Android USB Debugging + Meterpreter Shell

Hello friend. Today We gonna discuss about risk of USB Debugging and how hacker will use your android smart phone to get your details through meterpreter shell over WIFI and hacker will install shell apk without knowing user reason is you turn on USB Debugging mode :)

What is USB Debugging?

A developer mode in Android phones that allows newly programmed apps to be copied via USB to the device for testing. Depending on the OS version and installed utilities, the mode must be turned on to let developers read internal logs. See Android.

No more talk. Let’s start

Step 01:

Connect target phone just for 5 seconds via USB. Today I’m gonna use Oneplus 3T smartphone for demonstration

start port 5555 on device

Now you open port of target device and plug it off. Now you can connect with phone via WIFI network without any physical devices.

connect target device over WIFI

Now you successfully connect with target device with 5555 port.

connect over shell into device

As you can see in upper image we IN :)

Now we need make server which can gather information such as running process and etc. Using Frida Framework make it easier.

Before you start, you will need to root your device in case you haven’t done so already. It is technically also possible to use Frida without rooting your device, for example by repackaging the app to include frida-gadget, or using a debugger to accomplish the same. But, for this introduction we’re going to focus on the simplest case: a rooted device.

Also note that most of our recent testing has been taking place on a Pixel 3 running Android 9. Older ROMs may work too, but if you’re running into basic issues like Frida crashing the system when launching an app, this is due to ROM-specific quirks. We cannot test on all possible devices, so we count on your help to improve on this. However if you’re just starting out with Frida it is strongly recommended to go for a Pixel or Nexus device running the latest official software, or a device whose software is as close to AOSP as possible. Another option is using an emulator, ideally with a Google-provided Android 9 emulator image for arm or arm64. (x86 may work too but has gone through significantly less testing.

You can download Frida-Server:

Link — https://github.com/frida/frida/releases

Now push frida-server into mobile phone via adb over WIFI.

push frida server into mobile device

after you push into mobile device give chmod 755 in there and execute it with following command

execute frida-server on mobile over WIFI

If you successfully done with these steps frida-server should be execute and you can check with this command using

check running process on mobile device

We in :) Now you should try to create meterpreter payload with msfvenom.

create android meterpreter payload

Install payload via ADB shell over WIFI network. Process will be start without knowing target user.

install evil.apk into mobile device

Now no need to wait until user open it. You can manually execute application with frida-server and take reverse shell without knowing victim.

check payload.apk process name

In upper image you can see verification command that payload install successfully or not.

Now boooom moment

Happy Hacking :) Hope you enjoy and I prefer USB Debugging its not Safe :)