安全分析报告:
安全分数
安全分数 42/100
风险评级
等级
- A
- B
- C
- F
严重性分布 (%)
隐私风险
2
用户/设备跟踪器
调研结果
高危
10
中危
39
信息
3
安全
2
关注
15
高危 基本配置不安全地配置为允许到所有域的明文流量。
Scope: *
高危 程序可被任意调试
[android:debuggable=true] 应用可调试标签被开启,这使得逆向工程师更容易将调试器挂接到应用程序上。这允许导出堆栈跟踪和访问调试助手类。
高危 App 链接 assetlinks.json 文件未找到
[android:name=im.hgidlmcerj.ui.LaunchActivity][android:host=http://lovechat323.com] App Link 资产验证 URL (http://lovechat323.com/.well-known/assetlinks.json) 未找到或配置不正确。(状态代码:None)。应用程序链接允许用户从 Web URL/电子邮件重定向到移动应用程序。如果此文件丢失或为 App Link 主机/域配置不正确,则恶意应用程序可以劫持此类 URL。这可能会导致网络钓鱼攻击,泄露 URI 中的敏感数据,例如 PII、OAuth 令牌、魔术链接/密码重置令牌等。您必须通过托管 assetlinks.json 文件并通过 Activity intent-filter 中的 [android:autoVerify=“true”] 启用验证来验证 App Link 网域。
高危 App 链接 assetlinks.json 文件未找到
[android:name=im.hgidlmcerj.ui.LaunchActivity][android:host=https://lovechat323.com] App Link 资产验证 URL (https://lovechat323.com/.well-known/assetlinks.json) 未找到或配置不正确。(状态代码:None)。应用程序链接允许用户从 Web URL/电子邮件重定向到移动应用程序。如果此文件丢失或为 App Link 主机/域配置不正确,则恶意应用程序可以劫持此类 URL。这可能会导致网络钓鱼攻击,泄露 URI 中的敏感数据,例如 PII、OAuth 令牌、魔术链接/密码重置令牌等。您必须通过托管 assetlinks.json 文件并通过 Activity intent-filter 中的 [android:autoVerify=“true”] 启用验证来验证 App Link 网域。
高危 Activity (im.hgidlmcerj.messenger.OpenChatReceiver) is vulnerable to StrandHogg 2.0
已发现活动存在 StrandHogg 2.0 栈劫持漏洞的风险。漏洞利用时,其他应用程序可以将恶意活动放置在易受攻击的应用程序的活动栈顶部,从而使应用程序成为网络钓鱼攻击的易受攻击目标。可以通过将启动模式属性设置为“singleInstance”并设置空 taskAffinity (taskAffinity="") 来修复此漏洞。您还可以将应用的目标 SDK 版本 (28) 更新到 29 或更高版本以在平台级别修复此问题。
高危 Activity (im.hgidlmcerj.ui.hui.visualcall.VisualCallActivity) is vulnerable to StrandHogg 2.0
已发现活动存在 StrandHogg 2.0 栈劫持漏洞的风险。漏洞利用时,其他应用程序可以将恶意活动放置在易受攻击的应用程序的活动栈顶部,从而使应用程序成为网络钓鱼攻击的易受攻击目标。可以通过将启动模式属性设置为“singleInstance”并设置空 taskAffinity (taskAffinity="") 来修复此漏洞。您还可以将应用的目标 SDK 版本 (28) 更新到 29 或更高版本以在平台级别修复此问题。
高危 Activity (im.hgidlmcerj.ui.hui.visualcall.VisualCallReceiveActivity) is vulnerable to StrandHogg 2.0
已发现活动存在 StrandHogg 2.0 栈劫持漏洞的风险。漏洞利用时,其他应用程序可以将恶意活动放置在易受攻击的应用程序的活动栈顶部,从而使应用程序成为网络钓鱼攻击的易受攻击目标。可以通过将启动模式属性设置为“singleInstance”并设置空 taskAffinity (taskAffinity="") 来修复此漏洞。您还可以将应用的目标 SDK 版本 (28) 更新到 29 或更高版本以在平台级别修复此问题。
高危 启用了调试配置。生产版本不能是可调试的
启用了调试配置。生产版本不能是可调试的 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x04c-Tampering-and-Reverse-Engineering.md#debugging-and-tracing Files: com/litesuits/orm/BuildConfig.java, line(s) 3,4 com/serenegiant/uvccamera/BuildConfig.java, line(s) 3,6 im/hgidlmcerj/messenger/BuildConfig.java, line(s) 3,6
高危 如果一个应用程序使用WebView.loadDataWithBaseURL方法来加载一个网页到WebView,那么这个应用程序可能会遭受跨站脚本攻击
如果一个应用程序使用WebView.loadDataWithBaseURL方法来加载一个网页到WebView,那么这个应用程序可能会遭受跨站脚本攻击 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x05h-Testing-Platform-Interaction.md#static-analysis-7 Files: im/hgidlmcerj/ui/ArticleViewer.java, line(s) 7738,61,62 im/hgidlmcerj/ui/components/EmbedBottomSheet.java, line(s) 689,33,34
高危 应用程序使用带PKCS5/PKCS7填充的加密模式CBC。此配置容易受到填充oracle攻击。
应用程序使用带PKCS5/PKCS7填充的加密模式CBC。此配置容易受到填充oracle攻击。 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x04g-Testing-Cryptography.md#identifying-insecure-andor-deprecated-cryptographic-algorithms-mstg-crypto-4 Files: com/alivc/rtc/device/utils/AESUtils.java, line(s) 39,46 im/hgidlmcerj/ui/hui/friendscircle/okhttphelper/AESHelper.java, line(s) 50 im/hgidlmcerj/ui/utils/AesUtils.java, line(s) 27,49,58 im/hgidlmcerj/ui/utils/ChiperUtils.java, line(s) 52,74,83
中危 应用程序已启用明文网络流量
[android:usesCleartextTraffic=true] 应用程序打算使用明文网络流量,例如明文HTTP,FTP协议,DownloadManager和MediaPlayer。针对API级别27或更低的应用程序,默认值为“true”。针对API级别28或更高的应用程序,默认值为“false”。避免使用明文流量的主要原因是缺乏机密性,真实性和防篡改保护;网络攻击者可以窃听传输的数据,并且可以在不被检测到的情况下修改它。
中危 Service (im.hgidlmcerj.messenger.GcmPushListenerService) 未被保护。
存在一个intent-filter。 发现 Service与设备上的其他应用程序共享,因此让它可以被设备上的任何其他应用程序访问。intent-filter的存在表明这个Service是显式导出的。
中危 Broadcast Receiver (com.google.android.gms.measurement.AppMeasurementReceiver) 未被保护。
存在一个intent-filter。 发现 Broadcast Receiver与设备上的其他应用程序共享,因此让它可以被设备上的任何其他应用程序访问。intent-filter的存在表明这个Broadcast Receiver是显式导出的。
中危 Activity (im.hgidlmcerj.ui.ShareActivity) 未被保护。
存在一个intent-filter。 发现 Activity与设备上的其他应用程序共享,因此让它可以被设备上的任何其他应用程序访问。intent-filter的存在表明这个Activity是显式导出的。
中危 Activity (im.hgidlmcerj.ui.ExternalActionActivity) 未被保护。
存在一个intent-filter。 发现 Activity与设备上的其他应用程序共享,因此让它可以被设备上的任何其他应用程序访问。intent-filter的存在表明这个Activity是显式导出的。
中危 Activity (im.hgidlmcerj.messenger.OpenChatReceiver) 未被保护。
[android:exported=true] 发现 Activity与设备上的其他应用程序共享,因此可被设备上的任何其他应用程序访问。
中危 Activity (im.hgidlmcerj.ui.hui.visualcall.VisualCallActivity) 未被保护。
[android:exported=true] 发现 Activity与设备上的其他应用程序共享,因此可被设备上的任何其他应用程序访问。
中危 Activity (im.hgidlmcerj.ui.hui.visualcall.VisualCallReceiveActivity) 未被保护。
[android:exported=true] 发现 Activity与设备上的其他应用程序共享,因此可被设备上的任何其他应用程序访问。
中危 Activity设置了TaskAffinity属性
(im.hgidlmcerj.ui.VoIPActivity) 如果设置了 taskAffinity,其他应用程序可能会读取发送到属于另一个任务的 Activity 的 Intent。为了防止其他应用程序读取发送或接收的 Intent 中的敏感信息,请始终使用默认设置,将 affinity 保持为包名
中危 Activity设置了TaskAffinity属性
(im.hgidlmcerj.ui.VoIPPermissionActivity) 如果设置了 taskAffinity,其他应用程序可能会读取发送到属于另一个任务的 Activity 的 Intent。为了防止其他应用程序读取发送或接收的 Intent 中的敏感信息,请始终使用默认设置,将 affinity 保持为包名
中危 Activity设置了TaskAffinity属性
(im.hgidlmcerj.ui.VoIPFeedbackActivity) 如果设置了 taskAffinity,其他应用程序可能会读取发送到属于另一个任务的 Activity 的 Intent。为了防止其他应用程序读取发送或接收的 Intent 中的敏感信息,请始终使用默认设置,将 affinity 保持为包名
中危 Service (im.hgidlmcerj.messenger.AuthenticatorService) 未被保护。
[android:exported=true] 发现 Service与设备上的其他应用程序共享,因此可被设备上的任何其他应用程序访问。
中危 Service (im.hgidlmcerj.messenger.ContactsSyncAdapterService) 未被保护。
[android:exported=true] 发现 Service与设备上的其他应用程序共享,因此可被设备上的任何其他应用程序访问。
中危 Service (im.hgidlmcerj.messenger.AppChooserTargetService) 受权限保护, 但是应该检查权限的保护级别。
Permission: android.permission.BIND_CHOOSER_TARGET_SERVICE [android:exported=true] 发现一个 Service被共享给了设备上的其他应用程序,因此让它可以被设备上的任何其他应用程序访问。它受到一个在分析的应用程序中没有定义的权限的保护。因此,应该在定义它的地方检查权限的保护级别。如果它被设置为普通或危险,一个恶意应用程序可以请求并获得这个权限,并与该组件交互。如果它被设置为签名,只有使用相同证书签名的应用程序才能获得这个权限。
中危 Service (im.hgidlmcerj.messenger.MusicPlayerService) 未被保护。
[android:exported=true] 发现 Service与设备上的其他应用程序共享,因此可被设备上的任何其他应用程序访问。
中危 Service (im.hgidlmcerj.messenger.MusicBrowserService) 未被保护。
[android:exported=true] 发现 Service与设备上的其他应用程序共享,因此可被设备上的任何其他应用程序访问。
中危 Service (im.hgidlmcerj.messenger.WearDataLayerListenerService) 未被保护。
存在一个intent-filter。 发现 Service与设备上的其他应用程序共享,因此让它可以被设备上的任何其他应用程序访问。intent-filter的存在表明这个Service是显式导出的。
中危 Service (im.hgidlmcerj.messenger.voip.AppConnectionService) 受权限保护, 但是应该检查权限的保护级别。
Permission: android.permission.BIND_TELECOM_CONNECTION_SERVICE [android:exported=true] 发现一个 Service被共享给了设备上的其他应用程序,因此让它可以被设备上的任何其他应用程序访问。它受到一个在分析的应用程序中没有定义的权限的保护。因此,应该在定义它的地方检查权限的保护级别。如果它被设置为普通或危险,一个恶意应用程序可以请求并获得这个权限,并与该组件交互。如果它被设置为签名,只有使用相同证书签名的应用程序才能获得这个权限。
中危 Broadcast Receiver (im.hgidlmcerj.messenger.MusicPlayerReceiver) 未被保护。
存在一个intent-filter。 发现 Broadcast Receiver与设备上的其他应用程序共享,因此让它可以被设备上的任何其他应用程序访问。intent-filter的存在表明这个Broadcast Receiver是显式导出的。
中危 Broadcast Receiver (im.hgidlmcerj.messenger.voip.VoIPMediaButtonReceiver) 未被保护。
存在一个intent-filter。 发现 Broadcast Receiver与设备上的其他应用程序共享,因此让它可以被设备上的任何其他应用程序访问。intent-filter的存在表明这个Broadcast Receiver是显式导出的。
中危 Broadcast Receiver (im.hgidlmcerj.messenger.AppStartReceiver) 未被保护。
存在一个intent-filter。 发现 Broadcast Receiver与设备上的其他应用程序共享,因此让它可以被设备上的任何其他应用程序访问。intent-filter的存在表明这个Broadcast Receiver是显式导出的。
中危 Broadcast Receiver (im.hgidlmcerj.messenger.RefererReceiver) 受权限保护, 但是应该检查权限的保护级别。
Permission: android.permission.INSTALL_PACKAGES [android:exported=true] 发现一个 Broadcast Receiver被共享给了设备上的其他应用程序,因此让它可以被设备上的任何其他应用程序访问。它受到一个在分析的应用程序中没有定义的权限的保护。因此,应该在定义它的地方检查权限的保护级别。如果它被设置为普通或危险,一个恶意应用程序可以请求并获得这个权限,并与该组件交互。如果它被设置为签名,只有使用相同证书签名的应用程序才能获得这个权限。
中危 Content Provider (im.hgidlmcerj.messenger.voip.CallNotificationSoundProvider) 未被保护。
[android:exported=true] 发现 Content Provider与设备上的其他应用程序共享,因此可被设备上的任何其他应用程序访问。
中危 Service (com.blankj.utilcode.util.MessengerUtils$ServerService) 未被保护。
存在一个intent-filter。 发现 Service与设备上的其他应用程序共享,因此让它可以被设备上的任何其他应用程序访问。intent-filter的存在表明这个Service是显式导出的。
中危 Broadcast Receiver (com.google.firebase.iid.FirebaseInstanceIdReceiver) 受权限保护, 但是应该检查权限的保护级别。
Permission: com.google.android.c2dm.permission.SEND [android:exported=true] 发现一个 Broadcast Receiver被共享给了设备上的其他应用程序,因此让它可以被设备上的任何其他应用程序访问。它受到一个在分析的应用程序中没有定义的权限的保护。因此,应该在定义它的地方检查权限的保护级别。如果它被设置为普通或危险,一个恶意应用程序可以请求并获得这个权限,并与该组件交互。如果它被设置为签名,只有使用相同证书签名的应用程序才能获得这个权限。
