Share
## https://sploitus.com/exploit?id=428AF504-46AA-5342-B996-9B28AD7932B2
_ _ _ _
/\ | | | | | | (_)
/ \ | |_| |__ ___ | |__ _ ___ _ __
/ /\ \ | __| _ \ / _ \ | _ \| | / _ \ | _ \
/ ____ \ | |_| | | | __/ | | | | || (_) || | | |
/_/ \_\ \__|_| |_|\___| |_| |_|_| \___/ |_| |_|
Aetherion
Android Security Assessment & Remote Management Framework
Installation •
Quick Start •
Features •
Interactive Console •
CLI Reference •
Configuration •
Plugins •
Development
Baca dalam Bahasa Indonesia
---
## Overview
Aetherion is an all-in-one Android security toolkit that combines network scanning, exploitation, post-exploitation, persistence, intelligence gathering, and reporting into a single CLI/TUI tool.
It targets CVE-2026-0073 (TLS mutual authentication bypass on wireless ADB) and provides a full post-exploitation suite for authorized penetration testing engagements.
**Two modes of operation:**
- **CLI** โ direct commands for scripting and automation
- **Interactive console** โ menu-driven TUI similar to msfconsole
---
## Installation
### One-liner (recommended)
```bash
git clone https://github.com/your-username/aetherion.git
cd aetherion
bash setup.sh
```
The setup script handles everything: Python venv, dependencies, ADB download, and shell configuration (bash/zsh/fish/ksh/tcsh/nushell/xonsh/elvish).
### Manual
```bash
git clone https://github.com/your-username/aetherion.git
cd aetherion
python3 -m venv .venv && source .venv/bin/activate
pip install -e .
aetherion --version
```
### Docker
```bash
docker build -t aetherion .
docker run --rm -it --network host aetherion
```
### Requirements
- Python 3.10+
- Linux (Ubuntu, Debian, Fedora, Arch) or macOS
- `curl` and `unzip` (for ADB auto-download)
- On Ubuntu/Debian: `sudo apt install python3-venv` (separate package)
Optional external tools (depending on which features you use):
- `adb` โ auto-downloaded by setup script
- `apktool` โ APK obfuscation
- `msfvenom` / `msfconsole` โ Metasploit bridge
- `ngrok` โ tunnel management
---
## Quick Start
```bash
# Scan local network for ADB-enabled devices
aetherion local scan 192.168.1.0/24
# Check if a target is vulnerable
aetherion exploit check 192.168.1.100
# Exploit CVE-2026-0073
aetherion exploit cve-2026-0073 192.168.1.100 --cmd "id"
# Extract contacts
aetherion post contacts --output ./loot/
# Full device fingerprint
aetherion intel fingerprint
# Generate HTML report
aetherion report generate --format html --output ./report.html
# Show all commands
aetherion --help
```
---
## Features
### Scanning & Device Management
- Network scanner (ARP + TCP connect + ADB probe)
- Multi-device session manager with USB & WiFi support
- Subnet validation and auto-connect
### CVE-2026-0073 Exploitation
- TLS mutual authentication bypass on wireless ADB
- EC P-256 + Ed25519 certificate generation
- Patch level checker (pre-May 2026 ASB)
- Retry with exponential backoff
### Post-Exploitation
- Contacts & SMS extraction to CSV
- WhatsApp / Telegram / Signal database pull
- Screenshot, screen recording
- Remote tap, swipe, keyevent, text input
- File push/pull with optional AES encryption
- APK management (install, backup, list)
- Microphone toggle, logcat viewer
### Obfuscation Engine
- Multi-layer string encryption (XOR + Base64 + AES-128-CBC)
- APK decompile, inject, repack, sign
- TLS SNI spoofing and WebSocket traffic camouflage
- Manifest randomization
### Persistence & Stealth
- Boot persistence (init.d, Magisk, cron, AlarmManager)
- Process hiding via mount namespace
- Log wiping (logcat, dmesg, tombstones)
- App cloning as system app
### Intelligence
- Device fingerprint (30+ properties)
