[Interest] Pen-Test detects IntentSpoofing from Qt Android App
ekke
ekke at ekkes-corner.org
Tue Mar 3 16:19:47 CET 2020
One of my customers did a penetration test and detected IntentSpoofing
from Qt Android App:
from the test protocol:
Use of a string value market://details?id=org.kde.necessitas.ministro to
construct an Intent --> Method
org.qtproject.qt5.android.bindings.QtActivityLoader$1.onClick(): ...
see details: QTBUG-82546
From my understanding this onClick() method is only needed if Qt
Android App is deployed using Ministro.
I'm not using Ministro - is there a way to remove this piece of code if
not deployed w Ministro ?
ekke
More information about the Interest
mailing list