From the course: Android App Security: A Structured Approach to Pen Testing
Unlock the full course today
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Content provider testing - Android Tutorial
From the course: Android App Security: A Structured Approach to Pen Testing
Content provider testing
- [Instructor] Now that we have covered activities, let's test the content providers of this application. To get the basic information of content providers, we will use app.provider.info. For getting the basic information about the content providers, the Drozer module that we will be using is app.provider.info. The command would be, hyphen a followed by the package name, that is com.mwr .example.sieve. Let me just go ahead and copy this because again we'll be using it again and again. Some oversight, wonderful. So this tells me that we have two content providers here. First is the DBContentProvider, and the second is FileBackupProvider. For the DBContentProvider there are no read or write permissions needed. In addition to that there are no permissions to access the URI. URIs are basically the links or the resources indicators to specific information within the content providers within the database. As it so…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Contents
-
-
-
-
-
-
-
-
(Locked)
Introduction to drozer1m 25s
-
(Locked)
drozer architecture51s
-
(Locked)
drozer setup4m 13s
-
(Locked)
Sieve application overview2m 23s
-
(Locked)
Basic commands3m 42s
-
(Locked)
Activity testing3m 30s
-
(Locked)
Content provider testing4m 9s
-
(Locked)
Content provider testing: SQL injection4m 22s
-
(Locked)
-