移动应用安全检测报告:
安全基线评分
安全基线评分 40/100
综合风险等级
风险等级评定
- A
- B
- C
- F
漏洞与安全项分布(%)
隐私风险
3
检测到的第三方跟踪器数量
检测结果分布
高危安全漏洞
16
中危安全漏洞
44
安全提示信息
4
已通过安全项
3
重点安全关注
4
高危安全漏洞 基本配置不安全地配置为允许到所有域的明文流量。
Scope: *
高危安全漏洞 程序可被任意调试
[android:debuggable=true] 应用可调试标签被开启,这使得逆向工程师更容易将调试器挂接到应用程序上。这允许导出堆栈跟踪和访问调试助手类。
高危安全漏洞 App 链接 assetlinks.json 文件未找到
[android:name=im.rightkinghts.ui.LaunchActivity][android:host=http://m12345.cc] App Link 资产验证 URL (http://m12345.cc/.well-known/assetlinks.json) 未找到或配置不正确。(状态代码:None)。应用程序链接允许用户从 Web URL/电子邮件重定向到移动应用程序。如果此文件丢失或为 App Link 主机/域配置不正确,则恶意应用程序可以劫持此类 URL。这可能会导致网络钓鱼攻击,泄露 URI 中的敏感数据,例如 PII、OAuth 令牌、魔术链接/密码重置令牌等。您必须通过托管 assetlinks.json 文件并通过 Activity intent-filter 中的 [android:autoVerify=“true”] 启用验证来验证 App Link 网域。
高危安全漏洞 App 链接 assetlinks.json 文件未找到
[android:name=im.rightkinghts.ui.LaunchActivity][android:host=https://m12345.cc] App Link 资产验证 URL (https://m12345.cc/.well-known/assetlinks.json) 未找到或配置不正确。(状态代码:None)。应用程序链接允许用户从 Web URL/电子邮件重定向到移动应用程序。如果此文件丢失或为 App Link 主机/域配置不正确,则恶意应用程序可以劫持此类 URL。这可能会导致网络钓鱼攻击,泄露 URI 中的敏感数据,例如 PII、OAuth 令牌、魔术链接/密码重置令牌等。您必须通过托管 assetlinks.json 文件并通过 Activity intent-filter 中的 [android:autoVerify=“true”] 启用验证来验证 App Link 网域。
高危安全漏洞 Activity (im.rightkinghts.ui.IntroActivity) 的启动模式不是standard模式
Activity 不应将启动模式属性设置为 "singleTask/singleInstance",因为这会使其成为根 Activity,并可能导致其他应用程序读取调用 Intent 的内容。因此,当 Intent 包含敏感信息时,需要使用 "standard" 启动模式属性。
高危安全漏洞 Activity (im.rightkinghts.messenger.OpenChatReceiver) 容易受到StrandHogg 2.0的攻击
已发现活动存在 StrandHogg 2.0 栈劫持漏洞的风险。漏洞利用时,其他应用程序可以将恶意活动放置在易受攻击的应用程序的活动栈顶部,从而使应用程序成为网络钓鱼攻击的易受攻击目标。可以通过将启动模式属性设置为“singleInstance”并设置空 taskAffinity (taskAffinity="") 来修复此漏洞。您还可以将应用的目标 SDK 版本 (28) 更新到 29 或更高版本以在平台级别修复此问题。
高危安全漏洞 Activity (im.rightkinghts.ui.hui.visualcall.VisualCallActivity) 的启动模式不是standard模式
Activity 不应将启动模式属性设置为 "singleTask/singleInstance",因为这会使其成为根 Activity,并可能导致其他应用程序读取调用 Intent 的内容。因此,当 Intent 包含敏感信息时,需要使用 "standard" 启动模式属性。
高危安全漏洞 Activity (im.rightkinghts.ui.hui.visualcall.VisualCallReceiveActivity) 的启动模式不是standard模式
Activity 不应将启动模式属性设置为 "singleTask/singleInstance",因为这会使其成为根 Activity,并可能导致其他应用程序读取调用 Intent 的内容。因此,当 Intent 包含敏感信息时,需要使用 "standard" 启动模式属性。
高危安全漏洞 Activity (im.rightkinghts.ui.PopupNotificationActivity) 的启动模式不是standard模式
Activity 不应将启动模式属性设置为 "singleTask/singleInstance",因为这会使其成为根 Activity,并可能导致其他应用程序读取调用 Intent 的内容。因此,当 Intent 包含敏感信息时,需要使用 "standard" 启动模式属性。
高危安全漏洞 Activity (im.rightkinghts.keepalive.OnePxActivity) 的启动模式不是standard模式
Activity 不应将启动模式属性设置为 "singleTask/singleInstance",因为这会使其成为根 Activity,并可能导致其他应用程序读取调用 Intent 的内容。因此,当 Intent 包含敏感信息时,需要使用 "standard" 启动模式属性。
高危安全漏洞 Activity (com.bjz.comm.net.premission.PermissionActivity) 的启动模式不是standard模式
Activity 不应将启动模式属性设置为 "singleTask/singleInstance",因为这会使其成为根 Activity,并可能导致其他应用程序读取调用 Intent 的内容。因此,当 Intent 包含敏感信息时,需要使用 "standard" 启动模式属性。
高危安全漏洞 如果一个应用程序使用WebView.loadDataWithBaseURL方法来加载一个网页到WebView,那么这个应用程序可能会遭受跨站脚本攻击
如果一个应用程序使用WebView.loadDataWithBaseURL方法来加载一个网页到WebView,那么这个应用程序可能会遭受跨站脚本攻击 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x05h-Testing-Platform-Interaction.md#static-analysis-7 Files: im/rightkinghts/ui/ArticleViewer.java, line(s) 7338,61,62 im/rightkinghts/ui/components/EmbedBottomSheet.java, line(s) 688,33,34
高危安全漏洞 应用程序使用带PKCS5/PKCS7填充的加密模式CBC。此配置容易受到填充oracle攻击。
应用程序使用带PKCS5/PKCS7填充的加密模式CBC。此配置容易受到填充oracle攻击。 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x04g-Testing-Cryptography.md#identifying-insecure-andor-deprecated-cryptographic-algorithms-mstg-crypto-4 Files: com/alivc/rtc/device/utils/AESUtils.java, line(s) 39,46 im/rightkinghts/ui/hui/friendscircle/okhttphelper/AESHelper.java, line(s) 50 im/rightkinghts/ui/utils/AesUtils.java, line(s) 27,49,58 im/rightkinghts/ui/utils/ChiperUtils.java, line(s) 51,73,82
高危安全漏洞 启用了调试配置。生产版本不能是可调试的
启用了调试配置。生产版本不能是可调试的 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x04c-Tampering-and-Reverse-Engineering.md#debugging-and-tracing Files: com/bjz/comm/net/BuildConfig.java, line(s) 3,8 com/litesuits/orm/BuildConfig.java, line(s) 3,4 com/serenegiant/uvccamera/BuildConfig.java, line(s) 3,6
高危安全漏洞 SSL的不安全实现。信任所有证书或接受自签名证书是一个关键的安全漏洞。此应用程序易受MITM攻击
SSL的不安全实现。信任所有证书或接受自签名证书是一个关键的安全漏洞。此应用程序易受MITM攻击 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x05g-Testing-Network-Communication.md#android-network-apis Files: com/base/module/dns/DnsModule.java, line(s) 137,17,18,19,20,21,22
高危安全漏洞 不安全的Web视图实现。Web视图忽略SSL证书错误并接受任何SSL证书。此应用程序易受MITM攻击
不安全的Web视图实现。Web视图忽略SSL证书错误并接受任何SSL证书。此应用程序易受MITM攻击 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x05g-Testing-Network-Communication.md#webview-server-certificate-verification Files: com/base/module/web/X5WebView.java, line(s) 262,261
中危安全漏洞 应用程序已启用明文网络流量
[android:usesCleartextTraffic=true] 应用程序打算使用明文网络流量,例如明文HTTP,FTP协议,DownloadManager和MediaPlayer。针对API级别27或更低的应用程序,默认值为“true”。针对API级别28或更高的应用程序,默认值为“false”。避免使用明文流量的主要原因是缺乏机密性,真实性和防篡改保护;网络攻击者可以窃听传输的数据,并且可以在不被检测到的情况下修改它。
中危安全漏洞 Service (im.rightkinghts.messenger.GcmPushListenerService) 未被保护。
存在一个intent-filter。 发现 Service与设备上的其他应用程序共享,因此让它可以被设备上的任何其他应用程序访问。intent-filter的存在表明这个Service是显式导出的。
中危安全漏洞 Broadcast Receiver (com.google.android.gms.measurement.AppMeasurementReceiver) 未被保护。
存在一个intent-filter。 发现 Broadcast Receiver与设备上的其他应用程序共享,因此让它可以被设备上的任何其他应用程序访问。intent-filter的存在表明这个Broadcast Receiver是显式导出的。
中危安全漏洞 Activity (im.rightkinghts.ui.ShareActivity) 未被保护。
存在一个intent-filter。 发现 Activity与设备上的其他应用程序共享,因此让它可以被设备上的任何其他应用程序访问。intent-filter的存在表明这个Activity是显式导出的。
中危安全漏洞 Activity (im.rightkinghts.ui.ExternalActionActivity) 未被保护。
存在一个intent-filter。 发现 Activity与设备上的其他应用程序共享,因此让它可以被设备上的任何其他应用程序访问。intent-filter的存在表明这个Activity是显式导出的。
中危安全漏洞 Activity (im.rightkinghts.messenger.OpenChatReceiver) 未被保护。
[android:exported=true] 发现 Activity与设备上的其他应用程序共享,因此可被设备上的任何其他应用程序访问。
中危安全漏洞 Activity (im.rightkinghts.ui.hui.visualcall.VisualCallActivity) 未被保护。
[android:exported=true] 发现 Activity与设备上的其他应用程序共享,因此可被设备上的任何其他应用程序访问。
中危安全漏洞 Activity (im.rightkinghts.ui.hui.visualcall.VisualCallReceiveActivity) 未被保护。
[android:exported=true] 发现 Activity与设备上的其他应用程序共享,因此可被设备上的任何其他应用程序访问。
中危安全漏洞 Activity设置了TaskAffinity属性
(im.rightkinghts.ui.VoIPActivity) 如果设置了 taskAffinity,其他应用程序可能会读取发送到属于另一个任务的 Activity 的 Intent。为了防止其他应用程序读取发送或接收的 Intent 中的敏感信息,请始终使用默认设置,将 affinity 保持为包名
中危安全漏洞 Activity设置了TaskAffinity属性
(im.rightkinghts.ui.VoIPGroupActivity) 如果设置了 taskAffinity,其他应用程序可能会读取发送到属于另一个任务的 Activity 的 Intent。为了防止其他应用程序读取发送或接收的 Intent 中的敏感信息,请始终使用默认设置,将 affinity 保持为包名
中危安全漏洞 Activity设置了TaskAffinity属性
(im.rightkinghts.ui.VoIPPermissionActivity) 如果设置了 taskAffinity,其他应用程序可能会读取发送到属于另一个任务的 Activity 的 Intent。为了防止其他应用程序读取发送或接收的 Intent 中的敏感信息,请始终使用默认设置,将 affinity 保持为包名
中危安全漏洞 Activity设置了TaskAffinity属性
(im.rightkinghts.ui.VoIPFeedbackActivity) 如果设置了 taskAffinity,其他应用程序可能会读取发送到属于另一个任务的 Activity 的 Intent。为了防止其他应用程序读取发送或接收的 Intent 中的敏感信息,请始终使用默认设置,将 affinity 保持为包名
中危安全漏洞 Service (im.rightkinghts.messenger.AuthenticatorService) 未被保护。
[android:exported=true] 发现 Service与设备上的其他应用程序共享,因此可被设备上的任何其他应用程序访问。
中危安全漏洞 Service (im.rightkinghts.messenger.ContactsSyncAdapterService) 未被保护。
[android:exported=true] 发现 Service与设备上的其他应用程序共享,因此可被设备上的任何其他应用程序访问。
中危安全漏洞 Service (im.rightkinghts.messenger.AppChooserTargetService) 受权限保护, 但是应该检查权限的保护级别。
Permission: android.permission.BIND_CHOOSER_TARGET_SERVICE [android:exported=true] 发现一个 Service被共享给了设备上的其他应用程序,因此让它可以被设备上的任何其他应用程序访问。它受到一个在分析的应用程序中没有定义的权限的保护。因此,应该在定义它的地方检查权限的保护级别。如果它被设置为普通或危险,一个恶意应用程序可以请求并获得这个权限,并与该组件交互。如果它被设置为签名,只有使用相同证书签名的应用程序才能获得这个权限。
中危安全漏洞 Service (im.rightkinghts.messenger.MusicPlayerService) 未被保护。
[android:exported=true] 发现 Service与设备上的其他应用程序共享,因此可被设备上的任何其他应用程序访问。
中危安全漏洞 Service (im.rightkinghts.messenger.MusicBrowserService) 未被保护。
[android:exported=true] 发现 Service与设备上的其他应用程序共享,因此可被设备上的任何其他应用程序访问。
中危安全漏洞 Service (im.rightkinghts.messenger.WearDataLayerListenerService) 未被保护。
存在一个intent-filter。 发现 Service与设备上的其他应用程序共享,因此让它可以被设备上的任何其他应用程序访问。intent-filter的存在表明这个Service是显式导出的。
中危安全漏洞 Service (im.rightkinghts.messenger.voip.AppConnectionService) 受权限保护, 但是应该检查权限的保护级别。
Permission: android.permission.BIND_TELECOM_CONNECTION_SERVICE [android:exported=true] 发现一个 Service被共享给了设备上的其他应用程序,因此让它可以被设备上的任何其他应用程序访问。它受到一个在分析的应用程序中没有定义的权限的保护。因此,应该在定义它的地方检查权限的保护级别。如果它被设置为普通或危险,一个恶意应用程序可以请求并获得这个权限,并与该组件交互。如果它被设置为签名,只有使用相同证书签名的应用程序才能获得这个权限。
