安全分析报告:
安全分数
安全分数 47/100
风险评级
等级
- A
- B
- C
- F
严重性分布 (%)
隐私风险
3
用户/设备跟踪器
调研结果
高危
4
中危
14
信息
3
安全
2
关注
8
高危 基本配置不安全地配置为允许到所有域的明文流量。
Scope: *
高危 应用程序使用带PKCS5/PKCS7填充的加密模式CBC。此配置容易受到填充oracle攻击。
应用程序使用带PKCS5/PKCS7填充的加密模式CBC。此配置容易受到填充oracle攻击。 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x04g-Testing-Cryptography.md#identifying-insecure-andor-deprecated-cryptographic-algorithms-mstg-crypto-4 Files: com/efs/sdk/base/a/h/c/a.java, line(s) 20,36 com/polymerization/app/v2/ui/aw/utils/AwDecode.java, line(s) 82 com/polymerization/app/v2/ui/bls/utils/BlsUtils.java, line(s) 101,113 com/polymerization/app/v2/ui/cs/utils/CsAESEncryptUtil.java, line(s) 24,50 com/polymerization/app/v2/ui/dyd/utils/DydUtils.java, line(s) 33 com/polymerization/app/v2/ui/fg/utils/FgImageUtils.java, line(s) 10 com/polymerization/app/v2/ui/home/utils/GameUtils.java, line(s) 138,150 com/polymerization/app/v2/ui/md/utils/MdUtils.java, line(s) 43,51 com/polymerization/app/v2/ui/mm/utils/MmEncodeUtility.java, line(s) 28 com/polymerization/app/v2/ui/mm/utils/MmUtils.java, line(s) 80,98 com/polymerization/app/v2/ui/mml/utils/MmlUtils.java, line(s) 80,98 com/polymerization/app/v2/ui/pdd/utils/PddSecurityUtils.java, line(s) 13,25 com/polymerization/app/v2/ui/xhf/utils/XhfAESUtils.java, line(s) 39,54 com/uc/crashsdk/a/c.java, line(s) 37
高危 应用程序在加密算法中使用ECB模式。ECB模式是已知的弱模式,因为它对相同的明文块[UNK]产生相同的密文
应用程序在加密算法中使用ECB模式。ECB模式是已知的弱模式,因为它对相同的明文块[UNK]产生相同的密文 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x04g-Testing-Cryptography.md#weak-block-cipher-mode Files: com/polymerization/app/v2/ui/a91tv/utils/A91ImageUtils.java, line(s) 12 com/polymerization/app/v2/ui/a91tv/utils/A91Utils.java, line(s) 170,182 com/polymerization/app/v2/ui/dk/utils/DkAESUtils.java, line(s) 13,25,37,48,60,71
高危 使用弱加密算法
使用弱加密算法 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x04g-Testing-Cryptography.md#identifying-insecure-andor-deprecated-cryptographic-algorithms-mstg-crypto-4 Files: com/polymerization/app/v2/ui/md/utils/MdUtils.java, line(s) 43,51 com/polymerization/app/v2/ui/pdd/utils/PddSecurityUtils.java, line(s) 13,25
中危 应用程序存在Janus漏洞
应用程序使用了v1签名方案进行签名,如果只使用v1签名方案,那么它就容易受到安卓5.0-8.0上的Janus漏洞的攻击。在安卓5.0-7.0上运行的使用了v1签名方案的应用程序,以及同时使用了v2/v3签名方案的应用程序也同样存在漏洞。
中危 应用程序可以安装在有漏洞的已更新 Android 版本上
Android 5.0-5.0.2, [minSdk=21] 该应用程序可以安装在具有多个未修复漏洞的旧版本 Android 上。这些设备不会从 Google 接收合理的安全更新。支持 Android 版本 => 10、API 29 以接收合理的安全更新。
中危 应用程序已启用明文网络流量
[android:usesCleartextTraffic=true] 应用程序打算使用明文网络流量,例如明文HTTP,FTP协议,DownloadManager和MediaPlayer。针对API级别27或更低的应用程序,默认值为“true”。针对API级别28或更高的应用程序,默认值为“false”。避免使用明文流量的主要原因是缺乏机密性,真实性和防篡改保护;网络攻击者可以窃听传输的数据,并且可以在不被检测到的情况下修改它。
中危 应用程序数据可以被备份
[android:allowBackup=true] 这个标志允许任何人通过adb备份你的应用程序数据。它允许已经启用了USB调试的用户从设备上复制应用程序数据。
中危 应用程序可以读取/写入外部存储器,任何应用程序都可以读取写入外部存储器的数据
应用程序可以读取/写入外部存储器,任何应用程序都可以读取写入外部存储器的数据 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x05d-Testing-Data-Storage.md#external-storage Files: com/blankj/utilcode/util/CleanUtils.java, line(s) 32 com/blankj/utilcode/util/CrashUtils.java, line(s) 43,45 com/blankj/utilcode/util/ImageUtils.java, line(s) 1096,1106 com/blankj/utilcode/util/LogUtils.java, line(s) 704,705 com/blankj/utilcode/util/PathUtils.java, line(s) 165,169,173,177,181,185,189,193,197,201,207,209,106,110,114,118,122,126,130,134,138,142,148,150 com/blankj/utilcode/util/SDCardUtils.java, line(s) 19,23 com/blankj/utilcode/util/UriUtils.java, line(s) 84,72,105,211 com/danikula/videocache/StorageUtils.java, line(s) 14 com/flurry/sdk/he.java, line(s) 41 com/lzy/okgo/convert/FileConvert.java, line(s) 25,42 com/lzy/okserver/OkDownload.java, line(s) 35 com/polymerization/app/v2/ui/kc/utils/KcUtils.java, line(s) 57,58 com/polymerization/app/v2/utils/CrashHandler.java, line(s) 117 mirrorb/android/hardware/location/C0432.java, line(s) 357
