-
Notifications
You must be signed in to change notification settings - Fork 14
/
Copy pathandroid.cheat
165 lines (113 loc) · 4.38 KB
/
android.cheat
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
% Android and ADB Cheats
$ service: frida-ps -U | awk '{print $2}'
$ script: ls *.js
$ output_path_on_device: echo /sdcard/capture.pcap
$ device_port: echo 8080
$ host_port: echo 8080
$ url_or_path: echo http://www.google.com/to_for_example.mp4
# start the adb server as root (is needed)
sudo adb stop-server; sudo adb start-server
# What android devices are available
adb devices
# Enter adb in root mode
adb root
# Decompile an android apk app
apktool d <apk>
# Fix the bug with `waiting for debugger`
adb shell am clear-debug-app
# -needs rooted device- downloads unzip push and run frida-server on Android device
wget "$(gron https://api.github.com/repos/frida/frida/releases/latest | grep -E 'https:\/\/(.*)-android-arm64.xz' | grep server | cut -d '"' -f2)" -O /tmp/frida-server.xz; unxz /tmp/frida-server.xz; adb push /tmp/frida-server /data/local/tmp/frida-server; adb shell "chmod 755 /data/local/tmp/frida-server"; adb shell "/data/local/tmp/frida-server &" &
# Start frida server
adb shell "/data/local/tmp/frida-server &"
# frida list all running processes
frida-ps -Uai
# frida list devices
frida-ls-devices
# frida-trace Launch SnapChat on your iPhone and trace crypto API calls
frida-trace -U -f <service> -I "libcommonCrypto*"
# frida-trace Trace recv* and send* APIs in Safari, insert library names in logging
frida-trace --decorate -i "recv*" -i "send*" Safari
# frida-trace Trace ObjC method calls in Safari
frida-trace -m "-[NSView drawRect:]" Safari
# frida-trace Launch SnapChat on your iPhone and trace crypto API calls
frida-trace -U -f <service> -I "libcommonCrypto*"
# frida-trace Launch YouTube (com.google.android.youtube) and trace Java methods with “certificate” in their signature (s), ignoring case (i) and only searching in user-defined classes (u)
frida-trace -U -f com.google.android.youtube --runtime=v8 -j '*!*certificate*/isu'
# frida-trace Trace all JNI functions in Samsung FaceService app on Android
frida-trace -U -i "Java_*" com.samsung.faceservice
# frida-trace Trace a Windows process's calls to "mem*" functions in msvcrt.dll
frida-trace -p 1372 -i "msvcrt.dll!*mem*"
# frida-trace Trace all functions matching "*open*" in the process except in msvcrt.dll
frida-trace -p 1372 -i "*open*" -x "msvcrt.dll!*open*"
# frida-trace Trace an unexported function in libjpeg.so
frida-trace -p 1372 -a "libjpeg.so!0x4793c"
# launch app with frida sideload a script in the app without a pause
frida -U -f <service> -l <script> --no-pause
# Start the ADB server (use sudo)
sudo adb start-server
# Start the ADB server (will prob fail without sudo)
adb start-server
# Stop the ADB server
adb kill-server
# Check connected devices
adb devices
# Enter ADB shell
adb shell
# Push a file to the device
adb push <local> <remote>
# Example: adb push myfile.txt /sdcard/
# Pull a file from the device
adb pull <remote> <local>
# Example: adb pull /sdcard/myfile.txt ./
# Install an APK
adb install <apk>
# Example: adb install myapp.apk
# Uninstall an app
adb uninstall <package_name>
# Example: adb uninstall com.example.myapp
# Reboot the device
adb reboot
# Reboot into bootloader
adb reboot bootloader
# Reboot into recovery mode
adb reboot recovery
# Remount system partition in read-write mode
adb remount
# Connect to a device over TCP/IP
adb connect <device_ip>:<device_port>
# Launch a browser
adb shell am start -a android.intent.action.VIEW -d <url_or_path>
# Play an MP4 video
adb shell am start -a android.intent.action.VIEW -d <url_or_path> -t video/mp4
# List installed packages
adb shell pm list packages
# List system packages
adb shell pm list packages -s
# List third-party packages
adb shell pm list packages -3
# Get APK location of a package
adb shell pm path <package_name>
# Example: adb shell pm path com.example.myapp
# View logcat output
adb logcat
# Save logcat output to a file
adb logcat -d > logcat.txt
# Clear logcat buffer
adb logcat -c
# View device logs for a specific tag
adb logcat -s <tag>
# Example: adb logcat -s MyAppTag
# Get device information
adb shell getprop
# Get battery status
adb shell dumpsys battery
# Get current running processes
adb shell ps
# Get disk usage
adb shell df
# Forward a port from the device to the host
adb forward tcp:<host_port> tcp:<device_port>
# Reverse a port from the host to the device
adb reverse tcp:<device_port> tcp:<host_port>
# Capture TCP dump on all adapters
adb shell tcpdump -i any -p -s 0 -w <output_path_on_device>