12 KiB
Jifunze kuhusu kudukua AWS kutoka sifuri hadi shujaa na htARTE (Mtaalam wa Timu Nyekundu ya AWS ya HackTricks)!
Njia nyingine za kusaidia HackTricks:
- Ikiwa unataka kuona kampuni yako ikionekana katika HackTricks au kupakua HackTricks kwa muundo wa PDF Angalia MPANGO WA KUJIUNGA!
- Pata swag rasmi ya PEASS & HackTricks
- Gundua The PEASS Family, mkusanyiko wetu wa NFTs ya kipekee
- Jiunge na 💬 Kikundi cha Discord au kikundi cha telegram au tufuate kwenye Twitter 🐦 @carlospolopm.
- Shiriki mbinu zako za kudukua kwa kuwasilisha PRs kwenye HackTricks na HackTricks Cloud repos za github.
Adb kawaida iko katika:
#Windows
C:\Users\<username>\AppData\Local\Android\sdk\platform-tools\adb.exe
#MacOS
/Users/<username>/Library/Android/sdk/platform-tools/adb
Maelezo yaliyopatikana kutoka: http://adbshell.com/
Uunganisho
adb devices
Hii itaorodhesha vifaa vilivyounganishwa; ikiwa "unathorised" inaonekana, hii inamaanisha kuwa unahitaji kuondoa kizuizi kwenye simu yako na kukubali uunganisho.
Hii inaashiria kifaa kuwa kinapaswa kuanza adb server kwenye bandari 5555:
adb tcpip 5555
Weka uhusiano na anwani hiyo ya IP na hiyo Port:
adb connect <IP>:<PORT>
Ikiwa unapata kosa kama ifuatavyo katika programu ya Android ya Virtual (kama Genymotion):
adb server version (41) doesn't match this client (36); killing...
Ni kwa sababu unajaribu kuunganisha kwenye seva ya ADB na toleo tofauti. Jaribu tu kupata faili ya adb binary ambayo programu inatumia (enda kwenye C:\Program Files\Genymobile\Genymotion na tafuta adb.exe)
Vifaa vingi
Unapopata vifaa vingi vilivyounganishwa kwenye kompyuta yako, utahitaji kutaja kwenye kifaa kipi unataka kuendesha amri ya adb.
adb devices
List of devices attached
10.10.10.247:42135 offline
127.0.0.1:5555 device
adb -s 127.0.0.1:5555 shell
x86_64:/ # whoami
root
Port Tunneling
Katika kesi ambapo adb port inaweza kufikiwa tu kutoka localhost kwenye kifaa cha Android lakini una ufikiaji kupitia SSH, unaweza kuhamisha port 5555 na kuunganisha kupitia adb:
ssh -i ssh_key username@10.10.10.10 -L 5555:127.0.0.1:5555 -p 2222
adb connect 127.0.0.1:5555
Meneja wa Pakiti
Sakinisha/Ondoa
adb install [chaguo] <njia>
adb install test.apk
adb install -l test.apk # forward lock application
adb install -r test.apk # replace existing application
adb install -t test.apk # allow test packages
adb install -s test.apk # install application on sdcard
adb install -d test.apk # allow version code downgrade
adb install -p test.apk # partial application install
adb uninstall [chaguo] <PAKETI>
- Maelezo: Amri hii inatumika kuondoa programu ya Android kutoka kifaa cha lengo.
- Chaguo:
-k: Ongeza chaguo hili ili kuweka data na hifadhidata ya programu baada ya kuiondoa.-r: Ongeza chaguo hili ili kuondoa programu ya mfumo ambayo imesakinishwa kwenye kifaa cha lengo.
- Mfano:
adb uninstall com.example.app
adb uninstall com.test.app
adb uninstall -k com.test.app Keep the data and cache directories around after package removal.
