安全分析报告:
安全分数
安全分数 51/100
风险评级
等级
- A
- B
- C
- F
严重性分布 (%)
隐私风险
2
用户/设备跟踪器
调研结果
高危
1
中危
9
信息
1
安全
1
关注
0
高危 Firebase数据库未授权访问
位于 https://lojavnt-afbca-default-rtdb.firebaseio.com/.json 的 Firebase 数据库在没有任何身份验证的情况下暴露在互联网上。响应内容如下所示:
{
"Users": {
"7B6zDR5PnGQMv8zZSL53RCvaNKt1": {
"bio": "Developer",
"block": "false",
"chave_pix": "",
"color": "#C80261",
"cpf": "000.000.000-00",
"creditos": "187",
"despositivos": "1",
"deviceID": "AP3A.240905.015.A2",
"device_id": "8039f9388c56ab7e",
"device_name": "gale",
"downloads": "0",
"email": "krhian49@gmail.com",
"gemas": "0",
"ip_address": "138.122.54.251",
"last_seen": "21-mar.-2025 05:49:11 PM",
"likes": "0",
"medalhas": "0",
"name": "kaio",
"nome_completo": "Kaio dndjxjxj",
"presente": "1",
"profile": "",
"projects": "0",
"protect": "false",
"real": "0",
"registration_date": "21-mar.-2025 05:49:11 PM",
"role": "user",
"seguidores": "",
"senha": "kaio7e73737",
"sexo": "Genero",
"som": "Ativado",
"uid": "7B6zDR5PnGQMv8zZSL53RCvaNKt1",
"verified": "false",
"version": "1.0"
},
"DJao6mbU6GPELimMZiwHnBDYq7q1": {
"bio": "Developer",
"block": "false",
"bonus": " 99 + 157 Creditos de Registro",
"chave_pix": "",
"color": "#303F9F",
"cpf": "000.000.000-00",
"creditos": "256",
"creditos_comul": "0",
"data": "24/03/25 as 03:50:02 PM",
"despositivos": "1",
"deviceID": "TLAS33.105-285-7",
"device_id": "1524d6c4c95fe6c5",
"device_name": "sabahl",
"downloads": "0",
"email": "clararamonita6@gmail.com",
"gemas": "0",
"img_capa": "",
"ip_address": "201.20.112.176",
"last_seen": "24 mar. 2025 PM",
"likes": "0",
"medalhas": "0",
"meta": " ",
"name": "arthur",
"nome_completo": "Arthur Vinícius soterio de jesus ",
"presente": "1",
"profile": "",
"projects": "0",
"protect": "false",
"real": "0",
"registration_date": "24-mar.-2025 03:50:02 PM",
"role": "user",
"seguidores": "-1",
"senha": "arthur04",
"sexo": "Genero",
"som": "Desativado",
"uid": "-OM8UXnSklV7Gm1AgTij",
"usuario": "arthur",
"validade": "30 Dias",
"valores": "R$ 0,00",
"verified": "false",
"version": "1.0"
},
"Du2c92eq7vPa3rvpGxJHwtKpsTH3": {
"bio": "Developer",
"block": "false",
"chave_pix": "",
"color": "#607D8B",
"cpf": "000.000.000-00",
"creditos": "1021",
"despositivos": "1",
"deviceID": "UTLBS34.102-62-1",
"device_id": "39330355552c3d2b",
"device_name": "cancun",
"downloads": "0",
"email": "gabbrielvieirasilva08@gmail.com",
"gemas": "0",
"ip_address": "200.14.58.149",
"last_seen": "22 mar. 2025 PM",
"likes": "0",
"medalhas": "0",
"name": "gabbrielvieirasilva022",
"nome_completo": "Gabriel silva",
"online": "false",
"presente": "1",
"profile": "",
"projects": "0",
"protect": "false",
"real": "0",
"registration_date": "22-mar.-2025 08:25:21 PM",
"role": "user",
"seguidores": "0",
"senha": "bielx1ff",
"sexo": "Genero",
"som": "Desativado",
"uid": "Du2c92eq7vPa3rvpGxJHwtKpsTH3",
"verified": "false",
"version": "1.0"
},
