AdbNet: An Exploitation-Framework for android devices
AdbNet
A Framework that allows you to search for vulnerable android devices across the world and exploit them.
Features:
– Post-Exploitation modules to control and tinker with the device you are connected to.
– Scanners to search for vulnerable android devices across the world to exploit.
– Options for managing how many devices you have connected.
– Options for checking whether the devices you are connected to are online or offline.
– IP-Lookup for retrieving information on a certain IP.
– Options to dump the IP Addresses of the vulnerable Android devices. [This makes your life easier so you dont have to find it yourself]
Installation
Getting the required API keys
Create an account on censys.io and then go to your account page and get your free api_id and api_secret key and open ‘adbnet.py’ and edit in your api id and api key here:
Create an account on shodan.io and go to your account to get your free api key, once you have it copied, open ‘adbnet.py’ and edit in your api key here:
Install
sudo apt install pq
sudo apt install adb
pip3 install colorama
pip3 install requests
python3 adbnet.py or python adbnet.py or py adbnet.py
TIP: For people that are new to this, if you are having issues install a certain python module, just do this: pip3 install <modulename>
Use
First, run the ‘dump shodan’ or ‘dump censy’ (dump shodan is recommended) command to dump the IP addresses of the vulnerable devices.
Then, after you find an IP address you want to try, run the ‘connect’ command and you will be prompted to enter
the target IP address, once you enter the target ip address, you will be prompter to enter the port. For the port,
you can try entering ‘5555’ or ‘4444’ since those are the most common ports. If you want, you can try finding the
specific port yourself, but it might take some time.
Now AdbNet will now try to connect to the vulnerable android device.
If it fails to connect, try another IP.
If you manage to connect to a device, now you can check if you are really connected by using the ‘devices’ command.
< Warning! > You can only be connected to one device at a time! To kill the sessions use the ‘killall’ command! < Warning! >
To open a shell and execute commands on the device, use the ‘terminal’ command.
To run post-exploitation modules, run the ‘post’ command for the post-exploitation menu to load. Then, you
can run any module you like.
REMEMBER: IF YOU WANT TO CONNECT TO A DIFFERENT DEVICE, RUN THE ‘killall’ COMMAND, AND REPEAT THE PROCESS AGAIN.
Copyright (C) 2021 0x1CA3
Source: https://github.com/0x1CA3/