android-user-certificates-trust: Android Trusts User Certificates

漏洞描述

PoC代码[已公开]

id: android-user-certificates-trust

info:
  name: Android Trusts User Certificates
  author: Th3l0newolf
  severity: medium
  description: |
    The application is configured to trust user-added certificates, which may allow an attacker to perform MITM attacks.
  reference:
    - https://developer.android.com/training/articles/security-config#TrustingUserCerts
  tags: file,android

file:
  - extensions:
      - xml

    matchers:
      - type: regex
        part: body
        regex:
          - '<certificates[^>]*\bsrc\s*=\s*"user"[^>]*/?>'
# digest: 4b0a00483046022100c49354d00cb21a14592d95fd090b3eab3db68873ef1922c543ab32e9098ca43c022100ce6675e4885679631dbf292c42c4f1de0964472b2d3fc7312744f1956962f867:922c64590222798bb761d5b6d8e72950

相关漏洞推荐

• (CVE-2025-0087) Android UninstallerActivity onCreate 方法权限漏洞 权限管理错误
• 金和OA C6 /c6/jhsoft.mobileapp/AndroidSevices/HomeService.asmx/GetHomeInfo SQL 注入漏洞
• POC acm-cert-expired: Expired ACM Certificates
• POC acm-cert-renewal-30days: ACM Certificates Pre-expiration Renewal
• POC acm-cert-renewal-45days: ACM Certificates Pre-expiration Renewal
• POC cloudfront-custom-certificates: Cloudfront Custom SSL/TLS Certificates - In Use
• POC iam-expired-ssl: Remove Expired SSL/TLS Certificates in AWS IAM
• POC ssl-cert-renewal: SSL/TLS Certificates in AWS IAM about to expire in 30 days
• POC gcloud-alb-ssl-google-managed: Use Google-Managed SSL Certificates for Application Load Balancers
• POC allow-untrusted-certificates: System Allows Untrusted Certificates
• POC android-minsdk-21: AndroidManifest.xml minSdkVersion Set to 21 (Insecure Minimum SDK Version)
• POC improper-certificate-validation: Android Improper Certificate Validation - Detect
• POC android-debug-enabled: Android Debug Enabled