Link to this headingStorage
Link to this headingApplication Data Directory
- Located at
/data/data/<package-name>/
Link to this headingShared Preferences
- Located in
/data/data/<package-name>/shared_prefs/
Verify that their is no MODE_WORLD_WRITEABLE and MODE_WORLD_READABLE. This has been deprecated from API 17.
Adding info to Shared Preferences in Java:
SharedPreferences sharedPref ;
SharedPreferences.Editor editor ;
editor.;
editor.;
editor.;
File Contents:
>>> cat
<?xml version='1.0' encoding='utf-8' standalone='yes' <map>
<string name="username">administrator</string>
<string name="password">supersecret</string>
</map>
Encrypted Preferences:
This Module is in Beta
Source
This uses a Master AES-GCM key to encrypt the data in the Shared Preferences folder.
The Master Key is stored in the Android Keystore.
Link to this headingSQLite Databases
- Usually located in
/data/data/<package-name>/databases/
Creating a Database in Java:
SQLiteDatabase notSoSecure ;
notSoSecure.;
notSoSecure.;
notSoSecure.;
Link to this headingSQLCipher Databases
- Encrypted Databases
Creating a Encrypted Database in Java:
SQLiteDatabase secureDB ;
secureDB.;
secureDB.;
secureDB.;
Link to this headingRealm Databases
Frida Hooks:
Enter The Realm
Sample Android Application using Realm Database encryption
Link to this headingExternal Storage
- Stuff stored on the SDcard can be accessed by any application
Creating a File in External Storage:
File file ;
String password ;
FileOutputStream fos;
fos ;
fos.;
fos.;
Things to Grep For:
- getExternal*
Link to this headingInstalling Packages
Things to Grep For:
- vnd.android.package-archive