Jump to content

Root Bridge — how thousands of internet connected Android devices now have no security, and are being exploited by criminals.


Karlston

Recommended Posts

Android has a feature called Android Debug Bridge (ADB for short) which allows developers to communicate with a device remotely, to execute commands and fully control the device.

“The adb command facilitates a variety of device actions, such as installing and debugging apps, and it provides access to a Unix shell that you can use to run a variety of commands on a device.” — Android’s developer portal

It is completely unauthenticated, meaning anybody can connect to a device running ADB to execute commands. However, to enable it — in theory — you have to physically connect to a device using USB and first enable the Debug Bridge.

Unfortunately, vendors have been shipping products with Android Debug Bridge enabled. It listens on port 5555, and enables anybody to connect over the internet to a device.

During research for this article, we’ve found everything from fuel tankers in the US to DVRs in Hong Kong to mobile telephones in South Korea.

This is highly problematic as it allows anybody — without any password — to remotely access these devices as ‘root’ — the administrator mode — and then silently install software and execute malicious functions.

<snip, please use link below for full story>
 
Link to comment
Share on other sites


  • Replies 1
  • Views 754
  • Created
  • Last Reply

It's for devs  and if there dumb enough to enable it because you have to  turn it on,  they know the risk  involved  when using Linux as root. So it would no ones fault but there own. It's the same  as is if i was to go in Linux and fix it to run as root when it boots up, root is not needed in Linux for most things so its a not a good idea to fix it to stay in root. What about Windows  were most programs require root and there not even sandboxed away from the rest of the system like in Linux expect maybe browsers are sandboxed. If you root you're whole system it would be about like using XP or turning off UAC in newer version of Windows . I use to trun off UAC all the time in windows 7 i guess it just makes you have to depend on security software you use alot more they have antivirus for Android and antivirus require root in Linux that's why i don't use one on Linux.   They dont even ask for a password to run any as root in windows like they do in Linux the only thing protects you is UAC  unless you are using some other security software. In Linux you can use fire jail and protect yourself even more but i'm not sure do have anything like this for Android.   :P

 

PS:  there is a ADB Script here were you can enable root tell the next time you reboot then it want be in root

https://github.com/psuzn/AdbWifi

 

Its been around forever  heres a post about it in 2012

https://old.reddit.com/r/Android/comments/yadmx/why_you_should_disable_usb_debugging/

 

I had done read about it before how i know what it is

Quote

 TomXP411  Feb 5, 2018
ADB is also called the "Android Debug Bridge", and is the (as the name suggests) bridge between debug tools running on the device and a desktop computer running an IDE or debug console. Turning on debug tools is generally how you enable ADB on a device; so turning debug tools off should turn off ADB on the device.

I haven't actually tried probing 5555 on any devices, however, so I suppose it's possible that some devices will respond to the port even with debugging tools turned off. However, if debugging is turned on, infecting a device is trivial - since that's ADB's job.

 

In just 24 hours, 5,000 Android devices are conscripted into mining botnet

https://arstechnica.com/information-technology/2018/02/out-of-nowhere-currency-mining-botnet-infects-5000-android-devices/?comments=1&post=34753775

 

From the DOJ How to secure youre IOT devices

Quote

Use your home wireless router's built-in firewall

Just go in you're router and make sure you have port 5555 blocked .

Link to comment
Share on other sites


Archived

This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...