中危安全漏洞 Broadcast Receiver (im.rightkinghts.messenger.MusicPlayerReceiver) 未被保护。
存在一个intent-filter。 发现 Broadcast Receiver与设备上的其他应用程序共享,因此让它可以被设备上的任何其他应用程序访问。intent-filter的存在表明这个Broadcast Receiver是显式导出的。
中危安全漏洞 Broadcast Receiver (im.rightkinghts.messenger.voip.VoIPMediaButtonReceiver) 未被保护。
存在一个intent-filter。 发现 Broadcast Receiver与设备上的其他应用程序共享,因此让它可以被设备上的任何其他应用程序访问。intent-filter的存在表明这个Broadcast Receiver是显式导出的。
中危安全漏洞 Broadcast Receiver (im.rightkinghts.messenger.AppStartReceiver) 未被保护。
存在一个intent-filter。 发现 Broadcast Receiver与设备上的其他应用程序共享,因此让它可以被设备上的任何其他应用程序访问。intent-filter的存在表明这个Broadcast Receiver是显式导出的。
中危安全漏洞 Broadcast Receiver (yunkfdjxitg.rightkinghts.kljljlkjllklijlkijlk.RefererReceiver) 受权限保护, 但是应该检查权限的保护级别。
Permission: android.permission.INSTALL_PACKAGES [android:exported=true] 发现一个 Broadcast Receiver被共享给了设备上的其他应用程序,因此让它可以被设备上的任何其他应用程序访问。它受到一个在分析的应用程序中没有定义的权限的保护。因此,应该在定义它的地方检查权限的保护级别。如果它被设置为普通或危险,一个恶意应用程序可以请求并获得这个权限,并与该组件交互。如果它被设置为签名,只有使用相同证书签名的应用程序才能获得这个权限。
中危安全漏洞 Content Provider (im.rightkinghts.messenger.voip.CallNotificationSoundProvider) 未被保护。
[android:exported=true] 发现 Content Provider与设备上的其他应用程序共享,因此可被设备上的任何其他应用程序访问。
中危安全漏洞 Service (im.rightkinghts.keepalive.ChannelService) 未被保护。
[android:exported=true] 发现 Service与设备上的其他应用程序共享,因此可被设备上的任何其他应用程序访问。
中危安全漏洞 Service (im.rightkinghts.keepalive.DaemonService) 未被保护。
[android:exported=true] 发现 Service与设备上的其他应用程序共享,因此可被设备上的任何其他应用程序访问。
中危安全漏洞 Service (im.rightkinghts.keepalive.ScheduleService) 受权限保护, 但是应该检查权限的保护级别。
Permission: android.permission.BIND_JOB_SERVICE [android:exported=true] 发现一个 Service被共享给了设备上的其他应用程序,因此让它可以被设备上的任何其他应用程序访问。它受到一个在分析的应用程序中没有定义的权限的保护。因此,应该在定义它的地方检查权限的保护级别。如果它被设置为普通或危险,一个恶意应用程序可以请求并获得这个权限,并与该组件交互。如果它被设置为签名,只有使用相同证书签名的应用程序才能获得这个权限。
中危安全漏洞 Broadcast Receiver (im.rightkinghts.keepalive.MonitorReceiver) 未被保护。
存在一个intent-filter。 发现 Broadcast Receiver与设备上的其他应用程序共享,因此让它可以被设备上的任何其他应用程序访问。intent-filter的存在表明这个Broadcast Receiver是显式导出的。
中危安全漏洞 Broadcast Receiver (im.rightkinghts.keepalive.ScreenReceiver) 未被保护。
[android:exported=true] 发现 Broadcast Receiver与设备上的其他应用程序共享,因此可被设备上的任何其他应用程序访问。
中危安全漏洞 Service (com.blankj.utilcode.util.MessengerUtils$ServerService) 未被保护。
存在一个intent-filter。 发现 Service与设备上的其他应用程序共享,因此让它可以被设备上的任何其他应用程序访问。intent-filter的存在表明这个Service是显式导出的。
中危安全漏洞 Broadcast Receiver (com.google.firebase.iid.FirebaseInstanceIdReceiver) 受权限保护, 但是应该检查权限的保护级别。
Permission: com.google.android.c2dm.permission.SEND [android:exported=true] 发现一个 Broadcast Receiver被共享给了设备上的其他应用程序,因此让它可以被设备上的任何其他应用程序访问。它受到一个在分析的应用程序中没有定义的权限的保护。因此,应该在定义它的地方检查权限的保护级别。如果它被设置为普通或危险,一个恶意应用程序可以请求并获得这个权限,并与该组件交互。如果它被设置为签名,只有使用相同证书签名的应用程序才能获得这个权限。
中危安全漏洞 Service (com.google.android.gms.auth.api.signin.RevocationBoundService) 受权限保护, 但是应该检查权限的保护级别。
Permission: com.google.android.gms.auth.api.signin.permission.REVOCATION_NOTIFICATION [android:exported=true] 发现一个 Service被共享给了设备上的其他应用程序,因此让它可以被设备上的任何其他应用程序访问。它受到一个在分析的应用程序中没有定义的权限的保护。因此,应该在定义它的地方检查权限的保护级别。如果它被设置为普通或危险,一个恶意应用程序可以请求并获得这个权限,并与该组件交互。如果它被设置为签名,只有使用相同证书签名的应用程序才能获得这个权限。
中危安全漏洞 应用程序可以读取/写入外部存储器,任何应用程序都可以读取写入外部存储器的数据
应用程序可以读取/写入外部存储器,任何应用程序都可以读取写入外部存储器的数据 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x05d-Testing-Data-Storage.md#external-storage Files: com/alivc/rtc/device/core/persistent/PersistentConfiguration.java, line(s) 52,151,326,376 com/base/module/web/X5WebView.java, line(s) 281 com/base/utils/FileUtils.java, line(s) 39,74,372,393 com/base/utils/HttpUtils.java, line(s) 71 com/base/utils/PhotoUtils.java, line(s) 65,71 com/base/utils/SystemUtils.java, line(s) 335,352 com/danikula/videocache/StorageUtils.java, line(s) 26,45 im/rightkinghts/messenger/AndroidUtilities.java, line(s) 1222,613,1216,1217 im/rightkinghts/messenger/FileLog.java, line(s) 49,82,331 im/rightkinghts/messenger/ImageLoader.java, line(s) 1423,1424 im/rightkinghts/messenger/SharedConfig.java, line(s) 657 im/rightkinghts/messenger/voip/VoIPController.java, line(s) 300 im/rightkinghts/ui/DocumentSelectActivity.java, line(s) 481,582,582,582,585 im/rightkinghts/ui/SettingsActivity.java, line(s) 1219 im/rightkinghts/ui/components/voip/VoIPHelper.java, line(s) 489 im/rightkinghts/ui/dialogs/McShareDialog.java, line(s) 168 im/rightkinghts/ui/fragments/MeFragmentV2.java, line(s) 870 im/rightkinghts/ui/hui/chats/GroupShareActivity.java, line(s) 268 im/rightkinghts/ui/hui/mine/AboutAppActivity.java, line(s) 385 im/rightkinghts/ui/hui/mine/QrCodeActivity.java, line(s) 368 im/rightkinghts/ui/hviews/helper/MryDisplayHelper.java, line(s) 279 im/rightkinghts/ui/utils/DeviceIdUtil.java, line(s) 83,84 im/rightkinghts/ui/utils/DownloadUtils.java, line(s) 152
中危安全漏洞 MD5是已知存在哈希冲突的弱哈希
MD5是已知存在哈希冲突的弱哈希 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x04g-Testing-Cryptography.md#identifying-insecure-andor-deprecated-cryptographic-algorithms-mstg-crypto-4 Files: com/base/utils/MD5Util.java, line(s) 13 com/base/utils/SecurityUtils.java, line(s) 52 com/bjz/comm/net/utils/MD5Utils.java, line(s) 19 com/danikula/videocache/ProxyCacheUtils.java, line(s) 75 com/litesuits/orm/db/assit/Encrypt.java, line(s) 36 im/rightkinghts/messenger/AndroidUtilities.java, line(s) 2168 im/rightkinghts/messenger/FileUploadOperation.java, line(s) 417 im/rightkinghts/messenger/Utilities.java, line(s) 371 im/rightkinghts/translate/MD5.java, line(s) 21,52 im/rightkinghts/ui/hui/friendscircle/okhttphelper/MD5Utils.java, line(s) 20 im/rightkinghts/ui/utils/ChiperUtils.java, line(s) 17
中危安全漏洞 文件可能包含硬编码的敏感信息,如用户名、密码、密钥等
文件可能包含硬编码的敏感信息,如用户名、密码、密钥等 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x05d-Testing-Data-Storage.md#checking-memory-for-sensitive-data-mstg-storage-10 Files: com/alivc/rtc/device/UTUtdid.java, line(s) 23,24,43 com/bjz/comm/net/bean/AtUserBean.java, line(s) 60 com/bjz/comm/net/bean/FCEntitysRequest.java, line(s) 49 com/bjz/comm/net/bean/FCEntitysResponse.java, line(s) 121 com/bjz/comm/net/bean/FcUserInfoBean.java, line(s) 116 com/bjz/comm/net/bean/MiniGameBean.java, line(s) 113 com/bjz/comm/net/bean/ResponseAccessTokenBean.java, line(s) 60 com/litesuits/orm/db/assit/SQLBuilder.java, line(s) 61 com/litesuits/orm/db/model/EntityTable.java, line(s) 32 com/litesuits/orm/db/model/MapProperty.java, line(s) 7 com/yhao/floatwindow/FloatLifecycle.java, line(s) 13,14 com/zhy/http/okhttp/builder/PostFormBuilder.java, line(s) 48 im/rightkinghts/javaBean/ShareInstallConfigBean.java, line(s) 46 im/rightkinghts/messenger/ContactsController.java, line(s) 1191,1532 im/rightkinghts/messenger/FileRefController.java, line(s) 130,162,179,194,199,204,211,229,226,232 im/rightkinghts/messenger/ImageLoader.java, line(s) 776 im/rightkinghts/messenger/LocaleController.java, line(s) 555 im/rightkinghts/messenger/NotificationsController.java, line(s) 2179,2224 im/rightkinghts/messenger/SendMessagesHelper.java, line(s) 2282,1469,1477,3118 im/rightkinghts/tgnet/TLRPC$User.java, line(s) 98 im/rightkinghts/tgnet/TLRPC.java, line(s) 38458,37280,37446,38458,32599,34630,31704,30722,33647,36703,36723 im/rightkinghts/ui/ArticleViewer.java, line(s) 1812,4746,3998 im/rightkinghts/ui/DataAutoDownloadActivity.java, line(s) 302,454,317,464,310,459 im/rightkinghts/ui/DataSettingsActivity.java, line(s) 217,381,229,389,223,385 im/rightkinghts/ui/LaunchActivity.java, line(s) 2257 im/rightkinghts/ui/NotificationsCustomSettingsActivity.java, line(s) 386,384,382 im/rightkinghts/ui/NotificationsSettingsActivity.java, line(s) 380 im/rightkinghts/ui/PassportActivity.java, line(s) 3908,3914,892,4982,887,4974,3922,890,4978,883,4962,3918,3901,3904,895,4966 im/rightkinghts/ui/QuickRepliesSettingsActivity.java, line(s) 170,166,162,158 im/rightkinghts/ui/actionbar/Theme.java, line(s) 2776,3208,3276 im/rightkinghts/ui/adapters/MentionsAdapter.java, line(s) 396 im/rightkinghts/ui/components/AlertsCreator.java, line(s) 537,539 im/rightkinghts/ui/components/EmojiView.java, line(s) 4005,4009 im/rightkinghts/ui/components/EmojiViewV2.java, line(s) 3989,3993 im/rightkinghts/ui/dialogs/AntiFraudAppDialog.java, line(s) 9 im/rightkinghts/ui/hui/contacts/CreateGroupingActivity.java, line(s) 560 im/rightkinghts/ui/hui/contacts/PhonebookUsersActivity.java, line(s) 197 im/rightkinghts/ui/hui/friendscircle_v1/view/edittext/span/User.java, line(s) 152 im/rightkinghts/ui/hui/login/LoginContronllerActivity.java, line(s) 78 im/rightkinghts/ui/hui/login/LoginVerifyActivity.java, line(s) 30 im/rightkinghts/ui/hui/packet/SelecteContactsActivity.java, line(s) 163,167 im/rightkinghts/ui/hui/visualcall/RTCAuthInfo.java, line(s) 111,106 im/rightkinghts/ui/settings/AutoDownloadSettingActivity.java, line(s) 90,480,84,495,79,488 im/rightkinghts/ui/settings/DataAndStoreSettingActivity.java, line(s) 291,299,295 im/rightkinghts/ui/wallet/model/PayPasswordReqBean.java, line(s) 69,69