"EYocajRUJ2QJ2qPqnuuUol75WUN2": {
"bio": "quero meu money para comprar picanha",
"block": "false",
"chave_pix": "12345678",
"color": "#FFC107",
"cpf": "000.000.000-00",
"creditos": "1483",
"despositivos": "1",
"deviceID": "PPR1.180610.011",
"device_id": "a711ccc96cb1093f",
"device_name": "Galaxy J4+",
"downloads": "0",
"email": "mariacrist221968@gmail.com",
"gemas": "0",
"ip_address": "45.238.113.249",
"last_seen": "29 mar 2025 PM",
"likes": "0",
"medalhas": "2",
"name": "brenda",
"nome_completo": "brenda Ellen Santos silva",
"online": "false",
"presente": "0",
"profile": "https://firebasestorage.googleapis.com/v0/b/lojavnt-afbca.appspot.com/o/profiles%2FEYocajRUJ2QJ2qPqnuuUol75WUN2.jpg?alt=media&token=8afa047a-cdc3-4f96-9ddb-877bf295df0d",
"projects": "0",
"protect": "false",
"real": "0",
"registration_date": "23-mar-2025 11:26:06 AM",
"role": "user",
"seguidores": "0",
"senha": "brenda123",
"sexo": "Feminino",
"som": "Desativado",
"uid": "EYocajRUJ2QJ2qPqnuuUol75WUN2",
"verified": "false",
"version": "1.0"
},
"L5M4JRSvb6R2cOs3Bnrmcmv46qu2": {
"bio": "Developer",
"block": "false",
"chave_pix": "",
"color": "#FFC107",
"cpf": "000.000.000-00",
"creditos": "397",
"despositivos": "1",
"deviceID": "UOA34.216-174-6",
"device_id": "68859eddcbb22783",
"device_name": "manila",
"downloads": "0",
"email": "kelvyslucas239@gmail.com",
"gemas": "0",
"ip_address": "138.255.151.189",
"last_seen": "21-mar.-2025 04:17:57 PM",
"likes": "0",
"medalhas": "0",
"name": "kelvys",
"nome_completo": "kelvys Barbosa Lucas ",
"presente": "1",
"profile": "",
"projects": "0",
"protect": "false",
"real": "0,00",
"registration_date": "21-mar.-2025 04:17:57 PM",
"role": "user",
"seguidores": "",
"senha": "kelvys123",
"sexo": "Genero",
"som": "Ativado",
"uid": "L5M4JRSvb6R2cOs3Bnrmcmv46qu2",
"verified": "false",
"version": "1.0"
},
"LoBm2wAGDpb0Ex9kwpbSYL9H7nv1": {
"bio": "Developer",
"block": "false",
"chave_pix": "",
"color": "#303F9F",
"cpf": "000.000.000-00",
"creditos": "1869",
"despositivos": "1",
"deviceID": "ULA34.89-179",
"device_id": "cf7fd4d5b572ad72",
"device_name": "lion",
"downloads": "0",
"email": "pjr123454@gmail.com",
"gemas": "0",
"ip_address": "177.126.222.57",
"last_seen": "27-mar.-2025 11:22:21 PM",
"likes": "0",
"medalhas": "0",
"name": "pedrij",
"nome_completo": "Pedro Pereira Virgolino Júnior ",
"presente": "1",
"profile": "",
"projects": "0",
"protect": "false",
"real": "0",
"registration_date": "27-mar.-2025 11:22:21 PM",
"role": "user",
"seguidores": "0",
"senha": "123454pp",
"sexo": "Genero",
"som": "Desativado",
"uid": "LoBm2wAGDpb0Ex9kwpbSYL9H7nv1",
"verified": "false",
"version": "1.0"
},
"RYMNf4x7obUgoFdkRhrOAU7XJAN2": {
"bio": "Eu por eu mesma!!",
"block": "false",
"chave_pix": "pamelabrito2222@gmail.com",
"color": "#2196F3",
"cpf": "07370682307",
"creditos": "8530",
"despositivos": "1",
"deviceID": "SP1A.210812.016",
