Android-Exploits
A collection of android Exploits and guide on android exploitation
root@n3x7:~$ ls -l
drwxr-xr-x dos - Denial Of Service exploits
drwxr-xr-x local - Local Exploits
drwxr-xr-x remote - remote exploits
drwxr-xr-x webapps - webapp exploits
Usage and Where to start
Clone me :)
git clone https://github.com/sundaysec/Android-Exploits.git
Recommend you grab exploitpack latest version
wget https://github.com/juansacco/exploitpack/archive/master.zip
Extract then Navigate into the folder and type:
java -jar ExploitPack.jar
Load the exploits
Learn and hack
OWASP Top 10 Mobile Risks
- Insecure Data Storage
- Weak Server Side Controls
- Insufficient Transport Layer Protection
- Client Side Injection
- Poor Authorization and Authentication
- Improper Session Handling
- Security Decisions Via Untrusted Inputs
- Side Channel Data Leakage
- Broken Cryptography
- Sensitive Information Disclosure
ββββββββββββββββββββββ
ββββββββββββββββββββββ
ββββββββββββββββββββββ
ββββββββββββββββββββββ
ββββββββββββββββββββββ
-->> exploit
Common Tools(In mobile Exploits)
- SSH
- VNC server
- A compiler (gcc / agcc)
- Android SDK (adb!)
- XCode
- Jailbroken iDevice
- Rooted Android Device
Android Hacking Tools
Mobile Apps (Hack On Android)
- AndroRat - Android Remote Administrative Tool
- cspoilt - A tool that enumerates local hosts, finds vulnerabilities and their exploits, cracks Wi-Fi password, installs backdoors blablabla!!!
- Hackode - All In One Android Pentest Tool
- zANTI - Network mapping, port discovery, sniffing, packet manipulation, DoS, MITM blablabla!!
- FaceNiff - Intercept and sniff WiFi network traffic for Social Media packets
- Droidsheep - Android application that analyzes security in wireless networks and also captures Twitter, Linked, Facebook, and other accounts
- USB Cleaver - Silently recover information from a target Windows 2000 or higher computer, including password hashes, LSA secrets, IP information
- Shark - Network Packate analysis tool
- DroidBox - Dynamic analysis of Android apps
- Wi-Fi Kill - Disable other Users from WiFi Access
Books and Articles
- A survey of Android exploits in the wild - The Android operating system Exploitation Survey
- Popular Android Exploits - Introduction to Android Exploits.
- Own your Android! Yet Another Universal Root - Android root exploitation
- ASDC12-Smart_Bombs_Mobile_Vulnerability_and_Exploitation - Mobile Vulnerability Exploitation
- BlueBorne - Android Exploit - Exploiting an RCE Over the Air
- EVOLUTION OF ANDROID EXPLOITS - Evolution of Android exploits from a statistical analysis tool perspective
- Hacking Androids for Fun and for Profit - Android Exploitation
This work is licensed under a Creative Commons Attribution 4.0 International License.