WithSecureLabs/drozer

`auxiliary.webcontentresolver` needs a little bit of love

cyberMilosz opened this issue · 1 comments

cyberMilosz commented

The auxiliary.webcontentresolver module mostly works, except the root page no longer lists all providers as it's supposed to.

What needs doing:

  • Broken exception handler still relies on e.message(), which doesn't exist. We probably more generally want to fix up ReflectionException and make sure we have a way of extracting good messages from it.
  • Root page is supposed to "show all content providers on the device as well as some information about them", but it doesn't. [EDIT: this is because of #450]
  • This module is scarcely documented. Short mention in The Mobile Application Hacker's Handbook, but that's about it.
    • Should be included in the manual
    • help auxiliary.webcontentresolver should provide a little bit more of an explanation on what's going on.
    • Existing sieve exercise on SQLi should be sufficient as an example here
cyberMilosz commented

Fixed in linked branch, pending regression testing as per #450