Skip to content

Storage

Storage

Application Data Directory

  • Located at /data/data/<package-name>/

Shared Preferences

  • Located in /data/data/<package-name>/shared_prefs/

Verify that their is no MODE_WORLD_WRITEABLE and MODE_WORLD_READABLE. This has been deprecated from API 17.

Adding info to Shared Preferences in Java:

SharedPreferences sharedPref = getSharedPreferences("key");
SharedPreferences.Editor editor = sharedPref.edit();
editor.putString("username", "administrator");
editor.putString("password", "supersecret");
editor.commit();

File Contents:

>>> cat /data/data/<package-name>/shared_prefs/key.xml
<?xml version='1.0' encoding='utf-8' standalone='yes' ?>
<map>
  <string name="username">administrator</string>
  <string name="password">supersecret</string>
</map>

Encrypted Preferences:
This Module is in Beta
Source

This uses a Master AES-GCM key to encrypt the data in the Shared Preferences folder.
The Master Key is stored in the Android Keystore.

SQLite Databases

  • Usually located in /data/data/<package-name>/databases/

Creating a Database in Java:

SQLiteDatabase notSoSecure = openOrCreateDatabase("privateNotSoSecure", MODE_PRIVATE, null);
notSoSecure.execSQL("CREATE TABLE IF NOT EXISTS Accounts(Username VARCHAR, Password VARCHAR);");
notSoSecure.execSQL("INSERT INTO Accounts VALUES('admin','AdminPass');");
notSoSecure.close();

SQLCipher Databases

  • Encrypted Databases

Creating a Encrypted Database in Java:

SQLiteDatabase secureDB = SQLiteDatabase.openOrCreateDatabase(database, "password123", null);
secureDB.execSQL("CREATE TABLE IF NOT EXISTS Accounts(Username VARCHAR,Password VARCHAR);");
secureDB.execSQL("INSERT INTO Accounts VALUES('admin','AdminPassEnc');");
secureDB.close();

Realm Databases

https://realm.io/docs/java/latest/#realms
Realm Studio

Frida Hooks:
https://x64.sh/posts/Enter-The-Realm/
https://github.com/R3zk0n/Realm-Android

External Storage

  • Stuff stored on the SDcard can be accessed by any application

Creating a File in External Storage:

File file = new File (Environment.getExternalFilesDir(), "password.txt");
String password = "SecretPassword";
FileOutputStream fos;
    fos = new FileOutputStream(file);
    fos.write(password.getBytes());
    fos.close();

Things to Grep For:
- getExternal*

Installing Packages

Things to Grep For:
- vnd.android.package-archive