[Introduction to IOV Security]2. Common ADB commands for Android security

Welcome new students
... ...
If a man has no name, he can concentrate on sword practice

I am not a salty fish, but a dead one!

0x01 ADB command (primary)

  • View active information for the current application
adb shell dumpsys activity top
# Print out the four components that run all applications in the system
adb shell dumpsys >> info.txt
start info.txt
  • View details of the specified package name application
adb shell dumpsys package  xxx

Or enter adb shell Use the following command
dumpsys package xxx
# Empty application data
adb shell pm clear xxx
  • View memory information for the specified process name or process id
adb shell dumpsys meminfo   xxx
  • View database storage information (including stored SQL statements) applied by the specified package name
adb shell dumpsys dbinfo xxx
  • Install application package apk file
adb intall  xxx.apk

adb install test.apk -r Override installation, preserve data and cache files  -d Solve low versions version problem  -s install apk reach sd card
  • Uninstall application
adb uninstall  xxx.apk

adb uninstall -k <package_name>

Optional parameters-k Used to uninstall software but keep configuration and cache files

adb shell
      cd data/app
      rm apk package
      exit
      adb uninstall apk The primary package name of the package
      adb install -r apk package
  • Delete System Application
adb remount (Remount the system partition to make it writable)
      adb shell
      cd system/app
      rm *.apk
  • Place files on the device locally
adb pull  File Path in Target System(a.txt)  The path the local system will store for removal(a.txt)   
  • Place local files on the device
adb push  File Path in Local System(a.txt)    Path to store in target system(a.txt)   
  • Screenshot Operation
adb shell screencap -p /sdcard/test.png
adb pull /sdcard/test.png  D:\img\
start D:\img\test.png
  • Video recording operation
adb shell screenrecord /sdcard/test.mp4
  • Enter text content
adb shell input text 'xxx'
  • Port forwarding for devices
adb forward [(Remote End) Protocol: Port Number] [(Device Side) Protocol: Port Number]
adb forward tcp:23946 tcp:23946
adb forward tcp:8700 jwdp:1786
  • View the process number of an application in the device that can be debugged
adb jdwp
  • View current log information
adb logcat

Usage 1:adb logcat -s tag
 case: adb Logcat -s fb

Usage 2:adb logcat |findstr pname/pid/keyword
 case: adb Logcat |findstr cn.test.demo

Or enter adb shell Use the following command
Logcat grep tencent
  • View package name application sandbox data in specified debug mode in non-root devices
run-as cn.test.demo
  • View process information for the device, or specify thread information for the process
ps | grep Filter content
ps | grep cn.test.demo
ps -t 19977
  • Empty data applied by specified package name
pm clear  grep cn.test.demo
  • Install the apk file on the device
pm install /sdcard/test.apk
  • Application in unloading equipment
pm uninstall cn.test.demo
  • Application in Startup Device
am start -n [Package( package)name]/[Package Name].[Activities ( activity)Name]
am start -n com.androidtest/com.androidtest.test
  • Start a service
am startservice -n [package (package) name]/[Package Name].[Services ( service)name]
am startservice -n com.androidtest2/com.androidtest.test2
  • Send a broadcast
am broadcast -a [Broadcast Action]
  • View the ip address of the device
netcfg
  • View port number information for the device
netstat
  • Run Java code (special scenarios use the dx command to convert dex files into jar packages)
app_process [Run Code Directory] [Run Main Class]

export CLASSPATH=/data/test.jar
exec /system/bin/app_process /data/cn.test.main
  • Run a dex file
dalvikvm -cp [dex file] [Run Main Class]
dalvikvm -cp /data/test.dex cn. Widiankong Main
  • View CPU consumption information for the current application
top [-n/-m/-d/-s/-t]

-m // Maximum number of processes to display
-n // Refresh Number
-d // Refresh interval (default 5 seconds)
-s // Sort by which column
-t // Display thread information instead of processes
  • View system property values
getprop [Property Value Name]
  • Use aapt to manipulate the apk command (view information in the apk and edit the apk package)
aapt dump xmltree [apk package] [Resource Files to View xml ]
  • Operate dex commands with dexdump (see the details of the dex file)
dexdump [ dex File Path]
  • View the current process's memory load (see the current process's memory mapping information, such as which so files are loaded, dex files, and so on)
cat /proc/[pid]/maps

Usage: cat /proc/663/maps
  • View status information for a process
cat /proc/[pid]/status

Usage: cat /proc/663/status
  • View the port number information used by the current application
cat /proc/[pid]/net/tcp/tcp6/udp/udp6

Usage: cat /proc/663/net/tcp/tcp6/udp/udp6

0x02 ADB command (secondary)

  • View connected devices
adb devices
  • Get root privileges on mobile phones
adb root
  • Remount the system partition to make it writable
adb remount
  • Enter the Shell interface of the mobile device
adb shell

abd shell -s Simulator Numbering Command
  • Starting and shutting down ADB services
# Shut down services
adb kill-server

# Start Services
adb start-server
  • adb help command
adb help
  • View bug reports
adb bugreport
  • Record Wireless Communication Log
adb shell
logcat -b radio
  • Get the ID and serial number of the device
adb get-product
adb get-serialno
  • Accessing database SQLite3
adb shell
sqlite3
  • Enter the specified folder in the system
cd system/sd/data

#ls //list shows current folder contents
#Rm-r xxx //Delete a folder named xxx and all its files
#rm xxx //Delete file xxx
#rmdir xxx //Delete xxx folders
  • Light up the screen
adb shellinput keyevent 80
  • View adb version
adb version
  • Rehanging a system partition as a read-write partition is important when operating system directories
adb remount
  • Restart the device, optional parameters into bootloader (brush mode) or recovery (recovery mode)
adb reboot bootloader
adb reboot recovery
  • Kill a process, typically used to simulate a bug recurrence
adb shell kill pidNumber

# List processes and their PIDs
adb shell ps

# View specified process information
adb shell ps -x pid
  • View maximum memory limit for a single application
adb shell getprop | grep heapgrowthlimit

The result is 128 M: [dalvik.vm.heapgrowthlimit]: [128m]

That is to say Dalvik Heap size Maximum value exceeds 128 M,Is likely to happen OOM
  • View sdk version
adb shell getprop | grep version
  • View device model information
adb shell getprop | grep product
  • Get the serial number
The serial number you get is adb devices Listed serial number

adb get-serialno
  • View wifi password (root privilege required)
adb shell cat data/misc/wifi/*.conf
  • View wifi_mac
adb shell cat /sys/class/net/wlan0/address
  • View background services information
adb shell service list
  • ADB Recording Screen Command
adb shell screenrecord /sdcard/test.mp4
  • Phone
adb shell am start -a android.intent.action.CALL -d tel:10086
 Stop Applying
adb shell am force-stop package
 View Current Activity Name
adb shell dumpsys activity | findstr "mFocusedActivity"
  • move file
adb shell mv /sdcard/1.txt /sdcard/2.text
 Moving files in the same directory is equivalent to renaming files

Reference link:

https://cloud.tencent.com/developer/article/1797357

https://zhuanlan.zhihu.com/p/43731848

I laughed to the sky from my cross knife, leaving two Kunluns of liver and gallbladder

Tags: Cyber Security penetration test Information Security

Posted on Sat, 20 Nov 2021 22:26:05 -0500 by tazgalsinh