我的 Android 应用程序代码暴露了 Android RAM 中的纯文本数据,攻击者可以窃取这些数据
安全测试人员报告了一个错误。据他们称,攻击者可以附加调试器并从应用程序中转储内存,或者加载内核模块以转储 RAM 的全部内容。”
@JavascriptInterface
fun getCustomerData(): String {
return eTestWebViewViewModel.getCustomerDataJson(customer)
}
我阅读了多个博客并尝试分析该问题。但是,我无法找到任何解决
方案:
{"firstName":"John","lastName":"Smith","age":25,"address":{"streetAddress":"21 2nd Street","city":"New York","state":"NY","postalCode":"10021"},"phoneNumber":[{"type":"home","number":"212 555-1234"},{"type":"fax","number":"646 555-4567"}]}
A security tester has reported a Bug. According to them, An attacker can attach a debugger and dump the memory from the application, or load a kernel module to dump the entire contents of RAM."
@JavascriptInterface
fun getCustomerData(): String {
return eTestWebViewViewModel.getCustomerDataJson(customer)
}
I read multiple blogs and tried to analyse the issue. But, I am not able to find any solution.
Plain text:
{"firstName":"John","lastName":"Smith","age":25,"address":{"streetAddress":"21 2nd Street","city":"New York","state":"NY","postalCode":"10021"},"phoneNumber":[{"type":"home","number":"212 555-1234"},{"type":"fax","number":"646 555-4567"}]}
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
嗯,你可以尝试检测内存调试
就像当有人转储你的应用程序内存时,文件
会被触发,如果攻击者转储本机字符串等,
文件也会被触发,攻击者会找到目标库,从映射中开始 addr 来操作它,然后会转到 mem 来获取运行时内存,我建议你使用 inotify 并检测映射和内存的触发器,为了好的目的,你还可以添加 inotify 以便
攻击者读取它来查找目标进程 pid
希望它有帮助!
Well, you can try detecting memory debug
like when someone dump your application memory the file
is triggered and also if attacker dumps the native strings etc then
file will be triggered , attacker will find the target lib starting addr from maps to manipulate that and after that will goto mem for getting runtime memory, i suggest you to use inotify and detect trigger to maps and mem and for good one you can also add inotify for
attackers reads that to find the target process pid
Hope It Helps!