Explore: Android Box

Network enumeration reveals a vulnerable service that is exploitable via a Metasploit module, and gives restricted read access to the machine. Further enumeration of the files, reveals the SSH credentials of a system user, allowing this way remote access to the machine. I'm able to forward a filtered port locally using SSH tunneling, in order to access the Android shell over the Android Debug Bridge (ADB). This eventuality allows the me to execute commands as the root user.

Tools:

Nmap

SSH

ADB

Exploitdb

PreviousUsing Burpsuite and creating Reverse shell NextEnumeration

Last updated 1 year ago