![getintent().getdata() getintent().getdata()](https://slideplayer.com/slide/12802494/77/images/19/Explicit+Intent+Example+–+with+data.jpg)
Getintent().getdata() android#
Let's say that the vulnerable WebView is used for multiple things inside the application, and one of those operations requires that the WebView has access to the username, that's stored inside the Android application. Now, this is bad by itself, but there's yet another danger.
![getintent().getdata() getintent().getdata()](https://www.vogella.com/tutorials/AndroidIntent/img/startactivity10.png)
In this scenario, a malicious attacker can craft a malicious deep link that replaces this page parameter with any other URL, e.g.: abcbank://help?page= Inside the application there's a WebView and whatever URL is received via this page parameter is loaded without any additional validation, as so: webview.loadUrl(getIntent().getData().getQueryParameter('page') These will call getIntent() and getData(), do all the null checks and return the proper data (never return null).
Getintent().getdata() how to#
Let's say a customer is not sure about how to complete a specific operation, so they call the bank's customer support line and the ABC Bank's employee decides to send a deep link to the customer, so they can open a specific website page inside their Android application: abcbank://help?page= In this scenario, it's possible that a malicious user creates a deep link that tricks a victim into completing some sort of action, e.g.: WebView Takeover TextView messageTextView = (TextView)findViewById(R.id.msgTextView)
![getintent().getdata() getintent().getdata()](https://miro.medium.com/max/1154/1*sn2crcRgSKfM1JIsB5YGWg.png)
The Android application takes the message parameter and injects it into a TextView element: String message = getIntent().getData().getQueryParameter('message') In order to do that, they use the following deep link: abcbank://view-message?message= So, the first thing they want to do is allow the user to view messages in their application. ABC Bank has both a web and an Android application, and they use deep links to improve the user experience of transitioning between the two. Uri uri getIntent().getData() String param uri.getQueryParameter('paramname') It is very important to properly sanitize such inputs, because, as we have seen recently in the TikTok application, they could be exploited by an attacker. You may check out the related API usage on the sidebar. You can vote up the ones you like or vote down the ones you dont like, and go to the original project or source file by following the links above each example. These examples are extracted from open source projects. In this part, we're going to start to answer the question: "What can you do if you can trick a user into clicking a malicious deep link?" The following examples show how to use getData ().