Skip to main content

Mass Hacking Android Phones

Hacking Android Phones

Slack Group

Before we get started I have started a new slack group dedicated to hacking. We welcome everyone from beginner to advanced to join. I will be on everyday answer questions, doing CTFs, and talking about cool hacks. If you enjoy hacking and are looking for like minded people join below:

NEW Hacking Group Slack Channel

Notice

ALL TESTS WERE PERFORMED ON MY OWN DEVICES
I HAVE NOT AND WILL NOT USE THIS KNOWLEDGE TO HACK OTHER PEOPLES DEVICES

Introduction

Its January 13th, 2019 and for some reason im thinking about mass hacking phones, so naturally I turn to the internet to see what I can discover. I noticed one particular article that talked about how a worm is exploiting Android Debug Bridge to hack thousands of Android phones(Android Hacking Article ).

Iv never heard of the Android Debug Bridge but apparently certain phone manufactures like to enable it and expose peoples devices to the world. 

Technical Details 

Intro

Android Debug Bridge(ADB) is a versatile command-line tool that lets you communicate with a device. The adb command facilitates a variety of device actions, such as installing and debugging apps, and it provides access to a Unix shell that you can use to run a variety of commands on a device. 

So basically what that means is that we connect to ADB and we get a shell. This might sound like telnet or SSH and it kind of is, except you don't need a password to connect to the device. Yes thats right you simply connect to the device unauthenticated and get a shell back. This normally isnt an issue because ADB is not meant to be accessible over wifi, developers are suppose to connect to the device over a USB. However, there is an option to open port 555 to connect to the device over wifi. Of course manufactures are enabling this feature for debugging purposes but they are forgetting to disable it leaving your device open to malicious hackers. More information about ADB can be found below:

Recon

Searching on Shodan we can find plenty of devices that expose the Android Debug Bridge ,25,507 to be exact. As you can tell the vast majority of these devices can be found in Asia with Taiwan, Korea, and China being impacted the most.

Shodan ADB results
Not all of these devices are phones, for example I managed to find some amazon firestick devices as well. These are used to control your TV and with the recent Chromecast hack im not surprised to see these.
Samsung Phone

The Attack

This attack is really basic to pull off. All you need to do is connect to the device over the ADB port. If your on linux you can download ADB by typing: 

  • apt-get install adb
Now that you have downloaded and installed ADB you can connect to the device by issuing the following command:
  • adb connect device_ip_address

Once connected to the device you can do anything you want by issuing the SHELL command as shown below:

  • adb shell <YOUR COMMAND>
ADB device

Thats it, you literally just connect to the device and you can feed it shell commands. This is equivalent to having SSH without a password. The fact that these phones are being shipped like this my default is very scary. The vast majority of these users have no idea that their phone is open to any one. A malicious actor could easily hack all of these devices to install malware. They could read your text messages, listen to your phone calls, ransomware your device and much more. 

Conclusion

With all the government surveillance it is really sad to see how easy it would be for them to install malware on your phone and watch your every thought and movement. Phone manufactures are shipping these vulnerable devices to customers and exposing their device to the world. There is no reason for phone manufactures to enable ADB over wifi, especially if you cant remember turn it off. The fact that this takes zero technical skill to pull of is what makes it so devastating. The attack is so easy a cave man can do it. 

Comments

Popular posts from this blog

Hacking Books

Best Hacking Books List Slack Group Before we get started I have started a new slack group dedicated to hacking. We welcome everyone from beginner to advanced to join. I will be on everyday answer questions, doing CTFs, and talking about cool hacks. If you enjoy hacking and are looking for like minded people join below: NEW Hacking Group Slack Channel If you want to get really good at something its best to have some sort of mentor. Reading the words that smart people have written down can be just has good as talking to them one on one. I have create a list of some of the best hacking books I know of which can be bought on amazon by following the provided links. If you were to read all of the listed books you would with out a doubt become a PRO. Beginner The Basics of Hacking and Penetration Testing: Ethical Hacking and Penetration Testing Made Easy Basic Security Testing with Kali Linux 2 Hash Crack: Password Cracking Manual (v2.0) Nmap Network Scanning: The Official ...

Hacking IOT: Google Chromcast

Hacking Google Chromcast Slack Group Before we get started I have started a new slack group dedicated to hacking. We welcome everyone from beginner to advanced to join. I will be on everyday answer questions, doing CTFs, and talking about cool hacks. If you enjoy hacking and are looking for like minded people join below: NEW Hacking Group Slack Channel Introduction Its January 2nd, 2019 and like I always do I was checking my news feed and noticed an article about how some malicious hacker attacking chromcast which resulted in their TV being forced to render unwanted content ( News Article ). Message hacker left on TVs This peaked my interest so I set out discover how the hacker accomplished this. Technical Details  Recon According to the internet the definition of chromcast is a streaming media adapter from Google that allows users to play online content such as videos and music on a digital television .   At the time of writing this po...