Abstract
Android system attackers have proposed various attack schemes to invade users' privacy. One way is to use ADB (Android Debug Bridge) with advanced permissions but low protection. In order to set up an ADB connection successfully, the USB debugging option of the target device must be turned on. However, the existing ADB-based attack schemes have not proposed how to enable the USB debugging, so it couldn't be considered that their attack chain is completable. This paper presents an approach for attacking Android devices by exploiting JavaScript to enable USB debugging automatically in the device's system settings, which fills in the gaps of existing solutions. This method can bypass the security mechanism of USB debugging mode and obtain an ADB connection without the user's authorization. It can also bypass the alerts that ADB Action Monitor displays when sensitive behaviors are detected. Based on AccessibilityService, Auto.js and Scrcpy, an application called Salaxy is designed and implemented to demonstrate the effectiveness of this method. Besides, Salaxy can monitor and manipulate Android devices remotely.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