中危 文件可能包含硬编码的敏感信息,如用户名、密码、密钥等
文件可能包含硬编码的敏感信息,如用户名、密码、密钥等 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x05d-Testing-Data-Storage.md#checking-memory-for-sensitive-data-mstg-storage-10 Files: cn/hutool/cache/impl/CacheObj.java, line(s) 46 cn/hutool/core/lang/Pair.java, line(s) 30 cn/hutool/core/lang/tree/TreeNodeConfig.java, line(s) 13,9,10,11 cn/hutool/json/serialize/TemporalAccessorSerializer.java, line(s) 11,12,13,14,15,16,17 com/blankj/utilcode/constant/RegexConstants.java, line(s) 26 com/bumptech/glide/load/Option.java, line(s) 74 com/bumptech/glide/load/engine/DataCacheKey.java, line(s) 33 com/bumptech/glide/load/engine/EngineResource.java, line(s) 90 com/bumptech/glide/load/engine/ResourceCacheKey.java, line(s) 81 com/bumptech/glide/manager/RequestManagerRetriever.java, line(s) 32 com/efs/sdk/base/Constants.java, line(s) 14 com/efs/sdk/pa/a/c.java, line(s) 142,108 com/lzy/okgo/cache/CacheEntity.java, line(s) 13,85 com/lzy/okgo/exception/CacheException.java, line(s) 6,10 com/polymerization/app/v2/AppConfig.java, line(s) 78,20 com/polymerization/app/v2/ui/a91tv/utils/A91Utils.java, line(s) 29 com/polymerization/app/v2/ui/aw/utils/AwDecode.java, line(s) 14 com/polymerization/app/v2/ui/bls/utils/play/BlsHlsPlaylistParser.java, line(s) 70,82 com/polymerization/app/v2/ui/cn/utils/AESCBCCrypt.java, line(s) 18 com/polymerization/app/v2/ui/cn/utils/AESFileCrypt.java, line(s) 10 com/polymerization/app/v2/ui/cs/utils/CsAESEncryptUtil.java, line(s) 18 com/polymerization/app/v2/ui/fg/utils/FgUtils.java, line(s) 15 com/polymerization/app/v2/ui/fg/utils/play/FgHlsPlaylistParser.java, line(s) 69,81 com/polymerization/app/v2/ui/home/utils/GameUtils.java, line(s) 23,24 com/polymerization/app/v2/ui/ttt/utils/play/TttHlsPlaylistParser.java, line(s) 69,81 com/polymerization/app/v2/ui/xhf/utils/XhfAESUtils.java, line(s) 11 com/polymerization/app/v2/utils/cache/AppHlsPlaylistParser.java, line(s) 68,80 org/checkerframework/framework/source/SourceChecker.java, line(s) 83,85 org/checkerframework/nonapi/io/github/classgraph/json/JSONUtils.java, line(s) 13
中危 IP地址泄露
IP地址泄露 Files: cn/hutool/core/net/Ipv4Util.java, line(s) 201,201,19,201,201,201,201,201 cn/hutool/core/net/MaskBit.java, line(s) 11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42 cn/hutool/core/net/NetUtil.java, line(s) 47,165 cn/hutool/crypto/asymmetric/Sign.java, line(s) 175 cn/hutool/db/nosql/redis/RedisDS.java, line(s) 58 cn/hutool/extra/ssh/JschUtil.java, line(s) 103 com/blankj/utilcode/util/NetworkUtils.java, line(s) 102 com/danikula/videocache/HttpProxyCacheServer.java, line(s) 27,46,50,127 com/polymerization/app/v2/AppConfig.java, line(s) 119 com/uc/crashsdk/a/d.java, line(s) 180 com/uc/crashsdk/a/h.java, line(s) 147 com/uc/crashsdk/e.java, line(s) 717
中危 应用程序创建临时文件。敏感信息永远不应该被写进临时文件
