cmd_10001
Gather mobile device data (including IMEI, IMSI, serial number, device brand, device model, OS version, memory size, SD card size, power, MAC address, WIFI MAC address, root permission, IP address, accessibility enabled,
Command ID
Function
cmd_10001
Gather mobile device data (including IMEI, IMSI, serial number, device brand, device model, OS version, memory size, SD card size, power, MAC address, WIFI MAC address, root permission, IP address, accessibility enabled, device manager enabled, NET type, client version, camera enabled, Bluetooth MAC address, camera information, plugin version, phone number, OS ID, microphone enabled)
cmd_10002
Retrieve installed applications data (including application name, package name, version, installation time, installation path, size, system app status)
cmd_10003
Acquire contacts details
cmd_10004
Fetch SMS (Short Message Service) content
cmd_10005
Capture phone call
cmd_10006
Take an image from front-facing camera
cmd_10008
Obtain geolocation information from GPS and CDMA
cmd_10009
Retrieve phone call history
cmd_10010
Gather WIFI details (from local settings or WIFI scanner)
cmd_10011
Fetch directory data (including SD card, Pictures, DCIM, Downloads folders)
cmd_10012
Retrieve directory information from a specified folder
cmd_10013
Get file content from the device
cmd_10014
Acquire browser bookmarks
cmd_10015
Retrieve a specific APP database
cmd_10016
Get WeChat’s resource information
cmd_10018
Take a screen capture
cmd_10019
Record at a specific time
cmd_10021
Execution combining cmd10005, cmd10006, cmd10008, cmd10011, cmd10015, cmd10016, and cmd10018
cmd_10024
Gather clipboard contents
cmd_10025
Retrieve input method details
cmd_10026
Fetch messages from WeChat through Accessibility
cmd_10027
Fetch messages from QQ through Accessibility
cmd_10028
Archive a file or a directory
cmd_10029
Fetch messages from Skype through Accessibility
cmd_10030
Fetch messages from WhatsApp through Accessibility
cmd_10031
Fetch messages from DingTalk through Accessibility
cmd_10037
Fetch messages from MOMO through Accessibility
cmd_10038
Fetch messages from TalkBox through Accessibility
cmd_10039
Fetch messages from Voxer through Accessibility
cmd_10043
Retrieve specific APP resource information
cmd_10044
Fetch messages from Telegram through Accessibility
cmd_20001
Download a URL
cmd_20002
Capture phone call
cmd_20003
Get WeChat’s resource information
cmd_20004
Execute a shell command
cmd_20005
Fetch messages from WeChat via local database “EnMicroMsg.db”
Andy Curtis is an award-winning security consultant, researcher and public speaker. He has been working in the computer security industry since the early 1990s, having been employed by state and federal government, leading healthcare and banking providers across three continents. He has given talks about computer security for some of the world’s largest companies, worked with law enforcement agencies on investigations into hacking groups, and is a regular voice on TV and radio explaining IT security threats.
