Android
I will try to make them in such a way that I can also share it with others as well. Hope this will be helpful for me as well as other people.
These are my android notes that I am going to keep while I progress and see what all I can do.
All the applications are stored on
/data/appdirectory.All the system applications are stored on
/system/app/We don't have to touch this unless we are going behind the android OS
Some application gets installed in
/data/app-privateThis is done my PM(package manager) using
FORWARD_LOCKenabledNo external app or anyone else can access that.
Obviously if you have rooted device you can access those.
zygotes: This is the process that listen for new application requests in Android OS
To get all the URLs from the apk
strings <apk> | grep -ProI "[\"'\](https?://|/)[\w.-/]+[\"'`]"`
Some general things
In AndroidManifest.xml we can see
<application>tag they define layout and stuff but it have some spicy stuff as well<android:allowBackup>: Define whether the backup of application data is allowed or not.run app.package.backup -f <package-name>So it's possible for the developer to define
Backupagentwhich can be used to do various task related to backup.we can make the backup using
adb backup <package-name>, an activity will be launched. Leave the Key field black and back it updd if=backup.ab bs=24 skip=1 | openssl zlib -d > backup.tarhere
backup.abis placed in the $(pwd)
extract the tar and see if the databases etc is also being shared.
Check if the app is debuggable:
run app.pacage.debuggableIf this is the case a shit load of information would be leaking.
Use
adb jdwpto see what all application are running in debuggable mode.
In 'strings.xml` you will find lot of APIs. It's possible to use some in wrong manners.
Google Maps API key:
Post the key and see it works.
Impact is not big but still an issue since an attacker can cause an increase in the cost.
