1
00:00:00,090 --> 00:00:04,000
- Hello, and welcome to the new
video of Android Security and

2
00:00:04,000 --> 00:00:09,510
Exploitation by Pentester Academy. My
name is Aditya Gupta, and I am your course

3
00:00:09,510 --> 00:00:13,670
instructor for this training series. So,
this course is being run on

4
00:00:13,670 --> 00:00:20,930
PentesterAcademy.com as well as
securitytube-training.com. So in this

5
00:00:20,930 --> 00:00:26,360
particular video we are going to have a
look at the insecure data storage of the

6
00:00:26,360 --> 00:00:33,040
Damn Insecure and Vulnerable Application,
also known as "DIVA". So as we have

7
00:00:33,040 --> 00:00:37,640
previously discussed, an Android
application can store data in a couple of

8
00:00:37,640 --> 00:00:45,054
ways. So either it can store in the shared
preferences, or it can store in databases,

9
00:00:45,054 --> 00:00:52,003
or it can store as a profile, or maybe it
can also store on the external storage,

10
00:00:52,003 --> 00:01:00,089
which is usually the SD card, right? So if
you come to the Part 4 of the Insecure

11
00:01:00,089 --> 00:01:05,870
Data Storage, it has a similar screen
asking us to enter the username and

12
00:01:05,870 --> 00:01:17,065
password. So let's say we enter something,
maybe "username1" and "password23." And we

13
00:01:17,065 --> 00:01:25,659
save this particular information. So now
if you look over here, there is no

14
00:01:25,659 --> 00:01:35,269
additional file which is created, and if
you look at the shared preferences it is

15
00:01:35,269 --> 00:01:46,362
not over here, and also not in the
databases. So the other possibility is it

16
00:01:46,362 --> 00:01:53,453
could be in the external storage. Now, in
order to check the external storage, you

17
00:01:53,453 --> 00:02:02,409
need to go to "/mnt/sdcard", and if you do
an "ls" over here you don't see anything

18
00:02:02,409 --> 00:02:07,090
like a new file or a new created file over
here.

19
00:02:07,090 --> 00:02:15,890
But if you do an "ls -la" you see
something as a ".uinfo.txt" which has been

20
00:02:15,890 --> 00:02:22,657
recently created, right. So a lot of
application developers, what they think is

21
00:02:22,657 --> 00:02:30,328
storing something in the SD card might not
be secure, but if they store it with a dot

22
00:02:30,328 --> 00:02:36,261
in the start, making it a hidden file,
that might make the file secure, right,

23
00:02:36,261 --> 00:02:42,742
which is not the case. So anyone can
simply do an "ls -la" and get to know the

24
00:02:42,742 --> 00:02:52,616
hidden file. And if you simply do a "cat
.uinfo.txt" it's the "username1" and

25
00:02:52,616 --> 00:02:58,861
"password23" which is what we entered over
here, right? And if we want to look at the

26
00:02:58,861 --> 00:03:13,082
source code, we can check out Insecure
Storage - Part 4. And we see that it is

27
00:03:13,082 --> 00:03:18,751
taking the location of the external
storage directory and creating a file

28
00:03:18,751 --> 00:03:23,691
called ".uinfo.txt". So either you can
reverse engineer the application,

29
00:03:23,691 --> 00:03:29,114
figure out how it is storing the data, or
you can try a hit and trial approach,

30
00:03:29,114 --> 00:03:29,968
right?

31
00:03:29,968 --> 00:03:36,225
So that is all for this particular video,
and if you have any questions or queries,

32
00:03:36,225 --> 00:03:43,743
fee free to reach out to me at Twitter,
@adi1391 or over email, adi@attify.com.

33
00:03:43,743 --> 00:03:47,136
And you can also check out the
certifications and the training course at

34
00:03:47,136 --> 00:03:51,972
securitytube-training.com and
PentesterAcademy.com. See you in the next

35
00:03:51,972 --> 00:03:53,000
video.