"device_id": "f2e1958897f61d08",
"device_name": "Galaxy J4 Core",
"downloads": "0",
"email": "pamelabrito2222@gmail.com",
"gemas": "0",
"ip_address": "187.18.136.109",
"last_seen": "15 mar. 2025 PM",
"likes": "0",
"medalhas": "100",
"name": "Peppa",
"nome_completo": "Pamela Brito Pereira",
"online": "false",
"presente": "1",
"profile": "https://firebasestorage.googleapis.com/v0/b/lojavnt-afbca.appspot.com/o/profiles%2FRYMNf4x7obUgoFdkRhrOAU7XJAN2.jpg?alt=media&token=d5ecfe93-6304-47ec-80ae-838cd13aa937",
"projects": "0",
"protect": "false",
"real": "0",
"registration_date": "08-mar.-2025 12:03:33 AM",
"role": "user",
"seguidores": 0,
"senha": "Anacelia22",
"sexo": "feminino",
"som": "Desativado",
"uid": "RYMNf4x7obUgoFdkRhrOAU7XJAN2",
"verified": "false",
"version": "1.0"
},
"ZVdoSP46UUU39eApZ1T06kIdcSj2": {
"bio": "Só sei que nada sei es a questão",
"block": "false",
"chave_pix": "05366230314",
"color": "#607D8B",
"cpf": "000.000.000",
"creditos": "40",
"despositivos": "1",
"deviceID": "M1AJB",
"device_id": "f2e1958897f61d08",
"device_name": "Galaxy J4 Core",
"downloads": "0",
"email": "actionfreefire4@gmail.com",
"gemas": "0",
"ip_address": "187.18.136.109",
"last_seen": "25 mar 2025 PM",
"likes": "0",
"medalhas": "16",
"name": "Marcos",
"nome_completo": "Marcos da silva",
"online": "false",
"presente": "0",
"profile": "https://firebasestorage.googleapis.com/v0/b/lojavnt-afbca.appspot.com/o/profiles%2FZVdoSP46UUU39eApZ1T06kIdcSj2.jpg?alt=media&token=b67842aa-cce0-4b1d-81df-89adc586fabc",
"projects": "0",
"protect": "yes",
"real": "1",
"registration_date": "05-mar-2025 11:50:13 PM",
"role": "user",
"seguidores": "-1",
"senha": "admin123",
"sexo": "masculino",
"som": "Desativado",
"uid": "ZVdoSP46UUU39eApZ1T06kIdcSj2",
"verified": "false",
"version": "1.0"
},
"kE9W90d4FkTL8S60BHiLE4CeS8F3": {
"bio": "Developer",
"block": "false",
"chave_pix": "",
"color": "#00FE5E",
"cpf": "000.000.000-00",
"creditos": "217",
"despositivos": "1",
"deviceID": "TLAS33.105-285-6",
"device_id": "ff93df698bb02918",
"device_name": "sabahl",
"downloads": "0",
"email": "thiagothiagunho03@gmail.com",
"gemas": "0",
"ip_address": "177.221.241.78",
"last_seen": "17 mar. 2025 PM",
"likes": "0",
"medalhas": "2",
"name": "Lucas",
"nome_completo": "Lucas Eduardo sena de oliveira",
"online": "false",
"presente": "1",
"profile": "",
"projects": "0",
"protect": "false",
"real": "0",
"registration_date": "09-mar.-2025 01:01:07 PM",
"role": "user",
"seguidores": 0,
"senha": "lucas123@@@@",
"sexo": "Genero",
"som": "Desativado",
"uid": "kE9W90d4FkTL8S60BHiLE4CeS8F3",
"verified": "false",
"version": "1.0"
},
"kMEIwGmftraSYwFaXiuQBAhJXLL2": {
"bio": "Developer",
"block": "false",
"chave_pix": "",
"color": "#303F9F",
"cpf": "000.000.000-00",
"creditos": "127",
"creditos_comul": "0",
"despositivos": "1",
"deviceID": "RONS31.267-94-14",
"device_id": "39b9a6948922e20e",
"device_name": "",
"downloads": "0",
"email": "evitorino054@gmail.com",
"gemas": "0",
"img_capa": "",
"ip_address": "45.174.18.51",
"last_seen": "10-mar.-2025 08:56:13 PM",
"likes": "0",
"medalhas": "0",
"meta": " ",
"name": "Edson",
"nome_completo": "Edson Maurício lima da silva",
"presente": "1",
"profile": "",
"projects": "0",
"protect": "false",
"real": "0",
"registration_date": "10-mar.-2025 08:56:13 PM",
"role": "user",
"seguidores": "",
"senha": "edinho244",
"sexo": "Genero",
"som": "Desativado",
"uid": "-OL1UOP-F9axq2dgbFDj",
"usuario": "Edson",
"verified": "false",
"version": "1.0"
},
"nbfBWF5rNMYTpm5UAKpMLJavtTJ2": {
"bio": "Developer",
"block": "false",
"chave_pix": "",
"color": "#000000",
"cpf": "000.000.000-00",
"creditos": "153",
"despositivos": "1",
"deviceID": "U1TCS34.22-64-19-4-3",
"device_id": "1bf9a95f3f14504c",
"device_name": "bangkk",
"downloads": "0",
"email": "nicolaspsold28@gmail.com",
"gemas": "0",
"ip_address": "170.78.197.184",
"last_seen": "23 mar. 2025 PM",
"likes": "0",
"medalhas": "1",
"name": "Nicolas",
"nome_completo": "Nicolas pasold ",
"online": "false",
"presente": "1",
"profile": "",
"projects": "0",
"protect": "false",
"real": "0",
"registration_date": "23-mar.-2025 02:47:41 PM",
"role": "user",
"seguidores": "-1",
"senha": "NICOLASDAVK",
"sexo": "Genero",
"som": "Desativado",
"uid": "nbfBWF5rNMYTpm5UAKpMLJavtTJ2",
"verified": "false",
"version": "1.0"
},
"q3Sb6mEsy4axQTDcKlK3NRdxL442": {
"bio": "Developer",
"block": "false",
"chave_pix": "05366230314",
"color": "#E91E63",
"cpf": "000.000.000-00",
"creditos": "67",
"despositivos": "1",
"deviceID": "S2RI32.32-20-9-9-2",
"device_id": "26d64d9ebb73b752",
"device_name": "moto g(60)",
"downloads": "0",
"email": "movixpronix@gmail.com",
"gemas": "0",
"ip_address": "187.18.136.109",
"last_seen": "03 abr. 2025 AM",
"likes": "0",
"medalhas": "4",
"name": "Admin",
"nome_completo": "Francisco Anderson dos Santos",
"online": "false",
"presente": "0",
"profile": "https://firebasestorage.googleapis.com/v0/b/lojavnt-afbca.appspot.com/o/profiles%2Fq3Sb6mEsy4axQTDcKlK3NRdxL442.jpg?alt=media&token=0e78cce0-652d-41b4-9541-864ec0a93f36",
"projects": "0",
"protect": "false",
"real": "5",
"registration_date": "22-mar.-2025 03:23:34 AM",
"role": "user",
"seguidores": "-1",
"senha": "admin123",
"sexo": "Masculino",
"som": "Desativado",
"uid": "q3Sb6mEsy4axQTDcKlK3NRdxL442",
"verified": "true",
"version": "1.0"
},
"s5m8XkClt4TEDGyFex62fm5AnKE3": {
"bio": "Developer",
"block": "false",
"chave_pix": "",
"color": "#7B1FA2",
"cpf": "000.000.000-00",
"creditos": "113",
"despositivos": "1",
"deviceID": "UP1A.231005.007",
"device_id": "353e43a05c2e5862",
"device_name": "RE6054",
"downloads": "0",
"email": "luandersonoliveiradossantos@gmail.com",
"gemas": "0",
"ip_address": "177.70.172.218",
"last_seen": "11 mar. 2025 PM",
