From the course: Android App Security: A Structured Approach to Pen Testing
Unlock the full course today
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Testing platform: Insecure data storage - Android Tutorial
From the course: Android App Security: A Structured Approach to Pen Testing
Testing platform: Insecure data storage
- [Instructor] The next challenge that we'll be taking up is insecure data storage. Now within this application, this particular challenge corresponds to how this application stores data onto the device. If you look at the functionality, it is asking me to enter username or password. Let me just go ahead and create something simple. Create and save it. Now let us see how this application is saving my credentials onto the device. Coming back to the command prompt, what I would need is a way to access the file system of the emulator. And the best way to do that is a d b shell, because this gives me a shell access to the emulator. Not only that, since my device is rooted, I'll have a root-level access. Now, as a matter of fact, every application that is installed on your device creates an entry, and stores all their data in this directory. Data and data. So if you go to this directory and list down all the entities…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.