From the course: Android App Security: A Structured Approach to Pen Testing
Unlock the full course today
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Activity testing - Android Tutorial
From the course: Android App Security: A Structured Approach to Pen Testing
Activity testing
- [Narrator] In activities testing, we will find, what activities this application is exporting and if those applications can be accessed by bypassing the controls of this application. In general, activities are screens that a user interacts with. The flow of control between these activities is either decided by the user preference or by the application needs. Let us see if there are any activities off C, which are vulnerable. The module for finding the activities is, app.activity.info This'll tell us all the activities that are present in this application and what are the permissions associated therein. So what we'll do is, we'll quickly run this module. - a followed by the package name. As you can see, there are three activities which are exported by this application and there are no permissions required to access these activities. Now, granted, main login activity, is the first activity that the user interacts…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Contents
-
-
-
-
-
-
-
-
(Locked)
Introduction to drozer1m 25s
-
(Locked)
drozer architecture51s
-
(Locked)
drozer setup4m 13s
-
(Locked)
Sieve application overview2m 23s
-
(Locked)
Basic commands3m 42s
-
(Locked)
Activity testing3m 30s
-
(Locked)
Content provider testing4m 9s
-
(Locked)
Content provider testing: SQL injection4m 22s
-
(Locked)
-