Android Static Analysis test request #468
Assignees
Labels
android sca
Android Static Code Analysis related
enhancement
MobSF enhancements and feature requests
Comments
|
Good suggestion. Would be great if you can sent a PR, else we will track it as an enhancement. |
|
tracked separately |
ghost
mentioned this issue
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Internal username and path disclosure:
I believe this also applies to iOS but apple strips this data out before it goes to iTunes.
If you run
strings *|grep "/Users/"on any of the compiled library .so files you get the username of the developer who compiled the binary. You also get the folder structure/layout of the developers local machine. That is if they are running on a mac. Similar strings could be searched for windows/nix based.Love the tool, thanks!
The text was updated successfully, but these errors were encountered: