Skip to content

Latest commit

 

History

History
59 lines (34 loc) · 2.75 KB

How to check background screen caching.md

File metadata and controls

59 lines (34 loc) · 2.75 KB
Raw

How to check for background screen caching step by step

Background screen caching refers to the practice of caching sensitive information or user data in the background of an app's screen, even when the app is not actively being used. This information can be accessed by an attacker if the app is not properly secured.

Steps to check for background screen caching:

  1. Obtain a copy of the APK file for the Android app that you want to check for background screen caching.

  2. Use a tool such as Apktool or Jadx to decompile the APK file and view the app's source code.

  3. Inspect the source code for any methods or functions that are used to cache sensitive information or user data in the background.

  4. Check if the app uses any third-party libraries that might handle caching.

  5. Check if the app uses any custom caching code.

Look for calls to the following classes: SharedPreferences Database File 6. Inspect the codebase for any calls to the following classes: onSaveInstanceState onRestoreInstanceState

  1. Check if the app uses any encryption algorithm to encrypt the data before storing it in the cache.

how to check for background screen caching for if the screenshot are taken when the application is sent to background step by step

Background screen caching refers to the practice of caching sensitive information or user data in the background of an app's screen, even when the app is not actively being used. This information can be accessed by an attacker if the app is not properly secured. Screenshots can be taken of the background screens and sensitive information can be extracted from the screenshots.

Steps to check for background screen caching when the application is sent to the background:

  1. Obtain a copy of the APK file for the Android app that you want to check for background screen caching.

  2. Use a tool such as Apktool or Jadx to decompile the APK file and view the app's source code.

  3. Inspect the source code for any methods or functions that are used to cache sensitive information or user data in the background.

  4. Check if the app uses any third-party libraries that might handle caching.

  5. Check if the app uses any custom caching code.

  6. Look for calls to the following classes: SharedPreferences Database File

  7. Inspect the codebase for any calls to the following classes: onSaveInstanceState onRestoreInstanceState

  8. Check if the app uses any encryption algorithm to encrypt the data before storing it in the cache.

  9. Try to take a screenshot of the background app when it's sent to background and check if sensitive information can be accessed from the screenshot.

  10. Check if the app uses any technique to prevent screenshots from being taken, such as FLAG_SECURE for the window.