We have seen various vulnerabilities in Android apps in the previous articles. Before moving ahead with other vulnerabilities in Android applications in this series of articles, I would like […]
Configuring SSH server
Adding a new user
Creating authorized keys for a specific client
Adding authorized keys to the SSH server
Logging in using authorized keys
Configuring Apache server to make it […]
In one of the previous articles, we have seen how developers implement Shared Preferences in Android applications. We have also seen how one can compromise the sensitive data stored […]
This article explains how to start performing black box assessments on Android applications using Introspy. Introspy is one of the important tools in an Android pentester’s arsenal.
As per their […]
In the previous article, we discussed shared preferences and its security under local data storage. In this article, we will discuss other storage methods being used by Android developers.
In the previous article, we discussed the common techniques of how application developers check for a rooted device and then how an attacker can bypass some of the techniques […]
In this article, we will look at the techniques being used by Android developers to detect if a device on which the app is running is rooted or not. […]
In this series of articles so far, we have discussed various techniques to identify and exploit vulnerabilities in Android applications. In the previous article, we have seen how to […]
In the previous article, we have seen how to debug Java applications using a little tool called JDB. In this article, we will apply the same logic to exploit […]
This article walks the readers through debugging Java programs using a command line tool called JDB. Though this article doesn’t touch Android concepts, this is a prerequisite to understand […]
Android Hacking and Security, Part 4: Exploiting Unintended Data Leakage (Side Channel Data Leakage)
In the previous articles, we discussed attacks associated with activity components, content providers, broadcast receivers, and ways to secure them. In this article, we will discuss “Unintended Data Leakage”, […]
In the first two articles, we discussed attacks associated with Activity Components, content provider leakage and ways to secure them. In this article, we will discuss attacks on broadcast […]
In the previous article, we discussed how an attacker exploits vulnerable Activity Components and ways to secure them. In this article, we will discuss “Content Provider Leakage”.
What are […]
Mobile Application Security is one of the hottest segments in the security world, as security is really a big concern with growing mobile applications. In this article, we will […]