ANDROID MOBILE HACKS WITH ANDROID DEBUG BRIDGE(ADB) — Part I

Before knowing the process, you must understand android architecture. On how android applications work or how Linux kernel provide services to the upper layer, all these concepts are the part of ethical hacking and mobile hacking courses offered by International Institute of Cyber Security. Actually, hardware components is the low level layer which provide services to the Linux Kernel which then connects hardware components to its required driver.

Android Architecture -

Hardware Components :-

• Hardware components interacts with the drivers to interact with the upper layers. When any signal is received from any end-user application, this layers converts signal from hardware devices to soft layers. For eg. — calling system. Same way Cameras, Wifi, Antenna’s, & other devices works. Mostly Android uses ARM processors.
• ARM is used to design architectures & instruction sets which is then gives licenses to chip manufactures companies. Who designs the chips for mobiles. For ex — Qualcomm sells Snapdragon which is now seen is most android devices is the popular chip manufacturing company.
• Some another companies like — Mediatek, ARM, Qualcomm Snapdragon, AMD, Nvidia, Samsung, IBM, Broadcom INC & Intel which create chips specially for computes.

• ARM is based on RISC (reduced instruction set computer) which is designed to perform million of instructions at higher speed. Since instruction requires fewer transistors which make them cheaper to design & produce.
• Most of the instructions are completed in one cycle, which can allow processor to handle more instructions at same time.

Linux Kernel :

• Linux kernel is main component which is responsible for connecting with android libraries, android framework, end-user applications. Linux kernel act like level of abstraction (Level of Abstraction — the highest level with less details & lowest level with high details). It is important to note that android runs entirely on Linux kernel.
• For checking Linux kernel version in any android mobile. Go to About Phone/ About Device section in settings. There you will see Linux kernel version.

Android debug bridge (adb)

• Client — Client is used to interact by sending an commands to adb. Here we can use computer as client by connecting it with mobile.
• Daemon (adbd) — Daemon runs the command on mobile. It provides service for the objects which are running.
• Server — Server manages the communication & services between daemon & the client. Server runs on background process on your mobile.

For Accessing ADB (Android Debug Bridge) :-

• From mobile — Use Terminal Emulator application for accessing android shell. Download the application : https://play.google.com/store/apps/details?id=jackpal.androidterm&hl=en_IN
• For using all features of android shell. Your mobile must rooted.
• Ensure that terminal emulator application is granted in Superuser.apk or Kingoroot superuser.apk
• Type adb root for getting root access in terminal emulator.
• ADB From computer — Download the file on your computer for accessing mobile using ADB from your computer: https://forum.xda-developers.com/showthread.php?t=2588979
• Download version 1.3. Install & run the program. Enter Y & press enter.
• Install adb & your computer will be configured to run adb shell in windows command prompt.
• For running open cmd as administrator.
• Connect your device with computer. Make sure the device drivers are installed on your computer. For testing we are using rooted samsung galaxy grand neo plus I9060. Download driver for this model from : https://www.samsungusbdrivers.net/2017/02/samsung-galaxy-grand-neo-2014-usb.html
• Open CMD as administrator. Type adb devices
• Above screenshot shows the kernel version of your android mobile.
• Adb has lot more features. adb is even used while developing applications.

POWER OF ADB (ANDROID DEBUG BRIDGE)

Know the Wifi Password :-

• For knowing the password of connected wifi network.
• Enter the following command on the adb shell we got in the last steps- cat /data/misc/wifi/wpa_supplicant.conf Supplicant.conf stores the wifi password in plain text form.
• For security reasons we have hide the username & password.

Backup Your Files with adb :-

• Type adb backup -all -f E:\backup.ab
• -all will backup all configuration of your device.
• E:\backup.ab is the backup file.
• After entering above command. Press enter & pop up will appear in your mobile to encrypt that file with a password. enter the password.
• Above you can see that backup file has been saved in desired location. You can save different files. But it will only save the configuration of that application.
• Different formats:
• .apk will only save its configuration
• .obb will save obb files.
• .shared will save sd card files.

Restore Backup Files :-

Install Multiple Applications :-

• If you want to install multiple applications in your device. Enter following command.
• Type For %f in (E:\android_apps*.apk) do adb install “%f”

Copy Any Application From Your Phone :-

• First of all applications of your mobile. Enter adb shell pm list packages will list all the applications of your mobile.
• According to the ethical hacking researcher of iicybersecurity, you can use the to find any spy apps in your mobile phone.

• For extracting application type adb shell pm path com.package /data/app/com.sec.android.app.samsungapps-1.apk
• com.package- You can enter any package name.
• Enter the location of the application.
• For finding location. Open another cmd as administrator.
• Connect your device with adb. Type cd /data/app

Gather Information about the device :-

• This command show all the details of the device. Including running services, dump of blue in screen, account details & many other details of mobile.
• Type adb shell dumpsys or type adb logcat

• Above command shows lot of information about the device. This command can be used in gathering information which can help in many phases of cyber forensics.
• For searching any particular service. For ex — Type adb shell dumpsys battery

Linux Libraries/ Android Runtime :-

• Open GL Library — Its an cross platform application program used to create graphics.
• Webkit — Its provides the function to display web content to shorten the page load.
• Media Framework — This library provide to play or to record audio & video.
• Secure Socket Layer (SSL) — This library is used to provide internet security.

Originally published at https://www.securitynewspaper.com on July 30, 2019.