It is safer to explicitly specify all exported attributes
Because it may be unintentionally published to an external application
If you inadvertently define an intent-filter without specifying exported, The activity can also be started from an external application.
Furthermore, the implicit intent thrown to activate the activity will also be received by external apps.
If you inadvertently specify exported and include minSdkVersion 17 or less Public / private will change depending on the OS version.
Take a look at AndroidManifest.xml, an app on Google Play.
Install the app you want to see Android Manifest on your Android device
Check the package name of the app from Google Play
You can check it with the URL of the app page
https://play.google.com/store/apps/details?id=【target package name】
Check the full path with the adb command
>adb shell pm list packages -f 【target package name】 package:/data/app/【target package name】-1/base.apk=【target package name】
> adb pull /data/app/【target package name】-1
Change the apk extension to zip ↓
Extract as zip
Convert AndroidManifest.xml in zip with AXMLPrinter2.jar AXMLPrinter2.jar
>java -jar AXMLPrinter2.jar AndroidManifest.xml > AndroidManifestConverted.xml
In the \ <activity > element other than android.intent.category.LAUNCHER after conversion, Search for activities with exported = "true" or activities for which intent-filter is defined without the description of exported. I feel that it is easy to find in apps with low experience and evaluation </ font>
Try calling from another app
MainActivity.kt
val targetPackageName : String = "【target package name】"
val targetActivityName : String = "【target activity name】"
val intent : Intent = Intent()
intent.setClassName( targetPackageName, targetActivityName )
startActivity( intent )
Also possible here
adb am start -n 【target package name】/.【target activity name】
Then activity starts up normally
If it is assumed that this activity is called only by a specific process of the same package,
it may skip the expected process and operate.
As for knowledge, it is written here [Android application secure design / secure coding guide] ](https://www.jssec.org/dl/android_securecoding.pdf) In fact, it's not realistic to check everything in a review, and it's realistic to use a tool because there are omissions. The amount of money you can spend on security depends on the app you make,
Recommended Posts