Exploiting Insecure Data Storage

Опубликовано: 24 Июль 2020
на канале: VISTA InfoSec

556

Insecure Data Storage
• What is Insecure Data Storage?

Many developers assume that storing data on client-side will restrict other users from having access to this data. Interestingly, most of the top mobile application security breaches have been caused by insecure or unnecessary client-side data storage. File systems on devices are no longer a sandboxed environment and rooting or jailbreaking usually circumvents any protections.

• Am I Vulnerable to Insecure Data Storage?

In order to answer this, one needs to understand what different types of data are there and how are these stored insecurely.
Data - Usernames, Authentication tokens or passwords, Cookies, Location data, Stored application logs or Debug information, Cached application messages or transaction history, UDID or EMEI, Personal Information (DoB, Address, Social, etc), Device Name, Network Connection Name, private API calls for high user roles, Credit Card Data or Account Data, etc.
Places OWASP most often sees data being stored insecurely include the following:
 SQLite databases
 Log Files
 Plist Files
 XML Data Stores or Manifest Files
 Binary data stores
 Cookie stores
 SD Card
 Cloud synced

• What is the Impact of Insecure Data Storage?
 Identity theft
 Privacy violation
 Fraud
 Reputation damage
 External policy violation (PCI)
 Material loss

• How to Prevent Insecure Data Storage?
 For local storage the enterprise android device administration API can be used to force encryption to local file-stores using “setStorageEncryption”
 For SD Card Storage some security can be achieved via the ‘javax.crypto’ library. You have a few options, but an easy one is simply to encrypt any plain text data with a master password and AES 128.
 Ensure any shared preferences properties are NOT MODEWORLDREADABLE unless explicitly required for information sharing between apps.
 Avoid exclusively relying upon hardcoded encryption or decryption keys when storing sensitive information assets.
 Consider providing an additional layer of encryption beyond any default encryption mechanisms provided by the operating system.