adb - A tool that allows you to search for vulnerable android devices across the world and exploit them.

Overview


adb - An exploitation tool for android devices.

A tool that allows you to search for vulnerable android devices across the world and exploit them.

Version

Features

Features:
  - Post-Exploitation modules to control and tinker with the device you are connected to.
  - Scanners to search for vulnerable android devices across the world to exploit.
  - Options for managing how many devices you have connected.
  - Options for checking whether the devices you are connected to are online or offline.
  - IP-Lookup for retrieving information on a certain IP.
  - Options to dump the IP Addresses of the vulnerable android devices. [This makes your life easier so you dont have to find it yourself]

Getting the required API keys

Create an account on censys.io and then go to your account page and get your free api_id and api_secret key and open 'adbnet.py' and edit in your api id and api key here:

image

Create an account on shodan.io and go to your account to get your free api key, once you have it copied, open 'adbnet.py' and edit in your api key here: image

Simple Tutorial

First, run the 'dump shodan' or 'dump censy' (dump shodan is recommended) command to 
dump the IP addresses of the vulnerable devices.

Then, after you find an IP-address you want to try, run the 'connect' command and you will be prompted to enter
the target IP address, once you enter the target ip address, you will be prompter to enter the port. For the port,
you can try entering '5555' or '4444' since those are the most common ports. If you want, you can try finding the
specific port yourself, but it might take some time.

Now AdbNet will now try to connect to the vulnerable android device.
If it fails to connect, try another IP.

If you manage to connect to a device, now you can check if you are really connected by using the 'devices' command.

< Warning! > You can only be connected to one device at a time! To kill the sessions use the 'killall' command! < Warning! >

To open a shell and execute commands on the device, use the 'terminal' command.

To run post-exploitation modules, run the 'post' command for the post-exploitation menu to load. Then, you
can run any module you like.

REMEMBER: IF YOU WANT TO CONNECT TO A DIFFERENT DEVICE, RUN THE 'killall' COMMAND, AND REPEAT THE PROCESS AGAIN.

Installation/How To Run

sudo apt install pq
sudo apt install adb
pip3 install colorama
pip3 install requests
python3 adbnet.py or python adbnet.py or py adbnet.py

TIP: For people that are new to this, if you are having issues install a certain python module, just do this: pip3 install 

Screenshots

image image

Credits

https://github.com/0x1CA3

Contributions 🎉

All contributions are accepted, simply open an Issue / Pull request.
Trustme: #1 quality TLS certs while you wait

trustme: #1 quality TLS certs while you wait You wrote a cool network client or server. It encrypts connections using TLS. Your test suite needs to ma

479 Dec 27, 2022
RDP Stealer

RDP Stealer RDP Stealer by lamp Require Python How To Use Download This Source Extract The Zip File Change webhook url Convert to exe send to target I

Lamp 14 Nov 26, 2022
PoC for CVE-2021-26855 -Just a checker-

CVE-2021-26855 PoC for CVE-2021-26855 -Just a checker- Usage python3 CVE-2021-26855.py -u https://mail.example.com -c example.burpcollaborator.net # C

Abdullah AlZahrani 17 Dec 22, 2022
ProxyShell POC Exploit : Exchange Server RCE (ACL Bypass + EoP + Arbitrary File Write)

ProxyShell Install git clone https://github.com/ktecv2000/ProxyShell cd ProxyShell virtualenv -p $(which python3) venv source venv/bin/activate pip3 i

Poming huang 312 Dec 09, 2022
AnonStress-Stored-XSS-Exploit - An exploit and demonstration on how to exploit a Stored XSS vulnerability in anonstress

AnonStress Stored XSS Exploit An exploit and demonstration on how to exploit a S

صلى الله على محمد وآله 3 Jun 22, 2022
Multi Brute Force Facebook - Crack Facebook With Login - Free For Now

✭ SAKERA CRACK Made With ❤️ By Denventa, Araya, Dapunta Author: - Denventa - Araya Dev - Dapunta Khurayra X ⇨ Fitur Login [✯] Login Cookies ⇨ Ins

Dapunta ID 26 Jan 01, 2023
Log4jScanner is a Log4j Related CVEs Scanner, Designed to Help Penetration Testers to Perform Black Box Testing on given subdomains.

Log4jScanner Log4jScanner is a Log4j Related CVEs Scanner, Designed to Help Penetration Testers to Perform Black Box Testing on given subdomains. Disc

Pushpender Singh 35 Dec 12, 2022
A windows post exploitation tool that contains a lot of features for information gathering and more.

Crowbar - A windows post exploitation tool Status - ✔️ This project is now considered finished. Any updates from now on will most likely be new script

29 Nov 20, 2022
Let's you scan the entire internet in a couple of hours and identify all Minecraft servers on IPV4

Minecraft-Server-Scanner Let's you scan the entire internet in a couple of hours and identify all Minecraft servers on IPV4 Installation and running i

116 Jan 08, 2023
Password-Manager - This app can generate ,save , find and delete passwords.

Password-Manager This app can generate ,save , find and delete passwords. In the StartUp() Function , there are three buttons to choose from : Generat

1 Jan 01, 2022
🎻 Modularized exploit generation framework

Modularized exploit generation framework for x86_64 binaries Overview This project is still at early stage of development, so you might want to come b

ᴀᴇꜱᴏᴘʜᴏʀ 30 Jan 17, 2022
logmap: Log4j2 jndi injection fuzz tool

logmap - Log4j2 jndi injection fuzz tool Used for fuzzing to test whether there are log4j2 jndi injection vulnerabilities in header/body/path Use http

之乎者也 67 Oct 25, 2022
CVE-2022-22965 : about spring core rce

CVE-2022-22965: Spring-Core-Rce EXP 特性: 漏洞探测(不写入 webshell,简单字符串输出) 自定义写入 webshell 文件名称及路径 不会追加写入到同一文件中,每次检测写入到不同名称 webshell 文件 支持写入 冰蝎 webshell 代理支持,可

东方有鱼名为咸 53 Nov 09, 2022
WinRemoteEnum is a module-based collection of operations achievable by a low-privileged domain user.

WinRemoteEnum WinRemoteEnum is a module-based collection of operations achievable by a low-privileged domain user, sharing the goal of remotely gather

Simon 9 Nov 09, 2022
Collection Of Discord Hacking Tools / Fun Stuff / Exploits That Is Completely Made Using Python.

Venom Collection Of Discord Hacking Tools / Fun Stuff / Exploits That Is Completely Made Using Python. Report Bug · Request Feature Contributing Well,

PndaBoi 25 Dec 06, 2022
Mips script decompiles MIPS assembly instructions & bot functionality

mips mips is a python-based script that decodes MIPS instructions. Usage cd into mips and run python decode.py command or open decode.py to run the sc

Anthony Tedja 0 Mar 30, 2022
Writeups for wtf-CTF hosted by Manipal Information Security Team as part of Techweek2021- INCOGNITO

wtf-CTF_Writeups Table of Contents Table of Contents Crypto Misc Reverse Pwn Web Crypto wtf_Bot Author: Madjelly Join the discord server!You know how

6 Jun 07, 2021
Make files with as many random bytes as you want

Lots o' Bytes 🔣 Make files with as many random bytes as you want! Use case Can be used to package malware that is normally small by making the downlo

Addi 1 Jan 13, 2022
MD5-CRACKER - A gmail brute force app created with python3

MD5-CRACKER So this is my first app i created with python3 . if you guys downloa

2 Nov 10, 2022
A curated list of amazingly awesome Cybersecurity datasets

A curated list of amazingly awesome Cybersecurity datasets

758 Dec 28, 2022