GitBook: [master] one page modified
This commit is contained in:
parent
70ea8014af
commit
21590d420d
@ -69,7 +69,7 @@ Activities can be exported allowing other processes on the device to launch the
|
|||||||
<service android:name=".ExampleExportedService" android:exported="true"/>
|
<service android:name=".ExampleExportedService" android:exported="true"/>
|
||||||
```
|
```
|
||||||
|
|
||||||
#### URL schemes
|
#### URL schemes / Deep links
|
||||||
|
|
||||||
An application can declare an **URL schema** inside and activity so every time the Android device try to **access an address using that schema** the applications activity will be called:
|
An application can declare an **URL schema** inside and activity so every time the Android device try to **access an address using that schema** the applications activity will be called:
|
||||||
|
|
||||||
@ -95,6 +95,8 @@ In this case you could try to abuse the functionality creating a web with the fo
|
|||||||
<a href="example://gizmos/javascript://%250dalert(1)">click here</a>
|
<a href="example://gizmos/javascript://%250dalert(1)">click here</a>
|
||||||
```
|
```
|
||||||
|
|
||||||
|
Learn how to [call deep links without using HTML pages below](./#exploiting-schemes-deep-links).
|
||||||
|
|
||||||
#### Content Provider <a id="services"></a>
|
#### Content Provider <a id="services"></a>
|
||||||
|
|
||||||
* Content Provider component supplies data from one application to others on request.
|
* Content Provider component supplies data from one application to others on request.
|
||||||
@ -421,7 +423,7 @@ As service is basically something that **can receive data**, **process** it and
|
|||||||
A broadcast receiver will be waiting for a type of message. Depending on ho the receiver handles the message it could be vulnerable.
|
A broadcast receiver will be waiting for a type of message. Depending on ho the receiver handles the message it could be vulnerable.
|
||||||
[**Learn how to exploit Broadcast Receivers with Drozer.**](./#exploiting-broadcast-receivers)
|
[**Learn how to exploit Broadcast Receivers with Drozer.**](./#exploiting-broadcast-receivers)
|
||||||
|
|
||||||
### **Exploiting Schemes**
|
### **Exploiting Schemes / Deep links**
|
||||||
|
|
||||||
You can **open** a declared **scheme** using **adb** or a **browser**:
|
You can **open** a declared **scheme** using **adb** or a **browser**:
|
||||||
|
|
||||||
@ -725,7 +727,8 @@ AndroL4b is an Android security virtual machine based on ubuntu-mate includes th
|
|||||||
|
|
||||||
### Git Repos
|
### Git Repos
|
||||||
|
|
||||||
[https://github.com/riddhi-shree/nullCommunity/tree/master/Android](https://github.com/riddhi-shree/nullCommunity/tree/master/Android)
|
[https://github.com/riddhi-shree/nullCommunity/tree/master/Android](https://github.com/riddhi-shree/nullCommunity/tree/master/Android)
|
||||||
|
[https://www.youtube.com/watch?v=PMKnPaGWxtg&feature=youtu.be&ab\_channel=B3nacSec](https://www.youtube.com/watch?v=PMKnPaGWxtg&feature=youtu.be&ab_channel=B3nacSec)
|
||||||
|
|
||||||
## References
|
## References
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user