Android Debug Bridge to remotely access and control Android device.
Ghost Framework gives us the power and convenience of remote Android device administration.
Now, this becomes very harmful because an attacker gets the full admin control on the vulnerable Android device.
In our this detailed tutorial we will practically learn how we can use the Ghost Framework to take control of Android device from our Kali Linux system.
So we start from cloning the Ghost Framework from GitHub by using the following command:
git clone https://github.com/entynetproject/ghost
The screenshot of the command is the following:
Then it will be cloned on our root folder of Kali Linux. Then we go the ghost directory by using cd command:
Now we need to install it using the installer script. Before that we give permission to the installer script by applying the following command:
sudo chmod +x install.sh
Here if it prompted for sudo password of our machine then we need to provide it.
Now we can run the installer script using the following command:
Then wit will start installing the dependencies and as the following screenshot:
This process will take some time depending on our internet speed.
After installing Ghost Framework we can run it from anywhere in our terminal by only the ghost command:
And the ghost will appear with its main menu as the following screenshot:
Now we can see the options. Here we got lots of options, first we need to connect a device, so we use option 3.
In the above screenshot, we can see that we need to type the IP address of the vulnerable Android device.
Now how we get an IP address of an Old vulnerable Android device. Shodan is here. Shodan is a great search engine for searching the devices connected to the internet. We already have a tutorial on Shodan.
In Shodan we have to search “Android Debug Bridge“, as we have shown in the following screenshot:
Here we can see over 19k search results. Every device is vulnerable for ghost and those devices are connected to the internet.
From here we can pick any IP address and paste it on ghost and then press enter.
Here we can see we are connected with the IP address in 5555 port. Now we can run anything from Ghost Framework.
What we can do with Ghost Framework:
- Show connected devices
- Disconnect all devices
- Connect a new device
- Access device shell
- Install an apk on a device
- Screen record a device
- Get device screenshot
- Restart Ghost Server
- Pull files from devices
- Shutdown the device
- Uninstall an app
- Show device log
- Dump system Info
- List of all device app
- Run a device app
- Port Forwarding
- Grab wpa_supplicant(WiFi password)
- Show Mac/Inct
- Extract apk from app
- Get Battery Status
- Get Network Status
- Turn WiFi on/off
- Remove device password
- Emulate button presses
- Get Current Activity
- Update Ghost Framework
- Exit Ghost Framework
Ghost Framework has a simple and clear UX/UI. It is easy to understand and it will be easier for us to master the Ghost Framework.
Ghost Framework can be used to remove the remote Android device password if it was forgotten. It is also can be used to access the remote Android device shell without using OpenSSH or other protocols.
sudo apt-get update sudo apt-get install android-tools-adb sudo apt-get install android-tools-fastboot
Usage of the Ghost Framework for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state, federal, and international laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program.
If you like our tutorial or got an issue regarding this post please comment down. If you liked our tutorials then visit our website regularly and for the quick updates follow us on Twitter and Instagram.
Posted by Shubham ;)