Software:Android Debug Bridge

From HandWiki
Revision as of 09:53, 9 February 2024 by Dennis Ross (talk | contribs) (link)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Short description: Tool for debugging Android-based devices
Android Debug Bridge
Android Robot Head 2023.svg
Android Debug Bridge in GNOME terminal.png
Starting the adb server in GNOME Terminal, which then enumerates the devices. After that, a shell is opened on the device being debugged to run the uname command.
Original author(s)Google
Stable release
34.0.1 (March 2023)
Repositoryandroid.googlesource.com
Written inC++
Operating systemWindows, Linux, macOS
Included withAndroid SDK
TypeSoftware development tool
LicenseApache License 2.0
Websitedeveloper.android.com/studio/command-line/adb

The Android Debug Bridge (commonly abbreviated as adb) is a programming tool used for the debugging of Android-based devices. The daemon on the Android device connects with the server on the host PC over USB or TCP, which connects to the client that is used by the end-user over TCP. Made available as open-source software under the Apache License by Google since 2007, features include a shell and the possibility to make backups. The adb software is available for Windows, Linux and macOS. It has been misused by botnets and other malware, for which mitigations were developed such as RSA authentication and device whitelisting.

Features

Android Device Monitor

Features of adb include copying files from the host computer,[1] installing apps, viewing logcat output, getting a Unix shell,[2] and rebooting into Qualcomm EDL mode.[3] For example, Android applications can be saved by the command backup to a file.[4] It also includes support for the Java Debug Wire Protocol.[5]

Some graphical interfaces have been made available. The graphical Android Device Monitor in Android Studio can be used for retrieving information from an Android device.[6]

Android's method to install APK files on a device has been used as a way to sideload unofficial apps onto Windows Subsystem for Android[7] and Chrome OS's Android virtual machine.[8]

Development history

The Android Software Development Kit (SDK) was first released in 2007.[9] Since 2017, Google made it possible to download adb separately from the Android SDK.[10]

In 2015, Microsoft released an Android emulator that can connect to the adb client.[11] In 2016 for Android Studio 2.0 a 5x performance improvement was made for installing apps and pushing files through adb.[12] For easier usage of Android Things, a wrapper was made in 2017 around manual adb commands.[13] For Android 11 in 2020, Google added adb incremental installations.[14] In 2020, Wi-Fi adb was integrated into Android Studio for macOS.[15] In 2021 for Android 12, the adb backup command was limited so that backing up user data from apps is opt-in using a per-app manifesto configuration[16] after being deprecated in Android 10 along with adb restore.[17] Fuchsia will be backwards-compatible with adb. It will be replaced with fx and ffx.[18]

Setup

Host computer

For Windows, the Android SDK contains the adb.exe binary that can be extracted and installed.[19] How-To Geek recommends adding the folder containing the binaries to the PATH environment variable.[20]

On Ubuntu, adb can be installed with the android-tools-adb package.[21] For Debian, it has been recommended to also install the android-sdk-platform-tools-common package next to the adb package, which installs the udev rules which makes it possible to run the tool without root permissions.[22] For macOS and other Linux distributions, the platform tools can be downloaded and the PATH variable can be modified in bashrc.[23]

Android device

In Android 4.2.2 or later (API level 17), a dialog is shown with an RSA fingerprint that the user needs to accept. This protects against computers exploiting the debugging mechanism without consent of the device user.[24] Starting in Android 4.2, the developer settings are hidden by default. Pressing seven times on the build number in the about menu makes them visible to the user. After that, the USB debugging option can be enabled.[25] Some Android vendors have different procedures to enable it. For example, Huawei requires entering a pincode before adb can be enabled.[26]

If the touchscreen of an Android device is broken, it can be possible to connect a mouse to the device using USB On-The-Go and enable USB debugging.[27][26]

Architecture

The adb protocol can be transported over USB or over Wi-Fi through TCP. It uses a client-server architecture. There are two different protocols in use. The first is between the client and the server and the second is between the server and the daemon. The adb daemon is implemented in C and located in the Android user space. The daemon is facilitated by the Android USB framework, UsbDeviceManager and UsbDebuggingManager.[5]

Client ↔ server protocol

The communication mode between the client and server is a TCP socket. The server listens on a port, to which the client has to send a request. The request contains a 4-byte initial field in ASCII and a payload. The payload starts with the word host, to indicate it should be sent to the server. The server can then reply with OKAY or FAIL to indicate the status, combined with an optional payload and length.[5]

Server ↔ daemon protocol

The messages sent from the server consist of a 24-byte long header, with the following fields:[5]

  • Command
  • First argument
  • Second argument
  • Length of the payload, 0 or higher
  • CRC-32 of the data payload
  • Magic value, calculated through command XOR 0xFFFFFFFF

Security

Up to Android 2.2, Android was vulnerable to the RageAgainstTheCage exploit. The adb daemon did not check for the return value of the setuid system call when dropping privileges. The exploit forks processes until it fails due to the exhaustion of process identifiers. When the daemon crashes and restarts, it cannot start a new process with dropped privileges and keeps running as root. Then adb provided a root shell.[28] In 2017, a security vulnerability was disclosed that exploited ADB to take over the onboard modem. The attack required adb to be already enabled and authorized, although some workarounds were available.[29]

Various families of malware such as ADB.Miner, Ares, IPStorm, Fbot and Trinity have scanned the internet for public availability of the adb interface and installed malware on those devices.[30] adb can also be used to remove malware, by booting into safe mode and running the adb uninstall command.[31]

