Easily attack Android phones with ADB and settings command-line tools

Source: Internet
Author: User

Starting with 4.2, Android provides a command line tool settings. This tool is used to help construct the Settingprovider client Agent, which makes it easy to read and set the system settings.
But this tool, together with ADB, poses a great threat to Android security. Because the UID is the shell when executing settings through ADB, the shell has a lot of privileges.

Of course, the root of the problem is that the ADB's shell is too high, after all, even without settings the tool (or no/system/framework/settings.jar file), ADB users can construct programs/scripts like this. But now that the Android provides the tool, such a security intrusion will become exceptionally simple.

Here are a few examples to illustrate when the user opens the ADB after the connection to the computer, may be caused by the user's mobile phone security violations.
Note 1: For Nexus phone native Android-5.0, different phone ROMs have different settings.
NOTE 2: Please turn on the phone ADB debug mode First and make sure that the ADB command executes normally.

1) Modify whether to "allow apps from other sources other than the play Store" to be installed.
Disable this option in your phone settings, where the action path is "settings", "Security", "unknown Source"
Then execute the following command:
$ adb shell settings put secure INSTALL_NON_MARKET_APPS1  
Exit settings, enter again, and find "unknown source" enabled. In this way, third-party malicious applications may be successfully installed.

2) intercept user text messages.
Starting with Android 4.4, the default SMS program can be set by the user to take over the sending and receiving of the system SMS. For installed third-party SMS programs, the user must manually specify to work. With this vulnerability, ADB can directly designate a third-party SMS application without the user's confirmation.

See the SMS program in the phone settings, the action path is "settings", "More", "Default SMS App", if not modified, it should be "hangouts."

For example, first install a SMS application: Gosmspro.
Then execute the following command:
$ adb shell settings put secure sms_default_applicationcom.jb.gosms  
Exit settings, enter again, find "Default SMS App" has become "GO SMS Pro". If an attacker uses step 1 to modify the allowed unknown source, and then secretly install an SMS or spamming program through the ADB, then the text messaging is not controlled by the user.
In some countries and regions, SMS interception and fraud is a very pervasive thing, so it has to be said to be a very dangerous thing.

In addition, various Internet PC clients will often use the ADB to monitor and manipulate the Android phone connected to the computer. Even the most well-known internet companies, using such tools, can change a lot of tricks to manipulate users ' phones.



Easily attack Android phones with ADB and settings command-line tools

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.