Mobile Application Security Labs 

IOT Connect

This challenge immerses you in the realm of the fictitious "IOT Connect" app, spotlighting a critical security flaw linked to broadcast receivers. This flaw presents the opportunity for unauthorized users to activate the master switch, gaining control over all connected devices. Your objective is to manipulate the broadcast receiver functionality by sending a broadcast in a manner that ensures only authenticated users can trigger the master switch.

Objective

Exploit a Broadcast Receiver Vulnerability: Your mission is to manipulate the broadcast receiver functionality in the "IOT Connect" Android application, allowing you to activate the master switch and control all connected devices. The challenge is to send a broadcast in a way that is not achievable by guest user.

Skills Required

• Basic understanding of android development.
• Understanding of the security implications of broadcast receivers.
• Proficiency in reverse engineering techniques for analyzing and understanding app code.