Often, developers make the mistake of not specifying the correct file permissions to the files while storing data for an application. These files are sometimes marked as world-readable and could be accessed by any other application without requesting permissions at all.
In order to check this vulnerability, all we need to do is go to the adb shell
and then cd to /data/data/[package name of the app]
.
If we do a quick ls -l
over here, we are able to see the file permissions of the files and folders:
# ls -l /data/data/com.aditya.example/files/userinfo.xml -rw-rw-rw- app_200 app_200 22034 2013-11-07 00:01 userinfo.xml
Here, we could also use find in order to search for the permissions.
find /data/data/ -perm [permissions value]
If we do a cat userinfo.xml
, it is storing the username and password of the application's user.
#grep 'password' /data/data/com.aditya.example/files/userinfo.xml <password>mysecretpassword</password>
This means any other application could...