High Severity | OWASP Mobile
🟠 Android Insecure Data Storage
🧠 Description
Mobile apps store sensitive data insecurely - in shared preferences, SQLite databases, world-readable files, or external storage. Attackers with root access can steal this data.
Impact: Credential Theft, PII Exposure, Session Hijacking, Financial Fraud
🎯 Attack Surface
- SharedPreferences (XML files in data/data/)
- SQLite databases (.db, .sqlite)
- Files in external storage (SD card)
- World-readable files
- Log files and crash dumps
🔍 Detection / Tools
adb pull /data/data/app/shared_prefs/
adb pull /data/data/app/databases/
find /data/data -name "*.db"
Frida: frida-ps -U | grep app
🛡️ Mitigation
✅ Use Android Keystore for keys
✅ Use EncryptedSharedPreferences
✅ Store sensitive data in internal storage
✅ Use SQLCipher for database encryption
✅ Set MODE_PRIVATE for file creation
✅ Use EncryptedSharedPreferences
✅ Store sensitive data in internal storage
✅ Use SQLCipher for database encryption
✅ Set MODE_PRIVATE for file creation