安全分析报告:
安全分数
安全分数 44/100
风险评级
等级
- A
- B
- C
- F
严重性分布 (%)
隐私风险
3
用户/设备跟踪器
调研结果
高危
9
中危
46
信息
2
安全
2
关注
24
高危 该文件是World Readable。任何应用程序都可以读取文件
该文件是World Readable。任何应用程序都可以读取文件 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x05d-Testing-Data-Storage.md#testing-local-storage-for-sensitive-data-mstg-storage-1-and-mstg-storage-2 Files: p/a/y/e/a/s/e/net/bg2.java, line(s) 111
高危 SSL的不安全实现。信任所有证书或接受自签名证书是一个关键的安全漏洞。此应用程序易受MITM攻击
SSL的不安全实现。信任所有证书或接受自签名证书是一个关键的安全漏洞。此应用程序易受MITM攻击 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x05g-Testing-Network-Communication.md#android-network-apis Files: com/alipay/android/phone/mrpc/core/b.java, line(s) 108,13,3 p/a/y/e/a/s/e/net/bd2.java, line(s) 9,10,11,4
高危 应用程序使用带PKCS5/PKCS7填充的加密模式CBC。此配置容易受到填充oracle攻击。
应用程序使用带PKCS5/PKCS7填充的加密模式CBC。此配置容易受到填充oracle攻击。 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x04g-Testing-Cryptography.md#identifying-insecure-andor-deprecated-cryptographic-algorithms-mstg-crypto-4 Files: com/ehking/sdk/wepay/utlis/AESHelper.java, line(s) 188 com/ta/utdid2/a/a/a.java, line(s) 35,42 p/a/y/e/a/s/e/net/do2.java, line(s) 13 p/a/y/e/a/s/e/net/f30.java, line(s) 43,93 p/a/y/e/a/s/e/net/fe1.java, line(s) 26,62 p/a/y/e/a/s/e/net/p4.java, line(s) 43,80 p/a/y/e/a/s/e/net/rd1.java, line(s) 39 p/a/y/e/a/s/e/net/vc2.java, line(s) 23
高危 使用弱加密算法
使用弱加密算法 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x04g-Testing-Cryptography.md#identifying-insecure-andor-deprecated-cryptographic-algorithms-mstg-crypto-4 Files: p/a/y/e/a/s/e/net/vc2.java, line(s) 23 p/a/y/e/a/s/e/net/zc1.java, line(s) 12,23
高危 不安全的Web视图实现。Web视图忽略SSL证书错误并接受任何SSL证书。此应用程序易受MITM攻击
不安全的Web视图实现。Web视图忽略SSL证书错误并接受任何SSL证书。此应用程序易受MITM攻击 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x05g-Testing-Network-Communication.md#webview-server-certificate-verification Files: com/getmessage/module_base/web/WebViewHelper.java, line(s) 315,310 com/getmessage/module_base/web/x5WebViewHelper.java, line(s) 309,304 p/a/y/e/a/s/e/net/za2.java, line(s) 142,216
高危 WebView域控制不严格漏洞
WebView域控制不严格漏洞 Files: com/getmessage/module_base/web/WebViewHelper.java, line(s) 262,251,252,253,254,255,256,257,258,259,260,261,262,263,290,291,294,314 com/getmessage/module_base/web/x5WebViewHelper.java, line(s) 256,245,246,247,248,249,250,251,252,253,254,255,256,257,284,285,288,308
高危 该文件是World Writable。任何应用程序都可以写入文件
该文件是World Writable。任何应用程序都可以写入文件 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x05d-Testing-Data-Storage.md#testing-local-storage-for-sensitive-data-mstg-storage-1-and-mstg-storage-2 Files: p/a/y/e/a/s/e/net/y3.java, line(s) 34,87,94
高危 默认情况下,调用Cipher.getInstance("AES")将返回AES ECB模式。众所周知,ECB模式很弱,因为它导致相同明文块的密文相同
默认情况下,调用Cipher.getInstance("AES")将返回AES ECB模式。众所周知,ECB模式很弱,因为它导致相同明文块的密文相同
https://github.com/MobSF/owasp-mstg/blob/master/Document/0x04g-Testing-Cryptography.md#weak-block-cipher-mode
Files:
com/ehking/crypt/core/java/utils/AesUtil.java, line(s) 50
p/a/y/e/a/s/e/net/e.java, line(s) 31
高危 已启用远程WebView调试
已启用远程WebView调试 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x04c-Tampering-and-Reverse-Engineering.md#debugging-and-tracing Files: com/ehking/sdk/wepay/ui/activity/BindCardWebActivity.java, line(s) 86,12,13
中危 应用程序可以安装在有漏洞的已更新 Android 版本上
Android 5.0-5.0.2, [minSdk=21] 该应用程序可以安装在具有多个未修复漏洞的旧版本 Android 上。这些设备不会从 Google 接收合理的安全更新。支持 Android 版本 => 10、API 29 以接收合理的安全更新。
中危 应用程序数据存在被泄露的风险
未设置[android:allowBackup]标志 这个标志 [android:allowBackup]应该设置为false。默认情况下它被设置为true,允许任何人通过adb备份你的应用程序数据。它允许已经启用了USB调试的用户从设备上复制应用程序数据。
中危 Broadcast Receiver (com.getmessage.module_base.broadReceiver.DateTimeReceiver) 未被保护。
存在一个intent-filter。 发现 Broadcast Receiver与设备上的其他应用程序共享,因此让它可以被设备上的任何其他应用程序访问。intent-filter的存在表明这个Broadcast Receiver是显式导出的。
中危 Broadcast Receiver (com.getmessage.lite.broadReceiver.NoticeReceiver) 未被保护。
存在一个intent-filter。 发现 Broadcast Receiver与设备上的其他应用程序共享,因此让它可以被设备上的任何其他应用程序访问。intent-filter的存在表明这个Broadcast Receiver是显式导出的。
中危 Service (com.getmessage.lite.service.HWPushService) 未被保护。
存在一个intent-filter。 发现 Service与设备上的其他应用程序共享,因此让它可以被设备上的任何其他应用程序访问。intent-filter的存在表明这个Service是显式导出的。
中危 Service (com.getmessage.lite.service.JPUSHService) 未被保护。
存在一个intent-filter。 发现 Service与设备上的其他应用程序共享,因此让它可以被设备上的任何其他应用程序访问。intent-filter的存在表明这个Service是显式导出的。
中危 Service (cn.jpush.android.service.DaemonService) 未被保护。
存在一个intent-filter。 发现 Service与设备上的其他应用程序共享,因此让它可以被设备上的任何其他应用程序访问。intent-filter的存在表明这个Service是显式导出的。
中危 Broadcast Receiver (com.getmessage.lite.broadReceiver.JPUSHReceiver) 未被保护。
存在一个intent-filter。 发现 Broadcast Receiver与设备上的其他应用程序共享,因此让它可以被设备上的任何其他应用程序访问。intent-filter的存在表明这个Broadcast Receiver是显式导出的。
中危 Broadcast Receiver (com.xiaomi.push.service.receivers.NetworkStatusReceiver) 未被保护。
存在一个intent-filter。 发现 Broadcast Receiver与设备上的其他应用程序共享,因此让它可以被设备上的任何其他应用程序访问。intent-filter的存在表明这个Broadcast Receiver是显式导出的。
中危 Broadcast Receiver (com.xiaomi.push.service.receivers.PingReceiver) 未被保护。
存在一个intent-filter。 发现 Broadcast Receiver与设备上的其他应用程序共享,因此让它可以被设备上的任何其他应用程序访问。intent-filter的存在表明这个Broadcast Receiver是显式导出的。
中危 Broadcast Receiver (com.getmessage.lite.broadReceiver.XiaoMiReceiver) 未被保护。
存在一个intent-filter。 发现 Broadcast Receiver与设备上的其他应用程序共享,因此让它可以被设备上的任何其他应用程序访问。intent-filter的存在表明这个Broadcast Receiver是显式导出的。
中危 Service (com.heytap.mcssdk.PushService) 受权限保护, 但是应该检查权限的保护级别。
Permission: com.coloros.mcs.permission.SEND_MCS_MESSAGE [android:exported=true] 发现一个 Service被共享给了设备上的其他应用程序,因此让它可以被设备上的任何其他应用程序访问。它受到一个在分析的应用程序中没有定义的权限的保护。因此,应该在定义它的地方检查权限的保护级别。如果它被设置为普通或危险,一个恶意应用程序可以请求并获得这个权限,并与该组件交互。如果它被设置为签名,只有使用相同证书签名的应用程序才能获得这个权限。
中危 Service (com.heytap.mcssdk.AppPushService) 受权限保护, 但是应该检查权限的保护级别。
Permission: com.heytap.mcs.permission.SEND_MCS_MESSAGE [android:exported=true] 发现一个 Service被共享给了设备上的其他应用程序,因此让它可以被设备上的任何其他应用程序访问。它受到一个在分析的应用程序中没有定义的权限的保护。因此,应该在定义它的地方检查权限的保护级别。如果它被设置为普通或危险,一个恶意应用程序可以请求并获得这个权限,并与该组件交互。如果它被设置为签名,只有使用相同证书签名的应用程序才能获得这个权限。
中危 Broadcast Receiver (com.getmessage.lite.broadReceiver.MeizuPushMsgReceiver) 未被保护。
存在一个intent-filter。 发现 Broadcast Receiver与设备上的其他应用程序共享,因此让它可以被设备上的任何其他应用程序访问。intent-filter的存在表明这个Broadcast Receiver是显式导出的。
中危 Activity (com.tencent.tauth.AuthActivity) 未被保护。
存在一个intent-filter。 发现 Activity与设备上的其他应用程序共享,因此让它可以被设备上的任何其他应用程序访问。intent-filter的存在表明这个Activity是显式导出的。
中危 Activity设置了TaskAffinity属性
(com.im.im.wxapi.WXEntryActivity) 如果设置了 taskAffinity,其他应用程序可能会读取发送到属于另一个任务的 Activity 的 Intent。为了防止其他应用程序读取发送或接收的 Intent 中的敏感信息,请始终使用默认设置,将 affinity 保持为包名
中危 Service (com.blankj.utilcode.util.MessengerUtils$ServerService) 未被保护。
存在一个intent-filter。 发现 Service与设备上的其他应用程序共享,因此让它可以被设备上的任何其他应用程序访问。intent-filter的存在表明这个Service是显式导出的。
中危 Broadcast Receiver (com.huawei.hms.support.api.push.PushMsgReceiver) 受权限保护, 但是应该检查权限的保护级别。
Permission: com.tlzm.shmgsn.wbztv.iaahup.permission.PROCESS_PUSH_MSG [android:exported=true] 发现一个 Broadcast Receiver被共享给了设备上的其他应用程序,因此让它可以被设备上的任何其他应用程序访问。它受到一个在分析的应用程序中没有定义的权限的保护。因此,应该在定义它的地方检查权限的保护级别。如果它被设置为普通或危险,一个恶意应用程序可以请求并获得这个权限,并与该组件交互。如果它被设置为签名,只有使用相同证书签名的应用程序才能获得这个权限。
中危 Broadcast Receiver (com.huawei.hms.support.api.push.PushReceiver) 受权限保护, 但是应该检查权限的保护级别。
Permission: com.tlzm.shmgsn.wbztv.iaahup.permission.PROCESS_PUSH_MSG [android:exported=true] 发现一个 Broadcast Receiver被共享给了设备上的其他应用程序,因此让它可以被设备上的任何其他应用程序访问。它受到一个在分析的应用程序中没有定义的权限的保护。因此,应该在定义它的地方检查权限的保护级别。如果它被设置为普通或危险,一个恶意应用程序可以请求并获得这个权限,并与该组件交互。如果它被设置为签名,只有使用相同证书签名的应用程序才能获得这个权限。
中危 Service (com.huawei.hms.support.api.push.service.HmsMsgService) 未被保护。
存在一个intent-filter。 发现 Service与设备上的其他应用程序共享,因此让它可以被设备上的任何其他应用程序访问。intent-filter的存在表明这个Service是显式导出的。
中危 Activity (cn.jpush.android.ui.PopWinActivity) 未被保护。
存在一个intent-filter。 发现 Activity与设备上的其他应用程序共享,因此让它可以被设备上的任何其他应用程序访问。intent-filter的存在表明这个Activity是显式导出的。
中危 Activity (cn.jpush.android.ui.PushActivity) 未被保护。
存在一个intent-filter。 发现 Activity与设备上的其他应用程序共享,因此让它可以被设备上的任何其他应用程序访问。intent-filter的存在表明这个Activity是显式导出的。
中危 Service (cn.jpush.android.service.PushService) 未被保护。
存在一个intent-filter。 发现 Service与设备上的其他应用程序共享,因此让它可以被设备上的任何其他应用程序访问。intent-filter的存在表明这个Service是显式导出的。
中危 Broadcast Receiver (cn.jpush.android.service.PushReceiver) 未被保护。
存在一个intent-filter。 发现 Broadcast Receiver与设备上的其他应用程序共享,因此让它可以被设备上的任何其他应用程序访问。intent-filter的存在表明这个Broadcast Receiver是显式导出的。
中危 Activity设置了TaskAffinity属性
(cn.jpush.android.service.JNotifyActivity) 如果设置了 taskAffinity,其他应用程序可能会读取发送到属于另一个任务的 Activity 的 Intent。为了防止其他应用程序读取发送或接收的 Intent 中的敏感信息,请始终使用默认设置,将 affinity 保持为包名
中危 Activity (cn.jpush.android.service.JNotifyActivity) 未被保护。
存在一个intent-filter。 发现 Activity与设备上的其他应用程序共享,因此让它可以被设备上的任何其他应用程序访问。intent-filter的存在表明这个Activity是显式导出的。
中危 Broadcast Receiver (com.meizu.cloud.pushsdk.SystemReceiver) 未被保护。
存在一个intent-filter。 发现 Broadcast Receiver与设备上的其他应用程序共享,因此让它可以被设备上的任何其他应用程序访问。intent-filter的存在表明这个Broadcast Receiver是显式导出的。
中危 Activity (com.alipay.sdk.app.PayResultActivity) 未被保护。
存在一个intent-filter。 发现 Activity与设备上的其他应用程序共享,因此让它可以被设备上的任何其他应用程序访问。intent-filter的存在表明这个Activity是显式导出的。
中危 Broadcast Receiver (androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryChargingProxy) 未被保护。
存在一个intent-filter。 发现 Broadcast Receiver与设备上的其他应用程序共享,因此让它可以被设备上的任何其他应用程序访问。intent-filter的存在表明这个Broadcast Receiver是显式导出的。
中危 Broadcast Receiver (androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryNotLowProxy) 未被保护。
存在一个intent-filter。 发现 Broadcast Receiver与设备上的其他应用程序共享,因此让它可以被设备上的任何其他应用程序访问。intent-filter的存在表明这个Broadcast Receiver是显式导出的。
中危 Broadcast Receiver (androidx.work.impl.background.systemalarm.ConstraintProxy$StorageNotLowProxy) 未被保护。
存在一个intent-filter。 发现 Broadcast Receiver与设备上的其他应用程序共享,因此让它可以被设备上的任何其他应用程序访问。intent-filter的存在表明这个Broadcast Receiver是显式导出的。
中危 Broadcast Receiver (androidx.work.impl.background.systemalarm.ConstraintProxy$NetworkStateProxy) 未被保护。
存在一个intent-filter。 发现 Broadcast Receiver与设备上的其他应用程序共享,因此让它可以被设备上的任何其他应用程序访问。intent-filter的存在表明这个Broadcast Receiver是显式导出的。
中危 Broadcast Receiver (androidx.work.impl.background.systemalarm.RescheduleReceiver) 未被保护。
存在一个intent-filter。 发现 Broadcast Receiver与设备上的其他应用程序共享,因此让它可以被设备上的任何其他应用程序访问。intent-filter的存在表明这个Broadcast Receiver是显式导出的。
中危 Broadcast Receiver (androidx.work.impl.background.systemalarm.ConstraintProxyUpdateReceiver) 未被保护。
存在一个intent-filter。 发现 Broadcast Receiver与设备上的其他应用程序共享,因此让它可以被设备上的任何其他应用程序访问。intent-filter的存在表明这个Broadcast Receiver是显式导出的。
中危 高优先级的Intent (1000)
[android:priority] 通过设置一个比另一个Intent更高的优先级,应用程序有效地覆盖了其他请求。
中危 应用程序可以读取/写入外部存储器,任何应用程序都可以读取写入外部存储器的数据
应用程序可以读取/写入外部存储器,任何应用程序都可以读取写入外部存储器的数据 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x05d-Testing-Data-Storage.md#external-storage Files: com/blankj/utilcode/util/LogUtils.java, line(s) 192 com/ehking/sdk/wepay/constant/ConfigConstants.java, line(s) 7 com/ehking/sdk/wepay/interfaces/WalletPay.java, line(s) 891,892,2598,2599 com/ehking/sdk/wepay/utlis/ImageUtil.java, line(s) 289,302 com/ehking/sdk/wepay/utlis/PhotoUtils.java, line(s) 167 com/getmessage/lite/app/LiteApplication.java, line(s) 214,228,272,302 com/getmessage/module_base/utils/video_recorder/VideoRecorderActivity.java, line(s) 447,589 com/getmessage/module_base/web/FileManager.java, line(s) 84,137,142,242 com/huawei/rtc/internal/HRTCEngineImpl.java, line(s) 66 com/livedetect/application/CrashHandler.java, line(s) 68 com/livedetect/utils/FileUtils.java, line(s) 44,550 com/livedetect/utils/SdUtils.java, line(s) 29,33 com/livedetect/utils/SysLogService.java, line(s) 52,53 com/ta/utdid2/b/a/c.java, line(s) 54,229,271,328 com/yalantis/ucrop/PictureMultiCuttingActivity.java, line(s) 903 p/a/y/e/a/s/e/net/a11.java, line(s) 189,191,454,456 p/a/y/e/a/s/e/net/au2.java, line(s) 212 p/a/y/e/a/s/e/net/b30.java, line(s) 70 p/a/y/e/a/s/e/net/b62.java, line(s) 41 p/a/y/e/a/s/e/net/b7.java, line(s) 74 p/a/y/e/a/s/e/net/bh2.java, line(s) 26 p/a/y/e/a/s/e/net/bn.java, line(s) 12,36 p/a/y/e/a/s/e/net/cd2.java, line(s) 551,896,238,1183,1183 p/a/y/e/a/s/e/net/cs1.java, line(s) 157 p/a/y/e/a/s/e/net/dc2.java, line(s) 166 p/a/y/e/a/s/e/net/dq1.java, line(s) 53 p/a/y/e/a/s/e/net/e11.java, line(s) 37 p/a/y/e/a/s/e/net/e8.java, line(s) 69,69,119 p/a/y/e/a/s/e/net/fl.java, line(s) 537 p/a/y/e/a/s/e/net/ft1.java, line(s) 61,83 p/a/y/e/a/s/e/net/hc2.java, line(s) 48 p/a/y/e/a/s/e/net/hh2.java, line(s) 10,22,31 p/a/y/e/a/s/e/net/i.java, line(s) 39 p/a/y/e/a/s/e/net/i7.java, line(s) 190 p/a/y/e/a/s/e/net/id0.java, line(s) 123,158 p/a/y/e/a/s/e/net/j.java, line(s) 40 p/a/y/e/a/s/e/net/jb2.java, line(s) 176 p/a/y/e/a/s/e/net/kt0.java, line(s) 189 p/a/y/e/a/s/e/net/kv2.java, line(s) 8 p/a/y/e/a/s/e/net/le2.java, line(s) 220 p/a/y/e/a/s/e/net/lt1.java, line(s) 61,106 p/a/y/e/a/s/e/net/lv2.java, line(s) 8 p/a/y/e/a/s/e/net/mb2.java, line(s) 55 p/a/y/e/a/s/e/net/me2.java, line(s) 25 