Android APP vulnerability Mining

Android APP vulnerability Mining

0x00

1. Open component Security Vulnerabilities

See Android component security.

 

2. Content Provider file Directory Traversal Vulnerability

See Content Provider file directory traversal vulnerability analysis.

 

3. AllowBackup Security Detection in AndroidManifest. xml

Refer to two minutes to steal the goddess Weibo account? Describes the risks caused by AllowBackup configuration of the Android App.

 

4. Intent hijacking risk Security Detection

See Android component communication process risks.

 

5. Data Storage Security Detection

According to the security risk analysis of the Android Database configuration mode, Android local data Storage: Internal Storage Security risk analysis, Android local data Storage: Shared Preferences security risk analysis.

 

6. DoS attack Security Detection

Refer to the analysis of local denial of service vulnerabilities of Android applications.

 

7. Random Number generation function usage Error

Refer to SecureRandom Vulnerability Parsing.

 

8. Man-in-the-middle attack vulnerabilities: vulnerability code and detailed descriptions are provided.

 

9. dex loading Vulnerability

Refer to external dynamic loading DEX security risk analysis.

 

10. Risks of Activity hijacking

Refer to Activity hijacking instances and protection methods.

 

11. WebView high-risk interface Security Detection: webview high-risk interface vulnerabilities, vulnerability exploitation code, and detailed explanations.

 

12. WebView plaintext storage Password Vulnerability

Refer to the problems caused by webview cache password in Android.

 

13. WebView does not check certificate Vulnerabilities

WebView trusts any certificate, so that webpages without a certificate can also be loaded.

 

14. Webview file cross-origin access: webview cross-origin access file, vulnerability exploitation code and detailed explanation.

 

15. Port Development: This module mainly analyzes the Baidu and AMAP, and uses code to show the actual effect. Through decompiling smali, we analyzed why the vulnerability exploitation code should be written like this.

 

16. plaintext storage and plaintext Transmission

If passwords or chat records are stored in plain text in the user's private directory, or even on the SD card, there is a risk of leakage.

If the user's password is transmitted to the server in plain text, it may be intercepted by the packet capture tool and cracked.