Shared Preferences
Cryptography is crucial to mobile application security since a lot of attacks are based on a threat actor having physical access to the device. Cryptography includes Encryption/Decryption, Hashing, Message Authentication Codes (MAC), Signatures, and Key Derivation Functions (KDF’s).
When testing a mobile app, you need to evaluate the cryptographic algorithms and protocol’s that are in use and evaluate them for weak or insecure configurations. This can be accomplished through source code review, and dynamic analysis.
Static Analysis
Shared Preferences are stored on the device in the application shared_prefs directory. Most of the files will be plain text XML files that can simply be viewed.
adb shell
su
cd /data/data/com.godaddy.gx.go/shared_prefs/
Dynamic Analysis
For dynamic analysis, use Frida to trace the Shared Preferences while the app is in use. This is only necessary if you want to see how the files are being read or written to with the flow of the running app. The data is stored in the files on the filesystem to review. There is a Frida script on GitHub to perform this action.
Frida
Using the script at the link above, run it so that Frida will spawn the app from a non-running state. If you are currently logged into the app, logout first so that you can capture the whole process.
The example below uses the android-crypto-intercept.js script to trace the cryptographic functions:
frida -U -l android-shared-preferences.js -f com.appname.app –no-pause
Substitute com.appname.app for your test application.
The flags in this command:
-UUse the USB cable to connect to the device-lLoad the script-fSpawn the app--no-pauseImmediately start the process once the app is hooked
android-shared-preferences.js:
frida -U -l android-shared-preferences.js -f com.godaddy.gx.go --no-pause
[Pixel 6::com.godaddy.gx.go ]-> [*] getSharedPreferences called with name: FirebasePerfSharedPrefs and mode: 0
[*] Getting string value from SharedPreferences with key: |T|703145582614|* and value null
[*] Getting string value from SharedPreferences with key: W0RFRkFVTFRd+MTo3MDMxXXXXXXI2MTQ6YW5kcm9pZDowM2Q4MWJkMmU5ODY4ZDUyMDcxNTM3|S|cre and value null
[*] Getting string value from SharedPreferences with key: last_user and value
[*] getSharedPreferences called with name: xx6_user_prefs and mode: 0
[*] Getting string value from SharedPreferences with key: shopper and value null
[*] Added a new String value to SharedPreferences with key: 4a32a153-13d6-4b04-9f0f-d83386a64660 and value {"name":"ce","data":{"n":"pnc.gd_app.app_open.impression","p":{"env":"prod","native_app_name":"GD_app","app_version_number":"5.13.1","device_platform":"Android","device_platform_version":"31","device_type":"Pixel 6","country_device":"United States","privatelabelid":"1","country_shopper":"en-US","push_notification_opt_in_state":"opted_in","website_id":"","gd_payments":"true","customer_id":"07b3ea17-f732-40d9-8da9-a70fe274720b","shopper_id":"xx6","hashed_shopper_id":"04cce2d52fee08651853771dd2a689841a41020edb6c1645f2b141e8a6d70bff","user_realm":"idp"}},"time":1.648560148034E9,"user_id":"07b3ea17-f732-40d9-8da9-a70fe274720b","session_id":"940b2843-dbee-4164-911c-b702b759972a"}
[*] Added a new String value to SharedPreferences with key: user_cache_attributes_object and value {"custom":{"customerID":"07b3ea17-f732-40d9-8da9-a70fe274720b","userRealm":"idp","countryShopper":"en-US"}}
[*] Added a new String value to SharedPreferences with key: registration_id and value fdJ4losVT361CZovd-HxjX:APA91bH0M4Jy_lIRRY7TuB5ldxUb1V9IorJ91hWsjnFlQkyn3XJylldPSKCDEZp-G2tROYuuBDhMRSVB9JPWd56xNMvYhCTk4PtVwz8D85H9hwtSegJr92ARInbnmfESqD38PisNnU8N
[*] Added a new String value to SharedPreferences with key: ssoToken and value {"code":"1","infoToken":{"auth":"basic","info_cid":"07b3ea17-f732-40d9-8da9-a70fe274720b","firstname":"Steve","iat":"1648559511","jti":"5DmtSy2ZJmzA171nIwvppQ","lastname":"Strait","plid":"1","plt":"1","info_shopperId":"xx6","typ":"idp","username":"xx6","vat":"1648560146"},"jwt":"eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImlLbDBfX2JPRHcifQ.eyJhdXRoIjogImJhc2ljIiwgImZ0YyI6IDEsICJpYXQiOiAxNjQ4NTU5NTExLCAianRpIjogIjVEbXRTeTJaSm16QTE3MW5Jd3ZwcFEiLCAidHlwIjogImlkcCIsICJ2YXQiOiAxNjQ4NTYwMTQ2LCAiZmFjdG9ycyI6IHsia19wdyI6IDE2NDg1NTk1MTF9LCAicGVyIjogdHJ1ZSwgImhiaSI6IDE2NDg1NTk1MTEsICJzaG9wcGVySWQiOiAiZ3E2IiwgImNpSgWq_WaD0ZO84jSqx_wF76fYaNXky6M4aEQ2YXDqy6gg5RJdeBgfOFi1ig2pIYReOcH7IovkDJhu_WnV8MfrU-6EPMyM1tqY66J_6jWFsP1YPnfCGhT8LHDggYSqxkFVrKuG2-T_Cee2Q8Ot4iEW6H6koeXC0HlperDjziJb1GOGWecfJAPXf2XLOKBfik9Lk5ZFyLPVBfmMV-3YKE6fn2E6agm1Y9pmiiJUmC7ckcH2ZuQaVANkf675f8bvBI7-2fii03bGUWdSVA0ZD1dpzh5yXo3bArenTNA8HpOgBxUYsGKJW5hL1Ey4Axyai03vZaw"}
[*] Added a new String value to SharedPreferences with key: shopper and value {"currency":"USD","customerNumber":"xx6","email":"username@godaddy.com","marketId":"en-US","shopperId":"xx6","username":"xx6"}