The application security report shows several security bugs, one of which is a "Android Plugin Protection is not present". Their solution is :
PluginKiller
ServiceName Check
Undeclared Permission
SharedUID ProcessCheck
AppRuntimeDir Check
ReceiverFilter Check
EnabledComp Check
Please explain each one and give me an sample code
tnx
The vulnerability was introduced at the Black Hat Asia Conference in 2017. The slideshows of this vulnerability here and the article on this vulnerability is here.
I describe one method.
In article we have "SharedUID ProcessCheck":
Unlike PID (Process ID) which is tran-sient and keeps changing all the time, UID is assignedfor each application at install time, stays constant aslong as the application is not reinstalled. The UIDshould be unique to each application, except when theapplication explicitly requests to share a userid withanother application. Since the plugin APK file hasnever been installed to the system, plugin package doesnot have an unique UID. Even though the host app canfork a new process to launch it, like what DroidPlugindid, the plugin process shared the different PID butsame UID with the host app’s process.
Firs we get uid and pid of our program then we get all proccess of android and check their uid, it a proccess has same uid but diffrent pid it is security problem. here is simple pseudocode, you should cheack error and custimize it,
private boolean SharedUIDProcessCheck () {
int myPid= android.os.Process.myPid();
int myUid= android.os.Process.myUid();
for (ActivityManager.RunningAppProcessInfo info : am.getRunningAppProcesses()) {
if (info.uid == myUid && info.pid!=myPid) {
// our program loaded as plugin, security problem has happened.
return true;
}
}
return false;
}