p/a/y/e/a/s/e/net/ml2.java, line(s) 41,47 p/a/y/e/a/s/e/net/mt1.java, line(s) 45,75,77,79,201,209,228,329,329,329,347,355,363,73,230,257,257 p/a/y/e/a/s/e/net/n11.java, line(s) 187 p/a/y/e/a/s/e/net/nc2.java, line(s) 19,25 p/a/y/e/a/s/e/net/nh2.java, line(s) 28,85 p/a/y/e/a/s/e/net/pk2.java, line(s) 158 p/a/y/e/a/s/e/net/qk2.java, line(s) 148 p/a/y/e/a/s/e/net/qo2.java, line(s) 80,196,329,464,666 p/a/y/e/a/s/e/net/r8.java, line(s) 77,136 p/a/y/e/a/s/e/net/rd0.java, line(s) 102 p/a/y/e/a/s/e/net/ri2.java, line(s) 43,77,82 p/a/y/e/a/s/e/net/rk2.java, line(s) 40 p/a/y/e/a/s/e/net/rl2.java, line(s) 45,153 p/a/y/e/a/s/e/net/sd0.java, line(s) 101 p/a/y/e/a/s/e/net/t4.java, line(s) 388,389,797 p/a/y/e/a/s/e/net/tc2.java, line(s) 121,122 p/a/y/e/a/s/e/net/uk2.java, line(s) 44 p/a/y/e/a/s/e/net/wc2.java, line(s) 35 p/a/y/e/a/s/e/net/x7.java, line(s) 26,30,34,38,42,58,82,98,106,142,158,54,66,74,90,94,102,114,118,126,134,146,162 p/a/y/e/a/s/e/net/xl.java, line(s) 11,24 p/a/y/e/a/s/e/net/xr1.java, line(s) 319 p/a/y/e/a/s/e/net/y4.java, line(s) 9,23,27 p/a/y/e/a/s/e/net/y40.java, line(s) 9,13 p/a/y/e/a/s/e/net/zb2.java, line(s) 48
中危 IP地址泄露
IP地址泄露 Files: com/alipay/android/phone/mrpc/core/q.java, line(s) 307 com/blankj/utilcode/util/NetworkUtils.java, line(s) 505 com/ehking/sdk/wepay/net/client/HttpDnsHelper.java, line(s) 4 com/ehking/sdk/wepay/utlis/NetUtils.java, line(s) 56 com/getmessage/lite/view/TestActivity.java, line(s) 155,153,150,151 com/payeasenet/wepay/utlis/NetUtils.java, line(s) 126 io/netty/channel/epoll/LinuxSocket.java, line(s) 22 io/netty/handler/codec/http2/HttpConversionUtil.java, line(s) 194 io/netty/handler/codec/socksx/v4/Socks4ServerDecoder.java, line(s) 135,146 io/netty/handler/codec/socksx/v5/Socks5CommandRequestDecoder.java, line(s) 56 io/netty/resolver/dns/DefaultDnsServerAddressStreamProvider.java, line(s) 40,40 p/a/y/e/a/s/e/net/bf1.java, line(s) 51 p/a/y/e/a/s/e/net/by1.java, line(s) 11 p/a/y/e/a/s/e/net/gf1.java, line(s) 9 p/a/y/e/a/s/e/net/gi2.java, line(s) 442 p/a/y/e/a/s/e/net/hv2.java, line(s) 17 p/a/y/e/a/s/e/net/lg1.java, line(s) 32 p/a/y/e/a/s/e/net/lh2.java, line(s) 4 p/a/y/e/a/s/e/net/n82.java, line(s) 107 p/a/y/e/a/s/e/net/rm.java, line(s) 19
中危 应用程序使用不安全的随机数生成器
应用程序使用不安全的随机数生成器 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x04g-Testing-Cryptography.md#weak-random-number-generators Files: com/ehking/sdk/wepay/ui/view/keyboard/KeyboardView.java, line(s) 20 com/getmessage/lite/view/TestActivity.java, line(s) 28 com/livedetect/LiveDetectActivity.java, line(s) 64 com/payeasenet/wepay/ui/viewModel/AcceptModel.java, line(s) 15 com/scwang/smartrefresh/header/FunGameBattleCityHeader.java, line(s) 14 com/scwang/smartrefresh/header/TaurusHeader.java, line(s) 23 com/ta/utdid2/a/a/e.java, line(s) 7 com/ta/utdid2/device/c.java, line(s) 13 io/netty/handler/ssl/util/ThreadLocalInsecureRandom.java, line(s) 5 io/netty/util/internal/PlatformDependent.java, line(s) 35 io/netty/util/internal/ThreadLocalRandom.java, line(s) 8 org/greenrobot/greendao/test/DbTest.java, line(s) 7 p/a/y/e/a/s/e/net/a3.java, line(s) 16 p/a/y/e/a/s/e/net/aq3.java, line(s) 16 p/a/y/e/a/s/e/net/b11.java, line(s) 18 p/a/y/e/a/s/e/net/dc2.java, line(s) 23 p/a/y/e/a/s/e/net/j4.java, line(s) 38 p/a/y/e/a/s/e/net/jj2.java, line(s) 14 p/a/y/e/a/s/e/net/ni2.java, line(s) 10 p/a/y/e/a/s/e/net/p92.java, line(s) 6 p/a/y/e/a/s/e/net/r62.java, line(s) 8 p/a/y/e/a/s/e/net/u92.java, line(s) 6 p/a/y/e/a/s/e/net/x40.java, line(s) 3 p/a/y/e/a/s/e/net/xn2.java, line(s) 3 p/a/y/e/a/s/e/net/y3.java, line(s) 6 p/a/y/e/a/s/e/net/y92.java, line(s) 6
中危 MD5是已知存在哈希冲突的弱哈希
MD5是已知存在哈希冲突的弱哈希 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x04g-Testing-Cryptography.md#identifying-insecure-andor-deprecated-cryptographic-algorithms-mstg-crypto-4 Files: com/ehking/crypt/core/java/utils/Md5Util.java, line(s) 41 com/ehking/sdk/wepay/utlis/DeviceUtils.java, line(s) 23,65 com/ehking/sdk/wepay/utlis/SystemUtils.java, line(s) 31 io/netty/handler/codec/http/websocketx/WebSocketUtil.java, line(s) 18 p/a/y/e/a/s/e/net/br1.java, line(s) 94 p/a/y/e/a/s/e/net/cd2.java, line(s) 768,795 p/a/y/e/a/s/e/net/dz1.java, line(s) 411,657 p/a/y/e/a/s/e/net/j4.java, line(s) 450 p/a/y/e/a/s/e/net/l7.java, line(s) 384 p/a/y/e/a/s/e/net/mi2.java, line(s) 21 p/a/y/e/a/s/e/net/n7.java, line(s) 763 p/a/y/e/a/s/e/net/ni2.java, line(s) 119 p/a/y/e/a/s/e/net/p11.java, line(s) 11 p/a/y/e/a/s/e/net/s30.java, line(s) 14 p/a/y/e/a/s/e/net/ym.java, line(s) 64 p/a/y/e/a/s/e/net/zc2.java, line(s) 255 p/a/y/e/a/s/e/net/zj2.java, line(s) 18
中危 应用程序使用SQLite数据库并执行原始SQL查询。原始SQL查询中不受信任的用户输入可能会导致SQL注入。敏感信息也应加密并写入数据库
应用程序使用SQLite数据库并执行原始SQL查询。原始SQL查询中不受信任的用户输入可能会导致SQL注入。敏感信息也应加密并写入数据库 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x04h-Testing-Code-Quality.md#injection-flaws-mstg-arch-2-and-mstg-platform-2 Files: com/greendao/ConversationBeanDao.java, line(s) 4,82 com/greendao/FriendBeanDao.java, line(s) 4,65 com/greendao/GroupBeanDao.java, line(s) 4,58 com/greendao/HeadImageBeanDao.java, line(s) 4,33 com/greendao/HistoryMsgBeanTaskDao.java, line(s) 4,43 com/greendao/OfflineMsgCurrentSmsgIdBeanDao.java, line(s) 4,35 com/greendao/OfflineMsgTaskInfoBeanDao.java, line(s) 4,50 com/greendao/SnapchatMsgBeanDao.java, line(s) 4,44 com/greendao/UserInfoBeanDao.java, line(s) 4,96 org/greenrobot/greendao/AbstractDao.java, line(s) 6,7,415 org/greenrobot/greendao/DbUtils.java, line(s) 6,42 org/greenrobot/greendao/database/StandardDatabase.java, line(s) 5,63 p/a/y/e/a/s/e/net/c61.java, line(s) 5,117 p/a/y/e/a/s/e/net/cc2.java, line(s) 6,7,245 p/a/y/e/a/s/e/net/gx.java, line(s) 7,8,9,85 p/a/y/e/a/s/e/net/gz0.java, line(s) 5,6,393 p/a/y/e/a/s/e/net/nn.java, line(s) 6,7,80 p/a/y/e/a/s/e/net/pp2.java, line(s) 5,6,24 p/a/y/e/a/s/e/net/wy0.java, line(s) 4,37
中危 应用程序创建临时文件。敏感信息永远不应该被写进临时文件
应用程序创建临时文件。敏感信息永远不应该被写进临时文件 Files: com/payeasenet/service/sdk/ui/activity/ServicesWebActivity.java, line(s) 220 io/netty/handler/codec/http/multipart/AbstractDiskHttpData.java, line(s) 56,58 io/netty/handler/ssl/util/SelfSignedCertificate.java, line(s) 55,66 io/netty/util/internal/NativeLibraryLoader.java, line(s) 220 p/a/y/e/a/s/e/net/fv2.java, line(s) 36
中危 文件可能包含硬编码的敏感信息,如用户名、密码、密钥等
