Skip to content

Siddharth352/Android-webview-vul-test-app

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

27 Commits
app
app
 
 
gradle/wrapper
gradle/wrapper
 
 
README.md
README.md
 
 
app.apk
app.apk
 
 
build.gradle
build.gradle
 
 
gradle.properties
gradle.properties
 
 
gradlew
gradlew
 
 
gradlew.bat
gradlew.bat
 
 
settings.gradle
settings.gradle
 
 

Repository files navigation

Vulnerable Web View

Intentionally vulnerable webview implementions in Android

Added vulnerabilities

  1. Basic webview hijack with attacker controlled URL in RegistrationWebView.java
  2. User token leaked to attacker via header and JavaScript interface in SupportWebView.java
  3. Universal file access allowed in RegistrationWebView.java enables exfiltration of private files
  4. Webview ignore SSL certification checking.

How to install

  • If you want, you can clone this repository into Android Studio, or you can simply download the app.apk and install it on your device.

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages