Skip to main content

A New Way Of Brute force Passcode/Pin Protection By deep link

DESCRIPTION:
AS you know already that what is passcode protection and why it is applied ? And how it is bypassed normally ?
If you don’t know please read my previous blog:  
https://negativewives.blogspot.com/2020/04/passcode-protection-bypass-by-brute.html                                                                              
When any passcode protection is implemented first check any activity is exported or not ? Here we  only talking the scenario where no activity is exported in application

 PROCEDURE:
  1. Open Application after implementing passcode protection. You see that passcode activity is launched first
  2. Go to AndroidMainfest.xml file and check launch mode of passcode activity .

Question Arises in your mind  - What is Launch Mode?
Launch mode is an instruction for Android OS which specifies how the activity should be launched.It instructs how any new activity should be associated with the current task.
 For more learn about launch mode  In application:

  1. Some developers don’t specify any launch mode for passcode activity so default launch mode for activity is  standard means every time you launch that activity a new instance of that activity is created.
  2. Now check deep link of application in androidmainfest.xml file

What is Deep link?
Deep links are a concept that help users navigate between the web and applications. They are basically URLs which navigate users directly to the specific content in applications.

A deep link is an intent filter that allows users to directly enter a specific activity in your Android app.
Deep linking, in a general sense, involves linking to specific content within a website or app, rather than to the homepage. Here we’re talking in particular about getting specific elements of an app to show up in search results on a mobile device, allowing users to open an app directly from a search results page. Note: Users will only see this prompt if they have the particular app installed.

for more read about deep-links :

  1. Now run adb shell
  2. Am start -a   am start -a android.intent.action.VIEW -d "deep-link of application"
  3. Run this  every time , you noticed that every time a new instance Is created and a user can easily brute force the passcode protection by this method

As soon as possible i uploaded poc .

Mitigation:
 Set the launch mode  in activities of Application.


If any doubt please ping me on mail or comment here ⏫⏬
Labels:

Comments

Post a Comment

Popular posts from this blog

Exploitation of Improper Export of Activities In Android Application

In android You know that every GUI interface is an  separate activity. An activity represents a single screen with a user interface just like window or frame of Java. In An application there are many activities depend on application functionalities. Let's take a example : An application that have   three modules login , register and   dashboard . For that there are there are three different activities for all these modules. What is export Means Here? In Android Application there is an attribute android: exported =true or false . This attribute is used in android   to provide an access to   other third party application to start their service , activities   and receive broadcast   messages. Like for an Example : If an application    have broadcast receiver to receive any events or message , if in that application exported attribute is set to true then this    broadcast message   can also receive by other thi...
Post a Comment
Read more

Passcode Protection Bypass By Brute Forcing On zoho (Cliq Application)

First We discuss about what is passcode and Why it is Implemented in  Mobile Applications. PASSCODE Implemented in Mobile Application to protect Applications from an Unauthorized Access.like for example your cliq or any application account is logged in mobile phone .any your friend ask you to give phone , your friend try to open cliq application to see your message, but your friend cant open the application without entering passcode . he have to enter passcode for open, so it is an extra layer security in  applications. Passcode protection implemented in Android Application is an extra layer security to protect an unauthorized access. How Passcode Protection is bypassed by Bruteforcing? You know that passcode protection or pin protection in mobile applications have some attempt to enter passcode , if you enter  wrong passcode more than 5 times or 10 times based on application security , User logged out automatically and redirected to login page.but due to some ...
3 comments
Read more