文件可能包含硬编码的敏感信息,如用户名、密码、密钥等 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x05d-Testing-Data-Storage.md#checking-memory-for-sensitive-data-mstg-storage-10 Files: com/ehking/sdk/wepay/constant/Constants.java, line(s) 10,39,42,53 com/ehking/sdk/wepay/ui/Home/HomeListener.java, line(s) 19,16 com/livedetect/data/ConstantValues.java, line(s) 81 io/netty/handler/codec/http/HttpHeaders.java, line(s) 75 io/netty/handler/codec/mqtt/MqttConnectPayload.java, line(s) 37 io/netty/handler/proxy/Socks4ProxyHandler.java, line(s) 15 io/netty/handler/proxy/Socks5ProxyHandler.java, line(s) 29 io/netty/handler/ssl/PemPrivateKey.java, line(s) 21,22 io/netty/handler/ssl/SslMasterKeyHandler.java, line(s) 17 io/netty/util/DomainWildcardMappingBuilder.java, line(s) 53 p/a/y/e/a/s/e/net/ContextSSLFactory.java, line(s) 17 p/a/y/e/a/s/e/net/db.java, line(s) 91 p/a/y/e/a/s/e/net/ft2.java, line(s) 290,296,356,362 p/a/y/e/a/s/e/net/s9.java, line(s) 83
中危 SHA-1是已知存在哈希冲突的弱哈希
SHA-1是已知存在哈希冲突的弱哈希 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x04g-Testing-Cryptography.md#identifying-insecure-andor-deprecated-cryptographic-algorithms-mstg-crypto-4 Files: com/livedetect/utils/PgpUtil.java, line(s) 135 io/netty/handler/codec/http/websocketx/WebSocketUtil.java, line(s) 28 io/netty/handler/ssl/util/FingerprintTrustManagerFactory.java, line(s) 35 p/a/y/e/a/s/e/net/b11.java, line(s) 39 p/a/y/e/a/s/e/net/ge1.java, line(s) 29 p/a/y/e/a/s/e/net/ke1.java, line(s) 23 p/a/y/e/a/s/e/net/li2.java, line(s) 17 p/a/y/e/a/s/e/net/mt.java, line(s) 31 p/a/y/e/a/s/e/net/ni2.java, line(s) 104 p/a/y/e/a/s/e/net/o4.java, line(s) 10 p/a/y/e/a/s/e/net/p4.java, line(s) 42,79 p/a/y/e/a/s/e/net/pd1.java, line(s) 16 p/a/y/e/a/s/e/net/q4.java, line(s) 48
中危 不安全的Web视图实现。可能存在WebView任意代码执行漏洞
不安全的Web视图实现。可能存在WebView任意代码执行漏洞 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x05h-Testing-Platform-Interaction.md#testing-javascript-execution-in-webviews-mstg-platform-5 Files: com/geetest/sdk/dialog/views/GT3GtWebView.java, line(s) 403,408,434 com/payeasenet/service/sdk/ui/activity/ServicesWebActivity.java, line(s) 454,427
中危 应用程序包含隐私跟踪程序
此应用程序有多个3隐私跟踪程序。跟踪器可以跟踪设备或用户,是终端用户的隐私问题。
中危 此应用可能包含硬编码机密信息
从应用程序中识别出以下机密确保这些不是机密或私人信息 ad5121ef4dc0402c99cc993628c1c430 f6040d0e807aaec325ecf44823765544e92905158169f694b282bf17388632cf95a83bae7d2d235c1f039b0df1dcca5fda619b6f7f459f2ff8d70ddb7b601592fe29fcae58c028f319b3b12495e67aa5390942a997a8cb572c8030b2df5c2b622608bea02b0c3e5d4dff3f72c9e3204049a45c0760cd3604af8d57f0e0c693cc ec96e9ac1149251acbb1b0c5777cae95 CeWMHQUn0ok6zcyGu192IwZ3vhJONfpKx4jrVP8dFEg5SATYm+DLtBXR7lbaqis/= QrMgt8GGYI6T52ZY5AnhtxkLzb8egpFn3j5JELI8H6wtACbUnZ5cc3aYTsTRbmkAkRJeYbtx92LPBWm7nBO9UIl7y5i5MQNmUZNf5QENurR5tGyo7yJ2G0MBjWvy6iAtlAbacKP0SwOUeUWx5dsBdyhxa7Id1APtybSdDgicBDuNjI0mlZFUzZSS9dmN8lBD0WTVOMz0pRZbR3cysomRXOO1ghqjJdTcyDIxzpNAEszN8RMGjrzyU7Hjbmwi6YNK 4026aec5f46360286842041e8cd49856 2A2C22122832442026360522203D055621252031353630243551343A262126360C223F25023430274741292B231C3734231D2823240B4A3D500E523D000B27523D131D2F2147225C2F11523F5B5450550C50174D2611121009353C540B012C3704251015173804030029075212341C3702073F0C0B1B101E33094C2F01462D56232E22203D065250332F1D3F532C123A043445570C1C370F2A30110C282D1C1E0224113F1722242716362210265C36040B5721263C1D2F362803023B3E3417023608422E1D104E185D1D27281424011714252E2124252431 258EAFA5-E914-47DA-95CA-C5AB0DC85B11 d8391a394d4a179e6fe7bdb8a301258b e6b1bdcb890370f2f2419fe06d0fdf7628ad0083d52da1ecfe991164711bbf9297e75353de96f1740695d07610567b1240549af9cbd87d06919ac31c859ad37ab6907c311b4756e1e208775989a4f691bff4bbbc58174d2a96b1d0d970a05114d7ee57dfc33b1bafaf6e0d820e838427018b6435f903df04ba7fd34d73f843df9434b164e0220baabb10c8978c3f4c6b7da79d8220a968356d15090dea07df9606f665cbec14d218dd3d691cce2866a58840971b6a57b76af88b1a65fdffd2c080281a6ab20be5879e0330eb7ff70871ce684e7174ada5dc3159c461375a0796b17ce7beca83cf34f65976d237aee993db48d34a4e344f4d8b7e99119168bdd7 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 b6cbad6cbd5ed0d209afc69ad3b7a617efaae9b3c47eabe0be42d924936fa78c8001b1fd74b079e5ff9690061dacfa4768e981a526b9ca77156ca36251cf2f906d105481374998a7e6e6e18f75ca98b8ed2eaf86ff402c874cca0a263053f22237858206867d210020daa38c48b20cc9dfd82b44a51aeb5db459b22794e2d649
信息 应用程序记录日志信息,不得记录敏感信息
应用程序记录日志信息,不得记录敏感信息 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x05d-Testing-Data-Storage.md#logs Files: com/alipay/android/phone/mrpc/core/b.java, line(s) 81 com/blankj/utilcode/util/ApiUtils.java, line(s) 58,66 com/blankj/utilcode/util/BusUtils.java, line(s) 148,202,363,368,376,389,495 com/blankj/utilcode/util/KeyboardUtils.java, line(s) 144,176,166 com/blankj/utilcode/util/LogUtils.java, line(s) 147,984,1128 com/blankj/utilcode/util/MessengerUtils.java, line(s) 142,150,163,179,201,210,234,290,305,225,279,284,297,327,378,157 com/blankj/utilcode/util/NetworkUtils.java, line(s) 272 com/blankj/utilcode/util/SpanUtils.java, line(s) 343,358 com/blankj/utilcode/util/ThreadUtils.java, line(s) 86,170,175,426,517,689,97 com/blankj/utilcode/util/Utils.java, line(s) 299,632 com/bumptech/glide/load/engine/DecodeJob.java, line(s) 271,449,303 com/bumptech/glide/load/engine/GlideException.java, line(s) 218 com/bumptech/glide/manager/SupportRequestManagerFragment.java, line(s) 140,141 com/bumptech/glide/request/SingleRequest.java, line(s) 244,71,314,204 com/cjt2325/cameralibrary/CaptureButton.java, line(s) 133,223,257,349,352 com/cjt2325/cameralibrary/JCameraView.java, line(s) 549 com/contrarywind/view/WheelView.java, line(s) 405 com/ecloud/pulltozoomview/PullToZoomListViewEx.java, line(s) 68,138,139,165,188,201,213 com/ecloud/pulltozoomview/PullToZoomScrollViewEx.java, line(s) 69,71,122,194,195,212,248 com/ehking/sdk/wepay/interfaces/WalletPay.java, line(s) 2807 com/ehking/sdk/wepay/net/client/RetrofitClient.java, line(s) 469 com/ehking/sdk/wepay/other/idcardcamera/camera/CameraPreview.java, line(s) 98,158 com/ehking/sdk/wepay/other/idcardcamera/cropper/CropOverlayView.java, line(s) 62,89,90,116,145 com/ehking/sdk/wepay/ui/activity/AddBankCardActivity.java, line(s) 153,196 com/ehking/sdk/wepay/ui/activity/AuthenticationPhoneActivity.java, line(s) 164 com/ehking/sdk/wepay/ui/activity/BindCardWebActivity.java, line(s) 122 com/ehking/sdk/wepay/ui/activity/CameraActivity.java, line(s) 731,735 com/ehking/sdk/wepay/utlis/AESHelper.java, line(s) 60,66 com/ehking/sdk/wepay/utlis/DebugLogUtils.java, line(s) 