New Risk - Sensitive Data Stored Unencrypted in Internal Locations [d…

…ata-unencrypted-internal] Fixes #2544
OWASP · Feb 13, 2024 · 69290d8 · 69290d8
1 parent 9dfa13f
commit 69290d8
Show file tree

Hide file tree

Showing 2 changed files with 35 additions and 1 deletion.
diff --git a/...nsitive-data-securely/data-unencrypted-internal/android-data-in-sandbox/test.md b/...nsitive-data-securely/data-unencrypted-internal/android-data-in-sandbox/test.md
@@ -0,0 +1,34 @@
+---
+platform: android
+title: Sensitive Data Written to Private Data Directory (Sandbox) Unencrypted.
+type: [dynamic, filesystem]
+mitigations:
+- android-use-keystore
+- android-use-androidx-security
+prerequisites:
+- identify-sensitive-data
+---
+
+## Prerequisites
+
+- [Identify your sensitive data](MASTG-KNOW-0001)
+
+## Steps
+
+1. Start the device.
+
+2. Launch and use the app going through the various workflows while inputting sensitive data wherever you can. Taking note of the data you input can help identify it later using tools to search for it.
+
+3. Take a copy of the app's private data directory for offline analysis. Using tar will preserve the filesystem structure and permissions.
+
+4. Search the extracted data for items such as keys, passwords and any sensitive data inputted into the app.
+
+5. Check files for sensitive data that has been encoded with algorithms such as base64 which obscures but does not protect sensitive data.
+
+## Observation
+
+Files within the private data directory contain sensitive data.
+
+## Evaluation
+
+The test case fails if you find sensitive data in the app's private data directory which has not been encrypted with strong cryptography. This includes plaintext data as well as encoding such as base64 or obfuscation such as xoring.
diff --git a/...MASVS-STORAGE/1-store-sensitive-data-securely/data-unencrypted-internal/risk.md b/...MASVS-STORAGE/1-store-sensitive-data-securely/data-unencrypted-internal/risk.md
@@ -24,7 +24,7 @@ Sensitive data stored locally on the device should be encrypted, and any keys us
 
 ## Modes of Introduction
 
-- **Data Stored Unencrypted**: Sensitive data is written to the file system unencrypted.
+- **Data Stored Unencrypted**: Sensitive data is written to the app's private data directory (sandbox) unencrypted.
 - **Hardcoded Encryption Key**: Sensitive data is encrypted but the key is hardcoded inside the application.
 - **Encryption Key Stored on Filesystem**: Sensitive data is encrypted but the key is stored alongside it or in another easily accessible location.
 - **Encryption Used is Insufficient**: Sensitive data is encrypted but the encryption is not considered to be strong.