Chapter 4. Exploiting Applications

In this chapter, we will cover the following recipes:

  • Information disclosure via logcat
  • Inspecting the network traffic
  • Passive intent sniffing via the activity manager
  • Attacking services
  • Attacking broadcast receivers
  • Enumerating vulnerable content providers
  • Extracting data from vulnerable content providers
  • Inserting data into content providers
  • Enumerating SQL-injection vulnerable content providers
  • Exploiting debuggable applications
  • Man-in-the-middle attacks on applications

Introduction

So far, we've covered some of the basic development and security assessment tools, and we even covered some examples of extending and customizing these tools. This chapter will focus on the use of these tools to analyze the Android applications ...

Get Android Security Cookbook now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.