Allsafe - Intentionally Vulnerable Android Application


Allsafe is an intentionally vulnerable application that contains various vulnerabilities. Unlike other vulnerable Android apps, this one is less like a CTF and more like a real-life application that uses modern libraries and technologies. Additionally, I have included some Frida based challenges for you to explore. Have fun and happy hacking!


Useful Frida Scripts

I have my Frida scripts (more like templates) in other repository. I'm sure they might be quite handy for the Frida related tasks. Check it out: https://github.com/t0thkr1s/frida


Tasks / Vulnerabilities

1. Insecure Logging

Simple information disclosure vulnerability. Use the logcat command-line tool to discover sensitive information.


Resources & HackerOne Reports:

2. Hardcoded Credentials

Some credentials are left in the code. Your task is to reverse engineer the app and find sensitive information.


Resources & HackerOne Reports:

3. Root Detection

This is purely for Frida practice. Make the code believe that you device is not rooted!


4. Arbitrary Code Execution

Loading modules securely with third-party apps are not easy. Write a PoC application and exploit the vulnerability!


Resources & HackerOne Reports:

5. Secure Flag Bypass

Another Frida-based task. No real vulnerability here, just have fun bypassing the secure flag!


Resources & HackerOne Reports:

6. Certificate Pinning Bypass

Certificate pinning is implemented using the OkHttp library. You have to bypass it in order to view the traffic with Burp Suite.


Resources & HackerOne Reports:

7. Insecure Broadcast Receiver

There's a vulnerable broadcast recevier in the application. Trigger it with the correct data and you're done!


Resources & HackerOne Reports:

8. Deep Link Exploitation

Similar to the insecure broadcast receiver, you need to provide the right query parameter to complete this task!


Resources & HackerOne Reports:

9. SQL Injection

Just a regular SQL injection that you'd find in web applications. No need to reverse the code to bypass the login mechanism.


Resources & HackerOne Reports:
Show me how it's done!
# TODO



10. Vulnerable WebView

You can also complete this task without decompiling the application. Pop an alert dialog and read files!


Resources & HackerOne Reports:

11. Smali Patching

In this task, you have to modify the execution flow of the application by editing the Smali code. Finally, rebuild and sign the APK!


Resources & HackerOne Reports:

12. Native Library

The application uses a native library that validates the entered password. Reverse engineer the library to find the password then use Frida to hook the native method.


Resources & HackerOne Reports:



Via: feedproxy.google.com
Allsafe - Intentionally Vulnerable Android Application Allsafe - Intentionally Vulnerable Android Application Reviewed by Anónimo on 17:41 Rating: 5