中危安全漏洞 不安全的Web视图实现。可能存在WebView任意代码执行漏洞
不安全的Web视图实现。可能存在WebView任意代码执行漏洞 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x05h-Testing-Platform-Interaction.md#testing-javascript-execution-in-webviews-mstg-platform-5 Files: im/rightkinghts/messenger/utils/PlayerUtils.java, line(s) 1243,1250 im/rightkinghts/ui/ArticleViewer.java, line(s) 7208,7203 im/rightkinghts/ui/WebviewActivity.java, line(s) 289,276 im/rightkinghts/ui/components/EmbedBottomSheet.java, line(s) 664,221 im/rightkinghts/ui/components/WebPlayerView.java, line(s) 1234,1241
中危安全漏洞 应用程序使用SQLite数据库并执行原始SQL查询。原始SQL查询中不受信任的用户输入可能会导致SQL注入。敏感信息也应加密并写入数据库
应用程序使用SQLite数据库并执行原始SQL查询。原始SQL查询中不受信任的用户输入可能会导致SQL注入。敏感信息也应加密并写入数据库 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x04h-Testing-Code-Quality.md#injection-flaws-mstg-arch-2-and-mstg-platform-2 Files: com/danikula/videocache/sourcestorage/DatabaseSourceInfoStorage.java, line(s) 6,7,28 com/litesuits/orm/db/assit/Querier.java, line(s) 4,14
中危安全漏洞 应用程序使用不安全的随机数生成器
应用程序使用不安全的随机数生成器 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x04g-Testing-Cryptography.md#weak-random-number-generators Files: com/alivc/rtc/device/UTUtdid.java, line(s) 16 com/alivc/rtc/device/utils/PhoneInfoUtils.java, line(s) 7 com/socks/library/klog/FileLog.java, line(s) 12 im/rightkinghts/ui/LaunchActivity.java, line(s) 126 im/rightkinghts/ui/hui/visualcall/VisualCallReceiveService.java, line(s) 27 im/rightkinghts/ui/utils/number/StringUtils.java, line(s) 4 im/rightkinghts/ui/utils/translate/ssrc/SSRC.java, line(s) 16
中危安全漏洞 IP地址泄露
IP地址泄露 Files: com/base/module/dns/DnsModule.java, line(s) 104,93 com/base/utils/NetworkUtils.java, line(s) 59 com/danikula/videocache/HttpProxyCacheServer.java, line(s) 31 com/snail/antifake/deviceid/IpScanner.java, line(s) 117
中危安全漏洞 可能存在跨域漏洞。在 WebView 中启用从 URL 访问文件可能会泄漏文件系统中的敏感信息
可能存在跨域漏洞。在 WebView 中启用从 URL 访问文件可能会泄漏文件系统中的敏感信息 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x05h-Testing-Platform-Interaction.md#static-analysis-6 Files: com/base/module/web/MyWebView.java, line(s) 202,195 com/base/module/web/X5WebView.java, line(s) 164,153 im/rightkinghts/ui/hui/discoveryweb/DiscoveryJumpToPage.java, line(s) 255,248
中危安全漏洞 SHA-1是已知存在哈希冲突的弱哈希
SHA-1是已知存在哈希冲突的弱哈希 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x04g-Testing-Cryptography.md#identifying-insecure-andor-deprecated-cryptographic-algorithms-mstg-crypto-4 Files: com/alivc/rtc/device/UTUtdid.java, line(s) 344 com/base/utils/MD5Util.java, line(s) 46 com/base/utils/SecurityUtils.java, line(s) 62 im/rightkinghts/messenger/Utilities.java, line(s) 226,240 im/rightkinghts/ui/PassportActivity.java, line(s) 2803
中危安全漏洞 应用程序创建临时文件。敏感信息永远不应该被写进临时文件
应用程序创建临时文件。敏感信息永远不应该被写进临时文件 Files: im/rightkinghts/ui/components/paint/Slice.java, line(s) 21 im/rightkinghts/ui/utils/translate/ssrc/SSRC.java, line(s) 826
中危安全漏洞 应用程序包含隐私跟踪程序
此应用程序有多个3隐私跟踪程序。跟踪器可以跟踪设备或用户,是终端用户的隐私问题。
中危安全漏洞 此应用可能包含硬编码机密信息
从应用程序中识别出以下机密确保这些不是机密或私人信息 百度地图的=> "com.baidu.lbsapi.API_KEY" : "oYnHR3odlaw9KUleHaQP5BrTLivxSCz1" 谷歌地图的=> "com.google.android.maps.v2.API_KEY" : "AIzaSyA-t0jLPjUt2FxrA8VPK2EiYHcYcboIR6k" "TypePrivateGroup" : "Pribadi" "PayPasswordReset" : "PayPasswordReset" "PayPasswordSetReminder" : "Tips" "TypePrivate" : "Private" "UseProxySecret" : "Secret" "PayPasswordSetReminder" : "Kiat" "UseProxyUsername" : "Username" "YourPasswordSuccess" : "Success!" "Sessions" : "Sesi" "YourPasswordSuccess" : "Sukses!" "LoginPasswordReset" : "LoginPasswordReset" "google_app_id" : "1:194512522065:android:a3b6ee229cc1efe012e170" "RestorePasswordNoEmailTitle" : "Maaf" "LoginPassword" : "Password" "PayPassword" : "PayPassword" "google_crash_reporting_api_key" : "AIzaSyC6uk1nvjb5BYzqEzgaWy_iTryf5373Nyw" "TypePrivate2" : "Pribadi" "pref_speakerphone_key" : "speakerphone_preference" "baidu_map_key" : "oYnHR3odlaw9KUleHaQP5BrTLivxSCz1" "UserNameOrPhoneNumberSearch" : "Username" "PasscodePassword" : "Password" "Sessions" : "Sessions" "key_windowBackgroundGray" : "windowBackgroundGray" "ToSetPayPassword" : "Atur" "PaymentPasswordTitle" : "Password" "RestorePasswordNoEmailTitle" : "Sorry" "Username" : "Username" "PasswordCode" : "Kode" "FindBackPassword" : "FindBack" "UseProxyPassword" : "Password" "PasswordCode" : "Code" "TypePrivateGroup" : "Private" "FindBackPassword" : "FindBackPassword" "TypePrivate2" : "Private" "firebase_database_url" : "https://rightkinghts-48b0d.firebaseio.com" "key_walletDefaultBackground" : "walletDefaultBackground" "google_api_key" : "AIzaSyC6uk1nvjb5BYzqEzgaWy_iTryf5373Nyw" "PayPasswordSetting" : "PayPasswordSetting" "key_windowBackgroundWhite" : "windowBackgroundWhite" "yuncheng_app_key" : "-dSPyyHFK-C3oeMlwHTO+pKDObpgxP2MO7Uo2UCH0+AxbvSwOHSK26vswxbHqitmfpzvpr_umcseBVAt1Jhc+ZSpVK2u1Jycd5vGXSkkeksUjEvw7B1ab_L72k9kUie93wo9MKEFb_z5dDVJuy1dmCJ1lkTEoczXTFwV8KDvdhxGgMFuczwD-9Dky82dyNcpoA5r1MQjP9ySfIjUZBsaePOvidufUoObTop+UEXpSPUk0S9Qz8Pt8bxT4nwwFJr18bwcZoeGyMLOYYBtZsWjTSuoCM-evTn1HNr6AjGt9PsQ2REKz14oSNoo4JB7gRopFVzhEnZYwMTBKe3jbvAufn_d4Ur6uhiE34czv+fdJVeUHP" "PayPasswordSetting" : "PengaturanPayPassword" "TypePrivate" : "Pribadi" "UseProxySecret" : "Rahasia" fb9f0bb7fdd0760c354cc3d80cecb1d9 A2B55680-6F43-11E0-9A3F-0002A5D5C51B e283aac0-7c0f-4f2e-bcf7-90acc19903ed 2LHYpyDYp9mG2KrYrtin2Kgg2qnZhtuM2K8g24zaqSDZgdin24zZhA== qH1w7/Xx2uRYxrhDoZKCAnn5vtsdxiZuX28o21jwtUVfycXNnuv0hLRDLNlQUjoH29K5pTThcDbEWD9UWPYTEw== 9A04F079-9840-4286-AB92-E65BE0885F95 c4e431e16e2d152d1c9d7141c7cdf3de QrMgt8GGYI6T52ZY5AnhtxkLzb8egpFn3j5JELI8H6wtACbUnZ5cc3aYTsTRbmkAkRJeYbtx92LPBWm7nBO9UIl7y5i5MQNmUZNf5QENurR5tGyo7yJ2G0MBjWvy6iAtlAbacKP0SwOUeUWx5dsBdyhxa7Id1APtybSdDgicBDuNjI0mlZFUzZSS9dmN8lBD0WTVOMz0pRZbR3cysomRXOO1ghqjJdTcyDIxzpNAEszN8RMGjrzyU7Hjbmwi6YNK f180c508-f49a-40bd-b8ac-50577ce9aff6 bb392ec0-8d4d-11e0-a896-0002a5d5c51b pE5eNoBQIFVcd9IEuyIhvopfgS1RSj5C ABVGDE2JZIQKLMNOPRSTUFHC34WXY9678 7ZWY64KY7J2YIO2MjOydvOydhCDshKDtg50= 2KfbjNqpINmB2KfYptmEINmF24zauiDYs9uSINin2YbYqtiu2KfYqCDaqdix24zaug== C71CAEB9C6B1C9048E6C522F70F13F73980D40238E3E21C14934D037563D930F48198A0AA7C14058229493D22530F4DBFA336F6E0AC925139543AED44CCE7C3720FD51F69458705AC68CD4FE6B6B13ABDC9746512969328454F18FAF8C595F642477FE96BB2A941D5BCD1D4AC8CC49880708FA9B378E3C4F3A9060BEE67CF9A4A4A695811051907E162753B56B0F6B410DBA74D8A84B2A14B3144E0EF1284754FD17ED950D5965B4B9DD46582DB1178D169C6BC465B0D6FF9CA3928FEF5B9AE4E418FC15E83EBEA0F87FA9FF5EED70050DED2849F47BF959D956850CE929851F0D8115F635B105EE2E4E15D04B2454BF6F4FADF034B10403119CD8E3B92FCC5B c06c8400-8e06-11e0-9cb6-0002a5d5c51b
安全提示信息 应用程序记录日志信息,不得记录敏感信息
应用程序记录日志信息,不得记录敏感信息 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x05d-Testing-Data-Storage.md#logs Files: cn/dreamtobe/kpswitch/handler/KPSwitchRootLayoutHandler.java, line(s) 35,46,50,56,60 cn/dreamtobe/kpswitch/util/KeyboardUtil.java, line(s) 44,186,193,233,164,202,219 cn/dreamtobe/kpswitch/util/StatusBarHeightUtil.java, line(s) 21 cn/dreamtobe/kpswitch/util/ViewUtil.java, line(s) 17 com/alivc/component/capture/VideoPusher.java, line(s) 158,306,310,329,334,339,397,412,423,428,451,457,467,583,615,635,640,667,728,758,762,764,771,965,999,1052,369,388,392,649,815,878,925,983,1016,659 com/alivc/component/capture/VideoPusherJNI.java, line(s) 40,51,59,74,82,97,105,115,127,139,150,158,167,176,185,194,196,203,212,221,229,238,246,255,68,91,121,133 com/alivc/rtc/AliRtcEngine.java, line(s) 271,284,301,308 com/alivc/rtc/AliRtcEngineImpl.java, line(s) 