中危 Service (com.google.android.gms.auth.api.signin.RevocationBoundService) 受权限保护, 但是应该检查权限的保护级别。
Permission: com.google.android.gms.auth.api.signin.permission.REVOCATION_NOTIFICATION [android:exported=true] 发现一个 Service被共享给了设备上的其他应用程序,因此让它可以被设备上的任何其他应用程序访问。它受到一个在分析的应用程序中没有定义的权限的保护。因此,应该在定义它的地方检查权限的保护级别。如果它被设置为普通或危险,一个恶意应用程序可以请求并获得这个权限,并与该组件交互。如果它被设置为签名,只有使用相同证书签名的应用程序才能获得这个权限。
中危 Broadcast Receiver (com.qiniu.android.dns.NetworkReceiver) 未被保护。
存在一个intent-filter。 发现 Broadcast Receiver与设备上的其他应用程序共享,因此让它可以被设备上的任何其他应用程序访问。intent-filter的存在表明这个Broadcast Receiver是显式导出的。
中危 MD5是已知存在哈希冲突的弱哈希
MD5是已知存在哈希冲突的弱哈希 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x04g-Testing-Cryptography.md#identifying-insecure-andor-deprecated-cryptographic-algorithms-mstg-crypto-4 Files: com/bjz/comm/net/utils/MD5Utils.java, line(s) 19 com/danikula/videocache/ProxyCacheUtils.java, line(s) 74 com/litesuits/orm/db/assit/Encrypt.java, line(s) 35 im/hgidlmcerj/messenger/AndroidUtilities.java, line(s) 2915 im/hgidlmcerj/messenger/FileUploadOperation.java, line(s) 416 im/hgidlmcerj/messenger/Utilities.java, line(s) 374 im/hgidlmcerj/translate/MD5.java, line(s) 20,51 im/hgidlmcerj/ui/hui/friendscircle/okhttphelper/MD5Utils.java, line(s) 19 im/hgidlmcerj/ui/utils/ChiperUtils.java, line(s) 18
中危 应用程序可以读取/写入外部存储器,任何应用程序都可以读取写入外部存储器的数据
应用程序可以读取/写入外部存储器,任何应用程序都可以读取写入外部存储器的数据 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x05d-Testing-Data-Storage.md#external-storage Files: com/alivc/rtc/device/core/persistent/PersistentConfiguration.java, line(s) 52,151,326,376 com/danikula/videocache/StorageUtils.java, line(s) 26,45 im/hgidlmcerj/messenger/AndroidUtilities.java, line(s) 1785,1155,1779,1780,1806 im/hgidlmcerj/messenger/FileLog.java, line(s) 49,82,331 im/hgidlmcerj/messenger/ImageLoader.java, line(s) 2233,2234 im/hgidlmcerj/messenger/MediaController.java, line(s) 3644,3646,4014 im/hgidlmcerj/messenger/SharedConfig.java, line(s) 692 im/hgidlmcerj/messenger/voip/VoIPController.java, line(s) 300 im/hgidlmcerj/ui/DocumentSelectActivity.java, line(s) 501,616,616,616,619,714,716,727,805 im/hgidlmcerj/ui/SettingsActivity.java, line(s) 1226 im/hgidlmcerj/ui/components/voip/VoIPHelper.java, line(s) 488 im/hgidlmcerj/ui/dialogs/McShareDialog.java, line(s) 167 im/hgidlmcerj/ui/fragments/MeFragmentV2.java, line(s) 868 im/hgidlmcerj/ui/hui/chats/GroupShareActivity.java, line(s) 269 im/hgidlmcerj/ui/hui/mine/AboutAppActivity.java, line(s) 387 im/hgidlmcerj/ui/hui/mine/QrCodeActivity.java, line(s) 287 im/hgidlmcerj/ui/hviews/helper/MryDisplayHelper.java, line(s) 278 im/hgidlmcerj/ui/utils/DownloadUtils.java, line(s) 155
中危 文件可能包含硬编码的敏感信息,如用户名、密码、密钥等
文件可能包含硬编码的敏感信息,如用户名、密码、密钥等 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x05d-Testing-Data-Storage.md#checking-memory-for-sensitive-data-mstg-storage-10 Files: com/alivc/rtc/device/UTUtdid.java, line(s) 23,24,43 com/bjz/comm/net/bean/AtUserBean.java, line(s) 60 com/bjz/comm/net/bean/FCEntitysRequest.java, line(s) 49 com/bjz/comm/net/bean/FCEntitysResponse.java, line(s) 121 com/bjz/comm/net/bean/FcUserInfoBean.java, line(s) 116 com/bjz/comm/net/bean/MiniGameBean.java, line(s) 113 com/bjz/comm/net/bean/ResponseAccessTokenBean.java, line(s) 60 com/litesuits/orm/db/assit/SQLBuilder.java, line(s) 61 com/litesuits/orm/db/model/EntityTable.java, line(s) 32 com/litesuits/orm/db/model/MapProperty.java, line(s) 7 com/zhy/http/okhttp/builder/PostFormBuilder.java, line(s) 48 im/hgidlmcerj/javaBean/ShareInstallConfigBean.java, line(s) 46 im/hgidlmcerj/messenger/ContactsController.java, line(s) 2084,2425 im/hgidlmcerj/messenger/FileRefController.java, line(s) 129,161,178,193,198,203,210,228,225,231 im/hgidlmcerj/messenger/GcmPushListenerService.java, line(s) 2179 im/hgidlmcerj/messenger/ImageLoader.java, line(s) 3160,785 im/hgidlmcerj/messenger/LocaleController.java, line(s) 712 im/hgidlmcerj/messenger/NotificationsController.java, line(s) 2514,2559 im/hgidlmcerj/messenger/SendMessagesHelper.java, line(s) 4012,3183,3191,4898 im/hgidlmcerj/ui/ArticleViewer.java, line(s) 1813,4908,4160 im/hgidlmcerj/ui/ChannelCreateActivity.java, line(s) 132 im/hgidlmcerj/ui/ChatEditTypeActivity.java, line(s) 121 im/hgidlmcerj/ui/DataAutoDownloadActivity.java, line(s) 302,454,317,464,310,459 im/hgidlmcerj/ui/DataSettingsActivity.java, line(s) 218,382,230,390,224,386 im/hgidlmcerj/ui/LaunchActivity.java, line(s) 2080 im/hgidlmcerj/ui/NotificationsCustomSettingsActivity.java, line(s) 350,348,346 im/hgidlmcerj/ui/NotificationsSettingsActivity.java, line(s) 744 im/hgidlmcerj/ui/PassportActivity.java, line(s) 4637,4222,4675,4228,4643,4679,4649,4652,894,5897,4628,4659,5255,889,5889,4640,4634,4663,5265,4631,4661,5258,4236,4673,4646,892,5893,885,5877,4215,4669,4218,4671,897,5881 im/hgidlmcerj/ui/QuickRepliesSettingsActivity.java, line(s) 172,168,164,160 im/hgidlmcerj/ui/actionbar/Theme.java, line(s) 2846,3655,3723 im/hgidlmcerj/ui/adapters/MentionsAdapter.java, line(s) 400 im/hgidlmcerj/ui/components/AlertsCreator.java, line(s) 532,534 im/hgidlmcerj/ui/components/EmojiView.java, line(s) 5404,5408 im/hgidlmcerj/ui/components/EmojiViewV2.java, line(s) 4025,4029 im/hgidlmcerj/ui/hui/contacts/CreateGroupingActivity.java, line(s) 563 im/hgidlmcerj/ui/hui/friendscircle_v1/view/edittext/span/User.java, line(s) 152 im/hgidlmcerj/ui/hui/login/LoginContronllerActivity.java, line(s) 65 im/hgidlmcerj/ui/hui/packet/SelecteContactsActivity.java, line(s) 171,175 im/hgidlmcerj/ui/settings/AutoDownloadSettingActivity.java, line(s) 79,471,89,486,84,479 im/hgidlmcerj/ui/settings/DataAndStoreSettingActivity.java, line(s) 292,300,296
中危 SHA-1是已知存在哈希冲突的弱哈希
SHA-1是已知存在哈希冲突的弱哈希 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x04g-Testing-Cryptography.md#identifying-insecure-andor-deprecated-cryptographic-algorithms-mstg-crypto-4 Files: com/alivc/rtc/device/UTUtdid.java, line(s) 344 im/hgidlmcerj/messenger/Utilities.java, line(s) 229,243 im/hgidlmcerj/ui/PassportActivity.java, line(s) 3115 im/hgidlmcerj/utils/DeviceUtils.java, line(s) 98 im/hgidlmcerj/utils/FingerprintUtil.java, line(s) 157
中危 可能存在跨域漏洞。在 WebView 中启用从 URL 访问文件可能会泄漏文件系统中的敏感信息
可能存在跨域漏洞。在 WebView 中启用从 URL 访问文件可能会泄漏文件系统中的敏感信息 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x05h-Testing-Platform-Interaction.md#static-analysis-6 Files: im/hgidlmcerj/ui/fragments/TabWebFragment.java, line(s) 89,82 im/hgidlmcerj/ui/hui/discoveryweb/DiscoveryJumpToPage.java, line(s) 262,255
中危 应用程序使用不安全的随机数生成器
应用程序使用不安全的随机数生成器 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x04g-Testing-Cryptography.md#weak-random-number-generators Files: com/alivc/rtc/device/UTUtdid.java, line(s) 16 com/alivc/rtc/device/utils/PhoneInfoUtils.java, line(s) 7 com/socks/library/klog/FileLog.java, line(s) 11 im/hgidlmcerj/ui/hui/visualcall/VisualCallReceiveService.java, line(s) 31 im/hgidlmcerj/ui/utils/number/StringUtils.java, line(s) 4 im/hgidlmcerj/ui/utils/translate/ssrc/SSRC.java, line(s) 18
中危 应用程序使用SQLite数据库并执行原始SQL查询。原始SQL查询中不受信任的用户输入可能会导致SQL注入。敏感信息也应加密并写入数据库
应用程序使用SQLite数据库并执行原始SQL查询。原始SQL查询中不受信任的用户输入可能会导致SQL注入。敏感信息也应加密并写入数据库 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x04h-Testing-Code-Quality.md#injection-flaws-mstg-arch-2-and-mstg-platform-2 Files: com/danikula/videocache/sourcestorage/DatabaseSourceInfoStorage.java, line(s) 6,7,28 com/litesuits/orm/db/assit/Querier.java, line(s) 4,14
中危 应用程序创建临时文件。敏感信息永远不应该被写进临时文件
应用程序创建临时文件。敏感信息永远不应该被写进临时文件 Files: im/hgidlmcerj/ui/components/paint/Slice.java, line(s) 23 im/hgidlmcerj/ui/utils/translate/ssrc/SSRC.java, line(s) 2869
中危 不安全的Web视图实现。可能存在WebView任意代码执行漏洞
不安全的Web视图实现。可能存在WebView任意代码执行漏洞 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x05h-Testing-Platform-Interaction.md#testing-javascript-execution-in-webviews-mstg-platform-5 Files: im/hgidlmcerj/messenger/utils/PlayerUtils.java, line(s) 1833,1840 im/hgidlmcerj/ui/ArticleViewer.java, line(s) 7608,7603 im/hgidlmcerj/ui/WebviewActivity.java, line(s) 278,265 im/hgidlmcerj/ui/components/EmbedBottomSheet.java, line(s) 665,222 im/hgidlmcerj/ui/components/WebPlayerView.java, line(s) 1829,1836
中危 IP地址泄露
IP地址泄露 Files: com/danikula/videocache/HttpProxyCacheServer.java, line(s) 31 im/hgidlmcerj/tgnet/NetworkConfig.java, line(s) 35,172,164,174,162
中危 应用程序包含隐私跟踪程序
此应用程序有多个2隐私跟踪程序。跟踪器可以跟踪设备或用户,是终端用户的隐私问题。
中危 此应用可能包含硬编码机密信息
从应用程序中识别出以下机密确保这些不是机密或私人信息 openinstall统计的=> "com.openinstall.APP_KEY" : "l7cq4w" 谷歌地图的=> "com.google.android.maps.v2.API_KEY" : "AIzaSyA-t0jLPjUt2FxrA8VPK2EiYHcYcboIR6k" 百度地图的=> "com.baidu.lbsapi.API_KEY" : "kdjUejIjejr98r5lAPl34kPK4M45T7Y4" "firebase_database_url" : "https://hgidlmcerj-48b0d.firebaseio.com" "key_windowBackgroundGray" : "windowBackgroundGray" "key_windowBackgroundWhite" : "windowBackgroundWhite" "LoginPassword" : "Password" "AdvanceAuth" : "AdvanceAuth" "google_api_key" : "AIzaSyC6uk1nvjb5BYzqEzgaWy_iTryf5373Nyw" "google_crash_reporting_api_key" : "AIzaSyC6uk1nvjb5BYzqEzgaWy_iTryf5373Nyw" "PassportAuthorize" : "AUTHORIZE" "NotAuthenticated" : "NotAuthenticated" "baidu_map_key" : "kdjUejIjejr98r5lAPl34kPK4M45T7Y4" "key_walletDefaultBackground" : "walletDefaultBackground" "UseProxyUsername" : "Username" "ReAuth" : "Re-certification" "PasscodePassword" : "Password" "Sessions" : "Sessions" "Username" : "Username" "Authenticated" : "Authenticated" "pref_speakerphone_key" : "speakerphone_preference" "TypePrivate" : "Private" "TypePrivateGroup" : "Private" "CommitAuthentication" : "CommitAuthentication" "yuncheng_app_key" : "hf4gX21KF4+d3MBQdtbQCgRUv4JmXdcd366tMJ_2Nkpr4qFQ+JpjJLgILcjeglAiPhawp_SkhJg-btxAXxfMy6eoVE1Z5fLbHa9ML84-gJ9CQ2t-p5A1wGw-liBiglGLE35hA5yAWgdxLwxRJflwNFFm2i29YghMzFxjgNtgLqtrtwmcG66YUL1m-O7wxuAyW8yaJiCVl5igvChLSTlvQPwxfiKp1Sw1+iG1UAx4j69AT3tPeWludJlhbEQzVkcRPSkvtrz5ZtvTAFTFGw_ZtiXBOWXRg5i-lvaTd++Zp9pr85E8lZCy2roG4BKf2Mc9ZTtRVClTm+l6Ht2Hs8ipggo3uTxwXTMXDiNYfvoAyegblngR-OM26+E4MCAKI_QSqRI25NOKS8O5EV+1J+VKP2nx89cKwxQErwhdZUnDDnvDuxRffIrfRP7PZhbkcjaUvQiv-ZTE6J91V3ZQnzu7a8jOf5IsaiXnwUDNBuOWP6c4xjOQHalyUGA9b8fGpdefZXz" "RealNameAuth" : "RealNameAuth" "Authentication" : "Authentication" "UseProxyPassword" : "Password" "TypePrivate2" : "Private" "UseProxySecret" : "Secret" "FaceAuth" : "FaceAuth" "FindBackPassword" : "FindBack" "FindBackPassword" : "FindBackPassword" fb9f0bb7fdd0760c354cc3d80cecb1d9 9A04F079-9840-4286-AB92-E65BE0885F95 e283aac0-7c0f-4f2e-bcf7-90acc19903ed A2B55680-6F43-11E0-9A3F-0002A5D5C51B C71CAEB9C6B1C9048E6C522F70F13F73980D40238E3E21C14934D037563D930F48198A0AA7C14058229493D22530F4DBFA336F6E0AC925139543AED44CCE7C3720FD51F69458705AC68CD4FE6B6B13ABDC9746512969328454F18FAF8C595F642477FE96BB2A941D5BCD1D4AC8CC49880708FA9B378E3C4F3A9060BEE67CF9A4A4A695811051907E162753B56B0F6B410DBA74D8A84B2A14B3144E0EF1284754FD17ED950D5965B4B9DD46582DB1178D169C6BC465B0D6FF9CA3928FEF5B9AE4E418FC15E83EBEA0F87FA9FF5EED70050DED2849F47BF959D956850CE929851F0D8115F635B105EE2E4E15D04B2454BF6F4FADF034B10403119CD8E3B92FCC5B f180c508-f49a-40bd-b8ac-50577ce9aff6 QrMgt8GGYI6T52ZY5AnhtxkLzb8egpFn3j5JELI8H6wtACbUnZ5cc3aYTsTRbmkAkRJeYbtx92LPBWm7nBO9UIl7y5i5MQNmUZNf5QENurR5tGyo7yJ2G0MBjWvy6iAtlAbacKP0SwOUeUWx5dsBdyhxa7Id1APtybSdDgicBDuNjI0mlZFUzZSS9dmN8lBD0WTVOMz0pRZbR3cysomRXOO1ghqjJdTcyDIxzpNAEszN8RMGjrzyU7Hjbmwi6YNK bb392ec0-8d4d-11e0-a896-0002a5d5c51b c06c8400-8e06-11e0-9cb6-0002a5d5c51b pE5eNoBQIFVcd9IEuyIhvopfgS1RSj5C ABVGDE2JZIQKLMNOPRSTUFHC34WXY9678
信息 应用程序记录日志信息,不得记录敏感信息
应用程序记录日志信息,不得记录敏感信息 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x05d-Testing-Data-Storage.md#logs Files: cn/dreamtobe/kpswitch/handler/KPSwitchRootLayoutHandler.java, line(s) 35,46,50,56,60 cn/dreamtobe/kpswitch/util/KeyboardUtil.java, line(s) 44,186,193,233,164,202,219 cn/dreamtobe/kpswitch/util/StatusBarHeightUtil.java, line(s) 21 cn/dreamtobe/kpswitch/util/ViewUtil.java, line(s) 18 com/alivc/component/capture/VideoPusher.java, line(s) 158,306,310,329,334,339,397,412,423,428,451,457,467,583,615,635,640,667,728,758,762,764,771,965,999,1052,369,388,392,649,815,878,925,983,1016,659 com/alivc/component/capture/VideoPusherJNI.java, line(s) 40,51,59,74,82,97,105,115,127,139,150,158,167,176,185,194,196,203,212,221,229,238,246,255,68,91,121,133 com/alivc/rtc/AliRtcEngine.java, line(s) 273,286,303,310 com/alivc/rtc/AliRtcEngineImpl.java, line(s) 1629,1701,2047,2085,2260,3379,333,359,663,952,978,1282,1431,1447,1466,1480,1520,1533,1554,1610,1617,1619,1623,1631,1647,1651,1655,1659,1678,1682,1703,1707,1719,1723,1731,1757,1771,1775,1836,1840,1844,1849,1874,1893,1900,1903,1907,1922,1926,1931,1935,1960,1966,1968,1974,1980,1982,1987,1989,1995,1997,2003,2011,2022,2034,2054,2097,2241,2283,2298,2313,2328,2721,2726,2771,2776,2781,2788,2803,2822,2828,2830,2981,2994,3071,74,76,84,86,100,102,109,111,117,123,153,155,166,169,196,198,221,223,236,238,264,266,289,291,302,304,313,341,343,357,377,381,383,392,394,402,404,411,413,420,427,434,455,457,464,490,492,499,505,512,514,516,518,520,522,529,531,533,540,543,545,547,549,551,553,604,606,661,677,679,686,688,695,697,704,706,713,715,734,772,774,785,788,815,817,840,842,855,857,883,885,908,910,921,923,932,960,962,976,996,1000,1002,1011,1013,1021,1023,1030,1032,1039,1046,1053,1074,1076,1083,1109,1111,1118,1124,1131,1133,1135,1137,1139,1141,1148,1150,1152,1159,1162,1164,1166,1168,1170,1172,1223,1225,1280,1296,1298,1305,1307,1314,1316,1323,1325,1332,1334,1371,1373,1399,1407,1454,1458,1464,1467,1472,1478,1484,1490,1492,1498,1505,1512,1518,1536,1541,1543,1597,1611,1639,1645,1663,1669,1672,1695,1717,1741,1748,1754,1763,1769,1780,1787,1791,1796,1801,1809,1814,1819,1828,1834,1885,1891,1914,1920,1948,1953,1957,2009,2015,2028,2042,2091,2108,2120,2126,2153,2163,2171,2173,2179,2185,2187,2194,2207,2214,2216,2224,2226,2231,2233,2239,2252,2258,2266,2268,2274,2276,2289,2291,2304,2306,2317,2319,2334,2339,2348,2358,2366,2368,2374,2378,2388,2390,2400,2402,2414,2422,2433,2451,2461,2466,2472,2474,2490,2525,2542,2577,2594,2610,2612,2620,2622,2629,2631,2643,2651,2660,2708,2796,2807,2833,2895,2897,2903,2926,2932,2938,2944,2950,2956,2962,2968,2974,3076,3085,3087,3096,3098,3107,3109,3118,3120,3129,3131,3140,3142,3151,3153,3162,3164,3173,3178,3187,3189,3198,3203,3212,3214,3223,3228,3237,3239,3248,3253,3262,3264,3273,3275,3284,3286,3295,3297,3306,3308,3317,3319,3330,3342,3346,3356,3360,3375,3429,3434,3443,3445,1534 com/alivc/rtc/device/DeviceInfo.java, line(s) 30,57,61 com/alivc/rtc/device/UTUtdid.java, line(s) 132,134,139,141,152,154,159,161,207,212,238,241,246,249 com/bjz/comm/net/factory/ApiFactory.java, line(s) 59,66 com/bjz/comm/net/factory/ApiGameFactory.java, line(s) 57,64 com/bjz/comm/net/mvp/presenter/FcCommonPresenter.java, line(s) 111 com/bjz/comm/net/premission/PermissionActivity.java, line(s) 52,332,345,360 com/bjz/comm/net/premission/PermissionManager.java, line(s) 34 com/bjz/comm/net/receiver/NetworkConnectChangedReceiver.java, line(s) 23,29,39 com/bjz/comm/net/utils/MD5Utils.java, line(s) 21,88,92,93 com/bjz/comm/net/utils/RxHelper.java, line(s) 98,103,126,130,141,189 com/bjz/comm/net/utils/TokenLoader.java, line(s) 50,82,86 com/contrarywind/view/WheelView.java, line(s) 341 com/coremedia/iso/boxes/sampleentry/AudioSampleEntry.java, line(s) 195 com/litesuits/orm/LiteOrm.java, line(s) 81,83,87,117,327 com/litesuits/orm/db/TableManager.java, line(s) 92,133,124,172,250,91,96,97,102,103,120,122,132,139,140,160,161,181,182,183,188,189 com/litesuits/orm/db/assit/Querier.java, line(s) 12,18,21,11,17,20 com/litesuits/orm/db/assit/SQLStatement.java, line(s) 250,280,519,170,285,101,102,126,127,169,183,184,187,188,233,234,249,275,276,279,284,323,359,375,380,422,423,496,506,518,324,360,497,507 com/litesuits/orm/db/assit/Transaction.java, line(s) 15,21,22 com/litesuits/orm/db/utils/DataUtil.java, line(s) 109,110 com/litesuits/orm/log/OrmLog.java, line(s) 41,74,124,157,62,95,145,178,20,27,48,81,131,164,34,67,117,150,55,88,138,171 com/preview/PreviewDialogFragment.java, line(s) 163 com/serenegiant/usb/DeviceFilter.java, line(s) 73,75 com/serenegiant/usb/USBMonitor.java, line(s) 242,249,828,847,425,429,432,844,282,467 com/serenegiant/usb/UVCCamera.java, line(s) 1049,1055,1060,1066,483,1083 com/socks/library/Util.java, line(s) 13,15 com/socks/library/klog/BaseLog.java, line(s) 28,37,31,25,34,40 com/socks/library/klog/FileLog.java, line(s) 17,20 com/socks/library/klog/JsonLog.java, line(s) 29 com/socks/library/klog/XmlLog.java, line(s) 21 com/tablayout/SlidingScaleTabLayout.java, line(s) 674 com/tablayout/transformer/TabScaleTransformer.java, line(s) 28 com/zhy/http/okhttp/cookie/store/PersistentCookieStore.java, line(s) 143,156,159 com/zhy/http/okhttp/log/LoggerInterceptor.java, line(s) 42,45,46,47,49,52,55,58,60,71,72,73,75,79,81,83,86 com/zhy/http/okhttp/utils/L.java, line(s) 10 ezy/assist/compat/RomUtil.java, line(s) 147 ezy/assist/compat/SettingsCompat.java, line(s) 96,116,127 im/hgidlmcerj/javaBean/wallet/BankCardListResBean.java, line(s) 83 im/hgidlmcerj/javaBean/wallet/BillRecordDetailBean.java, line(s) 90 im/hgidlmcerj/javaBean/wallet/BillRecordResBillListBean.java, line(s) 212 im/hgidlmcerj/javaBean/wallet/WalletPaymentBankCardBean.java, line(s) 78,90 im/hgidlmcerj/javaBean/wallet/WalletWithdrawTemplateBean.java, line(s) 69 im/hgidlmcerj/messenger/AndroidUtilities.java, line(s) 1029,1783,1793,184,241,381,473,487,915,989,1021,1066,1079,1148,1157,1166,1175,1272,1275,1395,1410,1425,1470,1488,1492,1559,1580,1678,1693,1748,1770,1874,1936,1999,2040,2052,2093,2254,3116 im/hgidlmcerj/messenger/AnimatedFileDrawableStream.java, line(s) 56 im/hgidlmcerj/messenger/AppChooserTargetService.java, line(s) 54,96,178 im/hgidlmcerj/messenger/ApplicationLoader.java, line(s) 78,127,163,179,190,204,214,251,254,265,268,303,71,130,290,318,332,352,369,417 im/hgidlmcerj/messenger/ContactsController.java, line(s) 448,465,481,685,691,1005,1060,1134,1490,1520,1539,1715,1725,1749,1900,1905,1936,2013,2030,2592,2749,589,615,847,867,930,1525,1671,2237,2246,2483,2492,2498,2516,2828,3349,3363,3403 im/hgidlmcerj/messenger/ContactsSyncAdapterService.java, line(s) 49,30 im/hgidlmcerj/messenger/DispatchQueue.java, line(s) 26,35,47,61,85 im/hgidlmcerj/messenger/DownloadController.java, line(s) 1145 im/hgidlmcerj/messenger/Emoji.java, line(s) 193,105,118,129,357,403,423,492,504,730,742 im/hgidlmcerj/messenger/FileLoadOperation.java, line(s) 1078,1080,1156,1352,1423,1569,1611,1685,1995,2102,2134,348,503,516,533,817,821,907,933,940,980,1008,1097,1113,1269,1275,1282,1288,1295,1301,1308,1314,1322,1382,1384,1393,1401,1578,1735,1738,1820,1834,1836 im/hgidlmcerj/messenger/FileLoader.java, line(s) 941,1398,1406,1414,1423 im/hgidlmcerj/messenger/FileLog.java, line(s) 234,259,101,127,152,177,284,309 im/hgidlmcerj/messenger/FileRefController.java, line(s) 123,636,974 im/hgidlmcerj/messenger/FileStreamLoadOperation.java, line(s) 138 im/hgidlmcerj/messenger/FileUploadOperation.java, line(s) 115,139,205,425,547,688 im/hgidlmcerj/messenger/GcmPushListenerService.java, line(s) 37,50,98,107,126,138,209,303,417,2342,2397,160,180,1167,2179,2181,2197,2223,2186 im/hgidlmcerj/messenger/ImageLoader.java, line(s) 2160,2230,2244,2256,2269,2282,2290,204,212,221,244,248,257,263,313,342,361,381,404,415,434,591,600,609,632,636,646,658,832,850,1045,1048,1106,1163,1190,1272,1337,1433,1999,2005,2220,2226,2248,2260,2273,2286,2294,2339,2344,2352,2360,3635,3647,3671,3683,3750,3759,3794,3801,3846,4011,4017,4127 im/hgidlmcerj/messenger/ImageReceiver.java, line(s) 794,883,930,962,1149 im/hgidlmcerj/messenger/KeepAliveJob.java, line(s) 28,44,50,72,84 im/hgidlmcerj/messenger/LocaleController.java, line(s) 974,2307,2416,2453,414,420,734,867,914,922,928,934,1052,1081,1136,1735,1811,1836,1858,1880,1914,1962,2002,2097,2114,2138,2384,3500 im/hgidlmcerj/messenger/LocationController.java, line(s) 555,638,702 im/hgidlmcerj/messenger/MediaController.java, line(s) 868,1433,1471,1514,1519,1539,1558,1570,1580,5365,5466,5534,5640,6177,6901,7086,7095,7129,485,528,729,754,762,822,827,832,837,854,878,887,993,1004,1070,1084,1118,1129,1192,1789,1819,1934,2061,2076,2386,2392,2479,2644,2747,2799,2815,2839,2873,2889,2899,2973,3082,3218,3240,3356,3365,3469,3549,3613,3707,3715,3739,3761,3769,3792,3798,3806,3829,3835,3843,3861,3894,3901,3921,3927,3931,3936,3943,4020,4068,4077,4104,4170,4175,4199,4330,4374,4423,4428,4506,4680,5025,5361,5376,5454,5462,5549,5561,5605,5740,5790,5847,5912,5957,5995,6059,6171,6189,6261,6354,6479,6625,6736,6821,6929,7011,7038,7149 im/hgidlmcerj/messenger/MediaDataController.java, line(s) 286,425,481,544,688,744,952,1021,1059,1073,1242,1321,1404,1645,1736,1812,1999,2019,2129,2580,2862,2900,2982,3050,3084,3105,3136,3205,3233,3273,3345,3511,3538,3699,3784,3815,3996,4071,4088,4186,4206,4227,4233,4252,4307,4354,4484,4560,4582,4774,4806,4884,4886,5120,5631,5716,5857,5899,5938,5977,6013,6085,6123,6200,6287 im/hgidlmcerj/messenger/MessageObject.java, line(s) 267,3949,3994,4068,4218,4224,4656,4684,4695,4715,4817,4841,4855,4895,4966,4982 im/hgidlmcerj/messenger/MessagesController.java, line(s) 2455,2460,2506,2517,2542,2549,2566,2578,4151,4160,6043,6507,6514,6520,6571,6604,6642,9395,9410,9460,9571,9580,9593,9655,9664,9676,10031,10222,10241,10456,11377,11460,11493,11544,11573,11575,11583,11820,11827,12822,12898,12914,12929,13033,13227,13268,13282,13295,13334,13663,13708,14520,14521,14526,14530,14536,14551,14573,15162,1402,3365,3476,3504,3534,3868,5758,6056,6623,7557,7983,8639,8664,9713,9842,10520,10643,10719,11304,13257,14565,15534,15845,15939,15942 im/hgidlmcerj/messenger/MessagesStorage.java, line(s) 228,317,7349,349,357,373,444,480,1035,1102,1104,1118,1151,1187,1377,1416,1485,1512,1542,1574,1692,1768,1870,1907,1950,2023,2117,2210,2272,2358,2368,2413,2473,2513,2594,2685,2817,3034,3046,3130,3169,3225,3265,3299,3301,3347,3405,3434,3556,3611,3619,3753,3780,3920,3998,4074,4119,4153,4235,4372,4448,4571,4633,4693,4737,4739,4821,4901,4941,4971,5054,5062,5151,5186,5211,5292,5367,5406,5455,5465,5490,5510,5633,5688,5719,5742,5769,5798,5859,5912,5937,6001,6072,6141,6280,6334,6411,6553,6619,6647,6663,6793,6823,6846,6914,6932,6935,6991,7014,7060,7121,7170,7214,7229,7276,7319,7360,7411,7501,7547,7628,7715,7742,7784,7832,7848,7869,7885,7921,7962,8028,8057,8090,8166,8225,8271,8311,8417,8473,8487,8510,8524,8562,8683,8786,8827,8868,8976,9010,9048,9070,9097,9114,9176,9187,9203,9212,9266,9306,9371,9459,9492,9626,9666,9695,9792,9867,9902,9998,10103,10163,10299,10400,10679,10812,10926,11052,11171,11251,11359,11451,11590,11669,11770,11944,12045,12229,12381,12451,12545,12632,12711,12780,12869,13165,13249,13409,13778,13817,13854,13883,13988,14045,14097,14135,14157,14200,14249,14307,14320,14397,14459,14531,14560,14592,14650,14664,14724,14749,14775,14833,14846,14914,14938,14967,14997,15052,15266,15303,15350,15357,15427,15495,15523,15544,15661,15714,15779,15819,15859,15943,15997,16019,16059,16136,16171,16175,16290,16467,16571,16583,16638,16694,16768,16850,16915,17027,17208,17274,17336,17409,17470,17553,17637,17695,17819,17943,18193,18273,18382,18420,18470,18485,18537,18570,18616,18671,18768,18808,18870,18961,19007,19051,19076,19159,19222,19225,19304,19436,19520,19578,19669,19764,19854,19915,19968,20133,20223,20303,20423,20462,20465,20506,20519,20565,20642,20694,20697,20726,20769,20789,20810,20826,20847,20869,20889,20900,20915,20930,20958,20981,21015,21050,21084,21118,21155,21189 im/hgidlmcerj/messenger/MusicBrowserService.java, line(s) 208,300,337,386,515 im/hgidlmcerj/messenger/MusicPlayerService.java, line(s) 191,392 im/hgidlmcerj/messenger/NativeLoader.java, line(s) 125,178,47,77,83,89,95,100,107,128,156,165,184,195,204 im/hgidlmcerj/messenger/NotificationBadge.java, line(s) 182,459 im/hgidlmcerj/messenger/NotificationCenter.java, line(s) 963 im/hgidlmcerj/messenger/NotificationImageProvider.java, line(s) 109 im/hgidlmcerj/messenger/NotificationsController.java, line(s) 215,351,2457,4190,5199,190,195,203,226,263,297,318,1367,1381,2304,2381,2394,2409,2436,2440,2449,2463,2521,2553,2775,2898,3179,3465,5276,5310,5314,5323,4283,4349,4410,4427,4591,4991,5169,5212 im/hgidlmcerj/messenger/ScreenReceiver.java, line(s) 13,27 im/hgidlmcerj/messenger/SecretChatHelper.java, line(s) 586,1146,1689,1690,663,689,775,1078,1292,1470,1618,1684,1700,1773,1969,1983,2095,2124,2165,2181 im/hgidlmcerj/messenger/SendMessagesHelper.java, line(s) 136,1963,2767,8087,8320,8338,8346,8352,192,197,206,927,944,1404,2471,2498,2559,2578,2626,2638,2677,2759,2820,2854,2884,2942,2995,3509,5166,5172,5326,5331,5389,5402,5648,5692,5725,6239,6288,6315,6974,7024,7081,7740,7851,7924,8252,8255,8270,8278 im/hgidlmcerj/messenger/SharedConfig.java, line(s) 741,155,287,308,322,392,714 im/hgidlmcerj/messenger/SmsReceiver.java, line(s) 49 im/hgidlmcerj/messenger/UserConfig.java, line(s) 193 im/hgidlmcerj/messenger/Utilities.java, line(s) 73,233,249,278,291,302,314,333,350,382 im/hgidlmcerj/messenger/VideoEditedInfo.java, line(s) 72 im/hgidlmcerj/messenger/VideoEncodingService.java, line(s) 