Ed Holloway-George ed-george
🌍
ed-george
/ gradle-wrapper-verify.sh
Created
July 1, 2023 15:07
Verify your Gradle Wrapper's integrity
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/zsh | |
| # This script will verify your gradle-wrapper.jar | |
| # file's integrity for your project's Gradle version | |
| # For more info, see: | |
| # https://docs.gradle.org/current/userguide/gradle_wrapper.html#manually_verifying_the_gradle_wrapper_jar | |
| # | |
| # Usage: ./gradle-wrapper-verify.sh | |
| # Use within $PROJ_ROOT/gradle/wrapper folder |
ed-george
/ trackSynthetics.sh
Created
August 19, 2022 12:27
A simple bash script to see how your projects Synthetics usage has changed over time
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #! /bin/bash | |
| # To use: | |
| # Copy this file to the root of your Android Project | |
| # chmod +x trackSynthetics.sh | |
| # ./trackSynthetics.sh | tee results.csv | |
| # Open CSV file in your choice of spreadsheet software | |
| start=2022-02-23 # Date to start tracking | |
| end=2022-08-19 # Date to end tracking |
ed-george
/ Example5.kt
Created
June 4, 2022 00:11
Unpacking Android Security: Part 2 - Insecure Data Storage (Example 5)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| val Context.dataStore by preferencesDataStore(name = "insecure-data-store") | |
| val pref1 = stringPreferencesKey("example_pref") | |
| val pref2 = stringPreferencesKey("example_pref_2") | |
| dataStore.edit { settings -> | |
| settings[pref1] = "My 1st Pref" | |
| settings[pref2] = "My 2nd Pref" | |
| } |
ed-george
/ Example4.kt
Created
June 4, 2022 00:10
Unpacking Android Security: Part 2 - Insecure Data Storage (Example 4)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // Use a user-entered passphrase to encrypt/decrypt | |
| val passPhrase: ByteArray = "password".encodeToByteArray() | |
| val sqlCipherSupportFactory: SupportSQLiteOpenHelper.Factory = SupportFactory(passPhrase) | |
| val database = Room.databaseBuilder( | |
| applicationContext, | |
| YourRoomDatabase::class.java, | |
| "secure-database") | |
| .openHelperFactory(sqlCipherSupportFactory) | |
| .build() |
ed-george
/ Example3.xml
Created
June 4, 2022 00:08
Unpacking Android Security: Part 2 - Insecure Data Storage (Example 3)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <map> | |
| <string name="ARTYCGdkOdwAqjLCjWdsepYfbO+lJzJFFrHIta8JSE0=">ASTonpk6n1buL/VN6mB/S95HNcyHzvFp5qbcpkJMjSQbqRkzO3HWe5KKcP6eTwtzIFamU3Ag</string> | |
| <string name="__androidx_security_crypto_encrypted_prefs_key_keyset__">12a90155259183605a12481ccf406838afc98126862109cc5e083185fe7259a052ccb4d1f859ac62ee1ab624f4b35df36c53a23c24547ee322aacc4526a654fd99e9997c0e6bf389b3bf2706a2e29b63d99a1e74535d68457fda16f04e706f127ca09c01622e26db72339720e814af1d6533efc8705eb8a073fa4e5afb2dbfb9446eaa27801942e0c8a8462ff6aed86738f500cdb77655294549810c2cfbe011b4c3900e3504eb3947502c7c1a4408e790e0a601123c0a30747970652e676f6f676c65617069732e636f6d2f676f6f676c652e63727970746f2e74696e6b2e4165735369764b6579100118e790e0a6012001</string> | |
| <string name="__androidx_security_crypto_encrypted_prefs_value_keyset__">128801700a3e737db7b3f8385be4aea6f74fbb844b86532055fa99032c67df4c5a5543e799dd9a621013ba716749b3decef994896914cea1d8dbf25fc13e6a7c6f19a0488dbd4a339642f4bfc4ad82fe1b27b4d4ca0a79c55e57354389f7c2e115af8c0d6f8fff0093299c2481a6cf25b5 |
ed-george
/ Example2.kt
Created
June 4, 2022 00:07
Unpacking Android Security: Part 2 - Insecure Data Storage (Example 2)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| val masterKey = MasterKey.Builder(this) | |
| .setKeyScheme(MasterKey.KeyScheme.AES256_GCM) | |
| .build() | |
| EncryptedSharedPreferences.create(this, "myEncryptedPrefsFile", masterKey, PrefKeyEncryptionScheme.AES256_SIV, PrefValueEncryptionScheme.AES256_GCM).edit { | |
| putString("mySecretKey", "mySecretValue") | |
| } |
ed-george
/ Example1.kt
Created
June 4, 2022 00:05
Unpacking Android Security: Part 2 - Insecure Data Storage (Example 1)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| val prefs = context?.getSharedPreferences("mySharedPrefFile", Context.MODE_PRIVATE) ?: return | |
| // Store some credentials we might not want others to read | |
| prefs.edit().putString("mySecretKey", "mySecretValue").apply() |
ed-george
/ AndroidManifest.xml
Created
January 27, 2022 18:09
Unpicking Android Security: Part 1 - Improper Platform Usage (Example 3)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <!-- In the main application --> | |
| <permission android:name="dev.spght.permission.example.MY_PERMISSION" | |
| android:protectionLevel="signature" | |
| android:label="A custom permission" /> | |
| <!-- In the secondary application --> | |
| <uses-permission android:name="dev.spght.permission.example.MY_PERMISSION"/> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| adb shell am start -n dev.spght.owasp/dev.spght.owasp.home.MainActivity |
ed-george
/ AndroidManifest.xml
Created
January 27, 2022 18:05
Unpicking Android Security: Part 1 - Improper Platform Usage (Example 1)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <activity | |
| android:name=".login.LoginActivity" | |
| android:exported="true"> | |
| <intent-filter> | |
| <action android:name="android.intent.action.MAIN" /> | |
| <category android:name="android.intent.category.LAUNCHER" /> | |
| </intent-filter> | |
| </activity> | |
| <activity |
NewerOlder