How to Fix Your Vulnerable Amazon Fire TV Stick?

Have you ever thought about the fact that a number of Amazon-made devices have 5555 port open? If not, then you will find this post interesting, as today, we will be discussing this port and how to fix an insecure Amazon Fire TV.

In Amazon devices, Port 5555 is used for ADB or Android Debug Bridge, which is a development tool that is used to do a number of admin tasks on Android device over USB or the network. This tool also controls all these functions. Although there aren’t many users who feel the need of enabling network ADB on their devices, if you inquisitive like me, then you should know how to enable this function.

There is surely some connection between Amazon devices because so many of them have network ADB enabled. It won’t take much long for you to find out as to what this port does.

The world of jailbroken Amazon Fire Sticks

Amazon Fire Stick is basically a device that connects to the HDMI port of your TV and transforms it into the smart TV. I don’t know if you have been able to identify something in Amazon Fire TV or not, but it is running a customized version of Android. The process of installing Amazon Fire Stick is quite easy, and if you are looking to jailbreak this device, then that can also be done quite easily. You have to go into the ‘Developer Options’ and enable two options, ‘apps from unknown sources’ and ‘ADB debugging’. The reason for using the device in development mode is to open the doors to the device where anyone can connect to these devices over the network and get a complete control.

Realistic Risk

Usually, users will never take Fire Sticks away from home, so there is no reason to think about getting a remote ADB on these devices, but in case, a user plans on using this device on a public network, then he/she is calling for trouble.

There is a message that pops up when a device tries to connect over remote ADB, but that message is not that alarming. There is no information given in the message related to the connection coming from a remote device. A normal user would simply ignore this message and get back to his/her favorite movie or show. But, that’s where he/she makes the biggest mistake. As soon as he/she hits ‘OK’, the ADB access gets an approval, and now, the attacker who has taken the remote access of the stick can install and execute his/her own software and wipe the entire device.

Fixing this problem

The process of finding ADB enabled Fire Sticks begins with identifying Amazon-manufactured devices that are available on the network. There are a number of ways of doing it, so you can get in touch with Amazon Fire TV help and support providers to help you with this issue. You can get a nix machine with arp-scan installed in it. Using this, you will be able to find the MAC addresses for devices that are available on the local network.

If it is on LAN and was manufactured by Amazon, then you will get its IP address. You need to scan all those IPs one by one. you can make use of NMAP method, as many professionals recommend it. If you come across a couple of devices, then you can try connecting to those directly with ADB connect and then see as to what happens next.

There is a Python script as well, which scans the local network for all those Amazon devices that are potentially vulnerable. Lastly, I would suggest you that never follow jailbreak guides or any developers tools because those can land you and your device in serious trouble.

Leave a Reply