"likes": "0",
"medalhas": "0",
"name": "luan",
"nome_completo": "Luanderson de oliveira santos ",
"online": "false",
"presente": "1",
"profile": "",
"projects": "0",
"protect": "false",
"real": "0",
"registration_date": "11-mar.-2025 07:26:40 PM",
"role": "user",
"seguidores": "",
"senha": "25092009",
"sexo": "Genero",
"som": "Desativado",
"uid": "s5m8XkClt4TEDGyFex62fm5AnKE3",
"verified": "false",
"version": "1.0"
},
"ste0qucO89eIyNVyIhZAtVf2fWU2": {
"bio": "Developer",
"block": "false",
"chave_pix": "",
"color": "#E91E63",
"cpf": "000.000.000-00",
"creditos": "202",
"despositivos": "1",
"deviceID": "UKQ1.230917.001",
"device_id": "a83ce6fad7a1bdf0",
"device_name": "tapas",
"downloads": "0",
"email": "kd928383@gmail.com",
"gemas": "0",
"ip_address": "45.184.9.138",
"last_seen": "10-mar.-2025 11:48:36 AM",
"likes": "0",
"medalhas": "0",
"name": "ITALO",
"nome_completo": "ITALO MATHEUS BEZERRA SOARES ",
"online": "false",
"presente": "1",
"profile": "",
"projects": "0",
"protect": "false",
"real": "0",
"registration_date": "10-mar.-2025 11:48:36 AM",
"role": "user",
"seguidores": "",
"senha": "19102012",
"sexo": "Genero",
"som": "Desativado",
"uid": "ste0qucO89eIyNVyIhZAtVf2fWU2",
"verified": "false",
"version": "1.0"
},
"zQ3vBwFG0rQytpB3WNDiVlBb1Ru1": {
"bio": "Developer",
"block": "false",
"chave_pix": "",
"color": "#795548",
"cpf": "000.000.000-00",
"creditos": "86",
"despositivos": "1",
"deviceID": "TKQ1.221114.001",
"device_id": "04ce700b962f0ad4",
"device_name": "POCO X4 Pro 5G",
"downloads": "0",
"email": "vicklouzeironunes@gmail.com",
"gemas": "0",
"ip_address": "45.189.17.64",
"last_seen": "16-mar.-2025 10:21:30 PM",
"likes": "0",
"medalhas": "0",
"name": "Victor",
"nome_completo": "Victor Roman Louzeiro Nunes ",
"presente": "1",
"profile": "",
"projects": "0",
"protect": "false",
"real": "0",
"registration_date": "16-mar.-2025 10:21:30 PM",
"role": "user",
"seguidores": "",
"senha": "Spooky7111",
"sexo": "Genero",
"som": "Desativado",
"uid": "zQ3vBwFG0rQytpB3WNDiVlBb1Ru1",
"verified": "false",
"version": "1.0"
}
},
"dbNotas": {
"-OLqXuJ-welBDmiBMv9F": {
"Uid": "QNMF5YexV6WtnfP7NzSgVqryz612",
"caixaNota": "Codiguin: CB5KJSH-(8HGSSG",
"data": "20/03/2025"
}
},
"other": {
"maintenance": {
"-OLmJGvLjIr7nyv3xLNO": {
"data": "20/03/25",
"hora": "04:50:13 AM",
"mensagem": "Para o Suporte:\ngostaria de contratar o verificado",
"resposta": "( Estamos Analizando seu pedido ) ",
"status": "Pendente...",
"titulo": "SOLICITAR O VERIFICADO ( Marcos ) "
}
}
},
"resgates": {
"-OLwWfzKmvBHJ7XYb9C3": {
"bonus": " 99 + 1112 Creditos de Registro",
"creditos_comul": "0",
"data": "22/03/25 as 03:23:34 AM",
"img_capa": "",
"likes": "0",
"meta": " ",
"uid": "-OLwWfzKmvBHJ7XYb9C3",
"usuario": "Admin",
"validade": "30 Dias",
"valores": "R$ 0,00"
},
"-OM-AMYxZE3W4EFsGqE-": {
"bonus": " 99 + 957 Creditos de Registro",
"creditos_comul": "0",
"data": "22/03/25 as 08:25:21 PM",
"img_capa": "",
"likes": "0",
"meta": " ",
"uid": "-OM-AMYxZE3W4EFsGqE-",
"usuario": "gabbrielvieirasilva022",
"validade": "30 Dias",
"valores": "R$ 0,00"
},
"-OM2PZtsLPFfaNs26KaZ": {
"bonus": " 99 + 1349 Creditos de Registro",
"creditos_comul": "0",
"data": "23/03/25 as 11:26:06 AM",
"img_capa": "",
"likes": "0",
"meta": " ",
"uid": "-OM2PZtsLPFfaNs26KaZ",
"usuario": "brenda",
"validade": "30 Dias",
"valores": "R$ 0,00"
},
"-OM2RBCe8WN5iNCJd5hi": {
"bonus": " 15 + 35 Creditos extras diário 🥳",
"creditos_comul": "1448",
"data": "23/03/25 as 11:37:18 AM",
"img_capa": "https://firebasestorage.googleapis.com/v0/b/lojavnt-afbca.appspot.com/o/profiles%2FEYocajRUJ2QJ2qPqnuuUol75WUN2.jpg?alt=media&token=8afa047a-cdc3-4f96-9ddb-877bf295df0d",
"likes": "0",
"meta": " ",
"uid": "-OM2RBCe8WN5iNCJd5hi",
"usuario": "brenda",
"validade": "30 Dias",
"valores": "R$ 0,00"
},
"-OM36cRTH4nun3U4h4Fu": {
"bonus": " 99 + 42 Creditos de Registro",
"creditos_comul": "0",
"data": "23/03/25 as 02:47:41 PM",
"img_capa": "",
"likes": "0",
"meta": " ",
"uid": "-OM36cRTH4nun3U4h4Fu",
"usuario": "Nicolas",
"validade": "30 Dias",
"valores": "R$ 0,00"
},
"-OM37CqRUThDK-RGxakd": {
"bonus": " 15 + 11 Creditos extras diário 🥳",
"creditos_comul": "139",
"data": "23/03/25 as 02:49:31 PM",
"img_capa": "",
"likes": "0",
"meta": " ",
"uid": "-OM37CqRUThDK-RGxakd",
"usuario": "Nicolas",
"validade": "30 Dias",
"valores": "R$ 0,00"
},
"-OM3m75H3jfwqaeyhKxN": {
"bonus": " 35 + 52 Creditos extras diário 🥳",
"creditos_comul": "30",
"data": "23/03/25 as 05:53:29 PM",
"img_capa": "https://firebasestorage.googleapis.com/v0/b/lojavnt-afbca.appspot.com/o/profiles%2Fq3Sb6mEsy4axQTDcKlK3NRdxL442.jpg?alt=media&token=0e78cce0-652d-41b4-9541-864ec0a93f36",
"likes": "0",
"meta": " 🅥 Verificado",
"uid": "-OM3m75H3jfwqaeyhKxN",
"usuario": "Admin",
"validade": "30 Dias",
"valores": "R$ 0,00"
},
"-OM4_LCYtdArWVOehJyG": {
"bonus": " 35 + 32 Creditos extras diário 🥳",
"creditos_comul": "2",
"data": "23/03/25 as 09:37:18 PM",
"img_capa": "https://firebasestorage.googleapis.com/v0/b/lojavnt-afbca.appspot.com/o/profiles%2Fq3Sb6mEsy4axQTDcKlK3NRdxL442.jpg?alt=media&token=0e78cce0-652d-41b4-9541-864ec0a93f36",
"likes": "0",
"meta": " 🅥 Verificado",
"uid": "-OM4_LCYtdArWVOehJyG",
"usuario": "Admin",
"validade": "30 Dias",
"valores": "R$ 0,00"
},
"-OM8UXnSklV7Gm1AgTij": {
"bonus": " 99 + 157 Creditos de Registro",
"creditos_comul": "0",
"data": "24/03/25 as 03:50:02 PM",
"img_capa": "",
"likes": "0",
"meta": " ",
"uid": "-OM8UXnSklV7Gm1AgTij",
"usuario": "arthur",
"validade": "30 Dias",
"valores": "R$ 0,00"
},
"-OMCds7JsduBNrGuNEVa": {
"bonus": " 35 + 55 Creditos extras diário 🥳",
"creditos_comul": "1",
"data": "25/03/25 as 11:13:59 AM",
"img_capa": "https://firebasestorage.googleapis.com/v0/b/lojavnt-afbca.appspot.com/o/profiles%2Fq3Sb6mEsy4axQTDcKlK3NRdxL442.jpg?alt=media&token=0e78cce0-652d-41b4-9541-864ec0a93f36",
"likes": "0",
"meta": " 🅥 Verificado",
"uid": "-OMCds7JsduBNrGuNEVa",
"usuario": "Admin",
"validade": "30 Dias",
"valores": "R$ 0,00"
},
"-OMENEL2s6s4vpfCrE8L": {
"bonus": " 15 + 15 Creditos extras diário 🥳",
"creditos_comul": "0",
"data": "25/03/25 as 08:15:33 PM",
"img_capa": "https://firebasestorage.googleapis.com/v0/b/lojavnt-afbca.appspot.com/o/profiles%2FZVdoSP46UUU39eApZ1T06kIdcSj2.jpg?alt=media&token=b67842aa-cce0-4b1d-81df-89adc586fabc",
"likes": "0",
"meta": " ",
"uid": "-OMENEL2s6s4vpfCrE8L",
"usuario": "Marcos",
"validade": "30 Dias",
"valores": "R$ 0,00"
},
"-OMPYtIKBSTu63b6tSVF": {
"bonus": " 99 + 1770 Creditos de Registro",
"creditos_comul": "0",
"data": "27/03/25 as 11:22:21 PM",
"img_capa": "",
"likes": "0",
"meta": " ",
"uid": "-OMPYtIKBSTu63b6tSVF",
"usuario": "pedrij",
"validade": "30 Dias",
"valores": "R$ 0,00"
},
"-OMYWTkWuHKYR4LN6poC": {
"bonus": " 15 + 1 Creditos extras diário 🥳",
"creditos_comul": "1457",
"data": "29/03/25 as 05:08:11 PM",
"img_capa": "https://firebasestorage.googleapis.com/v0/b/lojavnt-afbca.appspot.com/o/profiles%2FEYocajRUJ2QJ2qPqnuuUol75WUN2.jpg?alt=media&token=8afa047a-cdc3-4f96-9ddb-877bf295df0d",
"likes": "0",
"meta": " ",
"uid": "-OMYWTkWuHKYR4LN6poC",
"usuario": "brenda",
"validade": "30 Dias",
"valores": "R$ 0,00"
}
},
"social": {
"users": {
"-OKvsfnVqlpPrVp2v_uX": {
"account_type": "free",
"age": "85998300259",
"avatar": "https://firebasestorage.googleapis.com/v0/b/lojavnt-afbca.appspot.com/o/profile%2Fimages%2Fbc6f66ac2b34bb05a85698b257831089.jpg?alt=media&token=05b1d121-11ce-453b-899d-00130ded04d8",
"bio": "sou muito legal",
"blocked": "false",
"country": "Brazil",
"email": "livermaster01@gmail.com",
"followers": "0",
"following": "0",
"gender": "Male",
"join_date": "09 mar 2025 | 15:10",
"key": "-OKvsfnVqlpPrVp2v_uX",
"online": "false",
"privacy_stage1": "gone",
"uid": "whwyEVlTeWV6F2tN0RmmTeM9Y7z2",
"username": "santos",
"verify": "false"
}
}
}
}
中危 应用程序已启用明文网络流量
[android:usesCleartextTraffic=true] 应用程序打算使用明文网络流量,例如明文HTTP,FTP协议,DownloadManager和MediaPlayer。针对API级别27或更低的应用程序,默认值为“true”。针对API级别28或更高的应用程序,默认值为“false”。避免使用明文流量的主要原因是缺乏机密性,真实性和防篡改保护;网络攻击者可以窃听传输的数据,并且可以在不被检测到的情况下修改它。
中危 应用程序数据可以被备份
[android:allowBackup=true] 这个标志允许任何人通过adb备份你的应用程序数据。它允许已经启用了USB调试的用户从设备上复制应用程序数据。
中危 Broadcast Receiver (com.google.firebase.iid.FirebaseInstanceIdReceiver) 受权限保护, 但是应该检查权限的保护级别。
Permission: com.google.android.c2dm.permission.SEND [android:exported=true] 发现一个 Broadcast Receiver被共享给了设备上的其他应用程序,因此让它可以被设备上的任何其他应用程序访问。它受到一个在分析的应用程序中没有定义的权限的保护。因此,应该在定义它的地方检查权限的保护级别。如果它被设置为普通或危险,一个恶意应用程序可以请求并获得这个权限,并与该组件交互。如果它被设置为签名,只有使用相同证书签名的应用程序才能获得这个权限。
中危 应用程序使用不安全的随机数生成器
