GitBook: [master] one page and 4 assets modified

2024-11-22 04:33:28 +00:00 · 2021-06-17 13:51:08 +00:00 · 2021-06-17 13:51:08 +00:00 · a898ca5db7
commit a898ca5db7
parent a05e62d48a
5 changed files with 11 additions and 5 deletions
--- a/.gitbook/assets/image
+++ b/.gitbook/assets/image
--- a/.gitbook/assets/image
+++ b/.gitbook/assets/image
--- a/.gitbook/assets/image
+++ b/.gitbook/assets/image
--- a/.gitbook/assets/image
+++ b/.gitbook/assets/image
--- a/mobile-apps-pentesting/android-app-pentesting/android-task-hijacking.md
+++ b/mobile-apps-pentesting/android-app-pentesting/android-task-hijacking.md
@ -13,21 +13,27 @@ This is some simple activity flow:
 * Activity 3 is started which pushes both Activity 1 and 2 to the Back Stack.
 * Now when Activity 3 is closed. The previous activity i.e., 2 is brought automatically to the foreground. This is how task navigation works in Android.

-![](../../.gitbook/assets/image%20%28550%29.png)
+![](../../.gitbook/assets/image%20%28551%29.png)

 ### Android Multi-tasking - One Task

 One task is composed by several activities

-![](../../.gitbook/assets/image%20%28552%29.png)
+![](../../.gitbook/assets/image%20%28553%29.png)

 ### Android Multi-tasking - Several Tasks

 Android usually manages several tasks

-![](../../.gitbook/assets/image%20%28551%29.png)
+![](../../.gitbook/assets/image%20%28552%29.png)

-## Task affinity and Launch Modes
+## Task Control Knobs
+
+![](../../.gitbook/assets/image%20%28550%29.png)
+
+## Task affinity attack
+
+### Task affinity and Launch Modes

 **Task affinity** is an attribute that is defined in each `<activity>` tag in the `AndroidManifest.xml` file. It describes which Task an Activity prefers to join.  
 By default, every activity has the same affinity as the **package** name.
@ -52,7 +58,7 @@ When the launchMode is set to `singleTask`, the Android system evaluates three p
 * **If creating a new activity instance is necessary**: The Activity Manager Service \(AMS\) selects a task to host the newly created instance by finding a “**matching**” one in all existing tasks. **An activity “matches” a task if they have the same task affinity**. This is the reason why we can **specify the same task affinity as the vulnerable app in our malware/attacker's app so it launches in their task instead of creating it's own**.
 * **Without finding a “matching” task**: The AMS creates a new task and makes the new activity instance the root activity of the newly created task.

-## Attack
+### Attack

 The victim needs to have the **malicious** **app** **installed** in his device. Then, he needs to **open** **it** **before** opening the **vulnerable** **application**. Then, when the **vulnerable** application is **opened**, the **malicious** **application** will be **opened** **instead**. If this malicious application presents the **same** **login** as the vulnerable application the **user won't have any means to know that he is putting his credentials in a malicious application**.