See also

References

  1. Darcey, Lauren (2012). Android wireless application development. Shane Conder (3rd ed.). Upper Saddle River, NJ: Addison-Wesley. ISBN 978-0-321-81383-1. OCLC 749852462. https://www.worldcat.org/oclc/749852462. Retrieved 2021-09-26. 
  2. "Things You Can Do with Android's adb Command" (in en). https://www.dummies.com/web-design-development/mobile-apps/android-apps/things-you-can-do-with-androids-adb-command/. 
  3. EASTTOM, CHUCK (2021). An In-Depth Guide to Mobile Device Forensics. [S.l.]: CRC PRESS. pp. 72. ISBN 978-0-367-63300-4. OCLC 1250310301. https://www.worldcat.org/oclc/1250310301. Retrieved 2021-09-26. 
  4. Jack Wallen (2015-03-06). "How to create a full backup of your Android device without root". https://www.techrepublic.com/article/how-to-create-a-full-backup-of-your-android-device-without-root/. 
  5. 5.0 5.1 5.2 5.3 Regupathy, Rajaram (2014). Unboxing Android USB: a hands-on approach with real World examples. Berkeley, CA. ISBN 978-1-4302-6209-1. OCLC 880673864. https://www.worldcat.org/oclc/880673864. Retrieved 2021-09-26. 
  6. Morgillo, Ivan; Viola, Stefano (2016). Learning embedded Android N programming: create the perfectly customized system by unleashing the power of Android OS on your embedded device. Birmingham, UK. p. 89. ISBN 9781785283284. OCLC 1020708322. https://books.google.com/books?id=bOrUDQAAQBAJ. Retrieved 2021-09-26. 
  7. "How to sideload Android apps on Windows 11". 23 January 2022. https://www.xda-developers.com/how-to-sideload-android-apps-on-windows-11/. 
  8. "How to sideload apps to a Chromebook". 5 March 2023. https://www.xda-developers.com/how-sideload-apps-chromebook/. 
  9. "Google releases Android SDK" (in en-US). https://www.macworld.com/article/188112/androidsdk.html. 
  10. "Google makes ADB, fastboot, and other platform tools available without full SDK or Android Studio download" (in en-US). 2017-01-05. https://www.androidpolice.com/2017/01/05/google-makes-adb-fastboot-platform-tools-available-without-full-sdk-android-studio-download/. 
  11. Vasile, Cosmin. "Microsoft Releases Android Emulator and It's Supposed to Be Faster than Google's" (in english). https://news.softpedia.com/news/microsoft-releases-android-emulator-and-it-s-supposed-to-be-faster-than-google-s-488016.shtml. 
  12. "Android Studio 2.0 - Beta" (in en). https://android-developers.googleblog.com/2016/02/android-studio-20-beta.html. 
  13. "Android Things Developer Preview 6" (in en). https://android-developers.googleblog.com/2017/11/android-things-developer-preview-6.html. 
  14. "Turning it up to 11: Android 11 for developers" (in en). https://android-developers.googleblog.com/2020/09/android11-final-release.html. 
  15. "Announcing Android Studio Arctic Fox (2020.3.1) & Android Gradle plugin 7.0" (in en). https://android-developers.googleblog.com/2020/12/announcing-android-studio-arctic-fox.html. 
  16. "Behavior changes: Apps targeting Android 12 | Android 12 Beta" (in en). https://developer.android.com/about/versions/12/behavior-changes-12?hl=bg. 
  17. "Google Considers Removing Android ADB Backup and Restore". https://www.bleepingcomputer.com/news/mobile/google-considers-removing-android-adb-backup-and-restore/. 
  18. Bradshaw, Kyle (2022-08-26). "Google wants to make Fuchsia devices manageable with Android's ADB tool" (in en-US). https://9to5google.com/2022/08/26/fuchsia-adb-proposal/. 
  19. Harwani, B. M. (2013). PhoneGap build: developing cross platform mobile applications in the cloud. Boca Raton. pp. 38. ISBN 978-1-4665-8975-9. OCLC 862745697. https://www.worldcat.org/oclc/862745697. Retrieved 2022-01-29. 
  20. Hoffman, Chris; Fedewa, Joe (4 September 2021). "How to Install and Use ADB, the Android Debug Bridge Utility" (in en-US). https://www.howtogeek.com/125769/how-to-install-and-use-abd-the-android-debug-bridge-utility/. 
  21. Smyth, Neil (2020). "7". Android Studio 4. 0 Development Essentials - Java Edition: Developing Android Apps Using Android Studio 4. 0, Java and Android Jetpack.. Cary. ISBN 978-1-951442-21-7. OCLC 1190906409. https://www.worldcat.org/oclc/1190906409. Retrieved 2021-09-26. 
  22. "Debian -- Details of package adb in bullseye". https://packages.debian.org/stable/adb. 
  23. "How to Install Android Debug Bridge (ADB) and Fastboot" (in en). https://www.lifewire.com/android-debug-bridge-adb-4149410. 
  24. "Run apps on a hardware device" (in en). https://developer.android.com/studio/run/device?hl=de. 
  25. Wallen, Jack. "How to enable Developer options in Android 4.2" (in en). https://www.techrepublic.com/article/pro-tip-how-to-enable-developer-options-in-android-42/. 
  26. 26.0 26.1 Aranzulla, Salvatore. "Come attivare debug USB" (in it-IT). https://www.aranzulla.it/come-attivare-debug-usb-1144637.html. 
  27. Ogubuike, Udochi (2019-08-09). "How to enable USB debugging mode on Android" (in en-US). https://punchng.com/how-to-enable-usb-debugging-mode-on-android/. 
  28. Drake, Joshua J. (2014). Android hacker's handbook. Zach Lanier, Collin Mulliner, Pau Oliva, Stephen A. Ridley, Georg Wicherski. Indianapolis, IN: Wiley. pp. 75. ISBN 978-1-118-60861-6. OCLC 875820167. https://www.worldcat.org/oclc/875820167. Retrieved 2021-09-26. 
  29. Mendelsohn, Tom (2017-01-09). "Google plugs severe Android vulnerability that exposed devices to spying" (in en-us). https://arstechnica.com/information-technology/2017/01/google-plugs-severe-android-bootmode-vulnerability/. 
  30. Cimpanu, Catalin. "Android devices ensnared in DDoS botnet" (in en). https://www.zdnet.com/article/android-devices-ensnared-in-ddos-botnet/. 
  31. Schuman, Evan. "This Vultur app takes malicious to the next level" (in en). Computerworld. https://www.computerworld.com/article/3627326/this-vultur-app-takes-malicious-to-the-next-level.html. 

External links