Created
March 25, 2015 01:50
-
-
Save thejh/11b5fc8a7db44ed66716 to your computer and use it in GitHub Desktop.
Android Security issue [#1086869776] Browser doesn't properly delimit protocol and domain in the "password" table, reported 02.08.12
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| EDIT: changed the domain names for public disclosure | |
| Have a look at /data/data/com.android.browser/databases/webview.db, table "password". | |
| columns: _id, host, username, password | |
| "host" contains protocol and hostname concatenated without any delimiter. What this means: | |
| - login to https://example.org/ with valid username and password | |
| - go to http://sexample.org/ | |
| - any login form on sexample.org will be auto-filled | |
| Tested it on android 4.1.1. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment