Exploiting JavaScript Interface for Unauthorized Access in a 'global' cryptocurrency exchange android app
Intro Webview in Android Ecosystem is an extension of Android’s view class that lets you display web pages as a part of your application activity layout. You can call it as a web browser built into your application but it doesn’t include the features of a fully developed web browser, such as navigation controls or an address bar. It is one of the widely used component in android application ecosystem, it is also prone to number of potential errors. If it is possible to load arbitrary url or execute arbitrary javascript in webview it could potentially lead to leaking of authentication tokens, the theft of arbitrary files and access to arbitrary activities. In this blog I will show how I exploited the exposed javascript interface by the application to perform critical authenticated actions like placing a trade order, cancelling trade order or deactivting the account. ...