应用程序创建临时文件。敏感信息永远不应该被写进临时文件 Files: cn/hutool/core/io/FileUtil.java, line(s) 490 cn/hutool/core/net/multipart/UploadFile.java, line(s) 133 org/checkerframework/common/util/TypeVisualizer.java, line(s) 39 org/checkerframework/nonapi/io/github/classgraph/fastzipfilereader/NestedJarHandler.java, line(s) 217 org/checkerframework/org/plumelib/util/FilesPlume.java, line(s) 317 org/checkerframework/org/plumelib/util/UtilPlume.java, line(s) 414
中危 应用程序使用不安全的随机数生成器
应用程序使用不安全的随机数生成器 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x04g-Testing-Cryptography.md#weak-random-number-generators Files: cn/hutool/core/img/ImgUtil.java, line(s) 53 cn/hutool/core/lang/id/NanoId.java, line(s) 5 cn/hutool/core/util/ArrayUtil.java, line(s) 30 cn/hutool/core/util/PrimitiveArrayUtil.java, line(s) 5 cn/hutool/core/util/RandomUtil.java, line(s) 20 com/efs/sdk/base/a/a/c.java, line(s) 9 com/efs/sdk/base/a/c/a/c.java, line(s) 16 com/efs/sdk/base/a/h/b.java, line(s) 11 com/efs/sdk/base/newsharedpreferences/SharedPreferencesNewImpl.java, line(s) 27 com/efs/sdk/pa/config/ConfigManager.java, line(s) 9 com/polymerization/app/v2/ui/xhf/utils/XhfAESUtils.java, line(s) 5 com/uc/crashsdk/e.java, line(s) 55 org/checkerframework/checker/index/IndexMethodIdentifier.java, line(s) 31,32 org/checkerframework/org/plumelib/bcelutil/StackVer.java, line(s) 7 org/checkerframework/org/plumelib/util/CollectionsPlume.java, line(s) 18 org/checkerframework/org/plumelib/util/MultiRandSelector.java, line(s) 6 org/checkerframework/org/plumelib/util/RandomSelector.java, line(s) 5
中危 SHA-1是已知存在哈希冲突的弱哈希
SHA-1是已知存在哈希冲突的弱哈希 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x04g-Testing-Cryptography.md#identifying-insecure-andor-deprecated-cryptographic-algorithms-mstg-crypto-4 Files: cn/hutool/core/util/RandomUtil.java, line(s) 46 com/polymerization/app/v2/ui/cs/utils/CsMD5Utils.java, line(s) 16 com/polymerization/app/v2/ui/dyd/utils/DydUtils.java, line(s) 121 com/polymerization/app/v2/utils/Utils.java, line(s) 135 org/repackage/a/a/a/a/c.java, line(s) 58
中危 MD5是已知存在哈希冲突的弱哈希
MD5是已知存在哈希冲突的弱哈希 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x04g-Testing-Cryptography.md#identifying-insecure-andor-deprecated-cryptographic-algorithms-mstg-crypto-4 Files: cn/hutool/core/lang/UUID.java, line(s) 60 cn/hutool/core/lang/hash/KetamaHash.java, line(s) 26 com/blankj/utilcode/util/EncryptUtils.java, line(s) 103 com/blankj/utilcode/util/FileUtils.java, line(s) 809 com/danikula/videocache/ProxyCacheUtils.java, line(s) 70 com/efs/sdk/base/a/h/c/b.java, line(s) 30 com/polymerization/app/v2/ui/aw/utils/AwMD5Utils.java, line(s) 15,58 com/polymerization/app/v2/ui/bls/utils/BlsUtils.java, line(s) 75 com/polymerization/app/v2/ui/cs/utils/CsAESEncryptUtil.java, line(s) 61 com/polymerization/app/v2/ui/cs/utils/CsMD5Utils.java, line(s) 42 com/polymerization/app/v2/ui/fg/utils/FgSignUtils.java, line(s) 85,25 com/polymerization/app/v2/ui/fg/utils/FgVideoDecrypt.java, line(s) 32 com/polymerization/app/v2/ui/kc/utils/KcUtils.java, line(s) 144 com/polymerization/app/v2/ui/md/utils/MdDeviceUtil.java, line(s) 9 com/polymerization/app/v2/ui/mm/utils/MmUtils.java, line(s) 75,109 com/polymerization/app/v2/ui/mml/utils/MmlUtils.java, line(s) 75,109 com/polymerization/app/v2/ui/pdd/utils/PddMD5Utils.java, line(s) 13 com/polymerization/app/v2/ui/ttt/utils/TttAesUtils.java, line(s) 50,105 com/uc/crashsdk/a/g.java, line(s) 507
中危 应用程序使用SQLite数据库并执行原始SQL查询。原始SQL查询中不受信任的用户输入可能会导致SQL注入。敏感信息也应加密并写入数据库
