Security Misconfiguration

Backup

adb backup allows you to create a backup of an Android device's data. It can back up app data, system setting, etc.

Note: For apps targeting Android 12 (API level 31), adb backup excludes app data, except for debuggable apps [🔗].

Testing

Requirement: android:allowBackup="true" in the AndroidManifest.xml

# Backup one application with its apk
adb backup -apk <package_name> -f <backup_name>.adb

# Restore backup
adb restore <backup_name>.ab
# Alternative way
adb shell
bu backup <package_name>

# Restore
adb shell
bu restore backup.adb

Debuggable

The android:debuggable attribute indicates if the application is debuggable and it is set to false by default [🔗].

Note: you cannot release a debuggable app on Google Play Store [🔗] [🔗].

Testing

Check android:debuggable="true" in the AndroidManifest.xml.If it is enable you can read and extract without root privileges all files inside the app internal storage.

adb exec-out run-as <package_name> tar c . > output.tar

WebView - Debug

Requirements:

  • setWebContentsDebuggingEnabled is set to true

  • OR android:debuggable="true" (setWebContentsDebuggingEnabled is enabled automatically if the app is declared) More info: [🔗].

Note: the Apache Cordova application automatically gets attached to Chrome’s debugger. (org.apache.cordova.SystemWebEngine)

  1. Open the application on your phone

  2. Open chrome on your machine chrome://inspect/#devices

  3. In the “Remote Target” section, you will find the device and the app. Click on inspect.

  4. Now you can look for Application Storage, Network traffic, etc.

Last updated