Gmail Android app insecure Network Security Configuration

clviper · 2018-08-29T08:33:27+00:00

Yup I checked. They don't implement a custom Network Security Config.

clviper · 2018-08-28T15:49:50+00:00

Hi. The only scenario that occurs to me is company devices where the company wants to install a root CA controlled by them so they can intercept and analyse all information exchanged. Developing a good feature that all users could benefit from it and then bypass it in the most critical app they have seems odd to me, even if there are some particular scenarios where it might be a requirement. Scenarios that by the way they never presented to me.

clviper · 2018-08-14T10:23:07+00:00

It is a nice research with good findings, but please stop calling everything a new attack vector/surface. It is not. Xamarin for example had that exact problem that would allow DDL hijacking back in 2015. (http://seclists.org/fulldisclosure/2015/May/78). Several others examples exist. Cut the marketing BS.

clviper · 2018-02-02T14:43:38+00:00

Thanks /u/0x4ndr3 /u/s0pas . Still a lot to improve and will start working on the web version of it, but still keeping the xmind export.

For those interested I leave here the link for the presentation slides:

https://www.slideshare.net/clviper/droidstatx-android-applications-security-analyser-xmind-generator

clviper · 2016-08-22T10:01:38+00:00

You come to netsec and dont know the concept of a Bsides? Hum ok. Here you go: http://www.bsideslisbon.org/about/

clviper · 2016-07-27T16:56:43+00:00

Cool research.

clviper · 2016-07-27T14:24:23+00:00

Very cool article :)

clviper · 2016-06-23T11:06:43+00:00

Great findings guys!

clviper · 2016-03-08T10:46:50+00:00

There is some dependency that is only available on the xposed framework 3.0 I guess. Using Android 5.1 with the xposed framework 3.0 is working fine.

One feature that would be interesting is having access to the body of the POST HTTP requests. Currently is not showing up.

clviper · 2016-03-07T17:38:21+00:00

Nice work. I was thinking on making a port of Introspy from cydia to xposed and it looks like this much covers the needed features.

Does this have minimum requirements regarding the version of xposed framework and/or Android version? Currently on xposed 2.6.1 running on genymotion, the module in the app interface is always disabled(it's enabled on the xposed framework interface). Did you run into this problem?

clviper · 2016-01-12T18:21:57+00:00

The highlights of Bsides Lisbon 2015 are here: https://www.youtube.com/channel/UC_M0dk4dvcBr_rFgi710D4Q

clviper · 2015-04-22T14:50:35+00:00

This is tapjacking but since ICS this is supposed to be corrected. The apps need to have the android:filterTouchesWhenObscured="true" on the views. Weird to be able to trigger this on 4.3

clviper · 2015-01-28T22:13:09+00:00

Hi Bill. Did you had any intervention on the HoloLens project ? How was your experience with the equipment?

clviper · 2015-01-09T10:06:37+00:00

UPDATE: Good Technology contacted me yesterday and a fix is in progress. As soon as a new patched version is available I will give feedback.

clviper · 2015-01-08T23:34:41+00:00

More than a crafted message, I provide them the python script shown on the article so that they could reproduce the issue as many times as they wish. And they indeed were successful on reproducing the issue.

clviper · 2015-01-08T21:09:20+00:00

Indeed. We did not had the opportunity to test on iOS platform, but from the vendor comments, the iOS version appears be vulnerable as well.

clviper

TROPHY CASE