1548,1620,1966,2004,2179,3289,318,343,627,898,923,1207,1350,1366,1385,1399,1439,1452,1473,1529,1536,1538,1542,1550,1566,1570,1574,1578,1597,1601,1622,1626,1638,1642,1650,1676,1690,1694,1755,1759,1763,1768,1793,1812,1819,1822,1826,1841,1845,1850,1854,1879,1885,1887,1893,1899,1901,1906,1908,1914,1916,1922,1930,1941,1953,1973,2016,2160,2202,2217,2232,2247,2631,2636,2681,2686,2691,2698,2713,2732,2738,2740,2891,2904,2981,73,75,82,84,97,99,106,108,114,120,148,150,160,163,189,191,213,215,227,229,252,254,276,278,288,290,298,326,328,341,361,365,367,375,377,384,386,392,394,400,407,413,434,436,442,468,470,476,481,488,490,492,494,496,498,504,506,508,514,517,519,521,523,525,527,573,575,625,639,641,647,649,655,657,663,665,671,673,692,728,730,740,743,769,771,793,795,807,809,832,834,856,858,868,870,878,906,908,921,941,945,947,955,957,964,966,972,974,980,987,993,1014,1016,1022,1048,1050,1056,1061,1068,1070,1072,1074,1076,1078,1084,1086,1088,1094,1097,1099,1101,1103,1105,1107,1153,1155,1205,1219,1221,1227,1229,1235,1237,1243,1245,1251,1253,1290,1292,1318,1326,1373,1377,1383,1386,1391,1397,1403,1409,1411,1417,1424,1431,1437,1455,1460,1462,1516,1530,1558,1564,1582,1588,1591,1614,1636,1660,1667,1673,1682,1688,1699,1706,1710,1715,1720,1728,1733,1738,1747,1753,1804,1810,1833,1839,1867,1872,1876,1928,1934,1947,1961,2010,2027,2039,2045,2072,2082,2090,2092,2098,2104,2106,2113,2126,2133,2135,2143,2145,2150,2152,2158,2171,2177,2185,2187,2193,2195,2208,2210,2223,2225,2236,2238,2253,2258,2267,2277,2285,2287,2293,2297,2307,2309,2319,2321,2333,2341,2352,2368,2378,2383,2389,2391,2407,2439,2456,2488,2505,2520,2522,2530,2532,2539,2541,2553,2561,2570,2618,2706,2717,2743,2805,2807,2813,2836,2842,2848,2854,2860,2866,2872,2878,2884,2986,2995,2997,3006,3008,3017,3019,3028,3030,3039,3041,3050,3052,3061,3063,3072,3074,3083,3088,3097,3099,3108,3113,3122,3124,3133,3138,3147,3149,3158,3163,3172,3174,3183,3185,3194,3196,3205,3207,3216,3218,3227,3229,3240,3252,3256,3266,3270,3285,3339,3344,3353,3355,1453 com/alivc/rtc/device/DeviceInfo.java, line(s) 30,57,61 com/alivc/rtc/device/UTUtdid.java, line(s) 132,134,139,141,152,154,159,161,207,212,238,241,246,249 com/base/BaseActivity.java, line(s) 41 com/base/module/web/X5WebModule.java, line(s) 13 com/base/utils/LogUtils.java, line(s) 47,123,63,31,79,99 com/base/utils/NetworkUtils.java, line(s) 64,67,80,100 com/base/utils/PhotoUtils.java, line(s) 109,147,145,151 com/bjz/comm/net/factory/ApiFactory.java, line(s) 59,66 com/bjz/comm/net/factory/ApiGameFactory.java, line(s) 57,64 com/bjz/comm/net/mvp/presenter/FcCommonPresenter.java, line(s) 111 com/bjz/comm/net/premission/PermissionActivity.java, line(s) 52,331,343,358 com/bjz/comm/net/premission/PermissionManager.java, line(s) 34 com/bjz/comm/net/receiver/NetworkConnectChangedReceiver.java, line(s) 23,29,39 com/bjz/comm/net/utils/MD5Utils.java, line(s) 21,88,92,93 com/bjz/comm/net/utils/RxHelper.java, line(s) 98,103,126,130,141,189 com/bjz/comm/net/utils/TokenLoader.java, line(s) 50,82,86 com/contrarywind/view/WheelView.java, line(s) 341 com/coremedia/iso/boxes/sampleentry/AudioSampleEntry.java, line(s) 195 com/litesuits/orm/LiteOrm.java, line(s) 79,81,85,115,310 com/litesuits/orm/db/TableManager.java, line(s) 91,132,123,171,249,90,95,96,101,102,119,121,131,138,139,159,160,180,181,182,187,188 com/litesuits/orm/db/assit/Querier.java, line(s) 12,18,21,11,17,20 com/litesuits/orm/db/assit/SQLStatement.java, line(s) 250,280,519,170,285,101,102,126,127,169,183,184,187,188,233,234,249,275,276,279,284,323,359,375,380,422,423,496,506,518,324,360,497,507 com/litesuits/orm/db/assit/Transaction.java, line(s) 15,21,22 com/litesuits/orm/db/utils/DataUtil.java, line(s) 109,110 com/litesuits/orm/log/OrmLog.java, line(s) 41,74,124,157,62,95,145,178,20,27,48,81,131,164,34,67,117,150,55,88,138,171 com/preview/PreviewDialogFragment.java, line(s) 161 com/serenegiant/usb/DeviceFilter.java, line(s) 73,75 com/serenegiant/usb/USBMonitor.java, line(s) 241,248,827,846,424,428,431,843,281,466 com/serenegiant/usb/UVCCamera.java, line(s) 1050,1056,1061,1067,484,1084 com/snail/antifake/deviceid/IpScanner.java, line(s) 47,92,126 com/socks/library/Util.java, line(s) 14,16 com/socks/library/klog/BaseLog.java, line(s) 29,38,32,26,35,41 com/socks/library/klog/FileLog.java, line(s) 18,21 com/socks/library/klog/JsonLog.java, line(s) 29 com/socks/library/klog/XmlLog.java, line(s) 23 com/tablayout/SlidingScaleTabLayout.java, line(s) 674 com/tablayout/transformer/TabScaleTransformer.java, line(s) 29 com/yhao/floatwindow/LogUtil.java, line(s) 16,12 com/zhy/http/okhttp/cookie/store/PersistentCookieStore.java, line(s) 143,156,159 com/zhy/http/okhttp/log/LoggerInterceptor.java, line(s) 41,44,45,46,48,51,54,57,59,70,71,72,74,78,80,82,85 com/zhy/http/okhttp/utils/L.java, line(s) 10 ezy/assist/compat/RomUtil.java, line(s) 148 ezy/assist/compat/SettingsCompat.java, line(s) 94,114,125 im/rightkinghts/keepalive/ChannelService.java, line(s) 55 im/rightkinghts/keepalive/CheckTopTask.java, line(s) 23,48 im/rightkinghts/keepalive/DaemonService.java, line(s) 136,63,93,107,117,139 im/rightkinghts/keepalive/MonitorReceiver.java, line(s) 11,16 im/rightkinghts/keepalive/OnePxActivity.java, line(s) 34,61,85 im/rightkinghts/keepalive/ScheduleService.java, line(s) 11,20 im/rightkinghts/keepalive/ScreenReceiver.java, line(s) 37 im/rightkinghts/messenger/AndroidUtilities$LinkMovementMethodMy.java, line(s) 19 im/rightkinghts/messenger/AndroidUtilities.java, line(s) 536,1220,1230,159,216,353,445,459,496,528,573,586,606,615,624,633,730,733,853,868,883,928,946,950,1017,1038,1136,1185,1207,1267,1330,1371,1383,1424,1585 im/rightkinghts/messenger/AnimatedFileDrawableStream.java, line(s) 56 im/rightkinghts/messenger/AppChooserTargetService.java, line(s) 55,97,179 im/rightkinghts/messenger/ApplicationLoader.java, line(s) 77,126,155,172,183,197,207,244,247,258,261,296,70,129,283,311,325,345,362,410 im/rightkinghts/messenger/ContactsController.java, line(s) 372,389,405,655,709,823,833,857,1008,1013,1043,1120,1137,1699,1856,511,537,779,1344,1353,1590,1599,1605,1623,1935 im/rightkinghts/messenger/ContactsSyncAdapterService.java, line(s) 49,30 im/rightkinghts/messenger/DispatchQueue.java, line(s) 26,35,47,61,80 im/rightkinghts/messenger/DownloadController.java, line(s) 859 im/rightkinghts/messenger/Emoji.java, line(s) 192,104,117,128,356,402,422,491,503,729,741 im/rightkinghts/messenger/FileLoadOperation.java, line(s) 598,794,865,1121,1228,1259,426,439,456,711,717,724,730,737,743,750,756,764,824,826,835,843 im/rightkinghts/messenger/FileLoader.java, line(s) 937,1394,1402,1410,1419 im/rightkinghts/messenger/FileLog.java, line(s) 234,259,101,127,152,177,284,309 im/rightkinghts/messenger/FileRefController.java, line(s) 124,617,952 im/rightkinghts/messenger/FileStreamLoadOperation.java, line(s) 132 im/rightkinghts/messenger/FileUploadOperation.java, line(s) 116,140,206,426,546,687 im/rightkinghts/messenger/GcmPushListenerService.java, line(s) 22,35,82,137 im/rightkinghts/messenger/ImageLoader.java, line(s) 1350,1420,1434,1446,1459,1472,1480,196,204,213,236,240,249,255,305,334,353,373,396,407,426,582,591,600,623,627,637,649,823,841,1189,1195,1410,1416,1438,1450,1463,1476,1484,1529,1534,1542,1550,2070,2082,2109,2274,2280,2390 im/rightkinghts/messenger/ImageReceiver.java, line(s) 514,603,650,682 im/rightkinghts/messenger/KeepAliveJob.java, line(s) 27,43,49,71,83 im/rightkinghts/messenger/LocaleController.java, line(s) 823,1958,2067,2104,290,296,577,716,763,771,777,783,901,930,985,1402,1478,1503,1525,1547,1581,1646,1741,1758,1782,2035,2855 im/rightkinghts/messenger/LocationController.java, line(s) 552,635,698 im/rightkinghts/messenger/MediaController$4.java, line(s) 68 im/rightkinghts/messenger/MediaController$5.java, line(s) 26 im/rightkinghts/messenger/MediaController$6.java, line(s) 26 im/rightkinghts/messenger/MediaController$StopMediaObserverRunnable.java, line(s) 25,33 im/rightkinghts/messenger/MediaController$VideoConvertRunnable.java, line(s) 31 im/rightkinghts/messenger/MediaController.java, line(s) 336,727,765,808,813,833,852,864,874,290,295,300,305,322,346,355,413,424,441,475,486,1083,1113,1228,1355,1370,1680,1686,1808,1830,1946,1955,2059,2139,2203,2231,2239,2262,2268,2276,2299,2305,2313,2331,2364,2371,2391,2397,2401,2406,2413,2554 im/rightkinghts/messenger/MediaDataController.java, line(s) 267,405,460,523,666,722,927,996,1034,1048,1258,1341,1577,1714,1901,1921,2030,2423,2681,2719,2801,2869,2903,2924,2955,3040,3158,3243,3274,3453,3528,3545,3620,3748,3824,3846,3972,4004,4080,4082,4316,4562,4645,4786,4828,4867,4906,4942,5011 im/rightkinghts/messenger/MessageObject.java, line(s) 259,2388,2433,2528,2534 im/rightkinghts/messenger/MessagesController.java, line(s) 