Skip to content
/ Android-Malware Public

Android devices using ADB via the Shodan API. It prompts the user for a command payload, then establishes TCP connections to devices with open ADB ports. It retrieves outputs like SSH credentials and IMEI numbers, saves SSH credentials to a file, and handles exceptions gracefully while allowing simultaneous device processing through threading.

9 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

SleepTheGod/Android-Malware

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

9 Commits
README.md
README.md
 
 
main.py
main.py
 
 
requirements.txt
requirements.txt
 
 

Repository files navigation

Proof of concept

ADB ANDROID MALWARE POC FOR RESEARCH AND DEVELOPMENT ONLY DO NOT USE THIS TO INFECT DEVICES THAT IS A CRIME!

The script connects to Android devices using the Android Debug Bridge (ADB) through the Shodan API, which searches for devices with open ADB ports. It starts by importing necessary libraries and initializing the Shodan API with a key. The user is prompted to enter a command payload to execute on the devices. The adb_connection function establishes a TCP connection to the specified device, executes the given command, and retrieves output such as SSH credentials and the device's IMEI number. It also attempts to dump the kernel log, which can contain sensitive information. Any found SSH credentials are saved to a file. The main function, search_and_execute, searches for devices with open ADB ports and creates a new thread for each connection, allowing multiple devices to be processed simultaneously. It handles exceptions to ensure that errors are reported without crashing the script.If you want to specify versions, you can run pip freeze after installing the packages to see the versions currently in your environment, and then adjust the file accordingly. Here’s a command to create the requirements.txt directly from your current environment by typing pip freeze > requirements.txt

Android Malware Script

This Python script connects to Android devices using the Android Debug Bridge (ADB) through the Shodan API. It retrieves sensitive information and executes commands on devices with open ADB ports.

Features

  • Searches for devices with open ADB ports using Shodan.
  • Executes user-defined command payloads.
  • Retrieves and saves SSH credentials and IMEI numbers.
  • Handles multiple connections concurrently with threading.

Requirements

To run this script, you'll need to install the required dependencies. You can do this by running:

pip install -r requirements.txt

Usage Clone the repository

git clone https://github.com/SleepTheGod/Android-Malware.git
cd Android-Malware

Open the main.py file and replace the placeholder for the Shodan API key with your actual key.

Run the script

python main.py

Enter the command you want to use as the payload when prompted.

Note This script is intended for educational purposes only. Ensure you have permission to access any devices you connect to.

THE CREATOR OF THIS REPO IS NOT RESPONSIBLE for any actions taken with this repository or script.

About

Android devices using ADB via the Shodan API. It prompts the user for a command payload, then establishes TCP connections to devices with open ADB ports. It retrieves outputs like SSH credentials and IMEI numbers, saves SSH credentials to a file, and handles exceptions gracefully while allowing simultaneous device processing through threading.

Resources

Readme
Activity

Stars

9 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages