Common Android Vulnerabilities

Common Android Vulnerabilities

Vulnerability Name: Log Sensitive information disclosure

Vulnerability Description: The user's sensitive information is printed during the program's operation, causing the leak

Suggested amendments: Log of privacy information is prohibited

Vulnerability Name: Web HTTPS checksum error ignoring vulnerability

Vulnerability Description: Vulnerability could lead to man-in-the-middle attack

Suggested Modifications: Do not ignore SSL authentication errors

Vulnerability name: SQL Injection Vulnerability

Vulnerability Description: Vulnerability could cause information disclosure or tampering in user database

Suggestions for modification: Use of safe sqlite, such as Sqlcipher

Vulnerability Name: HTTPS NULL Check vulnerability

Vulnerability Description: Vulnerability could lead to man-in-the-middle attack

Modify Recommendation: Sethostnameverifier interface set security option level

Vulnerability Name: Provider component Exposure vulnerability

Vulnerability Description: Export components that do not have permission restrictions can enable other apps to access the program's data, resulting in data breaches

Modify recommendation: Increase permission limit recommended

Vulnerability Name: Fragment Injection vulnerability

Vulnerability Description: The vulnerability causes an arbitrary fragment to be called within the intent by entering the appropriate extra.

Modify suggestions: Do not export preferenceactivity

Vulnerability Name: WebView Remote Code Execution (cve-2014-1939)

Vulnerability Description: On Android systems from 4.0 to 4.2, WebView will increase searchboxjavabredge_, resulting in remote code execution. An attacker could populate a page with JavaScript to execute arbitrary malicious code in the client by reflection

Modify Recommendation: Call Removejavascriptinterface ("Searchboxjavabredge_") in WebView

Vulnerability Name: Contentresolver Exposure vulnerability

Vulnerability Description: Can bypass provider's permission limit through exposed Contentresolver

Modify recommendations: Do not export or add permission restrictions to components that use Contentresolver

Vulnerability Name: HTTPS communication does not validate server certificate

Vulnerability Description: Application does not validate server certificate, can lead to man-in-the-middle attack, leaking communication content

Modification suggestions: Do not rewrite the TrustManager class, or implement checkservertrusted, increase the checksum of the server certificate

Vulnerability Name: HTTPS communication allows all server certificates

Vulnerability Description: Application does not validate server certificate, can lead to man-in-the-middle attack, leaking communication content

Modify Recommendation: Do not call Sethostnameverifier set allow_all_hostname_verify flag bit

Vulnerability Name: Activity security vulnerability

Vulnerability Description: An activity with a crash or an exception, any other application can cause an application that has this vulnerability to crash or function call

Modification recommendations: Strict detection of the parameters in the intent to the activity, if no need to export the activity

Vulnerability Name: WebView Remote Code Execution (cve-2012-6636)

Vulnerability Description: Javascriptinterface allows an attacker to embed JavaScript into a page and execute arbitrary malicious code in the client through reflection. All applications under 4.2 are affected, and applications with a compile API level of less than 17 are affected in all systems.

Modification Recommendation: If the application compile-time API level is less than 17, you need to upgrade the SDK version. If you want the phone below 4.2 to be unaffected, you can refer to the alternative Https://github.com/pedant/safe-Java-js-webview-bridge

Vulnerability Name: Service security vulnerability

Vulnerability Description: Service has a crash or exception, any other application can cause an application that has this vulnerability to crash or function call

Modification recommendations: Strict detection of parameters in the intent passed to the service, if no need to export the service

Vulnerability Name: Using unsecured encryption mode

Vulnerability Description: When using AES or DES encryption, the default encryption mode used or explicitly specified using ECB mode. Easy to select plaintext Attack (CPA), resulting in information disclosure

Modify Recommendation: Explicitly specify the use of CBC mode encryption

Vulnerability Name: Receiver security vulnerability

Vulnerability Description: Broadcastreceiver There is a crash or an exception, any other application can cause an application that has this vulnerability to crash or function call

Modification suggestion: The parameters of the intent passed to Broadcastreceiver are strictly inspected, if not necessary do not export this receiver

Vulnerability Name: Cannot specify IV when encrypting

Vulnerability Description: CBC encryption, using a constant as IV, can be beast attack, resulting in information disclosure

Modify suggestion: Dynamically generate the value of IV

Vulnerability name: Externally accessible forms exist

Vulnerability Description: An externally accessible form exists in the app, resulting in information disclosure

Modify recommendations: Audit access permissions for these forms, and do not export if they are not necessary

Vulnerability Name: Private file Traversal vulnerability

Vulnerability Description: Through the presence of a vulnerable URI, you can traverse the private data file of the read application, resulting in information disclosure

Modification Suggestion: Modify the implementation of ContentProvider of URI with file traversal vulnerability, and strictly detect and filter the input

Vulnerability name: Selection SQL Injection Vulnerability

Vulnerability Description: An selection SQL injection vulnerability exists in an application that can cause data stored in contentprovider to be compromised and tampered with

Modification Suggestion: Modify the implementation of the contentprovider of the URI that has the injection vulnerability, strictly detect and filter the input

Vulnerability name: Projection SQL Injection Vulnerability

Vulnerability Description: An projection SQL injection vulnerability exists in an application that can cause data stored in contentprovider to be compromised and tampered with