应用程序使用SQLite数据库并执行原始SQL查询。原始SQL查询中不受信任的用户输入可能会导致SQL注入。敏感信息也应加密并写入数据库 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x04h-Testing-Code-Quality.md#injection-flaws-mstg-arch-2-and-mstg-platform-2 Files: com/danikula/videocache/sourcestorage/DatabaseSourceInfoStorage.java, line(s) 6,7,27 com/lzy/okgo/db/DBHelper.java, line(s) 4,5,43 com/lzy/okgo/db/DBUtils.java, line(s) 4,9 com/polymerization/app/v2/utils/sql/RecordSQLiteOpenHelper.java, line(s) 4,5,19 com/polymerization/app/v2/utils/sql/RecordsData.java, line(s) 6,59
中危 应用程序包含隐私跟踪程序
此应用程序有多个3隐私跟踪程序。跟踪器可以跟踪设备或用户,是终端用户的隐私问题。
中危 此应用可能包含硬编码机密信息
从应用程序中识别出以下机密确保这些不是机密或私人信息 C84261386B30D677887D1EA344E5DC55 C6EC87467D057F4F5F3C9F508819F6CDCBC006215D427ED73307267933E53321F3620DCA4F5CA11D 6FE62335E166A1BC1D726F67A575B625D6006AFEE5BD55EF156E8489BDD2350E 2DE9081F7D1FE6F61DD4DF4DBBC0D714 3EB6650D8639BD6BA801D70D2B1590AC2B6B52E3E7EC12F8 C84261386B30D67728A934D29D8C697E F6198E5E717A3244CB93B6EA585E199C2CDDA87A7BEFBD21 C8721ECEE5722052F77953B9C62900B67F6949A18A9841C7 97BB583F0428F6EA5ADC690FFB22C06B363D1327D9A4657ECC499D3C5D8E5973E3990C330A1626EF FE0161083793D8CAA1C925533227F7B26E3EC9FBEC5B3848C5132144F4CB5420 DD2C128842403852C7D98FD676D78F746E380C18DA5E850D1271B1A123DDCFF3 A2ECDE587D1C7C48A4AC4061647F0717 485C1F3488C571E9C68BC0610C678DC3733A6EA688E3B236 805DC61EDA2351957CB095263BE78E79EC6EE3B35B4A9279 9778397bd097c36c9210c9274c91aa F955D6CD6E76262A89F98455D93D803224EA3AA4C86860A3 7f0e27f1487f531b0b0bb0b6fb0722 2a9a17fbfdae9f435835ce19428dad56 7F69B1F69C059D83A97198E7900F9736 27895E8863E851F293BE90E15D4E6FD1091E1701CC5FCC563333396A4035ED2311BAF4326725EF6EB0A1268DB4943926C9449EEA750C6DF96351F450453CBF113874785DA92F0142718A8A0BED6C0463BC068B08B73D74A2A25226F4EADD07FA5BBFF98B69D40990DE414C0865923E1336B47F80DE6FB922DF55A684D96E7D4E 7f07e7f0e37f14998083b0787b0721 9717D0C529424CB872339577454CCE1D E3545870FDB596FB9ABBE5155F2418B2 485C1F3488C571E9C68BC0610C678DC36D1152DFD788AFC17AF37689E591559D D1B996D32EDDC2ADBD9D8B5D841654F28F800C6D9044FAA2AD42F9D11538C2C4 E55BADC7A42829C63751916332AE6719A29BB7348E647C35DDAB250A1E68CB9A CC38E38E25CEAD0CC1E1FAACE677AE624BB95F42CF37F653EF7FD8B9CC5E8A8803F8306571ADE336B9B21D9B7E580BB6 6F26F074A06EF9E94BCF9D07875834B24D4683BEE4F9844132FDA71B26DB0884 F3FA29A454D58C281AC864E4D3CD2FF19CB61E367867FC2E4B6A7D2F5451B778 665f67f0e37f14898082b0723b02d5 97745B701803821FC4DAA84E293D44EE B6F7519866F39E53AC510DB58AA4C24554683D21A83540F2 7f0e37f5307f595b0b0bc920fb0722 DD2C128842403852E10FF0F005DEC3FC56F7EAEAD427212C95F2B5152EBC23FE229BA8D444B471CF 7BE95BB408B3958CA14EAA5277609E5954FF69021688CFEDCCF14BC9B890265A 9778397bd19801ec9210c965cc920e 49598275AD670617D38DF02958AFD76F 6977C9672D1480353F71FE36FA3D286F C1B8AAA9E6547633BCD86511A183DEFF3CC289133C7F18F27BF459213F4CFFDD90CCAD9F29E2096ADE0B377289F88C3CC83B32181C6212D0AF64C977A372B5A57CD7523D5B0CA06F F07AC86EE27AF30EC4D5F3842B47F8242D0033CFD814F4F49F9828F46A1D9785 7ec967f0e37f14898082b0723b02d5 eyJpc3MiOiJodHRwczpcL1wvZ2Z3Lmdvb2dsZS5jb20iLCJhdWQiOiJhcHAtdXNlcnMiLCJleHAiOjE2NTkxNDcyNjcsImp0aSI6ImY2MTkxNGQ3MWFmMmE0MTY2NDFkYjc3MjZkYTkyNDNlIiwiaWF0IjoxNjU5MDM5MjY3LCJ1c2VyX2lkIjoiSTI3NUNGIiwidmVyc2lvbiI6IjEuMS42IiwiZGV2aWNlX25vIjoiMDY3NDUyMTMtNDAwNy00OGQ0LTkzNjMtMzZiN2FlZTM1Mzg0IiwiZGV2aWNlX3R5cGUiOiJBIiwiaXAiOiIxIn0 9778397bd097c36b0b70c9274c91aa 4D3F65F5ECC02D476B33A5FD0F8DF4AB5F257421ADA891333F04A3D48C4178BE 7f0e397bd097c35b0b6fc9210c8dc2 AE86BAA1829D60CDF3BC75A83A3C794D098AC32A3BC0F29D8038252F52DC412366D0DA38EB1E93850B3FA26DA2FF871906E622A4CAEB6C60 