I will try to make them in such a way that I can also share it with others as well. Hope this will be helpful for me as well as other people.
These are my android notes that I am going to keep while I progress and see what all I can do.
All the applications are stored on
All the system applications are stored on
We don't have to touch this unless we are going behind the android OS
Some application gets installed in
This is done my PM(package manager) using
No external app or anyone else can access that.
Obviously if you have rooted device you can access those.
zygotes: This is the process that listen for new application requests in Android OS
To get all the URLs from the apk
strings <apk> | grep -ProI "[\"'\](https?://|/)[\w.-/]+[\"'`]"`
Some general things
In AndroidManifest.xml we can see
<application> tag they define layout and stuff but it have some spicy stuff as well
<android:allowBackup> : Define whether the backup of application data is allowed or not.
run app.package.backup -f <package-name>
So it's possible for the developer to define
Backupagent which can be used to do various task related to backup.
we can make the backup using
adb backup <package-name> , an activity will be launched. Leave the Key field black and back it up
dd if=backup.ab bs=24 skip=1 | openssl zlib -d > backup.tar
backup.ab is placed in the $(pwd)
extract the tar and see if the databases etc is also being shared.
Check if the app is debuggable:
If this is the case a shit load of information would be leaking.
adb jdwp to see what all application are running in debuggable mode.
In 'strings.xml` you will find lot of APIs. It's possible to use some in wrong manners.
Google Maps API key:
Post the key and see it works.
Impact is not big but still an issue since an attacker can cause an increase in the cost.