2388,2393,2438,2449,2474,2481,2498,2510,3846,3855,5487,5794,5801,5807,5858,5891,5929,8009,8024,8073,8184,8193,8206,8268,8277,8289,8679,8697,8912,10122,1344,3282,3391,3418,3447,5206,5500,5910,6279,6700,7265,7290,8326,8454,8976,9097,9172,9654,10500,10809,10902,10905 im/rightkinghts/messenger/MessagesStorage.java, line(s) 3777,244,280,835,897,933,1039,1076,1119,1192,1286,1345,1357,1441,1480,1536,1576,1610,1612,1658,1716,1745,1843,1919,1964,1998,2080,2217,2293,2362,2422,2466,2468,2550,2630,2670,2700,2867,2922,2953,2976,3003,3032,3093,3180,3249,3388,3442,3519,3578,3642,3657,3704,3747,3788,3839,3901,3922,3958,3999,4065,4094,4166,4225,4271,4311,4417,4473,4494,4530,4651,4754,4795,4875,4909,4947,4969,4996,5013,5075,5086,5102,5111,5165,5205,5270,5373,5406,5525,5565,5594,5668,5707,5747,5805,5818,5895,5957,6029,6058,6090,6205,6258,6323,6363,6403,6636,6690,6767,6823,6866,6887,6908,6930,6950,6961,6976,6991,7019,7042,7076,7111,7145,7179,7216,7250 im/rightkinghts/messenger/MusicBrowserService.java, line(s) 209,301,338,387,516 im/rightkinghts/messenger/MusicPlayerService.java, line(s) 189,390 im/rightkinghts/messenger/NativeLoader.java, line(s) 46,76,82,88,94,99,106 im/rightkinghts/messenger/NotificationBadge.java, line(s) 181,458 im/rightkinghts/messenger/NotificationCenter.java, line(s) 951 im/rightkinghts/messenger/NotificationImageProvider.java, line(s) 107 im/rightkinghts/messenger/NotificationsController.java, line(s) 205,341,2122,180,185,193,216,253,287,308,1357,1371,1969,2046,2059,2074,2101,2105,2114,2128,2186,2218,2326,2360,2364,2373 im/rightkinghts/messenger/ScreenReceiver.java, line(s) 13,27 im/rightkinghts/messenger/SecretChatHelper.java, line(s) 582,1141,658,684,770,1073,1287,1465,1765,1778,1888,1917,1958,1974 im/rightkinghts/messenger/SendMessagesHelper$LocationProvider.java, line(s) 37,95,100,109 im/rightkinghts/messenger/SendMessagesHelper.java, line(s) 611,628,1088,1782,3386,3392,3821,3870,3897,4205,4208,4223,4231 im/rightkinghts/messenger/SharedConfig.java, line(s) 706,119,251,272,286,356,679 im/rightkinghts/messenger/SmsReceiver.java, line(s) 48 im/rightkinghts/messenger/UserConfig.java, line(s) 195 im/rightkinghts/messenger/Utilities.java, line(s) 70,230,246,275,288,299,311,330,347,379 im/rightkinghts/messenger/VideoEncodingService.java, line(s) 37,87,54 im/rightkinghts/messenger/WearDataLayerListenerService.java, line(s) 39,47,63,232,239,56,226,243,339 im/rightkinghts/messenger/XiaomiUtilities.java, line(s) 45 im/rightkinghts/messenger/browser/Browser.java, line(s) 84,99 im/rightkinghts/messenger/camera/CameraController.java, line(s) 164,191,511,528,547,305,321,326,377,399,425,437,469,501,554,583,632,660,663,680,686,707,730,744,796,801,807,812,820,843 im/rightkinghts/messenger/camera/CameraSession.java, line(s) 212,216,173,254,269,345,358,374,379,466 im/rightkinghts/messenger/secretmedia/ExtendedDefaultDataSource.java, line(s) 195 im/rightkinghts/messenger/support/JobIntentService.java, line(s) 128 im/rightkinghts/messenger/support/customtabs/CustomTabsSessionToken.java, line(s) 19,28,37,46 im/rightkinghts/messenger/support/customtabsclient/shared/CustomTabsHelper.java, line(s) 89 im/rightkinghts/messenger/support/fingerprint/FingerprintManagerCompatApi23.java, line(s) 21,30,39 im/rightkinghts/messenger/utils/PlayerUtils.java, line(s) 472,393,452,528,587,642,705,772,1192,1453,1523,1921,1933,1946,1960,1974,1988,2002 im/rightkinghts/messenger/utils/SelectorUtils.java, line(s) 91 im/rightkinghts/messenger/voip/AppConnectionService.java, line(s) 31,68,48,58,16,24 im/rightkinghts/messenger/voip/AudioRecordJNI.java, line(s) 248,66,79,95,114,137,180,203,239,109,211,63,76,92 im/rightkinghts/messenger/voip/AudioTrackJNI.java, line(s) 38,65,111,121,119,32 im/rightkinghts/messenger/voip/JNIUtilities.java, line(s) 80 im/rightkinghts/messenger/voip/VoIPBaseService.java, line(s) 592,685,742,844,886,893,899,1065,1263,1424,1436,1464,1476,1483,174,182,273,526,564,640,733,825,854,1000,1016,1174,1341,1352 im/rightkinghts/messenger/voip/VoIPServerConfig.java, line(s) 19 im/rightkinghts/messenger/voip/VoIPService.java, line(s) 361,444,450,457,695,714,743,750,778,794,960,1077,1096,1252,94,281,338,359,392,414,463,514,570,580,687,719,878,1034,1090,1137,108,385,410,560,734,822,829,839,865,893 im/rightkinghts/phoneformat/PhoneFormat.java, line(s) 100,106,127,136,199,238 im/rightkinghts/sqlite/SQLiteCursor.java, line(s) 98,103 im/rightkinghts/sqlite/SQLiteDatabase.java, line(s) 60,77 im/rightkinghts/sqlite/SQLitePreparedStatement.java, line(s) 107,108 im/rightkinghts/tgnet/ConnectionsManager$DnsTxtLoadTask.java, line(s) 40,20 im/rightkinghts/tgnet/ConnectionsManager$FirebaseTask.java, line(s) 41,21 im/rightkinghts/tgnet/ConnectionsManager$ResolveHostByNameTask.java, line(s) 64,69,90,104,117 im/rightkinghts/tgnet/ConnectionsManager.java, line(s) 199,319,463,471,487,502,514,565,598,606,614,758,765,768,312,330,332,517,582,652,664,682,774,802 im/rightkinghts/tgnet/FCTokenRequestCallback.java, line(s) 44,64,65,118,124,130,138,142 im/rightkinghts/tgnet/NativeByteBuffer.java, line(s) 35,128,143,172,187,207,221,257,293,304,341,393,413,427,443,456,489,516,546,562 im/rightkinghts/tgnet/NetworkConfig.java, line(s) 45,52 im/rightkinghts/tgnet/SerializedData.java, line(s) 62,70,78,86,117,140,172,187,202,217,253,267,303,314,349,376,391,427,458,474,493,514 im/rightkinghts/tgnet/TLClassStore.java, line(s) 54 im/rightkinghts/tgnet/TLJsonResolve.java, line(s) 85,113 im/rightkinghts/translate/MD5.java, line(s) 34 im/rightkinghts/ui/ArticleViewer.java, line(s) 3736,4364,4442,4629,4803,4852,4873,5014,5024,5051,5064,7174,7184,7297,7318,7344,9713,10142,10544,10735,10807,10813,10841,10898 im/rightkinghts/ui/AudioSelectActivity.java, line(s) 280 im/rightkinghts/ui/CacheControlActivity.java, line(s) 228,405,427 im/rightkinghts/ui/CancelAccountDeletionActivity.java, line(s) 133,263,396,961,1079 im/rightkinghts/ui/ChangeBioActivity.java, line(s) 234,245 im/rightkinghts/ui/ChangePhoneActivity.java, line(s) 129,285,677,687,855,1479,1597 im/rightkinghts/ui/ChangePhoneNumberActivity.java, line(s) 185,195 im/rightkinghts/ui/ChangeSignActivity.java, line(s) 162,173 im/rightkinghts/ui/ChangeUsernameActivity.java, line(s) 85,103,491,506 im/rightkinghts/ui/ChannelAdminLogActivity.java, line(s) 967,1417,2490,2499,2508,2517,2526,2535,2544,2553 im/rightkinghts/ui/ChannelCreateActivity.java, line(s) 757,894,1020,1032 im/rightkinghts/ui/ChatActivity.java, line(s) 9965,10001,850,876,905,925,1224,3645,3788,5121,5330,6969,7296,7417,8290,8657,10078,10860,10899,11355,11707,11883,11889,12898,12950,12965,14614,14678,14899,14908,14917,14926,14935,14944,14953,14962 im/rightkinghts/ui/ChatEditActivity.java, line(s) 409 im/rightkinghts/ui/ChatEditTypeActivity.java, line(s) 437,451,483 im/rightkinghts/ui/ChatRightsEditActivity.java, line(s) 611,638 im/rightkinghts/ui/ChatUsersActivity.java, line(s) 2173 im/rightkinghts/ui/ContactAddActivity.java, line(s) 179 im/rightkinghts/ui/ContactsActivity.java, line(s) 520,626,708 im/rightkinghts/ui/ContentPreviewViewer.java, line(s) 776,823,858,879,891,986 im/rightkinghts/ui/CountrySelectActivity.java, line(s) 418,429 im/rightkinghts/ui/DialogsActivity.java, line(s) 1909,2781 im/rightkinghts/ui/DocumentSelectActivity.java, line(s) 144,166,505,695 im/rightkinghts/ui/ExternalActionActivity.java, line(s) 591,595,68,388,436 im/rightkinghts/ui/GroupCreateFinalActivity.java, line(s) 148 im/rightkinghts/ui/GroupInviteActivity.java, line(s) 143,158 im/rightkinghts/ui/GroupStickersActivity.java, line(s) 720 im/rightkinghts/ui/IdenticonActivity.java, line(s) 66 im/rightkinghts/ui/IndexActivity.java, line(s) 691,701,730,733 im/rightkinghts/ui/InviteContactsActivity.java, line(s) 568,612,784,810 im/rightkinghts/ui/LanguageSelectActivity.java, line(s) 271,282 im/rightkinghts/ui/LaunchActivity.java, line(s) 539,594,601,750,846,888,2408,2643,3144,3178,3276,3280,230,504,555,1286,1439,1447,1498,1625,1722,1740,1757,1778,1806,1862,1900,2018,2047,2057,2280,2401,2505,2513,2747,2756,3007,3210,3400,3468 im/rightkinghts/ui/LaunchAgDialogActivity.java, line(s) 38 im/rightkinghts/ui/LocationActivity.java, line(s) 213,269,798,977,1088,1138,1183,1196,1398,1481,1538,1555,1564 im/rightkinghts/ui/LoginActivity.java, line(s) 370,427,728,1134,1144,1344,2047,2170,4058 im/rightkinghts/ui/Media1Activity.java, line(s) 2205 im/rightkinghts/ui/MediaActivity.java, line(s) 2244 im/rightkinghts/ui/NewContactActivity.java, line(s) 456,470,583 im/rightkinghts/ui/NotificationsCustomSettingsActivity.java, line(s) 352 im/rightkinghts/ui/NotificationsSettingsActivity.java, line(s) 357 im/rightkinghts/ui/PasscodeActivity.java, line(s) 495,605 im/rightkinghts/ui/PassportActivity.java, line(s) 1061,2807,3285,3573,3676,4603,6799,6865,7048,7119,7278,8011,8129 im/rightkinghts/ui/PeopleNearbyActivity.java, line(s) 436,363,571 im/rightkinghts/ui/PhoneBookSelectActivity.java, line(s) 224 im/rightkinghts/ui/PhonebookShareActivity.java, line(s) 519,575,623 im/rightkinghts/ui/PhotoCropActivity.java, line(s) 347,411,334,339,353 im/rightkinghts/ui/PhotoViewer.java, line(s) 1369,4910,9557,9564,9572,9578,449,647,1923,2558,2571,2889,3106,3748,3806,3835,3893,3921,4333,4340,4562,4584,4678,4737,4750,4997,5004,6636,7388,7852,7889,7969,8199,8291,9584 im/rightkinghts/ui/PopupNotificationActivity.java, line(s) 526,1288 im/rightkinghts/ui/PrivacyControlActivity.java, line(s) 114,715 im/rightkinghts/ui/PrivacySettingsActivity.java, line(s) 441,520 im/rightkinghts/ui/ProfileActivity.java, line(s) 350,834,852,1646,1660,1672,1700,2802 im/rightkinghts/ui/ProfileNotificationsActivity.java, line(s) 506,531 im/rightkinghts/ui/SecretMediaViewer.java, line(s) 509,515,557,605,885,1015,1248 im/rightkinghts/ui/SessionsActivity.java, line(s) 367,393 im/rightkinghts/ui/SettingsActivity.java, line(s) 2793 im/rightkinghts/ui/ShareActivity.java, line(s) 76,97 im/rightkinghts/ui/StickersActivity.java, line(s) 407,419,515 im/rightkinghts/ui/TestActivity.java, line(s) 34 im/rightkinghts/ui/ThemeActivity.java, line(s) 1033,1045,1131,1136,1177,1511,1514,1524,1551 im/rightkinghts/ui/ThemeSetUrlActivity.java, line(s) 100,118,451,466,694,705 im/rightkinghts/ui/TwoStepVerificationActivity.java, line(s) 168,1022 im/rightkinghts/ui/VoIPActivity.java, line(s) 221 im/rightkinghts/ui/WallpaperActivity.java, line(s) 457,466,487,511,530,547 im/rightkinghts/ui/WebviewActivity.java, line(s) 91,189,305,316,507,524 im/rightkinghts/ui/actionbar/ActionBarLayout.java, line(s) 181,1470,1661,2268 im/rightkinghts/ui/actionbar/ActionBarPopupWindow.java, line(s) 101,320,382 im/rightkinghts/ui/actionbar/AlertDialog.java, line(s) 899 im/rightkinghts/ui/actionbar/BaseFragment.java, line(s) 134,146,174,189,289,324,415,434,488,502 im/rightkinghts/ui/actionbar/BottomSheet.java, line(s) 617,1042,1105,1122 im/rightkinghts/ui/actionbar/DrawerLayoutContainer.java, line(s) 318 im/rightkinghts/ui/actionbar/Theme.java, line(s) 2991,3033,1162,1218,1226,2121,2185,2746,2753,2805,3294,3315,3328,3450,3462,4644,4651,4660,4667 im/rightkinghts/ui/actionbar/ThemeDescription.java, line(s) 710 im/rightkinghts/ui/actionbar/XAlertDialog.java, line(s) 939,992 im/rightkinghts/ui/adapters/BaseLocationAdapter.java, line(s) 61,83 im/rightkinghts/ui/adapters/ContactsAdapter.java, line(s) 98 im/rightkinghts/ui/adapters/DialogsAdapter.java, line(s) 260 im/rightkinghts/ui/adapters/DialogsSearchAdapter.java, line(s) 355,399,419 im/rightkinghts/ui/adapters/PhonebookSearchAdapter.java, line(s) 37,53 im/rightkinghts/ui/adapters/SearchAdapter.java, line(s) 86,106 im/rightkinghts/ui/adapters/SearchAdapterHelper.java, line(s) 360,484,486,507,570 im/rightkinghts/ui/bottom/BottomBarLayout.java, line(s) 166 im/rightkinghts/ui/cell/FmtDialogCell.java, line(s) 362 im/rightkinghts/ui/cells/AboutLinkCell.java, line(s) 120,130,147,195 im/rightkinghts/ui/cells/ArchiveHintCell.java, line(s) 49,53 im/rightkinghts/ui/cells/AudioPlayerCell.java, line(s) 67,75 im/rightkinghts/ui/cells/BotHelpCell.java, line(s) 101,134,144,161 im/rightkinghts/ui/cells/ChatActionCell.java, line(s) 331,336 im/rightkinghts/ui/cells/ChatMessageCell.java, line(s) 2368,2467,2502,3303,3964,3974,5608,2931 im/rightkinghts/ui/cells/DialogCell.java, line(s) 357 im/rightkinghts/ui/cells/DialogMeUrlCell.java, line(s) 119 im/rightkinghts/ui/cells/DrawerActionCell.java, line(s) 53 im/rightkinghts/ui/cells/DrawerProfileCell.java, line(s) 109,155 im/rightkinghts/ui/cells/PopMenuCell.java, line(s) 47 im/rightkinghts/ui/cells/SharedAudioCell.java, line(s) 75,80 im/rightkinghts/ui/cells/SharedLinkCell.java, line(s) 230,242 im/rightkinghts/ui/cells/ThemesHorizontalListCell.java, line(s) 624,633,639,728 im/rightkinghts/ui/components/AlertsCreator.java, line(s) 1027,1080,1095 im/rightkinghts/ui/components/AnimatedFileDrawable.java, line(s) 193,224 im/rightkinghts/ui/components/AudioPlayerAlert.java, line(s) 861,1305,1320 im/rightkinghts/ui/components/AvatarDrawable.java, line(s) 219 im/rightkinghts/ui/components/BlockingUpdateView.java, line(s) 252,274,278 im/rightkinghts/ui/components/ChatActivityEnterView.java, line(s) 1605,1643,2604,3707,3753,3935,4082,4097,4111,4125,4148,4158,4212,4700 im/rightkinghts/ui/components/ChatAttachAlert.java, line(s) 1897 im/rightkinghts/ui/components/ChatAvatarContainer.java, line(s) 280 im/rightkinghts/ui/components/ClippingImageView.java, line(s) 75,151 im/rightkinghts/ui/components/EditTextBoldCursor.java, line(s) 178,314,571,579 im/rightkinghts/ui/components/EditTextCaption.java, line(s) 323,345,405 im/rightkinghts/ui/components/EditTextEmoji.java, line(s) 88,489 im/rightkinghts/ui/components/EmbedBottomSheet.java, line(s) 199,303,318,344,372,418,496,503,685,694,713,823,842,920 im/rightkinghts/ui/components/EmojiView.java, line(s) 589,1467,3449 im/rightkinghts/ui/components/EmojiViewV2.java, line(s) 589,1466,3433 im/rightkinghts/ui/components/ForegroundDetector.java, line(s) 53,86,61,94 im/rightkinghts/ui/components/ImageUpdater.java, line(s) 271,301,324,346 im/rightkinghts/ui/components/InstantCameraView.java, line(s) 488,496,502,878,897,919,1053,1298,1321,1568,1617,1624,1628,1637,1649,1689,1769,2015,448,937,952,983,995,1061,1069,1079,1092,1103,1140,1162,1168,1174,1183,1235,1391,1396,1404,1665,1722,1734,1851,1860,1870,1878,1952,2088 im/rightkinghts/ui/components/LetterDrawable.java, line(s) 60 im/rightkinghts/ui/components/PasscodeView.java, line(s) 139,254,928,937,951,1002,1030,1049 im/rightkinghts/ui/components/PhotoFilterView.java, line(s) 401,418,433,441,451,464,729,735,744,945 im/rightkinghts/ui/components/PhotoPaintView.java, line(s) 438,1268,1275,1302 im/rightkinghts/ui/components/PhotoViewerCaptionEnterView.java, line(s) 112,326,360,426,540,570,584,613,694,707 im/rightkinghts/ui/components/PipRoundVideoView.java, line(s) 255 im/rightkinghts/ui/components/PipVideoView.java, line(s) 406 im/rightkinghts/ui/components/RLottieDrawable.java, line(s) 215,339,415 im/rightkinghts/ui/components/RadioButton.java, line(s) 60,159 im/rightkinghts/ui/components/RecyclerListView.java, line(s) 594,806,819,1497,1505 im/rightkinghts/ui/components/ShareAlert.java, line(s) 944 im/rightkinghts/ui/components/SpannableStringLight.java, line(s) 24,41,58 im/rightkinghts/ui/components/StaticLayoutEx.java, line(s) 58,122,155,161,172,177,182,216,249,257 im/rightkinghts/ui/components/StickersAlert.java, line(s) 115,815,851,930 im/rightkinghts/ui/components/TermsOfServiceView.java, line(s) 167 im/rightkinghts/ui/components/ThemeEditorView.java, line(s) 98,106,1161,1407,1612 im/rightkinghts/ui/components/TimerDrawable.java, line(s) 78 im/rightkinghts/ui/components/VideoTimelinePlayView.java, line(s) 300,357,385 im/rightkinghts/ui/components/VideoTimelineView.java, line(s) 230,287,315 im/rightkinghts/ui/components/WallpaperUpdater.java, line(s) 84,100,125,151,182,185,197,213 im/rightkinghts/ui/components/WebPlayerView.java, line(s) 463,384,443,519,578,633,696,763,1183,1444,1492,1852,1864,1877,1891,1905,1919,1933 im/rightkinghts/ui/components/compress/Luban.java, line(s) 86,85 im/rightkinghts/ui/components/paint/RenderView.java, line(s) 307,315,325,338,349,359,378,498 im/rightkinghts/ui/components/paint/Shader.java, line(s) 20,28,82,92 im/rightkinghts/ui/components/paint/Slice.java, line(s) 23,54 im/rightkinghts/ui/components/paint/Utils.java, line(s) 12 im/rightkinghts/ui/components/toast/ToastUtils.java, line(s) 78 im/rightkinghts/ui/components/voip/CallSwipeView.java, line(s) 94 im/rightkinghts/ui/components/voip/DarkTheme.java, line(s) 2380 im/rightkinghts/ui/components/voip/VoIPHelper.java, line(s) 154,571 im/rightkinghts/ui/dialogs/McShareDialog.java, line(s) 198 im/rightkinghts/ui/fragments/BaseFmts.java, line(s) 