DF4F7C479D85A37F8FFB4B99A1ACA025C80A6935D923582D91C88F8BDDDF8FED C749D033AFE42204C50F7DDCD8F0565800DB62E255463F18CD1C0D0504AD5A87 97b6b7f0e47f531b0723b0b6fb0721 DD2C128842403852C7D98FD676D78F74F23493D16CA376A853593A7F9D98701ABB0F3B1EE5AA4970 D66A7082D205A006A1A1D32CEEE0DEC6 977837f0e37f14998082b0787b06bd 9778397bd19801ec9210c9274c920e 22C8AA5FCE134FA8E4F944A493B48D8DFDB59523D7E62A0E 2ADFAB91DFF1C8C9195C18FD780C8C510ABFF01592C65094 BAA0792348D1C61258982E65C88D3059AED90092AB4A450F C9F59FE736B4EDDAE78999E3C6EC84DD 7f0e397bd097c35b0b6fc920fb0722 vh9wGkfK8YmqbsoENP3764SeCX0dVzrgy1HRtpnTaLjJW2xQiZAcBMUFDu5 97bcf7f0e47f531b0b0bb0b6fb0722 F16533F57FBF200AA27C6BAD4C0CD1A3336767E6D41F8274 556AC84FD8C24C420DD4A8B059DF1779 F8E500899394BC15C39E97DD36D185BB8209DB9459674A9E995B2F99D586EE0DB4CA5B6226A0193CFE4600D00A347F36 1BB470FD7C2F29C85C3EB743D7F0A5B87147A564B35979A1505A02C9D997EB60 0E7555EE27CEEBF48EF455937EDEC3FA 758CB5A7B208A0998A60A4EB6F027E1DAD0BDA8A06D8DC79C2F7D56D062690163595752487B90E62B7A554079E386BE8 6F08F6E4ABB7AA63B9144E32A85F5B1A 42845300EA9C1428080C68DB34E4A91A 03f870871950c148387b251894ed3e88 BD4567619649E3D124654A74BEC7D9908022F141AFFF8DB9F2848701D5BFDD58 98AC6D739DC00A921EA4A9D6E791013D DECEAF978EDE053345A653D2FEF3E1BAFE8D3B195F89A67DC0C73AA75D446C34 5FD3E3A6B13BB2ED0033FE94865770F7 473CE5013F9A7301114B2B216FD019DF786D5B7C753AF28A42F4584BDB6DAA69 485C1F3488C571E9CE6C5B59194088AC10DA5DBA4445AACB F3FA29A454D58C281AC864E4D3CD2FF17A8CE51730ADB524 7f07e7f0e37f14998082b0787b0721 C752C9FB9256A343E02BBC98A176BDEF800E81A171FA5303 97b6b97bd19801ec95f8c965cc920e 9Wdcu36Ih6cFpObJSCPYQr3qmr1RyESYxkhLyVkvQf8= 977837f0e37f149b0723b0787b0721 4B92A3DDC04674D4A53329E91FAA9D57 1D186817FF6E4F9594857239CC26E52C F955D6CD6E76262AB26C4420649E0613BEB077357DFB74DE735C91ED866341DA C8389913B1E4DBACEEFFD7E8BF7AD76328636DDE20DBCBC53AEED7C59A8A8B0675CDAE9D8731EB227D8F6665213DCE2E 5FC68A6AE004A308EF0FBF2953899370B09BD93EC55B6B11B81924B0130D80CB 22C8AA5FCE134FA8A8E6916EFD43D1C99C86CCDC83A78565 C627E8B51BC17CB3FB68BB0695BF13B98184EEC3155053E2 1ADD19A77E504C1379FE58339DC14F9905F3AC14D2B98D9A5DE884AB7022C4D1 805DC61EDA235195826ACC2DCDAE6A93338CF0CA439130905769F4B4CE6A534A2E03593D13F2D330 97b6b97bd19801ec9210c9274c920e 9778397bd097c36c9210c9274c920e cAajgxHlj7GTSEIzIYIQxmEloOSoJq7VOaxWHfv72QM= CD1305072CAE2473CE5D33AF5878B4DEF86BB05E23D9D1C8A9EB12BFACD085CC edef8ba9-79d6-4ace-a3c8-27dcd51d21ed 977837f0e37f14898082b0723b02d5 28D7F4F0938ED7088292ADB7DD3F6BCA F955D6CD6E76262A08A6B83CA55F93495CAF1AB3261AAAE8A0B222126BD9EADCBF95CB40E135444E1E05B47A259BB1D9 5AC33705718F0C53EC2EA497AC029F72 EACF04968056D7BB5A34F5E58BFC930CBCACC167D028949802C898853A63E365 805DC61EDA2351955360A309B8BD9EBA5118071B49D6531601266065A033D96B7747E549223BABA092D55DB072C29E7C4E493913AFE84BBA260D8A2DB5DC5B8F A08C863135F09F0897F5F89B5CE46D73AC3A95F30978B2E6 DE15558774D90171011AF3CBFAD5452A0FB287614E9C78EB80E92E5A8D47ED324DBC285662B862A047946B8A304B6FD14DD16E38943B2D8891451E6C0C6822BC4A4CF5316B30AA74 269C787CE79DB7C73479E1E9A0C34524 4E6C33CC2225B4CA3181A694DDA0B783B005462FBE5D7514 805DC61EDA235195735FE6997D63C1417D38820AE9BFCA2D0FAE09C2953C63C22E5DC81493039CCE 97bcf7f1487f531b0b0bb0b6fb0722 78BF73E1B1CCE344EE29E5BADEBF6423F0E136D2 7f0e397bd097c36b0b6fc9210c8dc2 805DC61EDA23519528E6D0FFFAC3F9974874431025405532E96FFFFA847912C4B4AAB883FD97B85BA60D972A8C6992631D02F7669F96C0C915EE050B0BCF87381F25B43CC79685783578586F98D0C3F52AF37813733D86CA 