Inspecting adb logs often provides us a great deal of information during a penetration test. Mobile app developers use the Log class to log debugging information in to the device logs. These logs are accessible to any other application with READ_LOGS permission prior to the Android 4.1 version. This permission has been removed after Android 4.1 and only system apps can access the device logs. However, an attacker with physical access can still use the adb logcat command to view the logs. It is also possible to write a malicious app and read the logs with elevated privileges on a rooted device.

The Yahoo messenger app was vulnerable to this attack as it was logging user chats along with the session ID into the logs. ...