INPUT VALIDATION ISSUES 2 - FILE PROTOCOL
- Layout for this exercise:
- Connecting from Santoku to Nexus 5 with ADB:
- Launching the application:
- Clicking the tab for challenge 8:
- The application asks for an URL, for instance https://dgmsp.blogspot.com:
- The browser opens the website of this blog, as expected:
- However, this circumstance can be used to exploit the browser using a different protocol than HTTP, for instance the File protocol, to read the contents of the internal file system, or even data at external storage.
- From a previous exercise, we have some credentials stored at this path:
- Using the File protocole, access to the uinfo file can be achieved:
- Introducing the File path as input, the content of the uinfo file is displayed:
- In the same way, this input validation vulnerability can be used for accessing data at external storage. For instance, let's say that there is a Key file at the SD card:
- Introducing the path to the external storage or SD card, the content of the Key file is displayed:
