ACCESS CONTROL ISSUES 1 - INTENT FILTER VULNERABILITY (1)
- Layout for this exercise:
- Connecting from Santoku to Nexus 5 with ADB:
- Launching the application:
- Clicking the tab for challenge 9:
- The application allows to see the API credentials:
- However, the goal of this challenge is to access the API credentials from outside the application, taking advantage of the incorrect validation system used in this activity.
- Let's have a look at the Java source code of the activity for this challenge, AccessControl1Activity:
- The jakhar.aseem.diva.action.VIEW_CREDS is the intent filter responsible for allowing the credentials to be displayed by the application:
- Opening the Java source code for APICredsActivity.java:
- Also, the AndroidManifest.xml indicates the presence of the mentioned intent filter:
- Now, using the Activity Manager tool we can start the intent filter jakhar.aseem.diva.action.VIEW_CREDS from Santoku Linux, without using the DIVA application interface at the Nexus 5 device:
-The result is the application starting by itself and showing the API credentials:
- By the way, an apart for the previous exercise, Activity Manager can also be used for other tasks. For instance, to open a web browser remotely at the mobile device:
