkette.
Logs
Logcat
Om slegs die boodskappe van een toepassing te filter, kry die PID van die toepassing en gebruik grep (linux/macos) of findstr (windows) om die uitvoer van logcat te filter:
adb logcat | grep 4526
adb logcat | findstr 4526
adb logcat [opsie] [filter-spesifikasies]
adb logcat
Notes: druk Ctrl-C om monitor te stop.
adb logcat *:V # lowest priority, filter to only show Verbose level
adb logcat *:D # filter to only show Debug level
adb logcat *:I # filter to only show Info level
adb logcat *:W # filter to only show Warning level
adb logcat *:E # filter to only show Error level
adb logcat *:F # filter to only show Fatal level
adb logcat *:S # Silent, highest priority, on which nothing is ever printed
adb logcat -b <Buffer>
adb logcat -b # radio View the buffer that contains radio/telephony related messages.
adb logcat -b # event View the buffer containing events-related messages.
adb logcat -b # main default
adb logcat -c # Clears the entire log and exits.
adb logcat -d # Dumps the log to the screen and exits.
adb logcat -f test.logs # Writes log message output to test.logs .
adb logcat -g # Prints the size of the specified log buffer and exits.
adb logcat -n <count> # Sets the maximum number of rotated logs to <count>.
dumpsys
dump stelseldat
adb shell dumpsys [options]
adb shell dumpsys
adb shell dumpsys meminfo
adb shell dumpsys battery
Notas: 'n Mobiele toestel met Ontwikkelaaropsies geaktiveer wat Android 5.0 of hoër draai.
adb shell dumpsys batterystats collects battery data from your device
Notas: Battery Historian omskep daardie data in 'n HTML-visualisering. STAP 1 adb shell dumpsys batterystats > batterystats.txt STAP 2 python historian.py batterystats.txt > batterystats.html
adb shell dumpsys batterystats --reset erases old collection data
adb shell dumpsys activity
Rugsteun
Rugsteun 'n Android-toestel vanaf adb.
adb backup [-apk] [-shared] [-system] [-all] -f file.backup
# -apk -- Include APK from Third partie's applications
# -shared -- Include removable storage
# -system -- Include system Applciations
# -all -- Include all the applications
adb shell pm list packages -f -3 #List packages
adb backup -f myapp_backup.ab -apk com.myapp # backup on one device
adb restore myapp_backup.ab # restore to the same or any other device
As jy die inhoud van die rugsteun wil inspekteer:
( printf "\x1f\x8b\x08\x00\x00\x00\x00\x00" ; tail -c +25 myapp_backup.ab ) | tar xfvz -
{% hint style="success" %}
Leer & oefen AWS Hacking:HackTricks Opleiding AWS Red Team Expert (ARTE)
Leer & oefen GCP Hacking: HackTricks Opleiding GCP Red Team Expert (GRTE)
Ondersteun HackTricks
- Kyk na die subskripsie planne!
- Sluit aan by die 💬 Discord groep of die telegram groep of volg ons op Twitter 🐦 @hacktricks_live.
- Deel hacking truuks deur PRs in te dien na die HackTricks en HackTricks Cloud github repos.