During a penetration test, you gain temporary physical access to an employee's Android 10 handset. The phone is unlocked and USB debugging is enabled, but the device is a standard production build with no root privileges or exploits available. To obtain the credential database of a third-party app for later offline analysis, which adb command should you execute first?
On stock (user-build) Android 10 devices, the adbd service runs without root privileges, so attempts to use commands such as adb root, a direct adb pull from /data/data/…, or invoking su from an adb shell will all fail with a "permission denied" error. Provided the target application has not disabled backups, the only generally supported method to retrieve its private data without rooting the device is to request an application-specific backup with adb backup. Adding the -f switch lets you choose the destination filename, and the -noapk -noobb modifiers reduce the archive size by omitting the installed APK package and any large OBB expansion files. After the .ab file is created, you can convert it (for example, with abe.jar) and extract the desired SQLite credential database offline. The remaining answer options either rely on root privileges that are unavailable on a standard production device or point to system paths unrelated to the target app's data.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
Why is 'adb pull' from '/data/data/...' not an option without root privileges?
Open an interactive chat with Bash
What does the 'adb backup' command do, and why is it useful in penetration testing?
Open an interactive chat with Bash
How can you convert and extract data from an '.ab' file created with 'adb backup'?
Open an interactive chat with Bash
What does the `adb` tool do in Android devices?
Open an interactive chat with Bash
Why can't `adb pull` or `adb root` access the credential database directly on Android devices?
Open an interactive chat with Bash
How can you convert and extract data from an `.ab` file after using `adb backup`?
Open an interactive chat with Bash
Certified Ethical Hacker (CEH)
Mobile Platform, IoT, and OT Hacking
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99
$19.99/mo
Billed monthly, Cancel any time.
3 Month Pass
$44.99
$14.99/mo
One time purchase of $44.99, Does not auto-renew.
MOST POPULAR
Annual Pass
$119.99
$9.99/mo
One time purchase of $119.99, Does not auto-renew.
BEST DEAL
Lifetime Pass
$189.99
One time purchase, Good for life.
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .