Maybe An Xss Type Exploit Possible ? Anyone With Knowledge Come In Here Plz

[lmfao]

Didnt know what category to exactly post in

but is that a possiblity with the android browser, I hear that passwords are saved in text file format

would it be possible to send a target a link and get access to the stored passwords on the phone?

[Mr-Protocol]

There is probably a way, but nothing that you can find via google.

There used to be an app-store exploit with iOS that would give the app owner a meterpreter shell because iOS would run the unsigned code. That was fixed in iOS 5.0.1 though.

[lmfao]

There is probably a way, but nothing that you can find via google.

There used to be an app-store exploit with iOS that would give the app owner a meterpreter shell because iOS would run the unsigned code. That was fixed in iOS 5.0.1 though.

hmm yeah, I figured google would block all searches regarding the topic. Im sure there is a way, if you or anyone finds anything out regarding the subject please do let me know. I've been looking and wondering for a while.

[Mr-Protocol]

Not that google would block the searches. It's like the golden egg, not sure anyone would know except professional security types that will let the company know to patch it before it's released.

[digip]

If there are currently flaws in the wild, this is the guy to ask: https://twitter.com/#!/theKos

He writes a lot of XSS stuff for devices and operating systems, that execute in programs locally on the device to access local resources, vs strictly website related flaws. Hes found XSS vulns in everything from skype to the gmail app for iphones and google maps for android phones.