Pakiti
Inaonyesha pakiti zote, kwa hiari tu zile ambazo jina la pakiti linajumuisha maandishi katika <FILTER>.
adb shell pm list packages [chaguo] <FILTER-STR>
adb shell pm list packages <FILTER-STR>
adb shell pm list packages -f <FILTER-STR> #See their associated file.
adb shell pm list packages -d <FILTER-STR> #Filter to only show disabled packages.
adb shell pm list packages -e <FILTER-STR> #Filter to only show enabled packages.
adb shell pm list packages -s <FILTER-STR> #Filter to only show system packages.
adb shell pm list packages -3 <FILTER-STR> #Filter to only show third party packages.
adb shell pm list packages -i <FILTER-STR> #See the installer for the packages.
adb shell pm list packages -u <FILTER-STR> #Also include uninstalled packages.
adb shell pm list packages --user <USER_ID> <FILTER-STR> #The user space to query.
adb shell pm path <PACKAGE>
Chapisha njia ya APK ya .
adb shell pm path com.android.phone
adb shell pm clear <PACKAGE>
Futa data zote zinazohusiana na pakiti.
adb shell pm clear com.test.abc
Meneja wa Faili
adb pull <remote> [local]
Pakua faili iliyotajwa kutoka kwenye kifaa/emulator hadi kwenye kompyuta yako.
adb pull /sdcard/demo.mp4 ./
adb push <local> <remote>
Pakia faili iliyotajwa kutoka kwenye kompyuta yako kwenda kwenye kifaa/emulator.
adb push test.apk /sdcard
Kuchukua Picha ya Skrini/Rekodi ya Skrini
adb shell screencap <jina la faili>
Kuchukua picha ya skrini ya kifaa.
adb shell screencap /sdcard/screen.png
adb shell screenrecord [chaguo] <jina la faili>
Kurekodi skrini ya vifaa vinavyotumia Android 4.4 (kiwango cha API 19) na zaidi.
adb shell screenrecord /sdcard/demo.mp4
adb shell screenrecord --size <WIDTHxHEIGHT>
adb shell screenrecord --bit-rate <RATE>
adb shell screenrecord --time-limit <TIME> #Sets the maximum recording time, in seconds. The default and maximum value is 180 (3 minutes).
adb shell screenrecord --rotate # Rotates 90 degrees
adb shell screenrecord --verbose
(press Ctrl-C to stop recording)
**Unaweza kupakua faili (picha na video) kwa kutumia **adb pull
Shell
adb shell
Pata kikao ndani ya kifaa
adb shell
adb shell <CMD>
Tekeleza amri ndani ya kifaa
adb shell ls
pm
Amri zifuatazo zinatekelezwa ndani ya kikao cha shell
pm list packages #List installed packages
pm path <package name> #Get the path to the apk file of tha package
am start [<options>] #Start an activity. Whiout options you can see the help menu
am startservice [<options>] #Start a service. Whiout options you can see the help menu
am broadcast [<options>] #Send a broadcast. Whiout options you can see the help menu
input [text|keyevent] #Send keystrokes to device
Mchakato
Ikiwa unataka kupata PID ya mchakato wa programu yako, unaweza kutekeleza:
adb shell ps
Na tafuta programu yako
Au unaweza kufanya
adb shell pidof com.your.application
Na itaandika PID ya programu
System
adb root
Hii inaanza tena adbd daemon na ruhusa ya root. Kisha, lazima uunganishe tena kwenye seva ya ADB na utakuwa na ruhusa ya root (ikiwa inapatikana).
adb sideload <update.zip>
Kurejesha/kuweka upya pakiti za Android update.zip.
Kumbukumbu
Logcat
Kwa kuchuja ujumbe wa programu moja tu, pata PID ya programu na tumia grep (linux/macos) au findstr (windows) kuchuja matokeo ya logcat:
adb logcat | grep 4526
adb logcat | findstr 4526
adb logcat [chaguo] [majaribio-ya-kichujio]
- chaguo: Chaguo-msingi cha adb logcat ni main. Chaguo zingine ni radio, events, system, crash, kernel, all.
- majaribio-ya-kichujio: Unaweza kutumia majaribio ya kichujio ili kuchuja matokeo ya logcat kulingana na vigezo fulani kama tag, priority, pid, appname, message.
