8. Insecure DB Storage

  1. Methods to find a bug

Steps to reproduce :-
1) Install app that you wants to Attack
2) Create Account
3) logon to web App
4) open jadx go to android manifest file
5) now search for allowbackup true if it is false it only work on rooted device
6) adb shell
7) cd data/data/app name /db
8) adb pull path
9. Now use sqlite browser or use db browser
https://sqlitebrowser.org/dl/

upwork = android:allowBackup="false"
pkg name = com.upwork.android.apps.main

path = /data/data/com.upwork.android.apps.main/app_webview/Cookies
Previous7. Deep LinkNext9. Insecure Logging

Last updated