This is a write up for CVE-2020–15647, explaining how webpages are capable of stealing files from your Android device, including but not limited to cookies from any visited website.
In mid-2020, I started checking Android browsers for multiple types of vulnerabilities; while reviewing v68.9.0 of Firefox for Android, I noticed it displaying strange behaviour when browsing
For context, Content URIs in Android identify data in a content provider; they can represent multiple forms of information, such as files or database information.
Most browsers support the parsing and processing of both
content:// URI schemes. If you try…
Brave for Android had a vulnerability that allowed a malicious web page to steal your cookies remotely. The vulnerability was reported through HackerOne and took 5 months to fix.
During my research with Android applications, I found a few vulnerabilities in some of the most used browsers. When researching Brave, I noticed that it was using a Content Provider that was exposing all files from the public directory as well as its private files.
To deal with files, most Android applications use a File Provider. This allows files to be accessed with a
content:// schemed URI. To configure a File…
Android Developer and Security Enthusiast