exploiting-deeplink-vulnerabilities

# Exploiting Deep Link Vulnerabilities ## When to Use Use this skill when: - Assessing mobile app deep link handling for injection and redirect vulnerabilities - Testing Android intent filters and iOS URL scheme handlers for unauthorized access - Evaluating App Links (Android) and Universal Links (iOS) verification - Testing for link hijacking via competing app registrations **Do not use** without authorization -- deep link exploitation can trigger unintended actions in target applications. ## Prerequisites - Android device with ADB or iOS device with Objection/Frida - APK decompiled with apktool or JADX for AndroidManifest.xml analysis - Knowledge of target app's registered URL schemes and intent filters - Drozer for Android intent testing - Burp Suite for intercepting deep link-triggered API calls ## Workflow ### Step 1: Enumerate Deep Link Entry Points **Android - Extract from AndroidManifest.xml:** ```bash # Decompile APK apktool d target.apk -o decompiled/ # Search for intent filters with deep link schemes grep -A 10 "android.intent.action.VIEW" decompiled/AndroidManifest.xml # Look for: # <data android:scheme="myapp" android:host="action" /> # <data android:scheme="https" android:host="target.com" /> ``` **iOS - Extract from Info.plist:** ```bash # Extract URL schemes plutil -p Payload/TargetApp.app/Info.plist | grep -A 5 "CFBundleURLSchemes" # Extract Universal Links (Associated Domains) plutil -p Payload/TargetApp.app/Info.plist | grep -A 5 "com.apple.deve...