Skip to main content
VTech Innotab Max: it’s getting even worse! Apps run in debug mode
  • Android
  • Internet Of Things
  • Opinions
  • Security Blog

VTech Innotab Max: it’s getting even worse! Apps run in debug mode

David Lodge

03 Dec 2015 1 Min Read

After extracting an image from an Innotab last night using the methods we blogged about yesterday, we mounted it and had a look.

Here’s the /data directory mounted on a Linux VM

vtechdatadir

Looking at the system/packages list and things get a whole lot scarier

The format below is:

package       UID       debugflag       path

vtechsystem

As you can see highlighted, virtually all the com.vtech.* apps have the debugflag enabled.

This means that with an ADB connection you don’t actually need root to read their sandbox or manipulate them.

We covered the significance of this a while back here:
https://www.pentestpartners.com/blog/android-debug-mode-and-apps-a-cautionary-tale/

What will we find next??