97b6b97bd19801ec9210c965cc920e DE15558774D90171011AF3CBFAD5452A0FB287614E9C78EB80E92E5A8D47ED324DBC285662B862A047946B8A304B6FD14DD16E38943B2D883545E451AEE047B64B40A3BFCEF69AFAF5FD95306A47D08F 7f07e7f0e47f531b0723b0b6fb0722 7f07e7f0e47f149b0723b0787b0721 6FE62335E166A1BC50C3E6D3549BB1FC84CD283878EE0363 7ec967f0e37f14998082b0787b0721 D046F899EB3F13F0220673272AD8A8869FFEF023923DF6F8638F1801643D17F20A29565DDA908C8935FA51553BDD1901 69E5E65D1CD9BDD128978965CB7F00A5 29D5BA5B6EAC859070CD40734B1CB5701184A91194B9E02F11A8CEDF4A781755 4261D7DD0EC287140E33180838779B54 C6EC87467D057F4F21C3EB5CA1F72DC147E66FD203138C342B4A42D64067D9A50D741CE85F5F26B6 F07AC86EE27AF30EC4D5F3842B47F824FB10618D5CC87F772FB54D43CF7AE521 665f67f0e37f14898082b072297c35 5743c3ccb802264b3063f8884bbc732d7b6d559225fce8aabb0f2c47d7b6bf0f90c95fd60650ac4ee197595a9d47a331bb9994be8c3b8af0 5973240BF0813B78E1727C9F54D288F4 7D56DF6391744296D7BBD8A46C8E9DE4 94128B4AEA4078713876815251F22E68 190567F62F3A2684C9FC4CA8CF90DC11 362CA7AFA951E9691148C1468D3B61E912D35B379BC8B42C 6DDA1554C7397DA638F5BF6A0B3CA362 50FD1D84C447912A8C276F0BF96EAAE0 A790F71AB57DD5C2DE1326DCDC5471F9 7f0e37f1487f531b0b0bb0b6fb0722 2640878699580dd03a2b2d98306c50a0 B5826E6D7CC90BE5D367A1F2B1ADBF7A 7f0e27f0e47f531b0b0bb0b6fb0722 DD2C128842403852E10FF0F005DEC3FCAF219861952D8A553B8B6D2940C9C01D1D7CF42F5D8584852C9381A5915F7F02 C545FFAFE86A902E121376DD385071B5 977837f0e37f14998082b0787b0721 7f0e36665b66a449801e9808297c35 805A980004A00CAD21E07C9FCCC62F896256420CAD72102C 805DC61EDA235195E08E2B9BAEA3D64FE4CAEDE81E02921AF5E92E609F9E764771DE2A73DE3A4D814F8FC1561DF692783BF8785C05CD18A03B4843384D2724C1630EEC6339993691BF605B9BE61B0C39 665f67f0e37f1489801eb072297c35 F3FA29A454D58C286DEC92B9DCF29CFA3DAA9A533324989D j9waHdzZibRcXNehrityyc2na5CNGyEz 30A27B6148A0528EA4D073057DB1B020 DC9E886A46189C061ED1A008CDF331C8 A2C2AD4D147D9DFA155633AF5285B80D b027097bd097c36b0b6fc9274c91aa 4555CC234AECEFD08A4EE39E77E04EAA7CF5B58931E486C2D592C5E57D164E4D DD632A40825E4C711E191152704CA5646A7395DE8BF0C39A90633F0423E24CE5BA40F669FC367022 07624E2EA5FF6B0051197838FD91ED1C1F141C638E36C783 EA7043B83408558C57F40141D684601E 97745B701803821F4238DB8735FEF03D 97859F29C6208CFD30C7F245B0D6116C5960913C14EC97249EADBC1FF9F47E591C0D3FE3031ECE55422077AF1686A84F5C1A8FABF892B2D004487AD7A2AFCAE9AA7E58FC53664DD3 7ABC62546B425F89F1DB79702F6CF49C2027E46CDA68BD5BDF9AB294074564C3 242F1296684A219E5881AA69E01C6980 97bd07f1487f595b0b0bc920fb0722 A0FFA2DBC8E4C73A6B989DD27B86D91AC7C46213955122326DF82D6F5013E959D996ED638D73EE3CEEB431ED574A78ED2379202E1F366B6C7ED4D57E5799C00D51767146A64E78A0950FEB52E4F1D0C19F4F4FAC3DE0D8516C77B2C143F3E65AED4BCB4EEFCDE532CE811E314EE08727 16a09e667f3bcc908b2fb1366ea957d3e3adec17512775099da2f590b0667322a 7f0e37f1487f595b0b0bb0b6fb0722 43802EED616B59D7467DA6000C92DFBEB8715DA5837A93F3871DEFA21A41BC1E WoiWRyIOVNa9ihaBciRSC7XHjliYS9VwUGOIud4PB18= B6EBA40A4703ACD3033570C754E3495A 97bd097bd097c36b0b6fc9210c8dc2 80E3D49FE5BBB38AD0FB4A6918411F6DF061A24A776B56F9F829B92C968329EB7320E0A77213F0567C2BC835DF80FD23 DED948501A3260A87C3CB54ECCEEB475 F955D6CD6E76262AB26C4420649E06138D234D81DABAF7CA0E9BC9667A4A532D 2C670D8DE3CF72F34E7A3F6FDDB5365B 805DC61EDA23519536679026062157C8A8F75600C5E8ACF4 F955D6CD6E76262A237F1EF828990672CC883835ACD83E891AD3799AF97A67F7 7f0e36665b66aa89801e9808297c35 