Lect_7 - Deekshith19/Android_Security GitHub Wiki

7. Input Validation Issues- Part 1

We explore the application by entering values in the search EditText field

image

We observe the decompiled source code in the JADX.

image

We understand that for this Task an activity called SQLInjectionActivity is used.

image

We enter 1' OR 1=1-- so that the above SQL query becomes

SELECT * FROM sqliuser WHERE user ='1' OR 1=1--'

The WHERE clause condition gets evaluated to FALSE or TRUE which is equivalent to TRUE, hence all the records in the database are displayed in the Toast message.

image

8. Input Validation Issues- Part 2

We explore the application by entering values in the URL EditText field.

image

We enter a sensitive path like file:///data/data/jakhar.aseem.diva/shared_prefs/jakhar.aseem.diva_preferences.xml

which only the application has access to and normal user of the device does not have access to. We observe that the file contents are displayed in the WebView.

image

We observe the decompiled source code and open the InputValidation2URISchemeActivity in the JADX.

We observe that the user input value in the EditText field is used directly to load in the WebView without any sanitization or validation.

image