9,15,21,27,52,58,64,70,76,82 com/ehking/sdk/wepay/utlis/ImageUtil.java, line(s) 575 com/geetest/sdk/dialog/views/GT3GtWebView.java, line(s) 466 com/getmessage/lite/adapter/EmojiFragmentAdapter.java, line(s) 44 com/getmessage/lite/app/LiteApplication.java, line(s) 471 com/getmessage/lite/custom_view/ChatBottomBarView.java, line(s) 226,246,252,409 com/getmessage/lite/custom_view/VoiceView.java, line(s) 73,88,103 com/getmessage/lite/custom_view/ZoomImageView.java, line(s) 49,183,236,245,342 com/getmessage/lite/presenter/BaseChatPresenter.java, line(s) 247,312,1000,1077,1164,1304 com/getmessage/lite/presenter/BigEmojiPackageManagePresenter.java, line(s) 76 com/getmessage/lite/presenter/FileDetailPresenter.java, line(s) 84 com/getmessage/lite/presenter/GroupQrCodePresenter.java, line(s) 166 com/getmessage/lite/presenter/MessagePresenter.java, line(s) 123 com/getmessage/lite/presenter/SearchPresenter.java, line(s) 147,188,272,283,323 com/getmessage/lite/presenter/SplashPresenter.java, line(s) 131 com/getmessage/lite/service/HWPushService.java, line(s) 19,17,42,76 com/getmessage/lite/service/MsgPushService.java, line(s) 82,277,204,273,278,290,296,310,332,340,344,349,392,425,433,438 com/getmessage/lite/utils/audio/VoicePlayer.java, line(s) 133,374,392,397,405 com/getmessage/lite/utils/chat_utils/BaseMsgViewHolder.java, line(s) 403 com/getmessage/lite/utils/chat_utils/MsgFileViewHolder.java, line(s) 94,118,126 com/getmessage/lite/utils/chat_utils/MsgVideoViewHolder.java, line(s) 192 com/getmessage/lite/utils/diffutil_callback/ConversationDiffCallBack.java, line(s) 83 com/getmessage/lite/utils/diffutil_callback/ConversationSortCallBack.java, line(s) 84 com/getmessage/lite/view/chat/BaseChatActivity.java, line(s) 231,1546,2295,2462,2529 com/getmessage/lite/view/conversation/MessageFragment.java, line(s) 140,146,152,168,500,679 com/getmessage/lite/view/conversation/ScanActivity.java, line(s) 175,196,203,212 com/getmessage/lite/view/emoji/MyLikeEmojiActivity.java, line(s) 57 com/getmessage/lite/view/emoji/MyLikeEmojiFragment.java, line(s) 79 com/getmessage/lite/view/image_video_preview/ImageAndVideoPreviewActivity.java, line(s) 308,327 com/getmessage/lite/view/personal_info/ImageBrowseActivity.java, line(s) 185 com/getmessage/lite/view/rtc/receiver/HomeKeyReceiver.java, line(s) 21 com/getmessage/lite/view/search/SearchActivity.java, line(s) 121 com/getmessage/lite/view/search/SearchMoreActivity.java, line(s) 65 com/getmessage/lite/view/send_file/SelectorFileActivity.java, line(s) 343 com/getmessage/module_base/base_view/BaseActivity.java, line(s) 60,64,67,316,71,79 com/getmessage/module_base/broadReceiver/DateTimeReceiver.java, line(s) 43 com/getmessage/module_base/costom_view/CornersGifView.java, line(s) 115 com/getmessage/module_base/model/bean/database_table/MsgBean.java, line(s) 105 com/getmessage/module_base/utils/video_recorder/FilterPreviewDialog.java, line(s) 59,90,173 com/getmessage/module_base/utils/video_recorder/VideoRecorderActivity.java, line(s) 353,359,484 com/getmessage/module_base/web/WebViewHelper.java, line(s) 313,338,219,322 com/getmessage/module_base/web/x5WebViewHelper.java, line(s) 307,332,213,316 com/github/siyamed/shapeimageview/mask/PorterImageView.java, line(s) 125 com/github/siyamed/shapeimageview/path/parser/CopyInputStream.java, line(s) 22 com/github/siyamed/shapeimageview/path/parser/IdHandler.java, line(s) 59 com/github/siyamed/shapeimageview/path/parser/PathParser.java, line(s) 391 com/github/siyamed/shapeimageview/path/parser/SvgToPath.java, line(s) 306,68 com/github/siyamed/shapeimageview/path/parser/TransformParser.java, line(s) 54 com/hisign/FaceSDK/FaceLiveDetect.java, line(s) 14 com/hisign/a/d/a.java, line(s) 33,52,58 com/hisign/matching/UvcInputAPI.java, line(s) 12 com/huawei/AudioDeviceAndroid.java, line(s) 927,877,107,122,129,136,144,146,158,163,171,173,185,196,204,209,219,248,262,281,298,307,357,378,399,420,521,822,846,850,964,974,1031,1038,1047,1114,1118,1121,1304,1318,1351,1366,1380,1391,1402,1415,1420,1438,1447,1476,1490,1524,1533 com/huawei/AudioDeviceAndroidService.java, line(s) 29,33,38,39,44 com/huawei/rtc/internal/HRTCEngineImpl.java, line(s) 1254,244,383,666,687,693,708,714,728,733,971,1257,1266,93,390,394,398,410,414,424,428,452,456,460,464,468,486,490,508,520,541,552,563,567,571,575,590,594,598,602,606,610,614,627,628,634,638,642,671,799,804,821,1009,1152,1171,1246,61,1270 com/huawei/rtc/internal/HRTCVideoOrientation.java, line(s) 104,144,150 com/huawei/rtc/internal/network/NetworkChangeManager.java, line(s) 17 com/huawei/videoengine/codec/MediaCodecDecoderImpl.java, line(s) 644,764 com/huawei/videoengine/codec/MediaCodecEncoderImpl.java, line(s) 598,174 com/huawei/videoengine/gip/GLCameraProcess.java, line(s) 160,404,260,315,340,358,389,391 com/huawei/videoengine/gles/Drawable2d.java, line(s) 99 com/huawei/videoengine/gles/GLDrawerImpl.java, line(s) 143,179 com/huawei/videoengine/gles/Texture2dProgram.java, line(s) 101,190,86,93,179,205 com/im/im/wxapi/WXPayEntryActivity.java, line(s) 43 com/joe/camera2recorddemo/Utils/GpuUtils.java, line(s) 40 com/joe/camera2recorddemo/View/CameraRecordView.java, line(s) 151,156 com/livedetect/LiveDetectActivity.java, line(s) 2141 com/livedetect/application/CrashHandler.java, line(s) 101,77,95,103,124 com/livedetect/utils/CameraUtils.java, line(s) 111,127,130,143,149,152 com/livedetect/utils/LogUtil.java, line(s) 9,15,21 com/livedetect/utils/ToolUtils.java, line(s) 55,57,67,69,79,81,91,93,105,107,113 com/luck/picture/lib/adapter/PictureImageGridAdapter.java, line(s) 426 com/luck/picture/lib/compress/Checker.java, line(s) 48,62,81,98,102 com/luck/picture/lib/widget/longimage/SubsamplingScaleImageView.java, line(s) 1277,425,429,604,608,670,1383,336,1514,1519,1531,1540,1991,2187 com/makeramen/roundedimageview/RoundedImageView.java, line(s) 194,214 com/payeasenet/service/sdk/ui/activity/ServicesWebActivity.java, line(s) 275,373 com/payeasenet/wepay/ui/activity/ServicesActivity.java, line(s) 70 com/x52im/rainbowchat/http/logic/dto/OfflineMsgDTO.java, line(s) 113 com/yalantis/ucrop/PictureMultiCuttingActivity.java, line(s) 843 com/yalantis/ucrop/UCropActivity.java, line(s) 626 com/yalantis/ucrop/view/TransformImageView.java, line(s) 130,180,47,230 io/netty/util/Version.java, line(s) 94 me/jessyan/autosize/utils/LogUtils.java, line(s) 14,20,34 me/kareluo/imaging/view/IMGView.java, line(s) 385,438,444,456 net/sqlcipher/database/SQLiteCompiledSql.java, line(s) 57,80,87,98,67 net/sqlcipher/database/SQLiteDatabase.java, line(s) 442,444,1688,253,300,313,328,678,908,1094,1110,1391,1405,1611,1708,429,1084,1612,826,838,872,887,1085,1270,1288,1464,1492,1613,1283 net/sqlcipher/database/SQLiteDebug.java, line(s) 6,7,8,9,10,11 net/sqlcipher/database/SQLiteProgram.java, line(s) 46,58 net/sqlcipher/database/SQLiteQuery.java, line(s) 123 org/greenrobot/eventbus/util/ErrorDialogManager.java, line(s) 197 org/greenrobot/greendao/AbstractDao.java, line(s) 476,717,779 org/greenrobot/greendao/DaoException.java, line(s) 27,28 org/greenrobot/greendao/DaoLog.java, line(s) 14,18,26,34,38,42,50,54,22,58,62,66 org/greenrobot/greendao/DbUtils.java, line(s) 63,33 org/greenrobot/greendao/async/AsyncOperationExecutor.java, line(s) 336,346,358,434 org/greenrobot/greendao/internal/LongHashMap.java, line(s) 75 org/greenrobot/greendao/query/QueryBuilder.java, line(s) 103,108 org/greenrobot/greendao/test/AbstractDaoTest.java, line(s) 28,32,60 org/greenrobot/greendao/test/AbstractDaoTestLongPk.java, line(s) 21,29 org/greenrobot/greendao/test/AbstractDaoTestSinglePk.java, line(s) 31 org/greenrobot/greendao/test/DbTest.java, line(s) 65 p/a/y/e/a/s/e/net/a8.java, line(s) 54,56,67 p/a/y/e/a/s/e/net/ad.java, line(s) 106,105 p/a/y/e/a/s/e/net/aj1.java, line(s) 112,180,324,334,391,156,252,261,270,281,293,309 p/a/y/e/a/s/e/net/ak1.java, line(s) 53,57,77,87,109,119,120 p/a/y/e/a/s/e/net/ao3.java, line(s) 222,245,271,355 p/a/y/e/a/s/e/net/au2.java, line(s) 179 p/a/y/e/a/s/e/net/av1.java, line(s) 32,38,41,52 p/a/y/e/a/s/e/net/b21.java, line(s) 42,58,64,68,82,44,49 p/a/y/e/a/s/e/net/be0.java, line(s) 71 p/a/y/e/a/s/e/net/bg1.java, line(s) 54 p/a/y/e/a/s/e/net/bj1.java, line(s) 65,81,140,151,204,216,40,58 p/a/y/e/a/s/e/net/bk1.java, line(s) 29 p/a/y/e/a/s/e/net/bu2.java, line(s) 140,148,165,181,188,216,261,275,291,123,139,143,152,161,164,169,180,187,250,260,272,283,290 p/a/y/e/a/s/e/net/bv1.java, line(s) 20,25,37 p/a/y/e/a/s/e/net/c21.java, line(s) 855,870,882,889,898,904,911,1071,127,128,183,201,255,1023,1057,1138,1154,116,1012 p/a/y/e/a/s/e/net/c61.java, line(s) 101,91,223 p/a/y/e/a/s/e/net/cd1.java, line(s) 53,89,101,117,145,33,65,59,95,111,123 p/a/y/e/a/s/e/net/cf.java, line(s) 135,134 p/a/y/e/a/s/e/net/cj1.java, line(s) 189,195,205,210,223,182,285,252 p/a/y/e/a/s/e/net/cp1.java, line(s) 16,29 p/a/y/e/a/s/e/net/cv1.java, line(s) 22,42,72,87,88,103,115 p/a/y/e/a/s/e/net/dp1.java, line(s) 98,100,141 p/a/y/e/a/s/e/net/dv1.java, line(s) 31 p/a/y/e/a/s/e/net/dz0.java, line(s) 37,40,85,88 p/a/y/e/a/s/e/net/ed0.java, line(s) 180,181,182 p/a/y/e/a/s/e/net/eh2.java, line(s) 21 p/a/y/e/a/s/e/net/ej1.java, line(s) 186,351,355,469,672,342 p/a/y/e/a/s/e/net/eo3.java, line(s) 71,90 p/a/y/e/a/s/e/net/ep1.java, line(s) 234,275,304,353,386,73,75,79,243,285 p/a/y/e/a/s/e/net/eq1.java, line(s) 13,17 p/a/y/e/a/s/e/net/ev1.java, line(s) 24,35 p/a/y/e/a/s/e/net/f.java, line(s) 48 p/a/y/e/a/s/e/net/fe.java, line(s) 61,60,77,78 p/a/y/e/a/s/e/net/fi.java, line(s) 69,131,132,70 p/a/y/e/a/s/e/net/fj1.java, line(s) 137,217,81,95,101,157,205 p/a/y/e/a/s/e/net/fk1.java, line(s) 43,57,18,29 p/a/y/e/a/s/e/net/fl.java, line(s) 223,311,298,332,345,414,504,548,555,561,639,651 p/a/y/e/a/s/e/net/fm3.java, line(s) 553 p/a/y/e/a/s/e/net/fo3.java, line(s) 195,194 p/a/y/e/a/s/e/net/fp1.java, line(s) 27 p/a/y/e/a/s/e/net/ft2.java, line(s) 130,156,430,659,676,678 p/a/y/e/a/s/e/net/fv1.java, line(s) 63,68,73,85,109 p/a/y/e/a/s/e/net/g6.java, line(s) 155 p/a/y/e/a/s/e/net/ga.java, line(s) 104,161,101,160,164,169,176,173,179 p/a/y/e/a/s/e/net/gc.java, line(s) 57,70,76,106,115,125,71,116,58,77,107,126 p/a/y/e/a/s/e/net/gd0.java, line(s) 8,21 p/a/y/e/a/s/e/net/gf1.java, line(s) 26,34,19,38,31 p/a/y/e/a/s/e/net/gi2.java, line(s) 228,387,388 p/a/y/e/a/s/e/net/gj1.java, line(s) 210 p/a/y/e/a/s/e/net/gz0.java, line(s) 440 p/a/y/e/a/s/e/net/h11.java, line(s) 36 p/a/y/e/a/s/e/net/hc2.java, line(s) 140 p/a/y/e/a/s/e/net/hd0.java, line(s) 39,44,53,82 p/a/y/e/a/s/e/net/he0.java, line(s) 63,67,71,75,79,83,87,197,255 p/a/y/e/a/s/e/net/hg.java, line(s) 34,31,56,75,57,76 p/a/y/e/a/s/e/net/hj.java, line(s) 54,57 p/a/y/e/a/s/e/net/ho3.java, line(s) 22,39,49,63,73 p/a/y/e/a/s/e/net/i11.java, line(s) 57 p/a/y/e/a/s/e/net/i7.java, line(s) 72,215 p/a/y/e/a/s/e/net/ia.java, line(s) 54,53 p/a/y/e/a/s/e/net/ig.java, line(s) 17,16 p/a/y/e/a/s/e/net/ii2.java, line(s) 50,180 p/a/y/e/a/s/e/net/j.java, line(s) 65 p/a/y/e/a/s/e/net/jb1.java, line(s) 34,51 p/a/y/e/a/s/e/net/jd0.java, line(s) 173,208 p/a/y/e/a/s/e/net/je0.java, line(s) 268 p/a/y/e/a/s/e/net/jn3.java, line(s) 112 p/a/y/e/a/s/e/net/jt0.java, line(s) 31,43,123,150,157,178,188,217,230,242,260,277 p/a/y/e/a/s/e/net/ju2.java, line(s) 46,56,66,72,84,96,16,22,34,78,90,102,10,28,40 p/a/y/e/a/s/e/net/k21.java, line(s) 35 p/a/y/e/a/s/e/net/kd0.java, line(s) 48 p/a/y/e/a/s/e/net/ki1.java, line(s) 27,42 p/a/y/e/a/s/e/net/kt0.java, line(s) 78 p/a/y/e/a/s/e/net/kv1.java, line(s) 56,64,77,25,43 p/a/y/e/a/s/e/net/l0.java, line(s) 95 p/a/y/e/a/s/e/net/ls3.java, line(s) 70,71 p/a/y/e/a/s/e/net/m21.java, line(s) 137,141 p/a/y/e/a/s/e/net/m30.java, line(s) 180 p/a/y/e/a/s/e/net/m40.java, line(s) 110 p/a/y/e/a/s/e/net/m9.java, line(s) 62,90,59,89 p/a/y/e/a/s/e/net/mb.java, line(s) 33,34 p/a/y/e/a/s/e/net/mi1.java, line(s) 44,64,70,74,84,95,105,118,142,144 p/a/y/e/a/s/e/net/mt1.java, line(s) 146 p/a/y/e/a/s/e/net/n9.java, line(s) 593,622,629,592,621,628,744,753 p/a/y/e/a/s/e/net/na.java, line(s) 112,111 p/a/y/e/a/s/e/net/nc.java, line(s) 158,143 p/a/y/e/a/s/e/net/nd.java, line(s) 98,99 p/a/y/e/a/s/e/net/ne.java, line(s) 261,275,309,316,329,346,351,371,250,260,272,286,304,315,321,325,328,331,345,350,363,370 p/a/y/e/a/s/e/net/nf.java, line(s) 85,92,99,110,88,95,102,118 p/a/y/e/a/s/e/net/ng.java, line(s) 160,161 p/a/y/e/a/s/e/net/nj1.java, line(s) 22 p/a/y/e/a/s/e/net/o41.java, line(s) 83,87 p/a/y/e/a/s/e/net/o7.java, line(s) 36,41,71 p/a/y/e/a/s/e/net/oc2.java, line(s) 12,18,21,14,10,16 p/a/y/e/a/s/e/net/od.java, line(s) 37,36 p/a/y/e/a/s/e/net/od0.java, line(s) 22,59 p/a/y/e/a/s/e/net/od1.java, line(s) 22,24,46 