借助 HSTS 来利用 Android 客户端 WebView
Tags
attack-pattern: Data Javascript - T1059.007
Show in Graph
Common Information
Type Value
UUID aff26c76-7d77-4ba2-932f-7f7899a2e861
Fingerprint b724e90b1f546a4b
Analysis status DONE
Considered CTI value 0
Text language
Published June 20, 2024, midnight
Added to db Sept. 21, 2024, 11:29 a.m.
Last updated Nov. 18, 2024, 2:36 a.m.
Headline 借助 HSTS 来利用 Android 客户端 WebView
Title 借助 HSTS 来利用 Android 客户端 WebView
Detected Hints/Tags/Attributes 17/1/21
Source URLs
Redirection Url
Details Source https://cn-sec.com/archives/3192085.html
URL Provider
Details Provider Source level domain
Details cn-sec.com cn-sec.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 483 CN-SEC 中文网 https://cn-sec.com/feed/ 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details Domain 831 
example.com
Details Domain 1 
tokopedia.com
Details Domain 78 
attacker.com
Details Domain 22 
victim.com
Details Domain 1 
attack.com
Details Domain 1 
www.tokopedia.com
Details Domain 1 
http.com
Details Domain 1 
httpsredirector.com
Details Domain 14 
oastify.com
Details File 172 
androidmanifest.xml
Details File 259 
robots.txt
Details File 1 
的robots.txt
Details File 1 
b.url
Details Url 51 
https://example.com
Details Url 1 
https://tokopedia.com/robots.txt加载到tkpdwebview时
Details Url 1 
https://example.com加载
Details Url 1 
http://attacker.com/?://victim.com
Details Url 1 
https://www.tokopedia.com
Details Url 1 
https://httpsredirector.com/?u=https://example.com
Details Url 1 
https://httpsredirector.com/#u=https://example.com
Details Url 9 
https://attacker.com