Chapter 4. Exploiting Applications

In this chapter, we will cover the following recipes:

  • Information disclosure via logcat
  • Inspecting the network traffic
  • Passive intent sniffing via the activity manager
  • Attacking services
  • Attacking broadcast receivers
  • Enumerating vulnerable content providers
  • Extracting data from vulnerable content providers
  • Inserting data into content providers
  • Enumerating SQL-injection vulnerable content providers
  • Exploiting debuggable applications
  • Man-in-the-middle attacks on applications

Introduction

So far, we've covered some of the basic development and security assessment tools, and we even covered some examples of extending and customizing these tools. This chapter will focus on the use of these tools to analyze the Android applications ...

Get Android Security Cookbook now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.