Common Android Vulnerabilities
Vulnerability Name: Log Sensitive information disclosure
Vulnerability Description: The user's sensitive information is printed during the program's operation, causing the leak
Suggested amendments: Log of privacy information is prohibited
Vulnerability Name: Web HTTPS checksum error ignoring vulnerability
Vulnerability Description: Vulnerability could lead to man-in-the-middle attack
Suggested Modifications: Do not ignore SSL authentication errors
Vulnerability name: SQL Injection Vulnerability
Vulnerability Description: Vulnerability could cause information disclosure or tampering in user database
Suggestions for modification: Use of safe sqlite, such as Sqlcipher
Vulnerability Name: HTTPS NULL Check vulnerability
Vulnerability Description: Vulnerability could lead to man-in-the-middle attack
Modify Recommendation: Sethostnameverifier interface set security option level
Vulnerability Name: Provider component Exposure vulnerability
Vulnerability Description: Export components that do not have permission restrictions can enable other apps to access the program's data, resulting in data breaches
Modify recommendation: Increase permission limit recommended
Vulnerability Name: Fragment Injection vulnerability
Vulnerability Description: The vulnerability causes an arbitrary fragment to be called within the intent by entering the appropriate extra.
Modify suggestions: Do not export preferenceactivity
Vulnerability Name: WebView Remote Code Execution (cve-2014-1939)
Vulnerability Description: On Android systems from 4.0 to 4.2, WebView will increase searchboxjavabredge_, resulting in remote code execution. An attacker could populate a page with JavaScript to execute arbitrary malicious code in the client by reflection
Modify Recommendation: Call Removejavascriptinterface ("Searchboxjavabredge_") in WebView
Vulnerability Name: Contentresolver Exposure vulnerability
Vulnerability Description: Can bypass provider's permission limit through exposed Contentresolver
Modify recommendations: Do not export or add permission restrictions to components that use Contentresolver
Vulnerability Name: HTTPS communication does not validate server certificate
Vulnerability Description: Application does not validate server certificate, can lead to man-in-the-middle attack, leaking communication content
Modification suggestions: Do not rewrite the TrustManager class, or implement checkservertrusted, increase the checksum of the server certificate
Vulnerability Name: HTTPS communication allows all server certificates
Vulnerability Description: Application does not validate server certificate, can lead to man-in-the-middle attack, leaking communication content
Modify Recommendation: Do not call Sethostnameverifier set allow_all_hostname_verify flag bit
Vulnerability Name: Activity security vulnerability
Vulnerability Description: An activity with a crash or an exception, any other application can cause an application that has this vulnerability to crash or function call
Modification recommendations: Strict detection of the parameters in the intent to the activity, if no need to export the activity
Vulnerability Name: WebView Remote Code Execution (cve-2012-6636)
Vulnerability Description: Javascriptinterface allows an attacker to embed JavaScript into a page and execute arbitrary malicious code in the client through reflection. All applications under 4.2 are affected, and applications with a compile API level of less than 17 are affected in all systems.
Modification Recommendation: If the application compile-time API level is less than 17, you need to upgrade the SDK version. If you want the phone below 4.2 to be unaffected, you can refer to the alternative Https://github.com/pedant/safe-Java-js-webview-bridge
Vulnerability Name: Service security vulnerability
Vulnerability Description: Service has a crash or exception, any other application can cause an application that has this vulnerability to crash or function call
Modification recommendations: Strict detection of parameters in the intent passed to the service, if no need to export the service
Vulnerability Name: Using unsecured encryption mode
Vulnerability Description: When using AES or DES encryption, the default encryption mode used or explicitly specified using ECB mode. Easy to select plaintext Attack (CPA), resulting in information disclosure
Modify Recommendation: Explicitly specify the use of CBC mode encryption
Vulnerability Name: Receiver security vulnerability
Vulnerability Description: Broadcastreceiver There is a crash or an exception, any other application can cause an application that has this vulnerability to crash or function call
Modification suggestion: The parameters of the intent passed to Broadcastreceiver are strictly inspected, if not necessary do not export this receiver
Vulnerability Name: Cannot specify IV when encrypting
Vulnerability Description: CBC encryption, using a constant as IV, can be beast attack, resulting in information disclosure
Modify suggestion: Dynamically generate the value of IV
Vulnerability name: Externally accessible forms exist
Vulnerability Description: An externally accessible form exists in the app, resulting in information disclosure
Modify recommendations: Audit access permissions for these forms, and do not export if they are not necessary
Vulnerability Name: Private file Traversal vulnerability
Vulnerability Description: Through the presence of a vulnerable URI, you can traverse the private data file of the read application, resulting in information disclosure
Modification Suggestion: Modify the implementation of ContentProvider of URI with file traversal vulnerability, and strictly detect and filter the input
Vulnerability name: Selection SQL Injection Vulnerability
Vulnerability Description: An selection SQL injection vulnerability exists in an application that can cause data stored in contentprovider to be compromised and tampered with
Modification Suggestion: Modify the implementation of the contentprovider of the URI that has the injection vulnerability, strictly detect and filter the input
Vulnerability name: Projection SQL Injection Vulnerability
Vulnerability Description: An projection SQL injection vulnerability exists in an application that can cause data stored in contentprovider to be compromised and tampered with
Modification Suggestion: Modify the implementation of the contentprovider of the URI that has the injection vulnerability, strictly detect and filter the input
Vulnerability name: Presence of a form that can be accessed maliciously