36,87,54 im/hgidlmcerj/messenger/WearDataLayerListenerService.java, line(s) 38,46,62,231,238,55,225,242,338 im/hgidlmcerj/messenger/XiaomiUtilities.java, line(s) 46 im/hgidlmcerj/messenger/browser/Browser.java, line(s) 241,281,101,116,216,221,303,320 im/hgidlmcerj/messenger/camera/CameraController.java, line(s) 163,190,551,568,587,304,320,325,417,439,465,477,509,541,594,623,672,700,703,720,726,747,770,784,836,841,847,852,860,883 im/hgidlmcerj/messenger/camera/CameraSession.java, line(s) 211,215,172,253,268,344,357,373,378,465 im/hgidlmcerj/messenger/secretmedia/ExtendedDefaultDataSource.java, line(s) 199 im/hgidlmcerj/messenger/support/JobIntentService.java, line(s) 129 im/hgidlmcerj/messenger/support/customtabs/CustomTabsSessionToken.java, line(s) 19,28,37,46 im/hgidlmcerj/messenger/support/customtabsclient/shared/CustomTabsHelper.java, line(s) 89 im/hgidlmcerj/messenger/support/fingerprint/FingerprintManagerCompatApi23.java, line(s) 21,30,39 im/hgidlmcerj/messenger/utils/PlayerUtils.java, line(s) 1061,407,637,659,664,685,743,789,840,886,973,997,1041,1117,1176,1231,1294,1361,1781,2043,2115,2517,2529,2542,2556,2570,2584,2598 im/hgidlmcerj/messenger/utils/SelectorUtils.java, line(s) 91 im/hgidlmcerj/messenger/voip/AppConnectionService.java, line(s) 31,68,48,58,16,24 im/hgidlmcerj/messenger/voip/AudioRecordJNI.java, line(s) 248,66,79,95,114,137,180,203,239,109,211,63,76,92 im/hgidlmcerj/messenger/voip/AudioTrackJNI.java, line(s) 38,65,111,121,119,32 im/hgidlmcerj/messenger/voip/JNIUtilities.java, line(s) 80 im/hgidlmcerj/messenger/voip/VoIPBaseService.java, line(s) 598,691,748,850,892,899,905,1071,1269,1431,1443,1471,1483,1490,180,188,279,532,570,646,739,831,860,1006,1022,1180,1347,1358 im/hgidlmcerj/messenger/voip/VoIPServerConfig.java, line(s) 19 im/hgidlmcerj/messenger/voip/VoIPService.java, line(s) 367,452,458,465,706,725,754,761,790,806,973,1090,1110,1266,97,286,343,365,399,422,471,523,580,590,698,730,890,1047,1104,1151,111,392,418,570,745,834,841,851,877,905 im/hgidlmcerj/phoneformat/PhoneFormat.java, line(s) 101,107,128,137,200,239 im/hgidlmcerj/sqlite/SQLiteCursor.java, line(s) 98,103 im/hgidlmcerj/sqlite/SQLiteDatabase.java, line(s) 60,77 im/hgidlmcerj/sqlite/SQLitePreparedStatement.java, line(s) 107,108 im/hgidlmcerj/tgnet/ConnectionsManager.java, line(s) 231,328,382,527,535,551,566,578,628,661,669,677,827,834,837,1031,1068,340,342,356,375,393,395,581,645,715,727,751,843,871,924,929,950,964,977,1011,1048 im/hgidlmcerj/tgnet/FCTokenRequestCallback.java, line(s) 45,67,68,126,132,138,146,150 im/hgidlmcerj/tgnet/NativeByteBuffer.java, line(s) 37,130,145,174,189,209,220,256,292,303,340,392,412,426,442,455,488,515,545,561 im/hgidlmcerj/tgnet/NetworkConfig.java, line(s) 93,121,217,224,236,74 im/hgidlmcerj/tgnet/SerializedData.java, line(s) 63,71,79,87,118,141,173,188,203,218,254,265,301,312,347,374,389,425,456,472,491,512 im/hgidlmcerj/tgnet/TLClassStore.java, line(s) 54 im/hgidlmcerj/tgnet/TLJsonResolve.java, line(s) 86,141,169 im/hgidlmcerj/translate/MD5.java, line(s) 33 im/hgidlmcerj/ui/ArticleViewer.java, line(s) 2898,2918,3898,4526,4604,4791,4965,5014,5035,5176,5186,5213,5226,7574,7584,7697,7718,7744,10591,11020,11422,11613,11685,11691,11719,11776 im/hgidlmcerj/ui/AudioSelectActivity.java, line(s) 282 im/hgidlmcerj/ui/CacheControlActivity.java, line(s) 238,456,476,592,601,670,849,939,961 im/hgidlmcerj/ui/CancelAccountDeletionActivity.java, line(s) 136,266,399,964,1082 im/hgidlmcerj/ui/ChangeBioActivity.java, line(s) 235,246 im/hgidlmcerj/ui/ChangePhoneActivity.java, line(s) 132,288,680,690,858,1482,1600 im/hgidlmcerj/ui/ChangePhoneNumberActivity.java, line(s) 187,197 im/hgidlmcerj/ui/ChangeSignActivity.java, line(s) 152,163 im/hgidlmcerj/ui/ChangeUsernameActivity.java, line(s) 87,105,496,511 im/hgidlmcerj/ui/ChannelAdminLogActivity.java, line(s) 965,1415,2495,2505,2515,2525,2535,2545,2555,2565 im/hgidlmcerj/ui/ChannelCreateActivity.java, line(s) 775,883,1010,1022 im/hgidlmcerj/ui/ChatActivity.java, line(s) 11680,14908,14944,15371,906,932,961,981,1280,3984,4128,5538,5749,7388,7715,7836,9452,10155,10218,12620,13149,15021,16844,16879,17330,17683,17860,17866,18841,18893,18908,20467,20531,20620,20677,20719,21560,21570,21580,21590,21600,21610,21620,21630 im/hgidlmcerj/ui/ChatEditActivity.java, line(s) 948 im/hgidlmcerj/ui/ChatEditTypeActivity.java, line(s) 450,464,496 im/hgidlmcerj/ui/ChatRightsEditActivity.java, line(s) 608,635 im/hgidlmcerj/ui/ChatUsersActivity.java, line(s) 2366,2926 im/hgidlmcerj/ui/ContactAddActivity.java, line(s) 181 im/hgidlmcerj/ui/ContactsActivity.java, line(s) 523,630,712 im/hgidlmcerj/ui/ContentPreviewViewer.java, line(s) 804,851,886,907,919,1014 im/hgidlmcerj/ui/CountrySelectActivity.java, line(s) 378,539,550 im/hgidlmcerj/ui/DialogsActivity.java, line(s) 1893,2773 im/hgidlmcerj/ui/DocumentSelectActivity.java, line(s) 743,150,172,525,774,788,796,815,846 im/hgidlmcerj/ui/ExternalActionActivity.java, line(s) 597,601,70,390,438 im/hgidlmcerj/ui/GroupCreateFinalActivity.java, line(s) 148 im/hgidlmcerj/ui/GroupEditActivity.java, line(s) 896 im/hgidlmcerj/ui/GroupInviteActivity.java, line(s) 143,158 im/hgidlmcerj/ui/GroupStickersActivity.java, line(s) 729 im/hgidlmcerj/ui/IdenticonActivity.java, line(s) 67 im/hgidlmcerj/ui/IndexActivity.java, line(s) 286,317,322,798,827,313,587,603,780,784,789,830 im/hgidlmcerj/ui/InviteContactsActivity.java, line(s) 570,614,792,818 im/hgidlmcerj/ui/LanguageSelectActivity.java, line(s) 274,285 im/hgidlmcerj/ui/LaunchActivity.java, line(s) 179,514,563,570,600,642,688,2229,2448,2509,2804,3146,3180,3278,3282,229,479,530,1040,1193,1201,1253,1359,1465,1562,1580,1597,1618,1646,1702,1740,1850,1876,1886,2103,2221,2327,2335,2613,2622,2897,3003,3039,3068,3212,3403,3474 im/hgidlmcerj/ui/LaunchAgDialogActivity.java, line(s) 41 im/hgidlmcerj/ui/LocationActivity.java, line(s) 215,271,804,985,1099,1149,1194,1207,1409,1493,1550,1567,1576 im/hgidlmcerj/ui/LoginActivity.java, line(s) 373,430,725,1132,1142,1342,2045,2167,4052 im/hgidlmcerj/ui/Media1Activity.java, line(s) 2210 im/hgidlmcerj/ui/MediaActivity.java, line(s) 2108 im/hgidlmcerj/ui/NewContactActivity.java, line(s) 458,472,585 im/hgidlmcerj/ui/NotificationsCustomSettingsActivity.java, line(s) 440,882,923,958 im/hgidlmcerj/ui/NotificationsSettingsActivity.java, line(s) 442,476,514,721 im/hgidlmcerj/ui/PasscodeActivity.java, line(s) 497,607 im/hgidlmcerj/ui/PassportActivity.java, line(s) 1063,3119,3597,3884,3990,4769,5518,6201,6287,8169,8235,8418,8489,8648,9381,9499 im/hgidlmcerj/ui/PeopleNearbyActivity.java, line(s) 437,364,573 im/hgidlmcerj/ui/PhoneBookSelectActivity.java, line(s) 227 im/hgidlmcerj/ui/PhonebookShareActivity.java, line(s) 521,577,625 im/hgidlmcerj/ui/PhotoCropActivity.java, line(s) 348,412,335,340,354 im/hgidlmcerj/ui/PhotoViewer.java, line(s) 1375,5049,10495,10502,10510,10516,455,653,1930,2569,2582,2903,3119,3886,3944,3973,4031,4059,4471,4478,4701,4723,4817,4876,4889,5136,5143,7142,7894,8358,8395,8475,8705,8797,9563,10522 im/hgidlmcerj/ui/PopupNotificationActivity.java, line(s) 536,1508 im/hgidlmcerj/ui/PrivacyControlActivity.java, line(s) 118,721 im/hgidlmcerj/ui/PrivacySettingsActivity.java, line(s) 443,522 im/hgidlmcerj/ui/ProfileActivity.java, line(s) 272,609,627,1402,1416,1428,1456,2169 im/hgidlmcerj/ui/ProfileNotificationsActivity.java, line(s) 515,540 im/hgidlmcerj/ui/SecretMediaViewer.java, line(s) 513,519,561,609,889,1019,1428 im/hgidlmcerj/ui/SessionsActivity.java, line(s) 368,394 im/hgidlmcerj/ui/SettingsActivity.java, line(s) 2805 im/hgidlmcerj/ui/ShareActivity.java, line(s) 77,98 im/hgidlmcerj/ui/StickersActivity.java, line(s) 419,430,523 im/hgidlmcerj/ui/TestActivity.java, line(s) 35 im/hgidlmcerj/ui/ThemeActivity.java, line(s) 1036,1048,1134,1139,1180,1525,1531,1537,1563 im/hgidlmcerj/ui/ThemeSetUrlActivity.java, line(s) 101,119,453,468,696,707 im/hgidlmcerj/ui/TwoStepVerificationActivity.java, line(s) 170,1025 im/hgidlmcerj/ui/VoIPActivity.java, line(s) 224 im/hgidlmcerj/ui/WallpaperActivity.java, line(s) 844,853,874,898,917,934 im/hgidlmcerj/ui/WebviewActivity.java, line(s) 90,188,294,305,496,513 im/hgidlmcerj/ui/actionbar/ActionBarLayout.java, line(s) 183,1472,1663,2270 im/hgidlmcerj/ui/actionbar/ActionBarPopupWindow.java, line(s) 