213,268,282,304 im/rightkinghts/ui/fragments/CallRecordsFragment.java, line(s) 594,195 im/rightkinghts/ui/fragments/ContactsFragment.java, line(s) 609 im/rightkinghts/ui/fragments/DialogsFragment.java, line(s) 490,505,1698 im/rightkinghts/ui/fragments/DiscoveryFragment.java, line(s) 145,294 im/rightkinghts/ui/fragments/MeFragmentV2.java, line(s) 490,984,1043,1058 im/rightkinghts/ui/fragments/TabWebFragment.java, line(s) 133 im/rightkinghts/ui/fragments/adapter/FmtContactsAdapter.java, line(s) 143 im/rightkinghts/ui/hui/CameraViewActivity.java, line(s) 1771 im/rightkinghts/ui/hui/CharacterParser.java, line(s) 30 im/rightkinghts/ui/hui/WebViewAppCompatActivity.java, line(s) 101,212 im/rightkinghts/ui/hui/adapter/AddNewCallAdapter.java, line(s) 77 im/rightkinghts/ui/hui/adapter/CreateGroupAdapter.java, line(s) 95 im/rightkinghts/ui/hui/adapter/CreateSecureAdapter.java, line(s) 81 im/rightkinghts/ui/hui/adapter/MyDialogsAdapter.java, line(s) 240 im/rightkinghts/ui/hui/adapter/NewChatAdapter.java, line(s) 86 im/rightkinghts/ui/hui/adapter/SelectContactsAdapter.java, line(s) 85 im/rightkinghts/ui/hui/adapter/StartChatAdapter.java, line(s) 86 im/rightkinghts/ui/hui/adapter/grouping/AddGroupingUserAdapter.java, line(s) 84 im/rightkinghts/ui/hui/adapter/pageAdapter/PageSelectionAdapter.java, line(s) 78 im/rightkinghts/ui/hui/adapter/pageAdapter/PageStickerAdapter.java, line(s) 110 im/rightkinghts/ui/hui/chats/CreateGroupFinalActivity.java, line(s) 154 im/rightkinghts/ui/hui/chats/GroupShareActivity.java, line(s) 215 im/rightkinghts/ui/hui/chats/MryDialogsActivity.java, line(s) 1741,2580 im/rightkinghts/ui/hui/chats/NewChatActivity.java, line(s) 403 im/rightkinghts/ui/hui/chats/ProfileGroupActivity.java, line(s) 361,844,862,1058,1613,1627,1639,1667,2799 im/rightkinghts/ui/hui/chats/StartChatActivity.java, line(s) 347 im/rightkinghts/ui/hui/contacts/AddContactsActivity.java, line(s) 193 im/rightkinghts/ui/hui/contacts/PhonebookUsersActivity.java, line(s) 539 im/rightkinghts/ui/hui/discovery/ActionIntroActivity.java, line(s) 381,428,463,509 im/rightkinghts/ui/hui/discovery/NearPersonAndGroupActivity.java, line(s) 483,487,492,495,502,556,419,647 im/rightkinghts/ui/hui/discovery/QrScanActivity.java, line(s) 324,350 im/rightkinghts/ui/hui/discoveryweb/DiscoveryJumpPausedFloatingView.java, line(s) 255,527 im/rightkinghts/ui/hui/discoveryweb/DiscoveryJumpToPage.java, line(s) 111,138,547,581,751 im/rightkinghts/ui/hui/friendscircle/fcHelper/OKHttpStreamFetcher.java, line(s) 43,42 im/rightkinghts/ui/hui/friendscircle/okhttphelper/AESHelper.java, line(s) 62,75 im/rightkinghts/ui/hui/friendscircle/okhttphelper/MD5Utils.java, line(s) 22,89,93,94 im/rightkinghts/ui/hui/friendscircle/okhttphelper/OkHttpStringCallBack.java, line(s) 69,61,70 im/rightkinghts/ui/hui/friendscircle_v1/adapter/FcDetailAdapter.java, line(s) 187 im/rightkinghts/ui/hui/friendscircle_v1/adapter/FcHomeAdapter.java, line(s) 179,690 im/rightkinghts/ui/hui/friendscircle_v1/adapter/UserFcListAdapter.java, line(s) 165 im/rightkinghts/ui/hui/friendscircle_v1/base/BaseFcActivity.java, line(s) 295,366,473,208,222,245,330,351,496 im/rightkinghts/ui/hui/friendscircle_v1/base/BaseFcFragment.java, line(s) 378,448,555,250,264,286,413,433,578 im/rightkinghts/ui/hui/friendscircle_v1/base/CommFcListActivity.java, line(s) 161 im/rightkinghts/ui/hui/friendscircle_v1/base/CommFcListFragment.java, line(s) 165,169,180 im/rightkinghts/ui/hui/friendscircle_v1/fragments/FcFollowFragment.java, line(s) 323,909 im/rightkinghts/ui/hui/friendscircle_v1/fragments/FcHomeFragment.java, line(s) 238,790,842 im/rightkinghts/ui/hui/friendscircle_v1/fragments/FcRecommendFragment.java, line(s) 233,764,816 im/rightkinghts/ui/hui/friendscircle_v1/helper/FcDBHelper.java, line(s) 150,156,165,167 im/rightkinghts/ui/hui/friendscircle_v1/player/logger/ExoPlayerLogger.java, line(s) 89,93,111,114,127,134,151,156,173,176,182,190,198,216,221,225,227,231,233,237,241,245,249,253,257,261,265,269,273,287,291,295,311,314,317,320,323,326,329,332,103,303 im/rightkinghts/ui/hui/friendscircle_v1/player/player/AbsBaseVideoPlayer.java, line(s) 36,47,54,63,70,78,90 im/rightkinghts/ui/hui/friendscircle_v1/player/player/VideoPlayerManager.java, line(s) 385 im/rightkinghts/ui/hui/friendscircle_v1/player/utils/Utils.java, line(s) 112,116 im/rightkinghts/ui/hui/friendscircle_v1/ui/FcPageDetailActivity.java, line(s) 148,192,325,344,848 im/rightkinghts/ui/hui/friendscircle_v1/ui/FcPageMineActivity.java, line(s) 958,1007 im/rightkinghts/ui/hui/friendscircle_v1/ui/FcPageOthersActivity.java, line(s) 1024 im/rightkinghts/ui/hui/friendscircle_v1/ui/FcPublishActivity.java, line(s) 744,998,1441,894,1444,1454 im/rightkinghts/ui/hui/friendscircle_v1/ui/FcTopicMainActivity.java, line(s) 836,885 im/rightkinghts/ui/hui/friendscircle_v1/ui/ImagePreSelectorActivity.java, line(s) 1612 im/rightkinghts/ui/hui/friendscircle_v1/ui/ImagePreviewActivity.java, line(s) 1324,9046,9053,9061,9067,542,740,1872,2519,2532,2831,3040,3749,3805,3834,3894,3922,4337,4344,4549,4571,4665,4722,4735,6318,7021,7396,7433,7692,7779,9073 im/rightkinghts/ui/hui/friendscircle_v1/ui/ImageSelectorActivity.java, line(s) 2092 im/rightkinghts/ui/hui/friendscircle_v1/utils/KeyboardUtils.java, line(s) 48,191,198,238,169,207,224 im/rightkinghts/ui/hui/friendscircle_v1/utils/StatusBarHeightUtil.java, line(s) 21 im/rightkinghts/ui/hui/friendscircle_v1/utils/ViewUtil.java, line(s) 18 im/rightkinghts/ui/hui/friendscircle_v1/view/FCIndexBar.java, line(s) 117 im/rightkinghts/ui/hui/friendscircle_v1/view/FcChildReplyListDialog.java, line(s) 207 im/rightkinghts/ui/hui/friendscircle_v1/view/FcDoReplyDialog.java, line(s) 185,392 im/rightkinghts/ui/hui/friendscircle_v1/view/flowLayout/TagAdapter.java, line(s) 84,88 im/rightkinghts/ui/hui/friendscircle_v1/view/flowLayout/TagFlowLayout.java, line(s) 121 im/rightkinghts/ui/hui/friendscircle_v1/view/panel/KPSwitchRootLayoutHandler.java, line(s) 35,46,50,56,60 im/rightkinghts/ui/hui/friendscircle_v1/view/richtext/TextCommonUtils.java, line(s) 246,274,280 im/rightkinghts/ui/hui/friendscircle_v1/view/toast/FcToastUtils.java, line(s) 83 im/rightkinghts/ui/hui/login/ChangePersonalInformationActivity.java, line(s) 542,519 im/rightkinghts/ui/hui/login/HloginActivity.java, line(s) 368,425,708,1149,1164,1409,2149,2271,4143 im/rightkinghts/ui/hui/login/LoginPasswordContronllerActivity.java, line(s) 181 im/rightkinghts/ui/hui/mine/AboutAppActivity.java, line(s) 212,297,349,364 im/rightkinghts/ui/hui/mine/DataUsageActivity.java, line(s) 355 im/rightkinghts/ui/hui/mine/MryLanguageSelectActivity.java, line(s) 271,282 im/rightkinghts/ui/hui/mine/MrySessionsActivity.java, line(s) 739,764 im/rightkinghts/ui/hui/mine/MryThemeActivity.java, line(s) 1012,1045,1057,1143,1148,1189,1523,1526,1536,1563 im/rightkinghts/ui/hui/mine/PrivacyAndSafeActivity.java, line(s) 285 im/rightkinghts/ui/hui/mine/QrCodeActivity.java, line(s) 354 im/rightkinghts/ui/hui/packet/RedpktGroupSendActivity.java, line(s) 784,1028,1201,1257,1272 im/rightkinghts/ui/hui/packet/RedpktSendActivity.java, line(s) 469,676,876,932,947 im/rightkinghts/ui/hui/packet/pop/RedPacketViewHolder.java, line(s) 232,237,242 im/rightkinghts/ui/hui/transfer/TransferSendActivity.java, line(s) 461,709,920,972,987 im/rightkinghts/ui/hui/transfer/TransferStatusActivity.java, line(s) 324,504 im/rightkinghts/ui/hui/views/SilderRelativeLayout.java, line(s) 93,103 im/rightkinghts/ui/hui/visualcall/AVideoCallInterface.java, line(s) 75,94,109,120,165,184,189,208 im/rightkinghts/ui/hui/visualcall/BaseCallActivity.java, line(s) 230,266,362,424,426,158,219,334 im/rightkinghts/ui/hui/visualcall/FlowService.java, line(s) 260,208 im/rightkinghts/ui/hui/visualcall/PermissionUtils.java, line(s) 66,71,89,93,113,116,136,155,166,203,217,225,77,230,52,60,62,176,178,181,215,82,172 im/rightkinghts/ui/hui/visualcall/RingUtils.java, line(s) 169,65 im/rightkinghts/ui/hui/visualcall/ThreadUtils.java, line(s) 53 im/rightkinghts/ui/hui/visualcall/VisualCallActivity.java, line(s) 311,315,379,410,467,713,819,910,932,959,964,1079,1106,1274,1306,1350,1352,1379,1414,1418,1444,1448,1457,1481,1485,1530,1761,654,1069,1504,793,797 im/rightkinghts/ui/hui/visualcall/VisualCallReceiveActivity.java, line(s) 