p/a/y/e/a/s/e/net/oe.java, line(s) 103,245,379,102,244,324,355,378,439,461,170,339,449 p/a/y/e/a/s/e/net/og.java, line(s) 244,245,256 p/a/y/e/a/s/e/net/oh1.java, line(s) 29,39,74 p/a/y/e/a/s/e/net/on3.java, line(s) 62,93,111,133,156,177,206,36,51,217 p/a/y/e/a/s/e/net/p6.java, line(s) 132,928,949,959 p/a/y/e/a/s/e/net/p7.java, line(s) 681 p/a/y/e/a/s/e/net/p8.java, line(s) 168,279,284 p/a/y/e/a/s/e/net/pa.java, line(s) 82,81 p/a/y/e/a/s/e/net/pb2.java, line(s) 49 p/a/y/e/a/s/e/net/pc.java, line(s) 91,88 p/a/y/e/a/s/e/net/pe.java, line(s) 46,51,47,52 p/a/y/e/a/s/e/net/pf.java, line(s) 18,19 p/a/y/e/a/s/e/net/q6.java, line(s) 27,80 p/a/y/e/a/s/e/net/q8.java, line(s) 144,108,184,193,230,241,244 p/a/y/e/a/s/e/net/qc.java, line(s) 41,40 p/a/y/e/a/s/e/net/qg.java, line(s) 81,82 p/a/y/e/a/s/e/net/qm.java, line(s) 15,63,69,26,48 p/a/y/e/a/s/e/net/qp1.java, line(s) 247,78,80,84,158,160,319 p/a/y/e/a/s/e/net/qu.java, line(s) 32 p/a/y/e/a/s/e/net/r11.java, line(s) 26,27,46,47 p/a/y/e/a/s/e/net/r5.java, line(s) 516,520,74,528,48,52,524 p/a/y/e/a/s/e/net/r6.java, line(s) 161,244,256,742,375,377,388 p/a/y/e/a/s/e/net/r8.java, line(s) 38,41,48,52,68,79,89,95,109,115,125,169,171 p/a/y/e/a/s/e/net/rc.java, line(s) 101,92 p/a/y/e/a/s/e/net/rd1.java, line(s) 29,67 p/a/y/e/a/s/e/net/ri.java, line(s) 27 p/a/y/e/a/s/e/net/rr1.java, line(s) 24,30,44,55,66,93,126,141,166,177,188,204 p/a/y/e/a/s/e/net/rz0.java, line(s) 63,75,92,107,150 p/a/y/e/a/s/e/net/s1.java, line(s) 160,54 p/a/y/e/a/s/e/net/s7.java, line(s) 114,149 p/a/y/e/a/s/e/net/sd1.java, line(s) 21 p/a/y/e/a/s/e/net/sd2.java, line(s) 14,19 p/a/y/e/a/s/e/net/si1.java, line(s) 19,26,33 p/a/y/e/a/s/e/net/so.java, line(s) 139,143 p/a/y/e/a/s/e/net/sv1.java, line(s) 214 p/a/y/e/a/s/e/net/t6.java, line(s) 60 p/a/y/e/a/s/e/net/t7.java, line(s) 73 p/a/y/e/a/s/e/net/te.java, line(s) 44,45 p/a/y/e/a/s/e/net/th.java, line(s) 70,132,133,71 p/a/y/e/a/s/e/net/tn3.java, line(s) 58,183,491,500 p/a/y/e/a/s/e/net/tp3.java, line(s) 50 p/a/y/e/a/s/e/net/tt2.java, line(s) 93 p/a/y/e/a/s/e/net/u21.java, line(s) 42,44,46,49,121,144,198,75,155,170,172,178,214,224,237 p/a/y/e/a/s/e/net/u8.java, line(s) 276,286,355 p/a/y/e/a/s/e/net/uk2.java, line(s) 49,85,90,97,111,118,125,145,61 p/a/y/e/a/s/e/net/ul.java, line(s) 66,70,77,81,116,138 p/a/y/e/a/s/e/net/un3.java, line(s) 14,30,32,36,21 p/a/y/e/a/s/e/net/ut2.java, line(s) 53 p/a/y/e/a/s/e/net/v11.java, line(s) 353 p/a/y/e/a/s/e/net/vf.java, line(s) 37,38 p/a/y/e/a/s/e/net/vh1.java, line(s) 39 p/a/y/e/a/s/e/net/vj1.java, line(s) 70,126,145,83,131,150,155,161,173,180,77,97,104 p/a/y/e/a/s/e/net/vk2.java, line(s) 31,28 p/a/y/e/a/s/e/net/vl.java, line(s) 59,89 p/a/y/e/a/s/e/net/vm3.java, line(s) 44,48,57,61 p/a/y/e/a/s/e/net/vp3.java, line(s) 45 p/a/y/e/a/s/e/net/vt2.java, line(s) 47,88,122,133,140,170 p/a/y/e/a/s/e/net/w40.java, line(s) 177 p/a/y/e/a/s/e/net/w6.java, line(s) 497 p/a/y/e/a/s/e/net/wa.java, line(s) 49,50 p/a/y/e/a/s/e/net/wb.java, line(s) 106,153,110,158 p/a/y/e/a/s/e/net/wg.java, line(s) 50,57,68,73,49,56,61,67,72,62 p/a/y/e/a/s/e/net/wi.java, line(s) 50,49 p/a/y/e/a/s/e/net/wj1.java, line(s) 58,94,38,74,101 p/a/y/e/a/s/e/net/wj2.java, line(s) 60 p/a/y/e/a/s/e/net/wp1.java, line(s) 82,85,100,213,227,232,250,262,287,289,329,392,396,439,441,115,342,344,378,380,408,361 p/a/y/e/a/s/e/net/wt2.java, line(s) 38,48 p/a/y/e/a/s/e/net/xb.java, line(s) 118,169,205,98,107,117,168,178,204,225,232,268,140,179,226,233,108 p/a/y/e/a/s/e/net/xc.java, line(s) 18,17 p/a/y/e/a/s/e/net/xd1.java, line(s) 55 p/a/y/e/a/s/e/net/xr1.java, line(s) 322,321 p/a/y/e/a/s/e/net/y41.java, line(s) 32,28,42,46,13 p/a/y/e/a/s/e/net/y7.java, line(s) 162,165 p/a/y/e/a/s/e/net/y8.java, line(s) 175,185,228,174,181,227,244,245 p/a/y/e/a/s/e/net/y9.java, line(s) 53,52 p/a/y/e/a/s/e/net/ya.java, line(s) 28,197 p/a/y/e/a/s/e/net/yc.java, line(s) 48,47 p/a/y/e/a/s/e/net/yl.java, line(s) 24,28,36,12 p/a/y/e/a/s/e/net/yn.java, line(s) 100,150,160,167,183 p/a/y/e/a/s/e/net/yt2.java, line(s) 48 p/a/y/e/a/s/e/net/ze.java, line(s) 347,182,187,308,317,324,346,183,188,309,318,325,326,327,331 p/a/y/e/a/s/e/net/zi1.java, line(s) 44 p/a/y/e/a/s/e/net/zn3.java, line(s) 22 p/a/y/e/a/s/e/net/zu1.java, line(s) 115 tv/danmaku/ijk/media/exo/demo/EventLogger.java, line(s) 50,62,90,104,119,134,198,210,220,225,43,142,156,180 tv/danmaku/ijk/media/exo/demo/player/DashRendererBuilder.java, line(s) 166 tv/danmaku/ijk/media/exo2/demo/EventLogger.java, line(s) 107,112,117,122,127,132,136,141,148,156,164,174,179,196,204,212,237,259,272,274,281,301,309,318,326,331,336,343,346,349,353,356,358,367,370,381,388,394,398,408,411,417,427,435,442,446,450,452,461,469,477,487,492,97,289 tv/danmaku/ijk/media/exo2/source/GSYExoHttpDataSource.java, line(s) 120,134,151,146 tv/danmaku/ijk/media/player/IjkMediaCodecInfo.java, line(s) 193,195 tv/danmaku/ijk/media/player/IjkMediaPlayer.java, line(s) 150,156,240,261,145,159,181,248,423,178,268,912,926 tv/danmaku/ijk/media/player/pragma/DebugLog.java, line(s) 13,17,21,25,29,33,37,41,45,61,65,69,73,77,81 uk/co/chrisjenx/calligraphy/ReflectionUtils.java, line(s) 46 uk/co/chrisjenx/calligraphy/TypefaceUtils.java, line(s) 46
信息 此应用程序将数据复制到剪贴板。敏感数据不应复制到剪贴板,因为其他应用程序可以访问它
此应用程序将数据复制到剪贴板。敏感数据不应复制到剪贴板,因为其他应用程序可以访问它 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x04b-Mobile-App-Security-Testing.md#clipboard Files: com/getmessage/lite/view/chat/BaseChatActivity.java, line(s) 4,1292 p/a/y/e/a/s/e/net/c11.java, line(s) 4,71,83,87
安全 此应用程序可能具有Root检测功能
此应用程序可能具有Root检测功能 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x05j-Testing-Resiliency-Against-Reverse-Engineering.md#testing-root-detection-mstg-resilience-1 Files: com/ehking/sdk/wepay/net/client/RetrofitClient.java, line(s) 723,723,726,726 p/a/y/e/a/s/e/net/j7.java, line(s) 235 p/a/y/e/a/s/e/net/v3.java, line(s) 20,20,20,20,20,20
安全 此应用程序使用SSL Pinning 来检测或防止安全通信通道中的MITM攻击
