id: android-user-certificates-trust

info:
  name: Android Trusts User Certificates
  author: Th3l0newolf
  severity: medium
  description: |
    The application is configured to trust user-added certificates, which may allow an attacker to perform MITM attacks.
  reference:
    - https://developer.android.com/training/articles/security-config#TrustingUserCerts
  tags: file,android

file:
  - extensions:
      - xml

    matchers:
      - type: regex
        part: body
        regex:
          - '<certificates[^>]*\bsrc\s*=\s*"user"[^>]*/?>'
# digest: 4b0a00483046022100c49354d00cb21a14592d95fd090b3eab3db68873ef1922c543ab32e9098ca43c022100ce6675e4885679631dbf292c42c4f1de0964472b2d3fc7312744f1956962f867:922c64590222798bb761d5b6d8e72950