android adb连接
We’ve got a saying in Portuguese that it can roughly be translated to:
我们有葡萄牙语谚语,它可以大致翻译为:
The one who warns you, is your friend!
警告您的人是您的朋友!
That is commonly translated to English:
通常将其翻译成英文:
Forewarned is forearmed.
有备则无患。
I’ve added the expression first in Portuguese, to create an impact that I believe that gets a bit lost in translation. This article has two main goals:
我首先用葡萄牙语添加了该表达方式,以创造一种影响力,我认为该影响力在翻译中会有所损失。 本文有两个主要目标:
- To make you give a double check on your device debug mode configurations 为了使您仔细检查设备调试模式配置
- To keep in mind that, unfortunately, it sometimes easy for someone to access your device private data 请记住,不幸的是,有时有人容易访问您的设备私人数据
之前的一些信息 (Some information before)
ADB stands for Android Device Bridge. It’s a tool that allows you to communicate directly with your Android device giving you somewhat administration powers to the point that you can:
ADB代表Android Device Bridge。 此工具可让您直接与Android设备进行通信,从而赋予您一些管理权,使您可以:
- Install and/ or uninstall applications 安装和/或卸载应用程序
- Send and retrieve files to/ from your device 向您的设备发送文件或从中获取文件
- Take screen shots 拍摄屏幕快照
- etc. 等等
without rooting your device.
无需生根设备。
You can connect to your device via USB cable or, if you open your device port 5555, remotely.
您可以通过USB电缆连接到设备,或者,如果您打开设备端口5555,则可以远程连接。
亚行:矿工 (ADB: Miner)
Last year, I read this article by Kevin Beaumont:
去年,我读了Kevin Beaumont的这篇文章:
and at that time I didn’t give it the attention that I should have. I remember that I’ve tested my device to check if it was vulnerable and shared the article with some friends, but since no one complained I’d never given a second thought about it until recently.
那时我没有给予我应有的关注。 我记得我已经测试过我的设备以检查它是否易受攻击,并与一些朋友分享了这篇文章,但是由于没有人抱怨,直到最近我才再三考虑。
Briefly, Kevin talks about an exploit found on a large number of Android devices (not only smartphones but everything that runs the OS) that had the port 5555 open and with this anyone that knows that device external IP address could connect to it and basically do anything he wants since there’s no additional security mechanism here.
简而言之,凯文(Kevin)谈论了在许多开放了端口5555的Android设备(不仅是智能手机,还包括运行OS的所有设备)上发现的漏洞,并且任何知道设备外部IP地址都可以连接到该漏洞的人都可以这样做他想要的任何东西,因为这里没有其他安全机制。
This was initially identified on a worm that was continually scanning for TCP port 5555 and when it founded one open, it installed a third party application just by calling a command as simple as:
最初在蠕虫中识别出该蠕虫,该蠕虫不断扫描TCP端口5555,当它打开一个端口时,仅通过调用一个简单的命令就安装了第三方应用程序:
adb install [apk]
This application would then use the device resources to mine cryptocurrencies. This is done without the user even noticing it and unless he continuously checks the applications that he has installed, this malware app could keep running potentially for a long time.
然后,该应用程序将使用设备资源来挖掘加密货币。 做到这一点时,用户甚至不会注意到它,除非他不断检查自己已安装的应用程序,否则此恶意软件应用程序可能会长时间运行。
This attack will use the devices resources — you probably will notice that you’ll need to charge it more often or it’s becoming slower. In case it’s an Android TV, since it’s always connected, you might only notice the last one.
这种攻击将占用设备资源-您可能会注意到,您需要更频繁地充电,否则它会变得越来越慢。 如果是Android TV,则由于它始终保持连接状态,因此您可能只会注意到最后一个。
亚行权限 (ADB Permissions)
Android 6.0 introduced the concept of runtime permissions. In other words, in order for an application to access a functionality outside of its sandbox the user needs to explicitly give it permission. This will only give access to that group — so if you’ve just asked for the camera permission and need to access the location; you need to request it and the user needs to accept.
Android 6.0引入了运行时权限的概念。 换句话说,为了使应用程序能够访问其沙箱之外的功能,用户需要明确为其授予权限。 这只会授予该组的访问权限-因此,如果您只是要求获得摄像头许可并需要访问该位置,则为; 您需要请求它,而用户需要接受。
Although, this gives a lot more power to the user to select which applications can access to what functionalities, potentially giving him an extra layer of security; if it’s installed via ADB and not the Google Play Store, by using the correct flag all these permissions can be automatically granted:
虽然,这使用户有更多的能力来选择哪些应用程序可以访问哪些功能,从而可能给他带来额外的安全性。 如果是通过ADB而非Google Play商店安装的,则使用正确的标志可以自动授予所有这些权限:
adb install -g [apk]
亚行:数据隐私 (ADB: Data privacy)
In Kevin’s article the application will end up consuming the device resources; but as we could see above, due to the large set of functionalities of ADB this can drastically become worse. This is a list of commands that I’ve published a while back:
在Kevin的文章中,该应用程序最终将消耗设备资源。 但是正如我们在上面看到的那样,由于亚行功能丰富,这可能会变得更加糟糕。 这是我不久前发布的命令列表:
To be honest, this is what triggered me to write this article. Some weeks ago I was discussing this vulnerability and it was when I truly realised the impact that it can have on privacy.
