Easiest P3 You May Not Know

Hello , I am Muneeb and this write up shows a step by step POC on how you can find easily a P3 vulnerability in any VDP or BB program.

Reported unauthorised access to FireBase of a Mobile Application via BugCrowd

Vulnerability Description:
A mobile application apk containing a sensitive URL but not securely handled. During the testing it was discovered that a known mobile application contains a URL to it’s Firebase database upon accessing the URL it was accessed without any authentication . Please see the below step by step POC showing how you can test any apk for this vulnerability.

Use APK Editor studio or any tool to de-compile apkgo to the path apkpackage/res/values/ and open file strings.xml using notepadYou will see complete database URL in the file.<string name=”firebase_database_url”>https://<nameOFMobileApp>-mobile-application.firebaseio.com</string>now access this URL on browser

https://<nameOFMobile>-application.firebaseio.com/.json

6. Now you have accessed the firebase without any authentication. See the below attached image.

Unauthorised access to Firebase (Sensitive Information Disclosed)Developer email ID disclosed

Conclusion:
1. Always look for firebase URL while testing APK’s. You may discover an unauthenticated Firebase.
2. You can also use MobSF tool for automated scan over APKs but I prefer manual testing.
3. Unfortunately this was a duplicate.

If you find this write up useful considering giving it a clap. Follow me for more easy to understand write ups.
Thank you for reading.
Connect with me on LinkedIn:
https://www.linkedin.com/in/muneeb-alam-khan-4a6a60152/