adb – starts ADB server and shows instructions and command options
adb devices – shows which ADB devices, if any, are connected to the machine
adb shell – open up a command window INSIDE the device. This is basically a Linux shell
adb pull /path/to/filename – retrieve/copy a file from the Android file system
adb push filename /path/to/destination/filename – copy a file TO the Android file system
adb shell “dumpsys netstats detail” > netstats.log – run the command “dumpsys netstats detail” and dump the results into a file named “netstats.log”. You can do this with any Android Linux command, but you must keep in mind that some commands require superuser elevation to run, so you may have to shell into the device first, make yourself superuse with “su” then run the command. Dumpsys actually has a whole suite of commands to retrieve all sorts of information from a running Android system. Research dumpsys on the Internet, on Google’s Android page.
adb forward tcp:5555 tcp:5555 – forward ADB to a TCP port, possibly to copy data out of the device when you can’t otherwise. Used commonly in forensics with the DD command, to get a physical extraction of the phone.
adb start-server – starts the ADB server/daemon, but does nothing else
adb kill-server – stops the ADB server/daemon, but does nothing else
adb install some_program.apk – installs an Android package/program on a running system. Can be used forensically to install an APK to retrieve specific, targeted info from the Android system.
adb reboot – reboots the Android device
adb reboot bootloader – reboots the Android device, but into the bootloader, if it possible with the specific Android device.
adb connect <host>[:<port>] – connects to an Android device that has the ADB daemon running, but on a TCP connection. Can be used to image a device over a network.
adb backup –all -shared (should do all available apps plus internal shared storage area)
Also can use -apk, -nosystem -keyvalue -obb, etc.
adb reboot bootloader – reboot into fastboot/bootloader mode
adb reboot edl – reboot into Qualcomm Emergency Download Mode
adb reboot recovery – reboot into the recovery
Linux commands to use when you are in the ADB shell
cd – change directory
cat – print/display a file that is ASCII formatted
hexdump -C – display a binary/hexadecimal file in hex-editor format
ls -l – show a directory’s contents, with file information
ls – simple listing of directory contents
less – display a file in ASCII, but one page at a time
grep – search for something in a file or any block of information
Example: cat file.txt | grep -i “network_stat” – this outputs a file, but only shows the lines that contain the phrase “network_stat” without distinguishing between uppercase and lowercase letters.
dd if=/dev/block/mmcblk0 of=/sdcard/image.bin – images the Android device (if you have superuser permissions) to a binary file on the sdcard.
df – shows the disk/partition/volume mounts on the running system
Share this post:
on Facebook
on LinkedIn
