Hybrid APP-Security

Source: Internet
Author: User

I. vulnerabilities caused by the Addjavascriptinterface interface

Reference: http://blog.csdn.net/leehong2005/article/details/11808557/


JS Injection method Addjavascriptinterface may lead to unsafe, because JS may contain malicious code. With JavaScript, you can access everything on the current device's SD card, even contact information, text messages, and so on.

1,webview added a JavaScript object, and the current app has read-write SDcard permissions, which is: Android.permission.write_external_storage2,js can traverse the Window object, Objects that have an object with the "GetClass" method are found, and then the runtime object is obtained through a reflection mechanism, and then a static method is called to execute commands, such as a command to access a file. 3, and then get the string from the input stream returned after executing the command, you can get the information of the file name
function Execute (Cmdargs) {for (var obj. window) {if ("GetClass" in Window[obj]) {alert (obj); Return Window[obj].getclass (). forname ("Java.lang.Runtime"). GetMethod ("GetRuntime", null). Invoke (        null,null). exec (Cmdargs); }    }}


1,android more than 4.2 of the system on Android 4.2, Google made a correction, through the Java remote method above the declaration of a @javascriptinterface2.android 4.2 system (1) This problem is more difficult to solve , but it is not impossible to solve. First, we definitely can't call the Addjavascriptinterface method again. On this issue, the most important thing is to know the JS event this action, JS and Java interaction We know, there are several, than prompt, alert and so on, such actions will correspond to webchromeclientclass, for prompt, the corresponding method is onjspromptMethod. "1" Let JS call a JavaScript method, this method is called the prompt method, through the prompt to the information in JS, this information should be a section of meaningful text we combine, may contain: specific identities, method names, parameterssuch as In onjspromptmethod, we parse the passed text, get the method name, parameter, etc., and then invoke the method of the Java object by invoking the specified method through the reflection mechanism. "2" about the return value, you can return back through prompt, so that the results of the method in Java can be returned to JS. "3" We need to dynamically generate a JS script that declares a JavaScript method, which is loaded with Loadurl to register it in an HTML page. 3. Remove some default JS object Searchboxjavabridge_,accessibility,accessibilitytraversal two. White list check is loaded as checked override Loadurl,posturl Web redirect redirect do check Webviewclient shouldoverrideurlloading method, the URL outside the dialogue list to intercept

Hybrid APP-Security

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.