Mobile Application Security Labs
Translate Me
In this challenge, you'll explore a browser focused on providing real time translations as you browse the web. The app uses Webview to render the content and provides APIs to interact with translation services.
Outline
While the app is still in development, it seems the developers were in a hurry to deliver leaving behind a serious overflow vulnerability!
Objective
Your goal is to investigate the browser, identify the issues, and understand how they can be leveraged to execute functions to reach command execution.
Skills Required
- Reverse Engineering: Comfort with disassembling Android applications and understanding structure of the app.
- Android Security: Familiarity with deeplinks, WebView, JavaScript to native bridge and memory corruption vulneraiblities.
