Enumerating vulnerable content providers
Content providers often hold a lot of valuable information, such as users' phone numbers or Twitter passwords, and you may want to find out whether or not it's possible for malicious attackers to get their hands on this information. The best way to find out whether a content provider is vulnerable to attack is by trying to attack it yourself.
For you to be able to attack a content provider, as with many application-level attacks, it usually comes down to sending a malicious intent to an application. When it comes to content providers, your intent will be honed towards its target by the URI string it contains, since this URI identifies which content provider should handle the intent.
So then there's just one problem—how do we find out which URIs to use? One simple solution would be to guess them, but that could take ages! drozer has a module called app.provider.info that solves this problem for you.
This recipe details a few drozer modules that you can...
