adb - A tool that allows you to search for vulnerable android devices across the world and exploit them.

Overview


adb - An exploitation tool for android devices.

A tool that allows you to search for vulnerable android devices across the world and exploit them.

Version

Features

Features:
  - Post-Exploitation modules to control and tinker with the device you are connected to.
  - Scanners to search for vulnerable android devices across the world to exploit.
  - Options for managing how many devices you have connected.
  - Options for checking whether the devices you are connected to are online or offline.
  - IP-Lookup for retrieving information on a certain IP.
  - Options to dump the IP Addresses of the vulnerable android devices. [This makes your life easier so you dont have to find it yourself]

Getting the required API keys

Create an account on censys.io and then go to your account page and get your free api_id and api_secret key and open 'adbnet.py' and edit in your api id and api key here:

image

Create an account on shodan.io and go to your account to get your free api key, once you have it copied, open 'adbnet.py' and edit in your api key here: image

Simple Tutorial

First, run the 'dump shodan' or 'dump censy' (dump shodan is recommended) command to 
dump the IP addresses of the vulnerable devices.

Then, after you find an IP-address you want to try, run the 'connect' command and you will be prompted to enter
the target IP address, once you enter the target ip address, you will be prompter to enter the port. For the port,
you can try entering '5555' or '4444' since those are the most common ports. If you want, you can try finding the
specific port yourself, but it might take some time.

Now AdbNet will now try to connect to the vulnerable android device.
If it fails to connect, try another IP.

If you manage to connect to a device, now you can check if you are really connected by using the 'devices' command.

< Warning! > You can only be connected to one device at a time! To kill the sessions use the 'killall' command! < Warning! >

To open a shell and execute commands on the device, use the 'terminal' command.

To run post-exploitation modules, run the 'post' command for the post-exploitation menu to load. Then, you
can run any module you like.

REMEMBER: IF YOU WANT TO CONNECT TO A DIFFERENT DEVICE, RUN THE 'killall' COMMAND, AND REPEAT THE PROCESS AGAIN.

Installation/How To Run

sudo apt install pq
sudo apt install adb
pip3 install colorama
pip3 install requests
python3 adbnet.py or python adbnet.py or py adbnet.py

TIP: For people that are new to this, if you are having issues install a certain python module, just do this: pip3 install 

Screenshots

image image

Credits

https://github.com/0x1CA3

Contributions 🎉

All contributions are accepted, simply open an Issue / Pull request.
You might also like...
This tool ability to analyze software packages of different programming languages that are being or will be used in their codes, providing information that allows them to know in advance if this library complies with processes.

This tool gives developers, researchers and companies the ability to analyze software packages of different programming languages that are being or will be used in their codes, providing information that allows them to know in advance if this library complies with processes. secure development, if currently supported, possible backdoors (malicious embedded code), typosquatting analysis, the history of versions and reported vulnerabilities (CVEs) of the package.

A wordlist generator tool, that allows you to supply a set of words, giving you the possibility to craft multiple variations from the given words, creating a unique and ideal wordlist to use regarding a specific target.
A wordlist generator tool, that allows you to supply a set of words, giving you the possibility to craft multiple variations from the given words, creating a unique and ideal wordlist to use regarding a specific target.

A wordlist generator tool, that allows you to supply a set of words, giving you the possibility to craft multiple variations from the given words, creating a unique and ideal wordlist to use regarding a specific target.

Find vulnerable Log4j2 versions on disk and also inside Java Archive Files (Log4Shell CVE-2021-44228)
Find vulnerable Log4j2 versions on disk and also inside Java Archive Files (Log4Shell CVE-2021-44228)

log4j-finder A Python3 script to scan the filesystem to find Log4j2 that is vulnerable to Log4Shell (CVE-2021-44228) It scans recursively both on disk

Providing DevOps and security teams script to identify cloud workloads that may be vulnerable to the Log4j vulnerability(CVE-2021-44228) in their AWS account.
Providing DevOps and security teams script to identify cloud workloads that may be vulnerable to the Log4j vulnerability(CVE-2021-44228) in their AWS account.

