Mobile Hacking Lab - Secure Notes Lab Solution

Objective Retrieve a PIN code from a secured content provider in an Android application. Secure Notes Lab 👉 : https://www.mobilehackinglab.com/course/lab-secure-notes Secure Note Application The Secure Note application asks for a PIN. Submitting an invalid PIN results in the message [ERROR: Incorrect PIN]. Source Code Analysis Android Manifest Analysing the AndroidManifest.xml, we can see that the application exports a content provider and the MainActivity. <provider android:name="com.mobilehackinglab.securenotes.SecretDataProvider" android:enabled="true" android:exported="true" android:authorities="com.mobilehackinglab.securenotes.secretprovider"/> <activity android:name="com....

December 22, 2023 · 4 min · Rizal

Mobile Hacking Lab - Post Board Lab Solution

Objective Exploiting a Cross-Site Scripting (XSS) vulnerability in Android WebView to achieve Remote Code Execution (RCE) The post board challenge from Mobile Hacking Lab is available here 👉 https://www.mobilehackinglab.com/course/lab-postboard. Inspecting Android Manifest The application has only one activity com.mobilehackinglab.postboard.MainActivity. The relevant snippet from AndroidManifest.xml is provided below. <activity android:name="com.mobilehackinglab.postboard.MainActivity" android:exported="true"> <intent-filter> <action android:name="android.intent.action.MAIN"/> <category android:name="android.intent.category.LAUNCHER"/> </intent-filter> <intent-filter> <action android:name="android.intent.action.VIEW"/> <category android:name="android.intent.category.DEFAULT"/> <category android:name="android.intent.category.BROWSABLE"/> <data android:scheme="postboard" android:host="postmessage"/> </intent-filter> </activity> As the activity is exported, it can be launched by other applications installed on the same device....

December 20, 2023 · 6 min · Rizal