- Credential harvester (WiFi, OAuth, cookies)
- SOCKS5 proxy through victim device
### Integrations
- **Shodan** โ search for exposed ADB devices worldwide
- **Metasploit** โ payload generation, session management via msfrpcd
- **Ngrok** โ TCP/HTTP tunnels for reverse shells
### Reporting
- HTML/PDF security assessment reports
- JSON-lines audit log export
- Session state persistence (SQLite)
### Plugin System
- Extend Aetherion with custom modules
- YAML manifest + Python class
- Scaffold generator included
- See [docs/PLUGINS.md](docs/PLUGINS.md) for details
---
## Interactive Console
Run `aetherion` without arguments to enter the interactive console:
```
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โ A E T H E R I O N v1.0.0 โ
โ Android Security Assessment Framework โ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
[1] Local Device Management
[2] Exploitation (CVE-2026-0073)
[3] Post-Exploitation
[4] Shodan Scanner
[5] Ngrok Tunnels
[6] Metasploit Bridge
[7] Obfuscation Engine
[8] Persistence & Stealth
[9] Intelligence & Proxy
[10] Reports & Logs
[11] Session & Plugins
[aetherion/main] >
```
Navigate by number, type CLI commands directly, or use shortcut aliases. Tab completion and persistent command history are built in.
---
## CLI Reference
```
aetherion
โโโ local scan / connect / devices / interact
โโโ exploit check / cve-2026-0073 / auto-root
โโโ post contacts / sms / screen / tap / swipe / key / url / push / pull / ls / packages
โโโ extras chats / mic / logcat
โโโ shodan search / exploit-all / config
โโโ ngrok start / stop / status
โโโ msf gen-payload / push-payload / run-listener / list-payloads / sessions
โโโ obfus string / apk / traffic / manifest
โโโ persist install / check / remove / hide-proc / wipe-logs / clone-app
โโโ intel fingerprint / harvest / proxy
โโโ ops save / load / history / config / plugins / cleanup
โโโ report generate / export-logs
โโโ setup Post-install setup wizard
โโโ interactive Launch interactive console
โโโ uninstall Remove Aetherion completely
```
Use `aetherion --help` for detailed usage of any subcommand.
---
## Configuration
Default config lives at `config.yaml` or `~/.aetherion/config.yaml`:
```yaml
shodan:
api_key: ""
cache_ttl: 3600
ngrok:
auth_token: ""
region: "us"
msf:
msfvenom_path: /usr/bin/msfvenom
msfconsole_path: /usr/bin/msfconsole
logging:
level: INFO
file: aetherion.log
format: json
scanner:
timeout: 2.0
retries: 3
```
For full configuration reference, see [docs/CONFIGURATION.md](docs/CONFIGURATION.md).
---
## Uninstall
```bash
# Recommended โ removes everything cleanly
bash uninstall.sh
# Or via CLI
aetherion uninstall
```
This removes `~/.aetherion/`, shell RC blocks, wrapper scripts, and optionally the pip package.
---
## Documentation
| Document | Description |
|----------|-------------|
| [docs/CONFIGURATION.md](docs/CONFIGURATION.md) | Full config reference, data locations, environment variables |
| [docs/PLUGINS.md](docs/PLUGINS.md) | Plugin system โ concept, API, writing your own |
| [docs/DEVELOPMENT.md](docs/DEVELOPMENT.md) | Architecture, testing, contributing |
---
## Platform Support
| Platform | Status |
|----------|--------|
| Ubuntu / Debian | Fully supported |
| Fedora / Arch | Fully supported |
| macOS | Works (Homebrew Python required) |
| Windows | Not supported |
---
## Disclaimer
**This tool is for authorized security testing only.**
Use Aetherion only on systems you own or have explicit written permission to test. Unauthorized access to computer systems is illegal in most jurisdictions.
The authors assume no liability for misuse of this software.
---
## License
MIT. See [LICENSE](LICENSE) for details.