We are providing DevOps and security teams script to identify cloud workloads that may be vulnerable to the Log4j vulnerability(CVE-2021-44228) in their AWS account. The script enables security teams to identify external-facing AWS assets by running the exploit on them, and thus be able to map them and quickly patch them

A fully automated, accurate, and extensive scanner for finding vulnerable log4j hosts
A fully automated, accurate, and extensive scanner for finding vulnerable log4j hosts

log4j-scan A fully automated, accurate, and extensive scanner for finding vulnerable log4j hosts Features Support for lists of URLs. Fuzzing for more

This repository detects a system vulnerable to CVE-2022-21907 and protects against this vulnerability if desired

This repository detects a system vulnerable to CVE-2022-21907 and protects against this vulnerability if desired

Spring4Shell Proof Of Concept/And vulnerable application CVE-2022-22965
Spring4Shell Proof Of Concept/And vulnerable application CVE-2022-22965

Spring4Shell-POC (CVE-2022-22965) Spring4Shell (CVE-2022-22965) Proof Of Concept/Information + A vulnerable Tomcat server with a vulnerable spring4she

Strapi Framework Vulnerable to Remote Code Execution

CVE-2019-19609 Strapi Framework Vulnerable to Remote Code Execution well, I didnt found any exploit for CVE-2019-19609 so I wrote one. :/ Usage pytho

OMIGOD! OM I GOOD? A free scanner to detect VMs vulnerable to one of the

omigood (OM I GOOD?) This repository contains a free scanner to detect VMs vulnerable to one of the "OMIGOD" vulnerabilities discovered by Wiz's threa

Comments
  • 401 error

    401 error

    401 Unauthorized This server could not verify that you are authorized to access the document you requested. Either you supplied the wrong credentials (e.g., bad password), or your browser does not understand how to supply the credentials required.

    could you please tell me how to clear this problem?

    opened by yogeshjoga 1
  • Help me hack p rison jp6 unity tablet

    Help me hack p rison jp6 unity tablet

    I am ....not in prison;) pleased help me create a program/hack into the tablets provided to us..I can provide program info for the tablets,I am an amateur hacker and am trying to advance/ .If you can help I will send $app ....contact me on insta [email protected]

    opened by drew561 0
  • adb server's $ADB_VEND

    adb server's $ADB_VEND

    Getting this error: This adb server's $ADB_VENDOR_KEYS is not set Try 'adb kill-server' if that seems wrong. Otherwise check for a confirmation dialog on your device.

    opened by Chomikmarkus 0
Owner
null
SonicWALL SSL-VPN Web Server Vulnerable Exploit

SonicWALL SSL-VPN Web Server Vulnerable Exploit

null 44 Nov 15, 2022
Searches for potentially vulnerable websites to local file inclusion, throughout the web and then exploits them for LFI

LFI-Hunter Searches for potentially vulnerable websites to local file inclusion, throughout the web and then exploits them for LFI A script written in

Anukul Pandey 6 Jan 30, 2022
Log4Shell RCE Exploit - fully independent exploit does not require any 3rd party binaries.

Log4Shell RCE Exploit fully independent exploit does not require any 3rd party binaries. The exploit spraying the payload to all possible logged HTTP

null 258 Jan 2, 2023
log4j2 dos exploit,CVE-2021-45105 exploit,Denial of Service poc

说明 about author: 我超怕的 blog: https://www.cnblogs.com/iAmSoScArEd/ github: https://github.com/iAmSOScArEd/ date: 2021-12-20 log4j2 dos exploit log4j2 do

null 3 Aug 13, 2022
Tinyman exploit finder - Tinyman exploit finder for python

tinyman_exploit_finder There was a big tinyman exploit. You can read about it he

fish.exe 9 Dec 27, 2022
Discord-email-spammer-exploit - A discord email spammer exploit with python

Discord-email-spammer-exploit was made by Love ❌ code ✅ ?? ・Description First it

Rdimo 25 Aug 13, 2022
Dahua IPC/VTH/VTO devices auth bypass exploit

CVE-2021-33044 Dahua IPC/VTH/VTO devices auth bypass exploit About: The identity authentication bypass vulnerability found in some Dahua products duri

Ashish Kunwar 23 Dec 2, 2022
A simple automatic tool for finding vulnerable log4j hosts

Log4Scan A simple automatic tool for finding vulnerable log4j hosts Installation pip3 install -r requirements.txt Usage usage: log4scan.py [-h] (-f FI

Federico Rapetti 20018955 6 Mar 10, 2022
Exploit for CVE-2017-17562 vulnerability, that allows RCE on GoAhead (< v3.6.5) if the CGI is enabled and a CGI program is dynamically linked.

GoAhead RCE Exploit Exploit for CVE-2017-17562 vulnerability, that allows RCE on GoAhead (< v3.6.5) if the CGI is enabled and a CGI program is dynamic

Francisco Spínola 2 Dec 12, 2021
This exploit allows to connect to the remote RemoteMouse 3.008 service to virtually press arbitrary keys and execute code on the machine.

RemoteMouse-3.008-Exploit The RemoteMouse application is a program for remotely controlling a computer from a phone or tablet. This exploit allows to

Podalirius 25 Dec 4, 2022