Android Post Exploitation: Exploit ADB using Ghost Framework in Kali Linux

This article is the part of Android Hacking tutorial; it covers step by step guide to exploit Android ADB to get the persistent connection back to the attacker machine. You can use the Kali Linux as an attacker machine, exploit the ADB, and setup the Backdoor channel after hacking android devices.

Exploit Android ADB using the Ghost Framework

The ghost framework is not a hacking tool, and we are not hacking the android device. Ghost Framework is an Android post-exploitation framework that exploits the Android Debug Bridge to access an Android device remotely. So, this is a post-exploitation tool that gives a persistent connection and works as a backdoor.

If you are interested in hacking an android, then you should see this video. And, then come back to learn about persistent connection and backdooring.

So, what is ADB? ADB or Android Debug Bridge, is a feature or command-line tool released by the Android to connect and operate Android-based devices remotely. But, the hackers exploit this feature and connect the hacked android devices remotely.

Exploit Android ADB using the Ghost FrameworkADB allows you to do things on an Android device that may not be suitable for everyday use, For example, you can install apps outside of the Play Store (waoooo; it means you can install whatever you want to), it also gives access to the hidden features, and bring up a Unix shell so you can issue commands directly on the device.  I mean, you own it.

Install Ghost Framework in Kali Linux

Let’s start by installing the ghost in the Kali Linux. You can download or simply clone it using the git command.

git clone https://www.github.com/entynetproject/ghost.git

Install Ghost Framework in Kali LinuxAfter downloading, we need to get into the directory.

cd ghost

ls

There you can see all the files and directories. We need this install script to install the program.

./install.sh

install shNow, the installation is complete, let’s run the program.

./ghost

ghostThis ghost framework shares the similar commands to the Metasploit. So, we can execute those commands; for example, help to see all the options.

Help

So, there you can see all the commands with a brief description.

Now let’s use the connect command to connect the remote android device as I said that it exploits ADB. So, make sure that the ADB port 5555 is open.

ADB enabled deviceIf you have hacked this device; then simply open the port.

So, demonstration I will look into the shodan for ADB enabled device.

And, then pick an IP to connect.

connect IP

connect IPNow we are connected; it means we got another session, and we can reconnect to the hacked device again, as long as the port is open.

Now, we can do many things. For example, we can record the screen of the phone; we can install or uninstall an app. We can also do port forwarding to create any other reverse connection. So, many things. Even we can remove the device password.

So, let’s check the app list. Sys info, and many things can be done. But, the most important thing is to install your backdoor (since you have the ability now); install your backdoor for future and persistent connection.

for future and persistent connectionSo this is how the ghost framework exploits the Android ADB and gives another persistent connection to any android phone remotely. If you want to hack or get access to Android over WAN, then you should follow this tutorial.

 

Ehacking Staff
With more than 50 global partners, we are proud to count the world’s leading cybersecurity training provider. EH Academy is the brainchild of Ehacking, which has been involved in the field of training since the past Five years and continues to help in creating professional IT experts.

Most Popular

Security Against Hacks: A Simple Game of Economics

One of the cold hard truths behind cybersecurity is that it's impossible to prevent a hack 100% of the time. It only takes one...

Certain Things That You Must Know About Microsoft MS-500 Exam and Its Practice Tests

If you want to be a Microsoft 365 security administrator, then there would be a number of responsibilities that will fall on your shoulders,...

Quick Ways to Avoid Being Watched by the NSA’s PRISM Program

Big brother is on the watch online. Today, a week hardly passes without news of government spying, whistleblowers, cell phone hacking, or even private photos...

Android Post Exploitation: Exploit ADB using Ghost Framework in Kali Linux

This article is the part of Android Hacking tutorial; it covers step by step guide to exploit Android ADB to get the persistent connection...

LOOKING FOR HACKING RECIPES FORM THE PRO?

Then sign up for FREE to the ehacking’s exclusive group. You will get the exclusive tips/tricks, tutorials, webinars & courses that I ONLY share with my fellow on this exclusive newsletter.