Kwa mfano, unaweza kutumia amri adb logcat -d | grep "Error" ili kupata makosa kutoka kwenye logcat.
adb logcat
Maelezo: bonyeza Ctrl-C ili kusimamisha ufuatiliaji
adb logcat *:V # lowest priority, filter to only show Verbose level
adb logcat *:D # filter to only show Debug level
adb logcat *:I # filter to only show Info level
adb logcat *:W # filter to only show Warning level
adb logcat *:E # filter to only show Error level
adb logcat *:F # filter to only show Fatal level
adb logcat *:S # Silent, highest priority, on which nothing is ever printed
adb logcat -b <Buffer>
Kwa kutumia amri hii, unaweza kusoma na kuchambua magogo ya kifaa cha Android kwa kikundi maalum cha kumbukumbu. Badala ya <Buffer>, unaweza kutumia vikundi vifuatavyo:
main: Kumbukumbu kuu ya mfumo wa Android.radio: Kumbukumbu ya mawasiliano ya simu.events: Kumbukumbu ya matukio ya mfumo.system: Kumbukumbu ya magogo ya mfumo.crash: Kumbukumbu ya magogo ya ajali.
Kwa mfano, unaweza kutumia amri adb logcat -b main ili kusoma magogo ya kumbukumbu kuu ya mfumo wa Android.
adb logcat -b # radio View the buffer that contains radio/telephony related messages.
adb logcat -b # event View the buffer containing events-related messages.
adb logcat -b # main default
adb logcat -c # Clears the entire log and exits.
adb logcat -d # Dumps the log to the screen and exits.
adb logcat -f test.logs # Writes log message output to test.logs .
adb logcat -g # Prints the size of the specified log buffer and exits.
adb logcat -n <count> # Sets the maximum number of rotated logs to <count>.
dumpsys
Inahifadhi data ya mfumo
adb shell dumpsys [chaguo]
adb shell dumpsys
adb shell dumpsys meminfo
adb shell dumpsys battery
Maelezo: Kifaa cha simu kilicho na Chaguo za Watengenezaji zilizowezeshwa kinachotumia Android 5.0 au zaidi.
adb shell dumpsys batterystats collects battery data from your device
Maelezo: Battery Historian hubadilisha data hiyo kuwa taswira ya HTML. HATUA 1 adb shell dumpsys batterystats > batterystats.txt HATUA 2 python historian.py batterystats.txt > batterystats.html
adb shell dumpsys batterystats --reset erases old collection data
adb shell dumpsys activity
Backup
Hifadhi kifaa cha Android kutoka kwa adb.
adb backup [-apk] [-shared] [-system] [-all] -f file.backup
# -apk -- Include APK from Third partie's applications
# -shared -- Include removable storage
# -system -- Include system Applciations
# -all -- Include all the applications
adb shell pm list packages -f -3 #List packages
adb backup -f myapp_backup.ab -apk com.myapp # backup on one device
adb restore myapp_backup.ab # restore to the same or any other device
Ikiwa unataka kukagua maudhui ya nakala rudufu:
( printf "\x1f\x8b\x08\x00\x00\x00\x00\x00" ; tail -c +25 myapp_backup.ab ) | tar xfvz -
Jifunze kuhusu kudukua AWS kutoka sifuri hadi shujaa na htARTE (Mtaalam wa Timu Nyekundu ya AWS ya HackTricks)!
Njia nyingine za kusaidia HackTricks:
- Ikiwa unataka kuona kampuni yako ikionekana kwenye HackTricks au kupakua HackTricks kwa muundo wa PDF Angalia MPANGO WA KUJIUNGA!
- Pata swag rasmi ya PEASS & HackTricks
- Gundua The PEASS Family, mkusanyiko wetu wa NFTs ya kipekee
- Jiunge na 💬 Kikundi cha Discord au kikundi cha telegram au tufuate kwenye Twitter 🐦 @carlospolopm.
- Shiriki mbinu zako za kudukua kwa kuwasilisha PRs kwenye HackTricks na HackTricks Cloud repos za github.