Skip to main content

Damn Vulnerable Android Application by Security Compass - Lab 4 Secure Logging

Lab 4 Secure Logging

Welcome back friends, Today we're gonna have a look on lab 4 Secure Logging from Damn Vulnerable Android Application by Security Compass series.

Some times developers log the info about application to the android log, this some times contains sensitive information of an application.

So in this lab we are gonna test this flaw on the vulnerable app, for this we have use adb logcat.


Now after starting the logcat we have to browse through the app or have to make some activity like fund transfer etc. and then we need to check the logs for some sensitive info.

We juz tried to check the account balance.


and we got this in logs


After this we tried for fund transfer





We got this in Logs


Solution:

Developer should be very carefull about what he is logging about the app. He should refrain from logging any sensitive information like session keys etc.

Comments

  1. Yasmeen Yas7 July 2020 at 19:27

    I really appreciate this post and I like this very much. I am waiting for new post here and Please keep it up in future..
    Software Testing Services
    QA Testing Services
    Software Testing Services in USA
    Software Testing Companies in USA
    Software Testing Company
    Software Testing and Quality Assurance
    QA Testing Companies
    Independent Software Testing Companies in USA
    Independent Software Testing Services
    Software Testing Companies in India
    Software Testing Companies in Dubai
    Functional Testing Services
    QA Software Testing Services
    QA Testing Companies in USA

    ReplyDelete
  2. Yasmeen Yas27 August 2020 at 07:06

    Awesome article, it was exceptionally helpful! I simply began in this and I'm becoming more acquainted with it better! Cheers, keep doing awesome!
    Software Testing Services
    Software Testing Services in India
    Software Testing Companies in India
    Software Testing Services in USA
    Software Testing Companies in USA
    Software Testing Companies
    Software Testing Services Company
    Functional and non functional testing

    ReplyDelete
  3. Anonymous3 March 2022 at 16:10

    Casinos Near Casinos Near Casinos Near Me in Las Vegas, NV
    A map showing casinos and 삼척 출장샵 other gaming 전라남도 출장샵 facilities located 영주 출장샵 near Casinos Las Vegas, 목포 출장샵 NV, from Mapyro, 춘천 출장샵 guide to casinos and travel sites,

    ReplyDelete
  4. Clove HR21 October 2025 at 05:49

    A future-ready Human Resource Management Software solution that harmonizes people processes with business strategy. From recruitment analytics to career development plans, HR teams can align skills with demand. Payroll Management Software handles payroll runs, tax withholdings, and benefits integration with precision. The platform’s AI-driven insights identify retention risks and training opportunities, enabling targeted interventions that boost engagement, productivity, and organizational resilience.

    ReplyDelete
  5. Devstringx22 October 2025 at 02:41

    Focused on scalable quality, DevstringX Technologies offers comprehensive testing programs that adapt to evolving project needs. Their engineers implement robust automation, cross-platform validation, and security assessments to safeguard applications from early stages through production. Clients benefit from proactive risk mitigation, fast feedback loops, and clear collaboration across teams. DevstringX Technologies consistently delivers predictable outcomes, helping enterprises achieve higher user satisfaction and stronger market confidence. Software Testing Services in India

    ReplyDelete

Post a Comment