应用程序使用不安全的随机数生成器 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x04g-Testing-Cryptography.md#weak-random-number-generators Files: com/sky/admin/AccountActivity.java, line(s) 59 com/sky/admin/CategoryActivity.java, line(s) 43 com/sky/admin/CodeViewActivity.java, line(s) 40 com/sky/admin/CodesActivity.java, line(s) 52 com/sky/admin/CommentsActivity.java, line(s) 55 com/sky/admin/HistoricosActivity.java, line(s) 48 com/sky/admin/HomeActivity.java, line(s) 78 com/sky/admin/ImagesActivity.java, line(s) 21 com/sky/admin/LoginActivity.java, line(s) 57 com/sky/admin/MainActivity.java, line(s) 48 com/sky/admin/MaintenancActivity.java, line(s) 50 com/sky/admin/NotificationActivity.java, line(s) 48 com/sky/admin/NotificationsActivity.java, line(s) 47 com/sky/admin/ProfileEditActivity.java, line(s) 63 com/sky/admin/ProjectViewActivity.java, line(s) 67 com/sky/admin/SearchActivity.java, line(s) 44 com/sky/admin/SketchwareUtil.java, line(s) 28 com/sky/admin/SketchyUserVerifiedActivity.java, line(s) 44 com/sky/admin/SuggestionActivity.java, line(s) 42 com/sky/admin/TutorialActivity.java, line(s) 45 com/sky/admin/UsersActivity.java, line(s) 44 com/sky/admin/UsersDetailsActivity.java, line(s) 55 com/sky/admin/ViewAllActivity.java, line(s) 43
中危 文件可能包含硬编码的敏感信息,如用户名、密码、密钥等
文件可能包含硬编码的敏感信息,如用户名、密码、密钥等 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x05d-Testing-Data-Storage.md#checking-memory-for-sensitive-data-mstg-storage-10 Files: com/sky/admin/CategoryActivity.java, line(s) 148 com/sky/admin/HomeActivity.java, line(s) 1958,1966 com/sky/admin/NotificationsActivity.java, line(s) 155 com/sky/admin/TutorialActivity.java, line(s) 280
中危 向Firebase上传文件
向Firebase上传文件 Files: com/sky/admin/ProfileEditActivity.java, line(s) 492,56
中危 应用程序可以读取/写入外部存储器,任何应用程序都可以读取写入外部存储器的数据
应用程序可以读取/写入外部存储器,任何应用程序都可以读取写入外部存储器的数据 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x05d-Testing-Data-Storage.md#external-storage Files: com/sky/admin/FileUtil.java, line(s) 244,569,240,248,258
中危 应用程序包含隐私跟踪程序
此应用程序有多个2隐私跟踪程序。跟踪器可以跟踪设备或用户,是终端用户的隐私问题。
中危 此应用可能包含硬编码机密信息
从应用程序中识别出以下机密确保这些不是机密或私人信息 "firebase_database_url" : "https://lojavnt-afbca-default-rtdb.firebaseio.com" "google_api_key" : "AIzaSyBpW521n1O-Yo1EVSpRtXO9qcfuNt3k8Tg" "google_app_id" : "1:908479114540:android:974e46002448e442f0d089" cid=6c09b952bt4a66iggy12ft2tuys0p1kd2oufuo86wot7lpxp
信息 此应用程序将数据复制到剪贴板。敏感数据不应复制到剪贴板,因为其他应用程序可以访问它
此应用程序将数据复制到剪贴板。敏感数据不应复制到剪贴板,因为其他应用程序可以访问它 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x04b-Mobile-App-Security-Testing.md#clipboard Files: com/sky/admin/CodeViewActivity.java, line(s) 4,124 com/sky/admin/CommentsActivity.java, line(s) 6,829 com/sky/admin/SuggestionActivity.java, line(s) 5,88,249 com/sky/admin/UsersDetailsActivity.java, line(s) 9,225,235,245,255,265
安全 Firebase远程配置已禁用
Firebase远程配置URL ( https://firebaseremoteconfig.googleapis.com/v1/projects/908479114540/namespaces/firebase:fetch?key=AIzaSyBpW521n1O-Yo1EVSpRtXO9qcfuNt3k8Tg ) 已禁用。响应内容如下所示:
{
"state": "NO_TEMPLATE"
}