此应用程序使用SSL Pinning 来检测或防止安全通信通道中的MITM攻击 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x05g-Testing-Network-Communication.md#testing-custom-certificate-stores-and-certificate-pinning-mstg-network-4 Files: com/ehking/sdk/wepay/net/client/RetrofitClient.java, line(s) 462,284,330 com/ehking/sdk/wepay/net/factory/HelpSSLSocketFactory.java, line(s) 31,55,29,27,52,52 com/ehking/sdk/wepay/net/factory/HttpClientSslHelper.java, line(s) 51,48,47,47 com/payeasenet/wepay/net/factory/HelpSSLSocketFactory.java, line(s) 31,55,29,27,52,52 io/netty/handler/ssl/JdkSslClientContext.java, line(s) 40,40 io/netty/handler/ssl/JdkSslServerContext.java, line(s) 44,44 io/netty/handler/ssl/ReferenceCountedOpenSslClientContext.java, line(s) 231,193,228,228 io/netty/handler/ssl/ReferenceCountedOpenSslServerContext.java, line(s) 150,117,147,147 io/netty/handler/ssl/SslContext.java, line(s) 127,371,371 io/netty/handler/ssl/util/FingerprintTrustManagerFactory.java, line(s) 55,89,111 p/a/y/e/a/s/e/net/ContextSSLFactory.java, line(s) 54,29,48 p/a/y/e/a/s/e/net/bz1.java, line(s) 331,335,249,332,332 p/a/y/e/a/s/e/net/jf1.java, line(s) 30,29,24 p/a/y/e/a/s/e/net/tz0.java, line(s) 32,166,31,30,30,164,164 p/a/y/e/a/s/e/net/uz0.java, line(s) 32,166,31,30,30,164,164 tv/danmaku/ijk/media/exo2/source/GSYExoHttpDataSource.java, line(s) 241,219,243
关注 应用程序可能与位于OFAC制裁国家 (China) 的服务器 (api.xmpush.xiaomi.com) 通信。
{'ip': '118.26.252.230', 'country_short': 'CN', 'country_long': 'China', 'region': 'Beijing', 'city': 'Beijing', 'latitude': '39.907501', 'longitude': '116.397232'}
关注 应用程序可能与位于OFAC制裁国家 (China) 的服务器 (www.5upay.com) 通信。
{'ip': '118.26.164.135', 'country_short': 'CN', 'country_long': 'China', 'region': 'Beijing', 'city': 'Beijing', 'latitude': '39.907501', 'longitude': '116.397232'}
关注 应用程序可能与位于OFAC制裁国家 (China) 的服务器 (ip.chinaz.com) 通信。
{'ip': '103.205.5.226', 'country_short': 'CN', 'country_long': 'China', 'region': 'Jiangsu', 'city': 'Hutang', 'latitude': '31.533331', 'longitude': '119.483330'}
关注 应用程序可能与位于OFAC制裁国家 (China) 的服务器 (www.huawei.com) 通信。
{'ip': '221.229.162.67', 'country_short': 'CN', 'country_long': 'China', 'region': 'Jiangsu', 'city': 'Xuzhou', 'latitude': '34.266666', 'longitude': '117.166664'}
关注 应用程序可能与位于OFAC制裁国家 (China) 的服务器 (bjuser.jpush.cn) 通信。
{'ip': '122.9.9.237', 'country_short': 'CN', 'country_long': 'China', 'region': 'Guangdong', 'city': 'Guangzhou', 'latitude': '23.127361', 'longitude': '113.264252'}
关注 应用程序可能与位于OFAC制裁国家 (China) 的服务器 (www.geetest.com) 通信。
{'ip': '150.139.142.223', 'country_short': 'CN', 'country_long': 'China', 'region': 'Shandong', 'city': 'Qingdao', 'latitude': '36.098610', 'longitude': '120.371941'}
关注 应用程序可能与位于OFAC制裁国家 (China) 的服务器 (static.geetest.com) 通信。
{'ip': '58.211.12.219', 'country_short': 'CN', 'country_long': 'China', 'region': 'Jiangsu', 'city': 'Suzhou', 'latitude': '31.311390', 'longitude': '120.618057'}
关注 应用程序可能与位于OFAC制裁国家 (China) 的服务器 (mobilegw.alipaydev.com) 通信。
{'ip': '110.75.132.131', 'country_short': 'CN', 'country_long': 'China', 'region': 'Zhejiang', 'city': 'Hangzhou', 'latitude': '30.293650', 'longitude': '120.161423'}
关注 应用程序可能与位于OFAC制裁国家 (China) 的服务器 (wallet.95516.com) 通信。
{'ip': '180.127.43.21', 'country_short': 'CN', 'country_long': 'China', 'region': 'Jiangsu', 'city': 'Lianyungang', 'latitude': '34.599998', 'longitude': '119.166664'}
关注 应用程序可能与位于OFAC制裁国家 (China) 的服务器 (uat-merchant.5upay.com) 通信。
{'ip': '39.96.128.164', 'country_short': 'CN', 'country_long': 'China', 'region': 'Beijing', 'city': 'Beijing', 'latitude': '39.907501', 'longitude': '116.397232'}
关注 应用程序可能与位于OFAC制裁国家 (China) 的服务器 (cn.register.xmpush.xiaomi.com) 通信。
{'ip': '118.26.252.220', 'country_short': 'CN', 'country_long': 'China', 'region': 'Beijing', 'city': 'Beijing', 'latitude': '39.907501', 'longitude': '116.397232'}
关注 应用程序可能与位于OFAC制裁国家 (China) 的服务器 (app.mi.com) 通信。
{'ip': '118.26.252.203', 'country_short': 'CN', 'country_long': 'China', 'region': 'Beijing', 'city': 'Beijing', 'latitude': '39.907501', 'longitude': '116.397232'}
关注 应用程序可能与位于OFAC制裁国家 (China) 的服务器 (vfx.mtime.cn) 通信。
{'ip': '58.220.52.204', 'country_short': 'CN', 'country_long': 'China', 'region': 'Jiangsu', 'city': 'Yangzhou', 'latitude': '32.397221', 'longitude': '119.435829'}
关注 应用程序可能与位于OFAC制裁国家 (China) 的服务器 (g.cn) 通信。
{'ip': '180.163.151.162', 'country_short': 'CN', 'country_long': 'China', 'region': 'Shanghai', 'city': 'Shanghai', 'latitude': '31.224333', 'longitude': '121.469139'}
关注 应用程序可能与位于OFAC制裁国家 (Hong Kong) 的服务器 (www.sina.com.hk) 通信。
{'ip': '218.213.85.210', 'country_short': 'HK', 'country_long': 'Hong Kong', 'region': 'Hong Kong', 'city': 'Hong Kong', 'latitude': '22.285521', 'longitude': '114.157692'}
关注 应用程序可能与位于OFAC制裁国家 (China) 的服务器 (ce3e75d5.jpush.cn) 通信。
{'ip': '120.233.50.93', 'country_short': 'CN', 'country_long': 'China', 'region': 'Guangdong', 'city': 'Shenzhen', 'latitude': '22.545540', 'longitude': '114.068298'}
关注 应用程序可能与位于OFAC制裁国家 (China) 的服务器 (pv.sohu.com) 通信。
{'ip': '58.221.30.105', 'country_short': 'CN', 'country_long': 'China', 'region': 'Jiangsu', 'city': 'Nantong', 'latitude': '32.030281', 'longitude': '120.874718'}
关注 应用程序可能与位于OFAC制裁国家 (China) 的服务器 (appgallery.cloud.huawei.com) 通信。
{'ip': '49.4.35.16', 'country_short': 'CN', 'country_long': 'China', 'region': 'Beijing', 'city': 'Beijing', 'latitude': '39.907501', 'longitude': '116.397232'}
关注 应用程序可能与位于OFAC制裁国家 (China) 的服务器 (h5.m.taobao.com) 通信。
{'ip': '121.228.130.197', 'country_short': 'CN', 'country_long': 'China', 'region': 'Jiangsu', 'city': 'Suzhou', 'latitude': '31.311390', 'longitude': '120.618057'}
关注 应用程序可能与位于OFAC制裁国家 (China) 的服务器 (resolver.msg.xiaomi.net) 通信。
{'ip': '220.181.106.150', 'country_short': 'CN', 'country_long': 'China', 'region': 'Beijing', 'city': 'Beijing', 'latitude': '39.907501', 'longitude': '116.397232'}
关注 应用程序可能与位于OFAC制裁国家 (China) 的服务器 (store.hispace.hicloud.com) 通信。
{'ip': '123.249.62.130', 'country_short': 'CN', 'country_long': 'China', 'region': 'Guangdong', 'city': 'Guangzhou', 'latitude': '23.127361', 'longitude': '113.264252'}
关注 应用程序可能与位于OFAC制裁国家 (China) 的服务器 (merchant.5upay.com) 通信。
{'ip': '39.96.128.164', 'country_short': 'CN', 'country_long': 'China', 'region': 'Beijing', 'city': 'Beijing', 'latitude': '39.907501', 'longitude': '116.397232'}
关注 应用程序可能与位于OFAC制裁国家 (China) 的服务器 (tsis.jpush.cn) 通信。
{'ip': '116.63.207.127', 'country_short': 'CN', 'country_long': 'China', 'region': 'Shanghai', 'city': 'Shanghai', 'latitude': '31.224333', 'longitude': '121.469139'}
关注 应用程序可能与位于OFAC制裁国家 (China) 的服务器 (webox.5upay.com) 通信。
{'ip': '47.95.113.116', 'country_short': 'CN', 'country_long': 'China', 'region': 'Beijing', 'city': 'Beijing', 'latitude': '39.907501', 'longitude': '116.397232'}