Vulnerability Description: There are forms that can be accessed using SQL injection, resulting in information disclosure
Recommendations for modification: Fixing related SQL injection vulnerabilities
Vulnerability Name: Homology bypass vulnerability
Vulnerability Description: Activity receives the protocol using the file://path, but does not disable JavaScript execution, which can be used to read any internal private files of the application, resulting in information disclosure
Modify Recommendation: Disable the file protocol or disallow files loaded by the filename protocol from executing javascript
Vulnerability Name: Local code execution vulnerability
Vulnerability Description: Activity accepts external incoming URL parameters, and there is webview remote code. Attackers can inject clients locally or remotely, executing arbitrary malicious code
Modify suggestions: Do not export this activity, or make strict judgments on accepted URL parameters
Common risks
Risk Name: App Backup risk
Risk Description: Allow program backup, may lead to user information disclosure
Modify Recommendation: Add Allowbackup=false If no backup is required, or implement an encrypted backup
Risk Name: Log information disclosure
Risk Description: Log data may leak during program run
Suggested Revisions: Remove log information from the proposed release version
Risk Name: Intent leaking user sensitive information
Risk Description: Intent data contains user sensitive information that may lead to disclosure
Modification Suggestion: Encrypt sensitive information, use permission limit intent scope
Risk Name: Receiver component Exposure risk
Risk Description: Broadcast can be externally invoked to cause sensitive information disclosure
Modification suggestions: No exposed components set Exported=false, if external calls are required, it is recommended to add a custom signature or signatureorsystem level of private rights protection; components that need to be exposed check the input parameters strictly to avoid denial of service. In-process dynamic broadcast registration is recommended to use Localbroadcastmanager, or use Registerreceiver (Broadcastreceiver, Intentfilter, Broadcastpermission, Handler) Alternative Registerreceiver (Broadcastreceiver, Intentfilter)
Risk Name: Broadcast Information disclosure risk
Risk Description: Broadcasts can be received by other malicious programs, causing user information to leak or terminate broadcast
Modification suggestions: It is recommended to send Intent using explicit invocation, in-process send message is recommended to use Localbroadcastmanager, or to use permissions to restrict receive scopes, such as using Sendboardcast (Intent, receiverpermission) Alternative Sendboardcast (Intent)
Risk Name: External storage Use risk
Risk Description: Data stored in an external space can cause information disclosure
Recommendations for modification: recommend that sensitive data not be stored externally, external storage is restricted and encrypted
Risk Name: App Debug Risk
Risk Description: Allow the program to be debugged
Modify Recommendation: Change the value of debugable to False
Risk Name: Private profile Read risk
Modification Recommendation: It is recommended to disable the global read operation instead of Mode_private
Risk Name: User-defined rights abuse risk
Risk Description: The following permissions are normal permissions, which may cause sensitive information disclosure
Modification suggestions: Suggested changes to signature or Signatureorsystem
Risk Name: Private profile Read and write risk
Suggested Modifications: Disabling global writes is recommended instead of mode_private
Risk Name: Private profile Write risk
Suggested Modifications: Disabling global read-write operation is recommended instead of mode_private
Risk Name: Private file Disclosure risk
Risk Description: There is a risk of sensitive file leaks
Suggested Modifications: Disabling the mode_world_readable and mode_world_readable options is recommended to open the file
Risk Name: Activity component Exposure risk
Risk Description: The activity interface can be called by other applications to perform specific sensitive operations or phishing scams, it is recommended to add android:exported=false, if external calls are required, Need to customize signature or Signatureorsystem level permissions
Modification suggestions: No exposed components set Exported=false, if external calls are required, it is recommended to add a custom signature or signatureorsystem level of private rights protection; components that need to be exposed check the input parameters strictly to avoid denial of service.
Risk name: Global readable file
Risk Description: A private file that can be read by the application memory in any other application, which can cause information disclosure
Modify suggestions: Change file properties to only the owning user or the same group of users can read
Risk Name: Global writable file
Risk Description: A private file that can be modified by application memory in any other application, which may result in application behavior being modified or even code injected
Modify Recommendation: Change the file properties to only the owning user or the same group user can modify
Risk name: URI User sensitive information disclosure
Risk Description: The URI contains user-sensitive information, which makes it easy for the reverse analyst to obtain relevant information
Modify recommendation: URI path for conversion
Risk Name: Attempt to use root permissions
Risk Description: If the program has root privileges and does not restrict the call, it may be exploited maliciously
Modify recommendations: Disable unnecessary high permissions and add check restrictions to critical permissions
Risk Name: URL User sensitive information disclosure
Risk Description: The URL contains user-sensitive information that could lead to information disclosure
Modify recommendation: Data encryption processing
Risk name: External URL controllable webview
Risk Description: Activity can be dropped by another application and loaded with an external incoming link that can be used for phishing attacks or further exploit
Modify suggestions: Reduce the export of unnecessary activity
Risk Name: KeyStore risk
Risk Description: A sensitive information disclosure vulnerability exists in the KeyStore key storage component of the Android system
Suggested Modifications: Disabling Android.security.KeyStore is recommended
Ext.: http://blog.csdn.net/zhangcanyan/article/details/51347629
Common Android Vulnerabilities