老实说,这就是促使我写这篇文章的原因。 几周前,我在讨论此漏洞,那时我才真正意识到它可能对隐私产生的影响。
For instance, it’s fairly easy to take a screenshot of your screen:
例如,截取屏幕截图非常简单:
adb shell screencap [device/path/filename.png]
or even to record what you’re doing to a file:
甚至记录您对文件所做的操作:
adb shell screenrecord [device/path/filename.mp4]
This, along with the possibility to download these files locally can potentially show to an unwanted person what you’re doing with your device:
这以及在本地下载这些文件的可能性可能会向不需要的人显示您对设备的操作:
- Photos taken 拍摄的照片
- Messages exchanged 讯息交换
- etc. 等等
We use our devices for almost everything, if someone decides to record your screen sooner or later it will have some of your personal information at hand.
如果有人决定早晚录制您的屏幕,我们将在几乎所有设备上使用我们的设备,它将备有您的一些个人信息。
仔细检查您的ADB连接 (Double check your ADB connection)
Android has a strong level of security that gets continuously improved — both on the Google Play Store and on the Operating System itself. With each release, your application gets tightened when it needs to ask for additional permissions.
Android具有强大的安全性,并且会在Google Play商店和操作系统本身上得到不断提高。 对于每个发行版,您的应用程序在需要其他权限时都会变得越来越严格。
Nevertheless, the same does not happen on ADB — because, and to be honest here, we’re talking about more of a debugging mechanism instead of a vulnerability in the OS. Although, one can argue that it’s hidden in plain sight — you still need to know how to enable it; and even here to have the same level of access that’s described in this article you’ll need to open port 5555 to allow for remote access (and in some routers, you’ll even need to open this port to accept external requests).
但是,在亚行上却不会发生同样的事情-因为,老实说,在这里,我们谈论的更多是调试机制,而不是操作系统中的漏洞。 虽然,有人可以辩称它是隐藏的,但您仍然需要知道如何启用它。 即使此处具有与本文所述相同的访问级别,您也需要打开端口5555以允许远程访问(在某些路由器中,您甚至需要打开此端口以接受外部请求)。
I bet you’ve already asked this a couple of times: how do you know if your device is vulnerable?
我敢打赌,您已经问过几次:您如何知道您的设备是否容易受到攻击?
The easy way is to try to connect directly to it remotely:
简单的方法是尝试直接远程连接到它:
adb connect IP
Note: you can get the IP by just opening your browser and search for “what’s my public IP”.
注意:您只需打开浏览器并搜索“我的公共IP是什么”即可获取IP。
If you see a message saying that your connected to that IP it means that your device has:
如果您看到一条消息,说明您已连接到该IP,则表明您的设备具有:
- Debug options enabled 启用调试选项
- Port 5555 open 端口5555打开
Which means it can be potentially at risk.
这意味着它可能有潜在的风险。
如何禁用它? (How can I disable it?)
The most direct way is to go directly to:
最直接的方法是直接转到:
- Native Settings → System → Developer Options 本机设置→系统→开发人员选项
and disable this option.
并禁用此选项。
Note: depending on the Android device and Operating System this option might be on a different location — alternative, if your native settings has a search option, look for “debug”. To keep the debug mode option enable, but to disable the remote access just enter the following command:
注意:根据Android设备和操作系统的不同,此选项可能位于其他位置-或者,如果您的本机设置具有搜索选项,请查找“调试”。 要使调试模式选项保持启用状态,但要禁用远程访问,只需输入以下命令:
adb usb
And to enable it again just enter:
并再次启用它,只需输入:
adb tcpip 5555
我为什么写这个? (Why I’ve written this?)
Awareness.
意识。
We often neglect data privacy — I see a lot of applications in the Google Play Store that ask for permissions that don’t seem necessary to that application feature set — and if one can argue that it can be for something really specific or something forgotten during development; truth to be said, almost every week there are new stories about data that gets released unwillingly.
我们经常忽略数据隐私-我在Google Play商店中看到很多应用程序要求获得该应用程序功能集似乎不必要的权限-以及是否有人可以说这可能是针对某个特定内容或在此期间被遗忘的内容发展 实话说,几乎每个星期都有关于数据的新故事被不情愿地发布。
ADB is usually used on devices that belong to developers and testers, ideally in a closed environment — meaning that if someone is on a different network it won’t be able to connect to it. The bigger problem here is that there are devices that are being shipped with these options enabled by default. When you buy a new device, it’s not something that you’ll check — there’s a trust associated with that vender that should guarantee this basic security. Moreover, we need to have in mind that a smartphone is for all ages and professions — so if we’re more aware of this vulnerability there are too many people that they aren’t.
ADB通常在属于开发人员和测试人员的设备上使用,理想情况下是在封闭环境中使用-这意味着,如果某人位于不同的网络上,则将无法连接到它。 更大的问题是,默认情况下,某些设备出厂时就启用了这些选项。 当您购买新设备时,无需检查-与该供应商相关联的信任应该可以保证这种基本安全性。 此外,我们需要记住,智能手机适用于所有年龄段和所有职业,因此,如果我们更加了解此漏洞,那么很多人不是。
This is more of a cautionary tale, on the past weeks I’ve been testing this with my friends and family and around hundreds of devices, there was just one, a STB (Set-top box) that had this vulnerability.
在过去的几周中,我一直在与朋友和家人以及大约数百种设备进行测试,而其中只有一个STB(机顶盒)存在此漏洞。
Nevertheless, it’s one more than it should be. Don’t forget to do the same tests — we never know what we might find.
但是,它比应有的多。 别忘了做同样的测试-我们永远不知道会发现什么。
android adb连接