102,321,383 im/hgidlmcerj/ui/actionbar/AlertDialog.java, line(s) 907 im/hgidlmcerj/ui/actionbar/BaseFragment.java, line(s) 136,148,176,191,291,326,417,436,490,504 im/hgidlmcerj/ui/actionbar/BottomSheet.java, line(s) 609,1033,1096,1113 im/hgidlmcerj/ui/actionbar/DrawerLayoutContainer.java, line(s) 400 im/hgidlmcerj/ui/actionbar/Theme.java, line(s) 3251,3293,1197,1253,1261,2155,2219,2816,2823,2875,2909,2985,3030,3437,3451,3498,3535,3552,3741,3762,3775,3862,3917,3922,3984,4031,4087,4120,4156,4231,4235,4344,4353,5571,5584,5590,5692,5699,5708,5715 im/hgidlmcerj/ui/actionbar/ThemeDescription.java, line(s) 711 im/hgidlmcerj/ui/actionbar/XAlertDialog.java, line(s) 940,993 im/hgidlmcerj/ui/activities/LoginActivity.java, line(s) 146,319,71 im/hgidlmcerj/ui/activities/WalletRechargeH5Activity.java, line(s) 133,213 im/hgidlmcerj/ui/activities/WalletWithdrawActivity.java, line(s) 307,359,374 im/hgidlmcerj/ui/activities/WalletWithdrawAddNewAccountActivity.java, line(s) 432,439,619,645,701 im/hgidlmcerj/ui/activities/WqDialogsActivity.java, line(s) 1299,2140 im/hgidlmcerj/ui/activities/WqDialogsAdapter.java, line(s) 253 im/hgidlmcerj/ui/adapters/BaseLocationAdapter.java, line(s) 61,83 im/hgidlmcerj/ui/adapters/ContactsAdapter.java, line(s) 98 im/hgidlmcerj/ui/adapters/DialogsAdapter.java, line(s) 234 im/hgidlmcerj/ui/adapters/DialogsSearchAdapter.java, line(s) 368,412,432,820,937,943,1442 im/hgidlmcerj/ui/adapters/PhonebookSearchAdapter.java, line(s) 40,56 im/hgidlmcerj/ui/adapters/SearchAdapter.java, line(s) 93,113,434 im/hgidlmcerj/ui/adapters/SearchAdapterHelper.java, line(s) 361,485,487,508,571 im/hgidlmcerj/ui/bottom/BottomBarLayout.java, line(s) 169 im/hgidlmcerj/ui/cell/FmtDialogCell.java, line(s) 385,772,796,1032,1212,1282,1447,2006,2037,1881 im/hgidlmcerj/ui/cells/AboutLinkCell.java, line(s) 120,130,147,195 im/hgidlmcerj/ui/cells/ArchiveHintCell.java, line(s) 53,58 im/hgidlmcerj/ui/cells/AudioPlayerCell.java, line(s) 68,76 im/hgidlmcerj/ui/cells/BotHelpCell.java, line(s) 101,134,144,161 im/hgidlmcerj/ui/cells/ChatActionCell.java, line(s) 348,353 im/hgidlmcerj/ui/cells/ChatMessageCell.java, line(s) 974,998,1053,1064,1164,1178,3069,3168,3203,4049,4710,4720,6217,6310,6347,6354,7271,3678,6671,6774 im/hgidlmcerj/ui/cells/ContextLinkCell.java, line(s) 147,171,219 im/hgidlmcerj/ui/cells/DialogCell.java, line(s) 370,757,782,1160,1318,2067,2098,1939 im/hgidlmcerj/ui/cells/DialogMeUrlCell.java, line(s) 245,385 im/hgidlmcerj/ui/cells/DrawerActionCell.java, line(s) 53 im/hgidlmcerj/ui/cells/DrawerProfileCell.java, line(s) 111,157 im/hgidlmcerj/ui/cells/PopMenuCell.java, line(s) 47 im/hgidlmcerj/ui/cells/SharedAudioCell.java, line(s) 76,81 im/hgidlmcerj/ui/cells/SharedLinkCell.java, line(s) 307,335,350,360,381,497,509 im/hgidlmcerj/ui/cells/ThemeCell.java, line(s) 173,207,241 im/hgidlmcerj/ui/cells/ThemesHorizontalListCell.java, line(s) 375,860,869,875,954 im/hgidlmcerj/ui/components/AlertsCreator.java, line(s) 1022,1075,1090 im/hgidlmcerj/ui/components/AnimatedFileDrawable.java, line(s) 193,224 im/hgidlmcerj/ui/components/AudioPlayerAlert.java, line(s) 861,1315,1330 im/hgidlmcerj/ui/components/AvatarDrawable.java, line(s) 221,249 im/hgidlmcerj/ui/components/BlockingUpdateView.java, line(s) 251,273,277 im/hgidlmcerj/ui/components/ChatActivityEnterView.java, line(s) 1842,1881,3268,4604,4653,4870,5017,5032,5046,5060,5083,5093,5147,5660 im/hgidlmcerj/ui/components/ChatAttachAlert.java, line(s) 3712,3725,3729,2465,3701 im/hgidlmcerj/ui/components/ChatAvatarContainer.java, line(s) 281 im/hgidlmcerj/ui/components/ClippingImageView.java, line(s) 75,151 im/hgidlmcerj/ui/components/EditTextBoldCursor.java, line(s) 184,321,750,759 im/hgidlmcerj/ui/components/EditTextCaption.java, line(s) 324,346,408 im/hgidlmcerj/ui/components/EditTextEmoji.java, line(s) 91,493 im/hgidlmcerj/ui/components/EmbedBottomSheet.java, line(s) 200,304,319,345,373,419,497,504,686,695,714,824,843,921 im/hgidlmcerj/ui/components/EmojiView.java, line(s) 741,1691,2812,4807 im/hgidlmcerj/ui/components/EmojiViewV2.java, line(s) 591,1481,3458 im/hgidlmcerj/ui/components/ForegroundDetector.java, line(s) 59,92,67,100 im/hgidlmcerj/ui/components/ImageUpdater.java, line(s) 271,301,324,346 im/hgidlmcerj/ui/components/InstantCameraView.java, line(s) 497,505,511,887,906,928,1062,1309,1332,1638,1687,1694,1698,1707,1719,1759,1839,2085,457,946,961,992,1004,1070,1078,1088,1101,1112,1149,1171,1177,1183,1192,1244,1402,1407,1415,1581,1735,1792,1804,1921,1930,1940,1948,2022,2158 im/hgidlmcerj/ui/components/LetterDrawable.java, line(s) 60 im/hgidlmcerj/ui/components/PasscodeView.java, line(s) 140,255,929,938,952,1003,1035,1054 im/hgidlmcerj/ui/components/PhotoFilterView.java, line(s) 406,423,438,446,456,469,734,740,749,805,1034 im/hgidlmcerj/ui/components/PhotoPaintView.java, line(s) 439,1265,1272,1299 im/hgidlmcerj/ui/components/PhotoViewerCaptionEnterView.java, line(s) 114,329,363,429,543,573,587,616,697,710 im/hgidlmcerj/ui/components/PipRoundVideoView.java, line(s) 258 im/hgidlmcerj/ui/components/PipVideoView.java, line(s) 407 im/hgidlmcerj/ui/components/RLottieDrawable.java, line(s) 215,339,415 im/hgidlmcerj/ui/components/RadioButton.java, line(s) 61,160 im/hgidlmcerj/ui/components/RecyclerListView.java, line(s) 702,920,934,1630,1638 im/hgidlmcerj/ui/components/ShareAlert.java, line(s) 954,1530 im/hgidlmcerj/ui/components/SpannableStringLight.java, line(s) 24,41,58 im/hgidlmcerj/ui/components/StaticLayoutEx.java, line(s) 58,122,155,161,172,177,182,216,249,257 im/hgidlmcerj/ui/components/StickersAlert.java, line(s) 116,820,856,935 im/hgidlmcerj/ui/components/TermsOfServiceView.java, line(s) 166 im/hgidlmcerj/ui/components/ThemeEditorView.java, line(s) 101,109,1308,1562,1767 im/hgidlmcerj/ui/components/TimerDrawable.java, line(s) 78 im/hgidlmcerj/ui/components/VideoTimelinePlayView.java, line(s) 301,358,386 im/hgidlmcerj/ui/components/VideoTimelineView.java, line(s) 230,287,315 im/hgidlmcerj/ui/components/WallpaperUpdater.java, line(s) 85,101,126,152,183,186,198,214 im/hgidlmcerj/ui/components/WebPlayerView.java, line(s) 1057,403,633,655,660,681,739,785,836,882,938,1004,1037,1113,1172,1227,1290,1357,1777,2039,2087,2447,2459,2472,2486,2500,2514,2528 im/hgidlmcerj/ui/components/compress/Checker.java, line(s) 79 im/hgidlmcerj/ui/components/compress/Luban.java, line(s) 86,85 im/hgidlmcerj/ui/components/paint/RenderView.java, line(s) 308,316,326,339,350,360,379,499 im/hgidlmcerj/ui/components/paint/Shader.java, line(s) 20,28,82,92 im/hgidlmcerj/ui/components/paint/Slice.java, line(s) 25,56,103 im/hgidlmcerj/ui/components/paint/Utils.java, line(s) 12 im/hgidlmcerj/ui/components/toast/ToastUtils.java, line(s) 77 im/hgidlmcerj/ui/components/voip/CallSwipeView.java, line(s) 95 im/hgidlmcerj/ui/components/voip/DarkTheme.java, line(s) 2384 im/hgidlmcerj/ui/components/voip/VoIPHelper.java, line(s) 153,570 im/hgidlmcerj/ui/dialogs/McShareDialog.java, line(s) 197 im/hgidlmcerj/ui/fragments/BaseFmts.java, line(s) 220,275,289,311 im/hgidlmcerj/ui/fragments/CallRecordsFragment.java, line(s) 600,196 im/hgidlmcerj/ui/fragments/ContactsFragment.java, line(s) 637 im/hgidlmcerj/ui/fragments/DialogsFragment.java, line(s) 491,506,2227 im/hgidlmcerj/ui/fragments/DiscoveryFragment.java, line(s) 212,263 im/hgidlmcerj/ui/fragments/MeFragmentV2.java, line(s) 487,982,1041,1056 im/hgidlmcerj/ui/fragments/TabWebFragment.java, line(s) 185,292,329,352,516 im/hgidlmcerj/ui/fragments/adapter/FmtContactsAdapter.java, line(s) 143 im/hgidlmcerj/ui/hui/CameraViewActivity.java, line(s) 2658,2671,2675,1788,2647 im/hgidlmcerj/ui/hui/CharacterParser.java, line(s) 30 im/hgidlmcerj/ui/hui/WebViewAppCompatActivity.java, line(s) 103,219 im/hgidlmcerj/ui/hui/adapter/AddNewCallAdapter.java, line(s) 77 im/hgidlmcerj/ui/hui/adapter/CreateGroupAdapter.java, line(s) 96 im/hgidlmcerj/ui/hui/adapter/CreateSecureAdapter.java, line(s) 82 im/hgidlmcerj/ui/hui/adapter/MyDialogsAdapter.java, line(s) 243 im/hgidlmcerj/ui/hui/adapter/NewChatAdapter.java, line(s) 86 im/hgidlmcerj/ui/hui/adapter/SelectContactsAdapter.java, line(s) 85 im/hgidlmcerj/ui/hui/adapter/StartChatAdapter.java, line(s) 86 im/hgidlmcerj/ui/hui/adapter/grouping/AddGroupingUserAdapter.java, line(s) 84 im/hgidlmcerj/ui/hui/adapter/pageAdapter/PageSelectionAdapter.java, line(s) 80 im/hgidlmcerj/ui/hui/adapter/pageAdapter/PageStickerAdapter.java, line(s) 111 im/hgidlmcerj/ui/hui/chats/CreateGroupFinalActivity.java, line(s) 158 im/hgidlmcerj/ui/hui/chats/GroupShareActivity.java, line(s) 216 im/hgidlmcerj/ui/hui/chats/MryDialogsActivity.java, line(s) 1774,2615 im/hgidlmcerj/ui/hui/chats/NewChatActivity.java, line(s) 407 im/hgidlmcerj/ui/hui/chats/ProfileGroupActivity.java, line(s) 363,850,868,1064,1644,1658,1670,1698,2832 im/hgidlmcerj/ui/hui/chats/StartChatActivity.java, line(s) 360 im/hgidlmcerj/ui/hui/contacts/AddContactsActivity.java, line(s) 260 im/hgidlmcerj/ui/hui/discovery/ActionIntroActivity.java, line(s) 443,491,526,572 im/hgidlmcerj/ui/hui/discovery/NearPersonAndGroupActivity.java, line(s) 485,489,494,497,504,558,421,650 im/hgidlmcerj/ui/hui/discovery/QrScanActivity.java, line(s) 315,341 im/hgidlmcerj/ui/hui/discoveryweb/DiscoveryJumpPausedFloatingView.java, line(s) 255,527 im/hgidlmcerj/ui/hui/discoveryweb/DiscoveryJumpToPage.java, line(s) 112,139,555,568,602,772 im/hgidlmcerj/ui/hui/friendscircle/fcHelper/OKHttpStreamFetcher.java, line(s) 45,44 im/hgidlmcerj/ui/hui/friendscircle/okhttphelper/AESHelper.java, line(s) 62,75 im/hgidlmcerj/ui/hui/friendscircle/okhttphelper/MD5Utils.java, line(s) 21,88,92,93 im/hgidlmcerj/ui/hui/friendscircle/okhttphelper/OkHttpStringCallBack.java, line(s) 73,64,74 im/hgidlmcerj/ui/hui/friendscircle_v1/adapter/FcDetailAdapter.java, line(s) 189 im/hgidlmcerj/ui/hui/friendscircle_v1/adapter/FcHomeAdapter.java, line(s) 181,693 im/hgidlmcerj/ui/hui/friendscircle_v1/adapter/UserFcListAdapter.java, line(s) 167 im/hgidlmcerj/ui/hui/friendscircle_v1/base/BaseFcActivity.java, line(s) 296,367,480,209,223,246,331,352,503 im/hgidlmcerj/ui/hui/friendscircle_v1/base/BaseFcFragment.java, line(s) 381,452,565,253,267,289,416,437,588 im/hgidlmcerj/ui/hui/friendscircle_v1/base/CommFcListActivity.java, line(s) 162 im/hgidlmcerj/ui/hui/friendscircle_v1/base/CommFcListFragment.java, line(s) 167,171,182 im/hgidlmcerj/ui/hui/friendscircle_v1/fragments/FcFollowFragment.java, line(s) 330,918 im/hgidlmcerj/ui/hui/friendscircle_v1/fragments/FcHomeFragment.java, line(s) 245,799,851 im/hgidlmcerj/ui/hui/friendscircle_v1/fragments/FcRecommendFragment.java, line(s) 240,773,825 im/hgidlmcerj/ui/hui/friendscircle_v1/helper/FcDBHelper.java, line(s) 151,157,166,168 im/hgidlmcerj/ui/hui/friendscircle_v1/player/logger/ExoPlayerLogger.java, line(s) 99,104,126,129,142,149,166,171,188,191,197,205,213,231,236,240,242,247,249,254,259,264,269,274,279,284,289,294,299,317,322,327,344,347,350,353,356,359,362,365,117,336 im/hgidlmcerj/ui/hui/friendscircle_v1/player/player/AbsBaseVideoPlayer.java, line(s) 36,47,54,63,70,78,90 im/hgidlmcerj/ui/hui/friendscircle_v1/player/player/VideoPlayerManager.java, line(s) 385 im/hgidlmcerj/ui/hui/friendscircle_v1/player/utils/Utils.java, line(s) 112,116 im/hgidlmcerj/ui/hui/friendscircle_v1/ui/FcPageDetailActivity.java, line(s) 154,200,336,355,866 im/hgidlmcerj/ui/hui/friendscircle_v1/ui/FcPageMineActivity.java, line(s) 981,1030 im/hgidlmcerj/ui/hui/friendscircle_v1/ui/FcPageOthersActivity.java, line(s) 1043 im/hgidlmcerj/ui/hui/friendscircle_v1/ui/FcPublishActivity.java, line(s) 746,1003,1451,898,1454,1464 im/hgidlmcerj/ui/hui/friendscircle_v1/ui/FcTopicMainActivity.java, line(s) 851,900 im/hgidlmcerj/ui/hui/friendscircle_v1/ui/ImagePreSelectorActivity.java, line(s) 2429,2442,2446,1629,2418 im/hgidlmcerj/ui/hui/friendscircle_v1/ui/ImagePreviewActivity.java, line(s) 1333,10296,10303,10311,10317,551,749,1881,2532,2545,2847,3056,3765,3822,3851,3911,3939,4354,4361,4567,4589,4683,4740,4753,7163,7866,8241,8278,8537,8624,9385,10323 im/hgidlmcerj/ui/hui/friendscircle_v1/ui/ImageSelectorActivity.java, line(s) 3080,3093,3097,2111,3069 im/hgidlmcerj/ui/hui/friendscircle_v1/utils/KeyboardUtils.java, line(s) 47,190,197,237,168,206,223 im/hgidlmcerj/ui/hui/friendscircle_v1/utils/StatusBarHeightUtil.java, line(s) 21 im/hgidlmcerj/ui/hui/friendscircle_v1/utils/ViewUtil.java, line(s) 18 im/hgidlmcerj/ui/hui/friendscircle_v1/view/FCIndexBar.java, line(s) 119 im/hgidlmcerj/ui/hui/friendscircle_v1/view/FcChildReplyListDialog.java, line(s) 210 im/hgidlmcerj/ui/hui/friendscircle_v1/view/FcDoReplyDialog.java, line(s) 187,394 im/hgidlmcerj/ui/hui/friendscircle_v1/view/flowLayout/TagAdapter.java, line(s) 84,88 im/hgidlmcerj/ui/hui/friendscircle_v1/view/flowLayout/TagFlowLayout.java, line(s) 122 im/hgidlmcerj/ui/hui/friendscircle_v1/view/panel/KPSwitchRootLayoutHandler.java, line(s) 35,46,50,56,60 im/hgidlmcerj/ui/hui/friendscircle_v1/view/richtext/TextCommonUtils.java, line(s) 246,274,280 im/hgidlmcerj/ui/hui/friendscircle_v1/view/toast/FcToastUtils.java, line(s) 82 im/hgidlmcerj/ui/hui/login/ChangePersonalInformationActivity.java, line(s) 487 im/hgidlmcerj/ui/hui/login/LoginPasswordContronllerActivity.java, line(s) 187 im/hgidlmcerj/ui/hui/login/PcScanCodeLoginActivity.java, line(s) 110,148 im/hgidlmcerj/ui/hui/mine/AboutAppActivity.java, line(s) 214,299,351,366 im/hgidlmcerj/ui/hui/mine/DataUsageActivity.java, line(s) 356 im/hgidlmcerj/ui/hui/mine/MrySessionsActivity.java, line(s) 700,725 im/hgidlmcerj/ui/hui/mine/MryThemeActivity.java, line(s) 1014,1047,1059,1145,1150,1191,1536,1542,1548,1574 im/hgidlmcerj/ui/hui/mine/PrivacyAndSafeActivity.java, line(s) 286 im/hgidlmcerj/ui/hui/mine/PrivacySecurityActivity.java, line(s) 230 im/hgidlmcerj/ui/hui/mine/QrCodeActivity.java, line(s) 273 im/hgidlmcerj/ui/hui/packet/RedpktGroupSendActivity.java, line(s) 783,1021,1177,1229,1244 im/hgidlmcerj/ui/hui/packet/RedpktSendActivity.java, line(s) 425,620,809,861,876 im/hgidlmcerj/ui/hui/packet/RedpktSendActivity_back.java, line(s) 422,624,813,865,880 im/hgidlmcerj/ui/hui/packet/SelecteContactsActivity.java, line(s) 938 im/hgidlmcerj/ui/hui/packet/fragments/PacketLuckyFragment.java, line(s) 433 im/hgidlmcerj/ui/hui/packet/fragments/PacketNormalFragment.java, line(s) 450 im/hgidlmcerj/ui/hui/packet/fragments/PacketSpecialFragment.java, line(s) 393 im/hgidlmcerj/ui/hui/packet/pop/RedPacketViewHolder.java, line(s) 214,219,224 im/hgidlmcerj/ui/hui/transfer/TransferSendActivity.java, line(s) 433,660,865,917,932 im/hgidlmcerj/ui/hui/transfer/TransferSendActivity_back.java, line(s) 433,668,872,924,939 im/hgidlmcerj/ui/hui/transfer/TransferStatusActivity.java, line(s) 363,543 im/hgidlmcerj/ui/hui/transfer/TransferStatusActivity_back.java, line(s) 429,609 im/hgidlmcerj/ui/hui/views/SilderRelativeLayout.java, line(s) 93,103 im/hgidlmcerj/ui/hui/visualcall/AVideoCallInterface.java, line(s) 75,94,109,120,165,184,189,208 im/hgidlmcerj/ui/hui/visualcall/BaseCallActivity.java, line(s) 230,264,360,422,424,158,219,332 im/hgidlmcerj/ui/hui/visualcall/FlowService.java, line(s) 266,214 im/hgidlmcerj/ui/hui/visualcall/PermissionUtils.java, line(s) 67,72,90,94,114,117,137,156,167,204,218,226,78,231,53,61,63,177,179,182,216,83,173 im/hgidlmcerj/ui/hui/visualcall/RingUtils.java, line(s) 171,67 im/hgidlmcerj/ui/hui/visualcall/ThreadUtils.java, line(s) 53 im/hgidlmcerj/ui/hui/visualcall/VisualCallActivity.java, line(s) 321,325,389,420,497,767,851,975,1104,1126,1153,1158,1274,1301,1514,1547,1591,1593,1621,1657,1661,1690,1695,1717,1742,1747,1801,1857,2124,707,1264,1775,1831,935,940,952,957 im/hgidlmcerj/ui/hui/visualcall/VisualCallReceiveActivity.java, line(s) 472,512,595,633,764,871,1026,1055,1106,1110,1217 im/hgidlmcerj/ui/hui/visualcall/VisualCallReceiveService.java, line(s) 55 im/hgidlmcerj/ui/hviews/MryCheckBox.java, line(s) 102 im/hgidlmcerj/ui/hviews/MyScrollView.java, line(s) 490,556 im/hgidlmcerj/ui/hviews/PasswordEditText.java, line(s) 138,295 im/hgidlmcerj/ui/hviews/dialogs/XDialog.java, line(s) 681 im/hgidlmcerj/ui/hviews/dragView/DragCallBack.java, line(s) 249 im/hgidlmcerj/ui/hviews/dragView/DragHelperFrameLayout.java, line(s) 169 im/hgidlmcerj/ui/hviews/helper/MryDeviceHelper.java, line(s) 44,53 im/hgidlmcerj/ui/hviews/helper/MryDrawableHelper.java, line(s) 158 im/hgidlmcerj/ui/hviews/helper/MryNotchHelper.java, line(s) 48,64,67,368,370,372,45,61 im/hgidlmcerj/ui/hviews/page/PagerConfig.java, line(s) 43,37 im/hgidlmcerj/ui/hviews/page/PagerGridLayoutManager.java, line(s) 492,496,531,535 im/hgidlmcerj/ui/hviews/pop/BasePopup.java, line(s) 150,154 im/hgidlmcerj/ui/hviews/slidemenu/SwipeLayout.java, line(s) 801,806 im/hgidlmcerj/ui/hviews/swipelist/reservation/TopWrappedDividerItemDecoration.java, line(s) 28 im/hgidlmcerj/ui/load/animation/SpriteAnimatorBuilder.java, line(s) 146 im/hgidlmcerj/ui/newcall/NewCallActivity.java, line(s) 326 im/hgidlmcerj/ui/settings/CacheControlSettingActivity.java, line(s) 195 im/hgidlmcerj/ui/settings/NoticeAndSoundSettingActivity.java, line(s) 304,338,376,717,779,841 im/hgidlmcerj/ui/utils/AppUpdater.java, line(s) 86,148,161 im/hgidlmcerj/ui/utils/ChatActionBarHelper.java, line(s) 295 im/hgidlmcerj/ui/utils/DownloadUtils.java, line(s) 189,222 im/hgidlmcerj/ui/utils/QrCodeParseUtil.java, line(s) 290,305,351,371,468 im/hgidlmcerj/ui/utils/ThirdPartSdkInitUtil.java, line(s) 43,73,104,101 im/hgidlmcerj/ui/utils/number/MoneyUtil.java, line(s) 145 im/hgidlmcerj/ui/utils/picture/PictureUtil.java, line(s) 74 im/hgidlmcerj/ui/utils/translate/DecodeEngine.java, line(s) 118,122,138,145,173,177,271,293,301,319,327,382,386,421,449 im/hgidlmcerj/ui/utils/translate/ssrc/SSRC.java, line(s) 1364,62,280,281,282,283,284,285,286,287,288,289,290,291,292,293,294,295,296,297,298,299,300,301,329,333,336,2596,2610,2693,2758,2759,2760,2761,2778,2780,2782,2854,2996,3185,3189,3233,3327,3328,3329,3330,3344,3346,3348,3397,3403 im/hgidlmcerj/ui/utils/translate/utils/AudioFileUtils.java, line(s) 32,35,56,111,113,134,150 org/webrtc/ali/AliHardwareAudioEncoder.java, line(s) 116,129,178,70 org/webrtc/ali/USBAudioDevice.java, line(s) 67 org/webrtc/alirtcInterface/ALI_RTC_INTERFACE_IMPL.java, line(s) 401,692,712,718,733,739,1269,289,294,304,343,348,353,358,363,368,373,378,383,388,336 org/webrtc/alirtcInterface/SophonEngine.java, line(s) 275 org/webrtc/alirtcInterface/SophonEngineImpl.java, line(s) 83,151,253,278,287,297,352,364,461,470,480,540,702,100,103,105,141,228,330,84,123,142,331,441,445,1242 org/webrtc/audio/AppRTCAudioManager.java, line(s) 262,276,309,351,394,403,99,104,114,117,183,195,206,218,247,259,265,274,297,301,323,333,337,354,396,505,506,536,556,562 org/webrtc/audio/AppRTCBluetoothManager.java, line(s) 63,66,74,80,96,111,115,123,125,129,134,139,144,161,192,193,195,201,216,221,230,236,242,250,257,262,266,268,300,303,305,312,318,324,333,343,346,357,180,185,223,227,120,163,167,176,350 org/webrtc/audio/AppRTCProximitySensor.java, line(s) 27,34,44,72,75,82,127,62 org/webrtc/sdk/SophonSurfaceView.java, line(s) 58,68,77,34 org/webrtc/utils/AppRTCUtils.java, line(s) 21 org/webrtc/utils/CpuMonitor.java, line(s) 105,116,123,130,169,242,183,188,190,305,340,367,373,376,379 org/webrtc/utils/MemoryMonitor.java, line(s) 33,40,63,69 org/webrtc/utils/NetworkMonitor.java, line(s) 49,55 pub/devrel/easypermissions/EasyPermissions.java, line(s) 138,140,34 pub/devrel/easypermissions/helper/ActivityPermissionHelper.java, line(s) 38 pub/devrel/easypermissions/helper/BaseSupportPermissionsHelper.java, line(s) 22
信息 此应用程序将数据复制到剪贴板。敏感数据不应复制到剪贴板,因为其他应用程序可以访问它
此应用程序将数据复制到剪贴板。敏感数据不应复制到剪贴板,因为其他应用程序可以访问它 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x04b-Mobile-App-Security-Testing.md#clipboard Files: im/hgidlmcerj/messenger/AndroidUtilities.java, line(s) 10,1746 im/hgidlmcerj/ui/ChangeUsernameActivity.java, line(s) 4,84 im/hgidlmcerj/ui/ChannelCreateActivity.java, line(s) 8,772 im/hgidlmcerj/ui/ChatActivity.java, line(s) 10,17676 im/hgidlmcerj/ui/ChatEditTypeActivity.java, line(s) 4,447,461 im/hgidlmcerj/ui/GroupInviteActivity.java, line(s) 4,139 im/hgidlmcerj/ui/PhonebookShareActivity.java, line(s) 4,574,614 im/hgidlmcerj/ui/ProfileActivity.java, line(s) 5,1399,1424 im/hgidlmcerj/ui/StickersActivity.java, line(s) 4,427 im/hgidlmcerj/ui/ThemeSetUrlActivity.java, line(s) 4,98 im/hgidlmcerj/ui/components/EmbedBottomSheet.java, line(s) 9,822 im/hgidlmcerj/ui/components/ShareAlert.java, line(s) 8,947 im/hgidlmcerj/ui/dialogs/McShareDialog.java, line(s) 5,233 im/hgidlmcerj/ui/hui/chats/ProfileGroupActivity.java, line(s) 10,1641,1666 im/hgidlmcerj/ui/hui/discovery/QrScanResultActivity.java, line(s) 4,68 im/hgidlmcerj/ui/hui/packet/BillDetailsActivity.java, line(s) 4,997
信息 应用程序可以写入应用程序目录。敏感信息应加密
应用程序可以写入应用程序目录。敏感信息应加密 Files: com/alivc/rtc/device/core/persistent/TransactionXMLFile.java, line(s) 19
安全 此应用程序使用SSL Pinning 来检测或防止安全通信通道中的MITM攻击
此应用程序使用SSL Pinning 来检测或防止安全通信通道中的MITM攻击 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x05g-Testing-Network-Communication.md#testing-custom-certificate-stores-and-certificate-pinning-mstg-network-4 Files: com/bjz/comm/net/factory/ApiFactory.java, line(s) 50,50 com/bjz/comm/net/factory/ApiGameFactory.java, line(s) 48,48 com/bjz/comm/net/factory/ApiHuanHuiFactory.java, line(s) 41,41 com/bjz/comm/net/factory/ApiMPFactory.java, line(s) 46,46 com/bjz/comm/net/factory/ApiTranslateAudioFactory.java, line(s) 40,40 com/zhy/http/okhttp/https/HttpsUtils.java, line(s) 110,174,42,108,108,172,172
安全 此应用程序可能具有Root检测功能
此应用程序可能具有Root检测功能 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x05j-Testing-Resiliency-Against-Reverse-Engineering.md#testing-root-detection-mstg-resilience-1 Files: im/hgidlmcerj/ui/utils/SimulatorUtil.java, line(s) 19
关注 应用程序可能与位于OFAC制裁国家 (中国) 的服务器 (www.ntsc.ac.cn) 通信。
{'ip': '122.228.6.55', 'country_short': 'CN', 'country_long': '中国', 'region': '北京', 'city': '北京', 'latitude': '39.907501', 'longitude': '116.397102'}
关注 应用程序可能与位于OFAC制裁国家 (中国) 的服务器 (www.shareinstall.com.cn) 通信。
{'ip': '122.228.6.55', 'country_short': 'CN', 'country_long': '中国', 'region': '浙江', 'city': '温州', 'latitude': '27.999420', 'longitude': '120.666817'}
关注 应用程序可能与位于OFAC制裁国家 (中国) 的服务器 (m.bjz.com) 通信。
{'ip': '61.160.148.90', 'country_short': 'CN', 'country_long': '中国', 'region': '江苏', 'city': '台州', 'latitude': '32.492168', 'longitude': '119.910767'}
关注 应用程序可能与位于OFAC制裁国家 (中国) 的服务器 (attheme.org) 通信。
{'ip': '122.228.6.55', 'country_short': 'CN', 'country_long': '中国', 'region': '江苏', 'city': '台州', 'latitude': '32.492168', 'longitude': '119.910767'}
关注 应用程序可能与位于OFAC制裁国家 (中国) 的服务器 (wealthextend.huanhuit.com) 通信。
{'ip': '61.160.148.90', 'country_short': 'CN', 'country_long': '中国', 'region': '江苏', 'city': '台州', 'latitude': '32.492168', 'longitude': '119.910767'}
关注 应用程序可能与位于OFAC制裁国家 (中国) 的服务器 (www.smpte-ra.org) 通信。
{'ip': '122.228.6.55', 'country_short': 'CN', 'country_long': '中国', 'region': '江苏', 'city': '台州', 'latitude': '32.492168', 'longitude': '119.910767'}
关注 应用程序可能与位于OFAC制裁国家 (中国) 的服务器 (impyq.gz.bcebos.com) 通信。
{'ip': '121.228.183.252', 'country_short': 'CN', 'country_long': '中国', 'region': '江苏', 'city': '苏州', 'latitude': '31.311365', 'longitude': '120.617691'}
关注 应用程序可能与位于OFAC制裁国家 (中国) 的服务器 (www.taobao.com) 通信。
{'ip': '122.228.6.55', 'country_short': 'CN', 'country_long': '中国', 'region': '江苏', 'city': '台州', 'latitude': '32.492168', 'longitude': '119.910767'}
关注 应用程序可能与位于OFAC制裁国家 (中国) 的服务器 (www.163.com) 通信。
{'ip': '221.231.83.107', 'country_short': 'CN', 'country_long': '中国', 'region': '江苏', 'city': '盐城', 'latitude': '33.385559', 'longitude': '120.125282'}
关注 应用程序可能与位于OFAC制裁国家 (中国) 的服务器 (live.cailiao.im) 通信。
{'ip': '221.231.83.107', 'country_short': 'CN', 'country_long': '中国', 'region': '江苏', 'city': '台州', 'latitude': '32.492168', 'longitude': '119.910767'}
关注 应用程序可能与位于OFAC制裁国家 (中国) 的服务器 (game.cailiao.im) 通信。
{'ip': '61.160.148.90', 'country_short': 'CN', 'country_long': '中国', 'region': '江苏', 'city': '台州', 'latitude': '32.492168', 'longitude': '119.910767'}
关注 应用程序可能与位于OFAC制裁国家 (中国) 的服务器 (translations.lovechat323.com) 通信。
{'ip': '61.160.148.90', 'country_short': 'CN', 'country_long': '中国', 'region': '江苏', 'city': '台州', 'latitude': '32.492168', 'longitude': '119.910767'}
关注 应用程序可能与位于OFAC制裁国家 (中国) 的服务器 (lovechat323.com) 通信。
{'ip': '61.160.148.90', 'country_short': 'CN', 'country_long': '中国', 'region': '江苏', 'city': '台州', 'latitude': '32.492168', 'longitude': '119.910767'}
关注 应用程序可能与位于OFAC制裁国家 (中国) 的服务器 (www.alibaba.com) 通信。
{'ip': '203.119.238.27', 'country_short': 'CN', 'country_long': '中国', 'region': '浙江', 'city': '杭州', 'latitude': '30.293650', 'longitude': '120.161583'}
关注 应用程序可能与位于OFAC制裁国家 (中国) 的服务器 (game.bjz.com) 通信。
{'ip': '61.160.148.90', 'country_short': 'CN', 'country_long': '中国', 'region': '江苏', 'city': '台州', 'latitude': '32.492168', 'longitude': '119.910767'}