AttackFlow Findings Dictionary

Finding A Way To Try AttackFlow Enterprise Edition?

If so, click to download 15 days full version for free!

Insecure Content Provider

The malicious applications can query, access target applications’ critical data



Fix Cost


Trust Level


Android supports content providers as an interface for managing access and sharing data with other applications. When configured in Android configuration file, AndroidManifest.xml, care should be taken in order not to open an application’s content provider to other applications installed publicly.

Below shows a configuration definition of LiveDataProvider custom content provider which was denoted with android:exported attribute true value. This attribute value opens the data interface to all installed applications.

<?xml version="1.0" encoding="utf-8"?>
<manifest xmlns:android="" …>
<provider android:exported="true" android:name="LiveDataProvider"                   
android:authorities="com.example.livedataprovider" />

Interestingly, till Android API 16 (including) the default value of this attribute was true.

Finding A Way To Purchase AttackFlow Enterprise Edition?

If so, click to buy now for yearly subscriptions!