From the course: Android App Security: A Structured Approach to Pen Testing
Unlock the full course today
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Testing platform: Insecure logging - Android Tutorial
From the course: Android App Security: A Structured Approach to Pen Testing
Testing platform: Insecure logging
- [Instructor] Now that we have set up our emulator, ADB, and installed a test application on to our emulator, let's start by solving the challenges. The first challenge in DIVA is of insecure logging. As the name itself suggests, it has something to do with the way this application creates entries into its log files. If we just explore the functionality, it tells me to enter my credit card number. So let me just go ahead and enter a random 16 digit number. Now, in order to view this log entry, what we will be needing is ADB logcat. But since we have to be smart about it, let's just restrict our output to the last 20 lines, right? Now, I'm just going to go ahead and press checkout here. There is an error. Now by and large, whenever an application encounters an error, a log entry is created and just pushed into the Android log file. Let's see what it is. So, if you go through this log entry, you'll see that…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.