Unprotected Data URIs
PreviousIntent Redirection (Access to Protected Components)NextTheft of Arbitrary files from LocalStorage
Last updated
Was this helpful?
Last updated
Was this helpful?
The com.insecureshop.WebView2Activity
contains the following code. The code takes untrusted URL in loadUrl
method and passes it to webview.
Analyze the intent-filter used by this activity carefully. Can you convert this attack into a remote exploitation by utilizing intent scheme URIs?