Skip to content

Shell Find Techniques for Android Debugging

Unlock the power of shell find commands to elevate your Android debugging and analysis skills. This comprehensive guide dives into advanced techniques for searching files across the device, including uncovering hidden databases, grep strings, and AT commands with parallel processing for efficiency. Whether you're an app developer, security researcher, or tech enthusiast, these examples will enhance your ability to navigate and analyze Android file systems effectively. Learn to leverage shell find commands for in-depth exploration of Android's vast file landscape, ensuring no detail goes unnoticed in your debugging and analysis endeavors.

find

Dump all databases in data folder with 8 threads in parallel 
adb shell su -c find /data/data -name '*db' -type f -print0 |xargs -0 -n1 -P$(nproc) sh -c 'echo .dump | sqlite3 "$0"'
Search through entire device and try grep strings via parallel 
adb shell su -c find / -not -path '/proc/*' -type f -print0 |xargs -0 -n1 -P$(nproc) sh -c 'strings "$0"'|grep -i <string>
Search through entire device for apk files after Hayens Command commands in parallel 
#!/bin/sh
# Author: wuseman

root_directory="/"
exclude_paths=( "/proc" "/dev" )

find_command="find $root_directory"
for path in "${exclude_paths[@]}"; do
 find_command+=" -path $path -prune -o"
done
find_command+=" -iname '*.apk' -type f -print0"

eval "$find_command" | xargs -0 -P4 -n1 grep -H "AT+"
Search for hidden AT Commands 
find /data/data -type f -print0 | xargs -0 strings | grep -E 'AT[\+\*][A-Z]{2,10}([^A-Z]|$)'
AT+ENGMODES=
Search and Log Specific Patterns in Files
  • This example demonstrates searching for specific patterns in files and logging the results based on the matched patterns.
#!/bin/bash

sourcePath="/mnt/usb"
mkdir -p ~/search_index

rg --stats --no-column --colors 'match:fg:141' --colors 'match:bg:234' '(AT[+%$]([A-Z]+|\d+)|PACMD|lock(_?|Settings)ettings|weaver.*matched)'   $sourcePath | while read line; do
    echo "$line"
    if [[ "$line" =~ PACMD ]]; then
        echo "$line" >> ~/search_index/pacmd.log
    fi
    if [[ "$line" =~ AT[+%$] ]]; then
        echo "$line" >> ~/search_index/at-commands.log
    fi
    if [[ "$line" =~ weaver ]]; then"Enhanced Search and Logging of Patterns in Files""Enhanced Search and Logging of Patterns in Files"
        echo "$line" >> ~/search_index/weaver-commands.log
    fi
    # Add similar if conditions for other patterns
done
Enhanced Search and Logging of Patterns in Files

This example builds upon the previous one by adding more features and customization options. It allows specifying multiple file extensions to search within. The script utilizes configurable variables for source path, file extensions, search patterns, and output directory. It constructs file extension arguments for rg dynamically, providing flexibility to search across different file types. The matched lines are logged into separate files based on the matched patterns, similar to the first example.

#!/bin/bash

sourcePath="/mnt/usb/"
extensions=('*.java' '*.c' '*.sh' '*.pl' '*.md')
matchFgColor='141'
matchBgColor='234'
searchPattern='(AT[+%$]([A-Z]+|\d+)|PACMD|weaver)'
outputDir=~/search_index

mkdir -p "$outputDir"

fileExtArgs=()
for ext in "${extensions[@]}"; do
    fileExtArgs+=(-g "$ext")
done

rg --max-filesize 1M \
   -N \
   --stats \
   --no-column \
   --colors "match:fg:$matchFgColor" \
   --colors "match:bg:$matchBgColor" \
   "${fileExtArgs[@]}" \
   "$searchPattern" "$sourcePath" | while read -r line; do
    # Extract just the file name from the line
    filename=$(basename "$line")
    echo -e "$filename"

    if [[ "$line" =~ PACMD ]]; then
        echo "$filename" >> "$outputDir/pacmd.log"
    elif [[ "$line" =~ AT[+%$] ]]; then
        echo "$filename" >> "$outputDir/at-commands.log"
    elif [[ "$line" =~ weaver ]]; then
        echo "$filename" >> "$outputDir/weaver-commands.log"
    fi
    # Add similar if conditions for other patterns
done