jerdog · Oct 9, 2012 at 07:30 pm

Malicious Toolkit Thwarted by adbdSecure

First off, it bears noting that XDA in no way supports the use of anything that can be considered malicious. Some would say that certain tools can be used for good, such as packet-sniffing your home network. But the reality is that as a hacking site, the inevitable will happen. What one might have intended for good, can (and most often is) used for evil.

malicious toolkit by Kos recently appeared in the wild called P2P ADB, which provides tools for attacking a device if ADB Debugging is left enabled on the other device. Here is a breakdown of what this toolkit enables by taking advantage of USB Debug Mode, Root, and some crafty hacks:

  • the bypassing of lock screens,
  • making system changes and even “backing up” Android profiles, all from one phone to another
  • perform an Auth token cloning attack, enabling an attacker to gain access to a victims Google account, change the password, or even setup a one-time-password for themselves if two-factor-authentication is enabled

XDA Elite Recognized Developer Stericson immediately recognized the danger and created adbdSecure. His application helps to guard your device from malicious attacks that seek to use adbd, but only does so when you have enabled a password, PIN, or pattern lock for your lock screen. adbdSecure will turn adbd on when the phone is unlocked and will turn it back off when the screen goes off, thus preventing any sort of intrusion on your device. Add Tasker into the equation, and you have a pretty versatile application for all sorts of protection.

And in the true nature of XDA, Stericson has open-sourced the application so that you can take what he has done and improve it, as well as contribute more to the community. You can find the source on GitHub, and download the application for your device on Google Play. And once again, the only way to protect your device from this attack is to take the initiative and add lock screen protection.


_________
Want something on the XDA Portal? Send us a tip!
TAGS:
Emil Kako · Jan 31, 2015 at 02:59 pm · 2 comments

Do You Prefer Physical or on Screen Buttons?

More and more smartphone manufacturers have been moving towards on-screen buttons, with Google really pushing for it over the physical button alternative. However, there are still a few OEMs (we're looking at you, Samsung) that have preferred to keep things a bit more traditional. Tell us which way you prefer and why.

DISCUSS
Pulser_G2 · Jan 31, 2015 at 02:08 pm · 1 comment

New AOSP Branch Details Potential Build System Upgrades?

While there are frequent unexplained changes and pushes to Google's AOSP repositories, an interesting-looking new branch has been pushed out recently, called "master-soong". Taking a look at the changes made to the manifest repository (which is used to specify the repositories to be downloaded when building Android), it appears there are some new repositories making an appearance. Of note here are new prebuilt repositories for Go, and Ninja. Go is a programming language, created by Google, which compiles to produce...

XDA NEWS
GermainZ · Jan 30, 2015 at 09:29 pm · 1 comment

Send Links to Any Nearby Device with CaastMe

There already are many solutions on the Google Play store if you want to send a link to one of your devices -- but what if you wanted to do it quickly without having to install any software or logging in to a website on the recipient end? Most apps require you to do either or both, which can be a hassle (or even a security risk) in some cases. Luckily, XDA Forum Member wyemun has developed CaastMe. Inspired by...

XDA NEWS