Ghost Framework - An Android Post-Exploitation Framework That Exploits The Android Debug Bridge To R emotely Access An Android Device

About Ghost Framework Ghost Framework is an Android post-exploitation framework that exploits the Android Debug Bridge to remotely access an Android device. Ghost Framework gives you the power and convenience of remote Android device administration. Getting started Ghost installation To install...

Gitpaste-12 Worm Widens Set of Exploits in New Attacks

The Gitpaste-12 worm has returned in new attacks targeting web applications, IP cameras and routers, this time with an expanded set of exploits for initially compromising devices. First discovered in a round of late-October attacks that targeted Linux-based servers and internet-of-things IoT...

Authentication Bug Opens Android Smart-TV Box to Data Theft

A critical bug in the Hindotech HK1 TV Box would allow root-privilege escalation thanks to improper access control. A successful exploit would allow attackers to steal social-networking account tokens, Wi-Fi passwords, cookies, saved passwords, user-location data, message history, emails, contact...

CVE-2020-13834

An issue was discovered on Samsung mobile devices with O8.x, P9.0, and Q10.0 with TEEGRIS software. Secure Folder does not properly restrict use of Android Debug Bridge adb for arbitrary installations. The Samsung ID is SVE-2020-17369 June 2020...

CVE-2020-13834

An issue was discovered on Samsung mobile devices with O8.x, P9.0, and Q10.0 with TEEGRIS software. Secure Folder does not properly restrict use of Android Debug Bridge adb for arbitrary installations. The Samsung ID is SVE-2020-17369 June 2020...

CVE-2020-13834

Technical details (affected product/version, root cause, impact, fixes) are not publicly available in the provided connected documents; monitor for updates.

Huawei Mate 20 License Issue Vulnerability (CNVD-2020-31280)

Huawei Mate 20 is a smartphone from Chinese company Huawei Huawei. An authorization issue vulnerability exists in ADB mode in previous versions of Huawei Mate 20 10.0.0.185 C00E74R3P8, which stems from the system's failure to appropriately restrict a user from performing an action in ADB mode. An...

Huawei Mate 20 Access Control Error Vulnerability

Huawei Mate 20 is a smartphone from Chinese company Huawei Huawei. An access control error vulnerability exists in previous versions of Huawei Mate 20 10.0.0.188 C00E74R3P8, which stems from the system's failure to appropriately restrict profile modifications by a specific user, and can be...

CVE-2020-1807

HUAWEI Mate 20 smartphones with versions earlier than 10.0.0.188C00E74R3P8 have an improper authorization vulnerability. The software does not properly restrict certain user's modification of certain configuration file, successful exploit could allow the attacker to bypass app lock after a series...

Cellebrite UFED Trust Management Issue Vulnerability

Cellebrite UFED is a universal forensic product from Cellebrite Israel. The product is mainly used for data extraction, transmission and analysis of devices. A trust management issue vulnerability exists in Cellebrite UFED versions 5.0 through 7.29, which arises from authentication of the ADB...

adb-driver injection vulnerability

adb-driver is a universal Android USB driver. An injection vulnerability exists in adb-driver. The vulnerability can be exploited to execute arbitrary commands with the help of the 'command' parameter...

Ghost Framework - An Android Post Exploitation Framework That Uses An Android Debug Bridge To Remotely Access A n Android Device

Ghost Framework is an Android post exploitation framework that uses an Android Debug Bridge to remotely access an Android device. Ghost Framework gives you the power and convenience of remote Android device administration. Getting started Ghost installation cd ghost chmod +x install.sh ./install....

CVE-2014-7951

The CVE-2014-7951 entry details a Directory traversal vulnerability in Android's adb (Android 4.0.4) where an attacker with physical access and a direct connection can write to arbitrary system-owned files by crafting tar headers with a .. sequence. Connected documents (including exploit examples...

CVE-2019-16273

DTEN D5 and D7 before 1.3.4 devices allow unauthenticated root shell access through Android Debug Bridge adb, leading to arbitrary code execution and system administration. Also, this provides a covert ability to capture screen data from the Zoom Client on Windows by executing commands on the...

CVE-2019-16272

On DTEN D5 and D7 before 1.3.4 devices, factory settings allows for firmware reflash and Android Debug Bridge adb enablement...

CVE-2019-16272

On DTEN D5 and D7 before 1.3.4 devices, factory settings allows for firmware reflash and Android Debug Bridge adb enablement...

Code injection

DTEN D5 and D7 before 1.3.4 devices allow unauthenticated root shell access through Android Debug Bridge adb, leading to arbitrary code execution and system administration. Also, this provides a covert ability to capture screen data from the Zoom Client on Windows by executing commands on the...

Design/Logic Flaw

On DTEN D5 and D7 before 1.3.4 devices, factory settings allows for firmware reflash and Android Debug Bridge adb enablement...

CVE-2019-16272

DTEN D5 and DTEN D7 devices running firmware earlier than 1.3.4 expose a vulnerability where factory settings enable firmware reflashing and Android Debug Bridge (ADB) access. This can lead to full device control and potential exposure of sensitive data (e.g., meeting contents) via exposed admini...

CVE-2019-16273

DTEN D5/D7 devices pre-1.3.4 are vulnerable to unauthenticated root shell access via Android Debug Bridge (ADB), enabling arbitrary code execution and system administration. The issue also enables a covert ability to capture Windows Zoom Client data by executing commands on the Android OS. Affect...