467,507,589,628,756,862,1017,1046,1097,1101,1201 im/rightkinghts/ui/hui/visualcall/VisualCallReceiveService.java, line(s) 51 im/rightkinghts/ui/hviews/MryCheckBox.java, line(s) 96 im/rightkinghts/ui/hviews/MyScrollView.java, line(s) 479,545 im/rightkinghts/ui/hviews/PasswordEditText.java, line(s) 138,291 im/rightkinghts/ui/hviews/dialogs/XDialog.java, line(s) 672 im/rightkinghts/ui/hviews/dragView/DragCallBack.java, line(s) 235 im/rightkinghts/ui/hviews/dragView/DragHelperFrameLayout.java, line(s) 169 im/rightkinghts/ui/hviews/helper/MryDeviceHelper.java, line(s) 44,53 im/rightkinghts/ui/hviews/helper/MryDrawableHelper.java, line(s) 158 im/rightkinghts/ui/hviews/helper/MryNotchHelper.java, line(s) 48,64,67,368,370,372,45,61 im/rightkinghts/ui/hviews/page/PagerConfig.java, line(s) 43,37 im/rightkinghts/ui/hviews/page/PagerGridLayoutManager.java, line(s) 475,479,513,517 im/rightkinghts/ui/hviews/pop/BasePopup.java, line(s) 151,155 im/rightkinghts/ui/hviews/slidemenu/SwipeLayout.java, line(s) 800,805 im/rightkinghts/ui/hviews/swipelist/reservation/TopWrappedDividerItemDecoration.java, line(s) 28 im/rightkinghts/ui/load/animation/SpriteAnimatorBuilder.java, line(s) 145 im/rightkinghts/ui/newcall/NewCallActivity.java, line(s) 320 im/rightkinghts/ui/settings/CacheControlSettingActivity.java, line(s) 194 im/rightkinghts/ui/settings/NoticeAndSoundSettingActivity.java, line(s) 265,326,387 im/rightkinghts/ui/utils/AppUpdater.java, line(s) 85,147,160 im/rightkinghts/ui/utils/ChatActionBarHelper.java, line(s) 294 im/rightkinghts/ui/utils/DownloadUtils.java, line(s) 186,219 im/rightkinghts/ui/utils/OpenInstallUitl.java, line(s) 62,92 im/rightkinghts/ui/utils/QrCodeParseUtil.java, line(s) 141,156,202,239 im/rightkinghts/ui/utils/ThirdPartSdkInitUtil.java, line(s) 42,77,108,105 im/rightkinghts/ui/utils/number/MoneyUtil.java, line(s) 147 im/rightkinghts/ui/utils/picture/PictureUtil.java, line(s) 73 im/rightkinghts/ui/utils/translate/DecodeEngine.java, line(s) 114,118,134,141,169,173,267,289,297,315,323,378,382,417,445 im/rightkinghts/ui/utils/translate/ssrc/SSRC.java, line(s) 58,276,277,278,279,280,281,282,283,284,285,286,287,288,289,290,291,292,293,294,295,296,297,325,329,332,553,567,650,715,716,717,718,735,737,739,811,953,1142,1146,1190,1284,1285,1286,1287,1301,1303,1305,1354,1360 im/rightkinghts/ui/utils/translate/utils/AudioFileUtils.java, line(s) 33,36,57,112,114,135,151 im/rightkinghts/ui/wallet/WalletRechargeH5Activity.java, line(s) 131,211 im/rightkinghts/ui/wallet/WalletWithdrawActivity.java, line(s) 303,355,370 im/rightkinghts/ui/wallet/WalletWithdrawAddNewAccountActivity.java, line(s) 428,435,615,641,697 im/rightkinghts/ui/wallet/model/BankCardListResBean.java, line(s) 83 im/rightkinghts/ui/wallet/model/BillRecordDetailBean.java, line(s) 90 im/rightkinghts/ui/wallet/model/BillRecordResBillListBean.java, line(s) 212 im/rightkinghts/ui/wallet/model/WalletPaymentBankCardBean.java, line(s) 77,89 im/rightkinghts/ui/wallet/model/WalletWithdrawTemplateBean.java, line(s) 69 org/greenrobot/eventbus/Logger.java, line(s) 85,90 org/greenrobot/eventbus/util/ErrorDialogConfig.java, line(s) 34 org/greenrobot/eventbus/util/ErrorDialogManager.java, line(s) 185 org/greenrobot/eventbus/util/ExceptionToResourceMapping.java, line(s) 25 org/webrtc/ali/AliHardwareAudioEncoder.java, line(s) 113,126,175,67 org/webrtc/ali/USBAudioDevice.java, line(s) 67 org/webrtc/alirtcInterface/ALI_RTC_INTERFACE_IMPL.java, line(s) 401,692,712,718,733,739,1269,289,294,304,343,348,353,358,363,368,373,378,383,388,336 org/webrtc/alirtcInterface/SophonEngine.java, line(s) 275 org/webrtc/alirtcInterface/SophonEngineImpl.java, line(s) 82,222,247,256,266,321,333,430,439,449,509,671,99,102,104,197,299,83,122,300,410,414,1211 org/webrtc/audio/AppRTCAudioManager.java, line(s) 257,271,304,346,389,398,94,99,109,112,178,190,201,213,242,254,260,269,292,296,318,328,332,349,391,500,501,531,551,557 org/webrtc/audio/AppRTCBluetoothManager.java, line(s) 61,64,72,78,94,109,113,121,123,127,132,137,142,159,190,191,193,199,214,219,228,234,240,248,255,260,264,266,298,301,303,310,316,322,331,341,344,355,178,183,221,225,118,161,165,174,348 org/webrtc/audio/AppRTCProximitySensor.java, line(s) 26,33,43,71,74,81,126,61 org/webrtc/sdk/SophonSurfaceView.java, line(s) 58,68,77,34 org/webrtc/utils/AppRTCUtils.java, line(s) 21 org/webrtc/utils/CpuMonitor.java, line(s) 103,114,121,128,167,240,181,186,188,303,338,365,371,374,377 org/webrtc/utils/MemoryMonitor.java, line(s) 33,40,63,69 org/webrtc/utils/NetworkMonitor.java, line(s) 49,55 pub/devrel/easypermissions/EasyPermissions.java, line(s) 138,140,34 pub/devrel/easypermissions/helper/ActivityPermissionHelper.java, line(s) 38 pub/devrel/easypermissions/helper/BaseSupportPermissionsHelper.java, line(s) 22
安全提示信息 此应用程序将数据复制到剪贴板。敏感数据不应复制到剪贴板,因为其他应用程序可以访问它
此应用程序将数据复制到剪贴板。敏感数据不应复制到剪贴板,因为其他应用程序可以访问它 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x04b-Mobile-App-Security-Testing.md#clipboard Files: com/base/module/log_dialog/LogDialog.java, line(s) 4,74 com/base/utils/AndroidUtils.java, line(s) 5,112 im/rightkinghts/messenger/AndroidUtilities.java, line(s) 8,1183 im/rightkinghts/ui/ChangeUsernameActivity.java, line(s) 4,82 im/rightkinghts/ui/ChannelCreateActivity.java, line(s) 8,754 im/rightkinghts/ui/ChatActivity.java, line(s) 11,11700 im/rightkinghts/ui/ChatEditTypeActivity.java, line(s) 4,434,448 im/rightkinghts/ui/GroupInviteActivity.java, line(s) 4,139 im/rightkinghts/ui/PhonebookShareActivity.java, line(s) 4,572,612 im/rightkinghts/ui/ProfileActivity.java, line(s) 11,1643,1668 im/rightkinghts/ui/StickersActivity.java, line(s) 5,415 im/rightkinghts/ui/ThemeSetUrlActivity.java, line(s) 4,97 im/rightkinghts/ui/components/EmbedBottomSheet.java, line(s) 9,821 im/rightkinghts/ui/components/ShareAlert.java, line(s) 8,937 im/rightkinghts/ui/dialogs/McShareDialog.java, line(s) 5,234 im/rightkinghts/ui/hui/chats/ProfileGroupActivity.java, line(s) 11,1610,1635 im/rightkinghts/ui/hui/discovery/QrScanResultActivity.java, line(s) 4,67 im/rightkinghts/ui/hui/packet/BillDetailsActivity.java, line(s) 4,313
安全提示信息 应用程序可以写入应用程序目录。敏感信息应加密
应用程序可以写入应用程序目录。敏感信息应加密 Files: com/alivc/rtc/device/core/persistent/TransactionXMLFile.java, line(s) 17
安全提示信息 应用与Firebase数据库通信
该应用与位于 https://rightkinghts-48b0d.firebaseio.com 的 Firebase 数据库进行通信
已通过安全项 此应用程序可能具有Root检测功能
此应用程序可能具有Root检测功能 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x05j-Testing-Resiliency-Against-Reverse-Engineering.md#testing-root-detection-mstg-resilience-1 Files: com/base/utils/DeviceUtils.java, line(s) 49
已通过安全项 此应用程序使用SSL Pinning 来检测或防止安全通信通道中的MITM攻击
此应用程序使用SSL Pinning 来检测或防止安全通信通道中的MITM攻击 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x05g-Testing-Network-Communication.md#testing-custom-certificate-stores-and-certificate-pinning-mstg-network-4 Files: com/bjz/comm/net/factory/ApiFactory.java, line(s) 50,50 com/bjz/comm/net/factory/ApiGameFactory.java, line(s) 48,48 com/bjz/comm/net/factory/ApiHuanHuiFactory.java, line(s) 41,41 com/bjz/comm/net/factory/ApiMPFactory.java, line(s) 46,46 com/bjz/comm/net/factory/ApiTranslateAudioFactory.java, line(s) 40,40 com/zhy/http/okhttp/https/HttpsUtils.java, line(s) 110,174,42,109,135,173,98,108,108,172,172
已通过安全项 Firebase远程配置已禁用
Firebase远程配置URL ( https://firebaseremoteconfig.googleapis.com/v1/projects/194512522065/namespaces/firebase:fetch?key=AIzaSyC6uk1nvjb5BYzqEzgaWy_iTryf5373Nyw ) 已禁用。响应内容如下所示:
{
"state": "NO_TEMPLATE"
}
重点安全关注 应用程序可能与位于OFAC制裁国家 (中国) 的服务器 (chatlink.mstatik.com) 通信。
{'ip': '159.226.242.43', 'country_short': 'CN', 'country_long': '中国', 'region': '江苏', 'city': '常州', 'latitude': '31.783331', 'longitude': '119.966667'}
重点安全关注 应用程序可能与位于OFAC制裁国家 (中国) 的服务器 (www.ntsc.ac.cn) 通信。
{'ip': '159.226.242.43', 'country_short': 'CN', 'country_long': '中国', 'region': '北京', 'city': '北京', 'latitude': '39.907501', 'longitude': '116.397102'}
重点安全关注 应用程序可能与位于OFAC制裁国家 (中国) 的服务器 (translations.m12345.cc) 通信。
{'ip': '159.226.242.43', 'country_short': 'CN', 'country_long': '中国', 'region': '江苏', 'city': '无锡', 'latitude': '31.569349', 'longitude': '120.288788'}
重点安全关注 应用程序可能与位于OFAC制裁国家 (中国) 的服务器 (impyq.gz.bcebos.com) 通信。
{'ip': '121.228.183.252', 'country_short': 'CN', 'country_long': '中国', 'region': '江苏', 'city': '苏州', 'latitude': '31.311365', 'longitude': '120.617691'}