Vulnerability & Exploit Database

Back to search

Android Open Source Platform (AOSP) Browser UXSS

This module exploits a Universal Cross-Site Scripting (UXSS) vulnerability present in all versions of Android's open source stock browser before 4.4, and Android apps running on < 4.4 that embed the WebView component. If successful, an attacker can leverage this bug to scrape both cookie data and page contents from a vulnerable browser window. If your target URLs use X-Frame-Options, you can enable the "BYPASS_XFO" option, which will cause a popup window to be used. This requires a click from the user and is much less stealthy, but is generally harmless-looking. By supplying a CUSTOM_JS parameter and ensuring CLOSE_POPUP is set to false, this module also allows running aribtrary javascript in the context of the targeted URL. Some sample UXSS scripts are provided in data/exploits/uxss.

Free Metasploit Download

Get your copy of the world's leading penetration testing tool

 Download Now

Module Name

auxiliary/gather/android_stock_browser_uxss

Authors

  • Rafay Baloch
  • joev <joev [at] metasploit.com>

References

Actions

  • WebServer

Reliability

Development

Module Options

To display the available options, load the module within the Metasploit console and run the commands 'show options' or 'show advanced':

msf > use auxiliary/gather/android_stock_browser_uxss msf auxiliary(android_stock_browser_uxss) > show actions ...actions... msf auxiliary(android_stock_browser_uxss) > set ACTION <action-name> msf auxiliary(android_stock_browser_uxss) > show options ...show and set options... msf auxiliary(android_stock_browser_uxss) > run

Related Modules