SL4A Python Script - Built Simple Python Listener to Allow Remote Execution on Droid

I built this python script to take remote commands and execute them locally on the droid as if I had terminal access.  It establishes a connection on port 21000 on the droid.  Then you can connect using netcat or other clients.  Then I added the functionality (since the 1st terminal emulator would not allow cat of files) to view the contents of files.  With this I discovered the insecure storage of files on the sdcard that other researchers have also recognized.

import android
import os

from socket import *

droid = android.Android()

HOST=''
PORT=21000
BUFSIZE=1024
ADDR = (HOST, PORT)

tcpSrvSocket = socket(AF_INET, SOCK_STREAM)
tcpSrvSocket.bind(ADDR)
tcpSrvSocket.listen(5)

while True:
    tcpClientSocket, addr = tcpSrvSocket.accept()
    print 'Connected from:', addr

    while True:
        data = tcpClientSocket.recv(BUFSIZE)
        if not data:
            break
        if "cat" in data:
            # Remove the 'cat ' in the data
            fileName = data[4:]
            # Remove the newline character at the end
            fileName2 = fileName[:-1]
            fileContent = open(fileName2, 'r')
            for line in fileContent:
                tcpClientSocket.send('%s' % line)
        else:
            returnData = os.popen(data, 'r')
            for eachLine in returnData:
                tcpClientSocket.send('%s' % eachLine)

    tcpClientSocket.close()
tcpSrvSocket.close()

Comments

Popular posts from this blog

Netflix Streaming Blocked by Sophos UTM

BSides 2016 Hackers Challenge

Python - Vega Conflict Script to Maximize Fleet Sizes based on Fleet Mass

VBA - Script to Download a file from a URL

IoT Malware Analysis - CnC Server - Part 3