3.3 Analyze local storage
3.3.1 LOCAL DATABASE
sqlite
adb shell
cd /data/data/com.x.x.x/database/
sqlite3 db_name
Within sql-shell:
list existing tables within db:
.tables
list table schema:
.schema table_name
or
SELECT sql FROM sqlite_master WHERE tbl_name = 'insert_table_name' AND type = 'table';
realm
adb pull path/to/database/on/phone/name.realm path/to/store/db/on/pc/
open within RealmStudio
Common locations
/data/data/com.x.x.x/
shared_prefs/
(search for keysets -> used to encrypt files --> might be encrypted as well, if handled properly)
cache/
database/
/sdcard/Android/com.x.x.x/
3.3.2 THINGS TO REPORT
Hardcoded cryptographics key
Cleartext credentials stored in .config/.xml & sqlite-/realm-DB
Misplaced files (i.e. creds.txt stored on SD-Card)
Wrong file permissions set (also have a look @ 1.4)
3.3.3 MORE DETAILS
Last updated
Was this helpful?