Oracle - MOBILE BUG BOUNTY - Root Bypass!

Oracle Funsion Expenses - Android App This video is for educational purposes. Oracle was notified about this in January 2025. I personally consider it not to have a big impact, but I would like to share it with you anyway. I think this more than a “vulnerability”, this is just very bad programming on Oracle's part. 00:00 - Intro 00:07 - APK Extraction 00:38 - APK Decompile 00:42 - Static Code Analysis 01:59 - Root Bypass 02:28 - URL Injection 02:49 - Static Code Analysis 03:08 - URL Injection 04:33 - Checking JS 06:49 - PoC App