How I Could Have Compromised MIT App Inventor
Not Just a Learning Tool
MIT App Inventor is primarily an educational block-based programming tool used to introduce young people to programming and app design, using a web interface and companion app for live testing.
However, due to its powerful design and low learning curve, it is also used by anyone who wants to simplify the app creation process, and many apps currently on Google Play have been created using AI.
New Features Bring New Exploits
The AI team recently implemented a ‘gallery’ system, where people can share their app source and clone others, their gallery system is not (as of writing this) compatible with their Java extension system, which allows users to insert Java code to facilitate custom programming features.
Testing for XSS
I remembered that the AI team had also somewhat recently added HTML formatting to label elements, I got curious to see how they handle HTML tags.
As it turns out, AI did nothing to filter tags, and they were rendered directly to the browser!
From there, I tested if script HTML tags were filtered, and they were not!
However, since that part of the editor is dynamically rendered after page load, I could not immediately trigger scripts.
I remembered that some inline event triggers can work even if loaded after the immediate page load, such as ‘onMouseOver’.
The full code was simply:
<h1 onMouseOver=”alert(‘XSS Vuln!’);” style=”width: 1000px; height: 1000px; color: white;”>test</h1>
The styling made it so that when mousing over any part of the app preview, my script would trigger.
Implications of XSS
A malicious user could have abused this to embed malicious scripts inside project files (.aia) and then share them via the Gallery or elsewhere.
These scripts could have, among other things:
Compromised user sessions
Automatically inserted Java extensions that would have resulted in malicious APk files that may have then been shared to Google Play.
Phished user Google account passwords (AI uses Google accounts to login)
Injected its self into the user’s other projects, essentially becoming a virus.
Even if the user didn’t generate APK files, the Companion App (for testing apps in real time) has a lot of permissions, some being SMS, file access, and camera access.
Reporting the Issue
After I discovered this issue, I reported it to one of the MIT developers, Jeff Schiller, who got it fixed within a week.