Modification Suggestion: Modify the implementation of the contentprovider of the URI that has the injection vulnerability, strictly detect and filter the input

Vulnerability name: Presence of a form that can be accessed maliciously

Vulnerability Description: There are forms that can be accessed using SQL injection, resulting in information disclosure

Recommendations for modification: Fixing related SQL injection vulnerabilities

Vulnerability Name: Homology bypass vulnerability

Vulnerability Description: Activity receives the protocol using the file://path, but does not disable JavaScript execution, which can be used to read any internal private files of the application, resulting in information disclosure

Modify Recommendation: Disable the file protocol or disallow files loaded by the filename protocol from executing javascript

Vulnerability Name: Local code execution vulnerability

Vulnerability Description: Activity accepts external incoming URL parameters, and there is webview remote code. Attackers can inject clients locally or remotely, executing arbitrary malicious code

Modify suggestions: Do not export this activity, or make strict judgments on accepted URL parameters

Common risks

Risk Name: App Backup risk

Risk Description: Allow program backup, may lead to user information disclosure

Modify Recommendation: Add Allowbackup=false If no backup is required, or implement an encrypted backup

Risk Name: Log information disclosure

Risk Description: Log data may leak during program run

Suggested Revisions: Remove log information from the proposed release version

Risk Name: Intent leaking user sensitive information

Risk Description: Intent data contains user sensitive information that may lead to disclosure

Modification Suggestion: Encrypt sensitive information, use permission limit intent scope

Risk Name: Receiver component Exposure risk

Risk Description: Broadcast can be externally invoked to cause sensitive information disclosure

Modification suggestions: No exposed components set Exported=false, if external calls are required, it is recommended to add a custom signature or signatureorsystem level of private rights protection; components that need to be exposed check the input parameters strictly to avoid denial of service. In-process dynamic broadcast registration is recommended to use Localbroadcastmanager, or use Registerreceiver (Broadcastreceiver, Intentfilter, Broadcastpermission, Handler) Alternative Registerreceiver (Broadcastreceiver, Intentfilter)

Risk Name: Broadcast Information disclosure risk

Risk Description: Broadcasts can be received by other malicious programs, causing user information to leak or terminate broadcast

Modification suggestions: It is recommended to send Intent using explicit invocation, in-process send message is recommended to use Localbroadcastmanager, or to use permissions to restrict receive scopes, such as using Sendboardcast (Intent, receiverpermission) Alternative Sendboardcast (Intent)

Risk Name: External storage Use risk

Risk Description: Data stored in an external space can cause information disclosure

Recommendations for modification: recommend that sensitive data not be stored externally, external storage is restricted and encrypted

Risk Name: App Debug Risk

Risk Description: Allow the program to be debugged

Modify Recommendation: Change the value of debugable to False

Risk Name: Private profile Read risk

Modification Recommendation: It is recommended to disable the global read operation instead of Mode_private

Risk Name: User-defined rights abuse risk

Risk Description: The following permissions are normal permissions, which may cause sensitive information disclosure

Modification suggestions: Suggested changes to signature or Signatureorsystem

Risk Name: Private profile Read and write risk

Suggested Modifications: Disabling global writes is recommended instead of mode_private

Risk Name: Private profile Write risk

Suggested Modifications: Disabling global read-write operation is recommended instead of mode_private

Risk Name: Private file Disclosure risk

Risk Description: There is a risk of sensitive file leaks

Suggested Modifications: Disabling the mode_world_readable and mode_world_readable options is recommended to open the file

Risk Name: Activity component Exposure risk

Risk Description: The activity interface can be called by other applications to perform specific sensitive operations or phishing scams, it is recommended to add android:exported=false, if external calls are required, Need to customize signature or Signatureorsystem level permissions

Modification suggestions: No exposed components set Exported=false, if external calls are required, it is recommended to add a custom signature or signatureorsystem level of private rights protection; components that need to be exposed check the input parameters strictly to avoid denial of service.

Risk name: Global readable file

Risk Description: A private file that can be read by the application memory in any other application, which can cause information disclosure

Modify suggestions: Change file properties to only the owning user or the same group of users can read

Risk Name: Global writable file

Risk Description: A private file that can be modified by application memory in any other application, which may result in application behavior being modified or even code injected

Modify Recommendation: Change the file properties to only the owning user or the same group user can modify

Risk name: URI User sensitive information disclosure

Risk Description: The URI contains user-sensitive information, which makes it easy for the reverse analyst to obtain relevant information

Modify recommendation: URI path for conversion

Risk Name: Attempt to use root permissions

Risk Description: If the program has root privileges and does not restrict the call, it may be exploited maliciously

Modify recommendations: Disable unnecessary high permissions and add check restrictions to critical permissions

Risk Name: URL User sensitive information disclosure

Risk Description: The URL contains user-sensitive information that could lead to information disclosure

Modify recommendation: Data encryption processing

Risk name: External URL controllable webview

Risk Description: Activity can be dropped by another application and loaded with an external incoming link that can be used for phishing attacks or further exploit

Modify suggestions: Reduce the export of unnecessary activity

Risk Name: KeyStore risk

Risk Description: A sensitive information disclosure vulnerability exists in the KeyStore key storage component of the Android system

Suggested Modifications: Disabling Android.security.KeyStore is recommended

Ext.: http://blog.csdn.net/zhangcanyan/article/details/51347629

Common Android Vulnerabilities