Enumerating broadcast receivers
Broadcast receivers often hold useful information about an application's attack surface and could offer attackers the opportunity to do many things, from performing arbitrary code execution to proliferating information; because of this, they cannot be ignored during an application-focused security assessment. The drozer developers were well aware of this fact and provided modules to help gain information about broadcast receivers.
The following recipe demonstrates the app.broadcast.info module by detailing its different invocation options.
How to do it...
The enumeration of broadcast receivers is performed using the following command:
dz> run app.broadcast.info
The output for the previous command should be similar ...
Get Android Security Cookbook now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
