hello friends, In this post, I’ll explain to you that how can you exploit into an Android device using open ADB ports. Android Debug Bridge (ADB) is a command line tool that lets you communicate with an emulator or connected Android device. for this, we will use an open source script. PhoneSploit uses Android Open Adb ports to exploit into it. So let’s start
Steps to enable Developer option in Android Device
Step 1: Go to about phone and then tap 7 times on Build Number as
Step 2: Now back to the setting and now you can see, there will be an Option of development setting. click on that and then Enable USB Debugging as
Steps to install ADB in Kali Linux
Step 1: open a terminal and then Install the ADB using the following command
sudo apt-get install adb
Step 2: Once ADB is installed in your Kali Machine, connect the Android device and allow the USB Debbuging when prompt. To verify the connection is successful or not, execute the following command
adb devices
you can see that the device is now connected
Step 3: after that, we need to issues some command, so that we can exploit the Android devices using wifi. for that, type the following command
adb usb
Step 4: Again type the following command to enable tcpip in that Android Device
adb tcpip 5555
Step 5: Now connect your Android device to the same wifi Network and type the following command
adb connect xxx.xxx.xxx.xxxx
Note: Where xxx.xxx.xxx.xxx is the IP address of the device. a successful connection will look like
Steps to Install PhoneSploit Script into Kali Linux
PhoneSploit is able to Exploit into Android Open Adb ports. So the next step is to install Phonesploit script into Kali Linux. This script is available for both Linux and Windows. You can check the official repository of PhoneSploit here
Step 1: Execute the following command to clone the Phonesploit repository into your Kali Linux
git clone https://github.com/Zucccs/PhoneSploit.git
Step 2: Now install some required dependencies using the following command
pip install colorama
Step 3: Now run the script by the following command
python main_linux.py
Step 4: The default PhoneSploit prompt will look something like this
Step 5: So the first step is to connect the device, for that type 3 in the terminal and enter the IP Address of the device
Step 6: Now to verify that your Device is connected or not, just type 1 in the terminal and you can see the device IP address followed by the Port Number
Step 7: Now to access the shell on the Phone, simply type 4 i.e Access shell on a Phone. Next, you will be asked to the Device name, enter the socket address (IP + Port Number). in my case, it is 192.168.0.104:5555 as
Note: There are lots of exploits here you can do with that Android device. You can go through all of them one by one
