...
Code Block | ||
---|---|---|
| ||
<configuration> <compilation debug="true"/> </configuration> |
Risk Assessment
Releasing an app with its android:debuggable
attribute set to true
can leak sensitive information. In addition, the app is vulnerable to decompilation, resulting in alteration to source code.Attackers can leverage the additional information they gain from debugging output to mount attacks targeted on the framework, database, or other resources used by the application.
...
Bibliography
ASP.NET Misconfiguration: Creating Debug Binary | http://www.ids-sax2.com/Knowledgebase/NetworkSecurity/Creating-Debug-Binary.htm |
...