6FE62335E166A1BCE560E8F01A01C2A3 7ec967f0e37f14998082b0723b06bd ASmVfZWyR6Gpui4G01MDAa5sjctizSqK 27A4FD61C5821BA9842C39B7A5F723E4 805DC61EDA235195E08E2B9BAEA3D64FE4CAEDE81E02921AF5E92E609F9E764771DE2A73DE3A4D814F8FC1561DF692783BF8785C05CD18A0C5F1154696CDC617C64AE4D8FF7CD773207B8887A80AF964 F3FA29A454D58C28C4F60B1B8849588F1E9B06B8F047EB523746CF510B852A0C70A2FF0BA54F1049 18504195CB08533C97F59685CDAE8BEA F20C81F0B487BB073A32F48C9906B9F5 54E5CC0D544F155495501C3004C0759723029A648C0D6E92 uUwZgwDOxcBXrQcntwu+kYFpkiVkOaezL0WYEZ3anJc= 97b6b7f0e47f531b0723b0787b0721 229DD51A81E5399E4684D78E21ABC91E5570999928FAE63D DD2C12884240385216F68A69EEB652BC847162A9D1FC22B3E406544665C1C33C7A13DFAE38CBBB19 0B7587B223255AD6D8C174B50A852906 AA4979465BDC4D3DA1C43D4D7B1035B4F38A86B9 MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAErF67y4l+5ISGEqtqeVLFiqiywMKmIQ4b9iiFq54Oy+sQedjTqm4ewXCLxp0FEpJmV+Kehq7HO5f2j4MDx0HqcMg0TGzPNavyZ/6OWWi9QVSLsOvX4bw9laat0ph4T7fM 1AC4474F806E1B4F1C220214BA11F9D40889D5C311620A2C7F2790D1889A1357B4FA16E8A0E82708 Q8YXGj7vAx8jrqqHybr0WC9soUVZjD7K6aIKGXH8 515ADAACC13B4550AE1CB50CDB7FB925 A08C863135F09F0897F5F89B5CE46D7314B8C4F1F9E32C96C32AB90843107F6B 0123456789ABCDEFGHJKLMNPQRSTUVWXYZ 4B7BCC4C8AEA20ABA3EEC56AB93970B8761BA3E3D20EC1D9 F2112FB1CDAAB20DE59F4A3408B350E4 C2A830A5E687678418F88F652984E925 1AC4474F806E1B4F1C220214BA11F9D40889D5C311620A2C7C297DBC73BF80887CAD3474CF1A78EC 7f0e27f1487f595b0b0bb0b6fb0722 A08C863135F09F08E127EA6895E81F5B5892450B6D7B9472 97b6b7f0e47f531b0723b0b6fb0722 7f0e397bd07f595b0b6fc920fb0722 1ADD19A77E504C1379FE58339DC14F9905F3AC14D2B98D9AD56895A0A781DBBCA91A6FE9C315F3B5 6352198648D6644D8CEE503AC5102735D89C5146153C05C307E94C287C7D7F39 8F92F0DBBAF88C840CC684B2DCD097C944829ECB8ADE1E70B2A12FB78315C016 A9EFCF079CC4DF698A633C3A4DF7ADD6F9182A7B8779C6E77607AB8A168F55753ED94469194C9EE3236D0A4B8D9FDA6B 09989548a07461cd211d6fecd7dcd23aba5f5f6872f46a30a61ccded B53F56A769DFFC7F8814561E1B8C92D0 3577B6E635644962CAD4AD27EFB65A2D 1BB470FD7C2F29C85C3EB743D7F0A5B84E1A8ACC2DAAD605 BF414359B1C23DB3B2BDC4A7C3B344EBF59B79F1B2334B5F 3A67CA10D4F4AB7AC01499BDA18971AF 97b6b97bd197c36c9210c9274c920e 31EC74384C75E1F63FD922C89EE8D82D C6EC87467D057F4F5A351936A1BE499D6F17C5559E1AB4DC98EAAFE9CD73269F7EF9C5C6F1CC4E4E2EF02AFF771BAF406BE896FC7F26A83E 518DD1C0FC554C9D8C1DC73B157DD86961F0AC949AF7FE80F451A545A9835C0B696F6E66F2685405259A02D19DB7302D E51FE2F45839D91A64B0D33F33957725 9778397bd097c36b0b6fc9210c91aa 97745B701803821F4B0400CEF14AEAB87126529B8EEF34F4 805DC61EDA235195C2EAE0467763D50764457F78BFEE9FD2A94EA097D5D510446199F38186E13E162134BFBAEFA362C3 B8911F8F36FC511385334B916F641581CE1742D6426AFD2B82BA13F196F889E3 4fe97ccb0d2344cacb9e8f9c7df43 F9C392D2E8760C045A20C29C283AB2EA EC25A03A424D3ED64BF9C526E290B8E2E034627122D44E22 D05AB539485845134C453B3FF9E7EAEE 958DB2E92B361F373BFB35CCCC296FBB FDCFB21D35C0EDDF0A356D4768EB7A69 97bcf7f1487f595b0b0bb0b6fb0722 33E33114B9B655918F3EC69B18692BC16BF074CA20D30F8DB9A0E311809CC499 2FABFE9EB6E74DC5BDA102A8ADFD1AC9 BF8C69511D111B009460370D67FABC1EF30BE564BE1C4EF9 lseOtTnagHpcXInx9HFUQINLm8IboiBc 7ec967f0e37f14998082b0787b06bd 4F80A23F73A8074A5B2DDB8468A8947B9BFBDB6DE651A666EE6BEA864CDCBF0352ECE5842984AD86 34100CCCF071811E438A0CCF270ACC049C3D6C60C566218D888CABA0E60535E4 90F7E8E20CDA0C18BB2AEDC7656F9F0C 805DC61EDA235195C2EAE0467763D50764457F78BFEE9FD23A0FF4F6B07A0E0F3E5E623575F77865569CEE1152B5B225 MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEUIHE6WoN5aYqD4IWDdIUPN0JyceObw3beer5bNRRL9CfYa6b6ZPm8TOBvrzGI7rdhvVKcWEr8K19H+p6ULitNOhVi2khe0Q2eY277x8J2RYreFsBLn2VpamllAPWP/ug E9338BA1C770EF05E91BD9730ABD11D7778CAB0E39219BF8 ABE0E02AA611094E693D7AA27004D9476D7BECC94A9E275C 6e561ccd4aade2fed458d4da61e76770 3BF70E43115C66B33034DB7FB501A3FBB207D61B80C4AD652F3CF9AD9E10B744 7f0e37f0e366aa89801eb072297c35 EC1F49A0314D0E9DD68C27D826860A409926371BBA909BB38684F1B598CCC078 BC6D028349712F3BF0AF445D509EDA0B324BBA2453E1B245D8837A917D13BB49 2ADFAB91DFF1C8C9195C18FD780C8C510D85BB8FFE8957C3 H3UM16TDFPSBZJ90CW28QYRE45AXKNGV7L 1AC4474F806E1B4FC16D4E1F235FC4558B4071AD73785E2C0A7BC05F88FB3EA395A83ADCBA41A41C 1ADD19A77E504C1379FE58339DC14F9905F3AC14D2B98D9A6E9A0512C84083AE E2616D0288EF3965715637EA11E4B725 8BA0D9F6812FE6D74A1099F4CCACC5CD8621D81E0B126854029129EEF8D033EF 6699B57D100066D4FDE008D0C05ACBBF 7d838ba59b0148760000242d50cf1ffd Wd8xe/qfTwq3ylFNd3IpaqLHZbh2ZNCLluVzmeNkcpw= 97bd0b06bdb0722c965ce1cfcc920f 97bcf97c3598082c95f8e1cfcc920f 04E992D675EDF9EC7E250E6E7DF77D2D 1CBC72F9B572BA6195B65A226D7080E1 10DE8D428365BA04D026A1435513AFE79495ABE1EB8E8820 8eec2d13f3ee72bb022dccacf1e22a82 491A55DC89E6FC11571B3460B8CCA37D F465FF404D3ED7E9B86DC79B7BBBAB24 7f0e27f0e47f531b0723b0b6fb0722 8040D854FC7610984DEB8EB22272DF69 977837f0e37f14998082b0723b06bd 61A87CDCA18609F004A1F4ED569593B9 eDWowITDNUKgND6PfQfA3OMTJ0nm640L 13198C6396C8906158979B69054A4B66 1317766E6259E83043CC11EA7F7C86D26DA99304E36C2D76A41C7238BE3CE1A1 5430612fd3c3c2f1d3886c849fee14c9b14dd397986811c1791743b82ec86e7f615ef1ed5e493d33f8d323d6dc3c5e99273b04bae1be3c1c0086c327788e1d86f713828bf06dc471e73e65955698445e B95C2A929A9FD5A7CFD2C19662D4D8E2 21B4CFC4C2245ADA21897D7F8CD899792DA556CAD088648FEC54D33CED4025A4596ABF266523B58B78B107270AB3EB681739D57D7673F9393478D2475B231F09 0af6fd247c8eabc1662bd8279cbec37e 453A22F91EDD6D8778544FAA6B899687E2E36D8A9A1411D4 ACAB82F91A92816EB4A62947FC83AB4F63E8DAFFEEA5B378 97bd097bd07f595b0b6fc920fb0722 WebKitFormBoundaryP0Rfzlf32iRoMhmb 5934E6950A8818AD178801604AAF2024DF1CC712C3113D69 F1DE69126717A6EEE21E9ADA7152F4AEA238A39C8A408FAFAE3201C4C30B106F40011DF1951EBE82FE2FD26937486A02 CD97BC8BFBBE222C9152D0847AC97AD1349BF691956B6EF84D519773FB915F41 F1ACDF9AE022A2791A6D9D33E394BE6C eyJ1c2VyX2lkIjo4NDQ3MzU4MiwibGFzdGxvZ2luIjoxNjcxNjE1OTA4fQ 9778397bd197c36c9210c9274c91aa 7f07e7f0e37f149b0723b0787b0721 81d7beac44a86f4337f534ec93328370 0DEBA9DBCAD1CA6AD399A7F77FD21209 B887D727DF6DEC5FF898219AFFE07224102E7D466DEA5D0CDDE5A1B755FE8B0D4F82ABB5B767A43C3A580B0977C87EAA 07131CD95FFBB1927AEC8259A87402C3 715E042F67B345B5420EB9460FA156EA535AC348BC33823C 77690C3D24D4E5A30539247ED7501040BC123D6873C82E97 859dc17103afc600584869e0d57a9ab8 A94C4330AEEE79A07AAF244C63C551ED 7f0e26665b66a449801e9808297c35 509EA580A437C0FD7AC93DFEFE3294E88BF36076E7202E2A SVqWumuteCQHvVIaALrOZXuzVVVeS7f4FGxxu6V+es4= CB7F341DA6C1022620DE491823774AF1DC2454B41538417B 361D1889EB415A9014B437BFEEB3AEC3 0123456789ABCDEFGHJKLMNPQRTUWXY 556AC84FD8C24C421FE8B40889575B33 AA18E92FE6C9C63B53783CFE66143A34D951C8CAC5C7355B9CBE856D7C38007E58F88DB12C31EA2CC86553902098D74F0C0D1B848B80AA899CF73B8BBF597960FA5424A8408593AC 97bd07f5307f595b0b0bc920fb0722 D916D445AD8FBB4C820CF7A0E1BCE40CBDBE65358E2212D0CAB7EB2BC2B4F718 7f0e397bd07f595b0b0bc920fb0722 C3EB647C245F3CE34ED9A7F1A8EA29F4BA5D9D6A589F9C4191308AC2DACBC3E85E1B613CAB455F8CE7D78EE824B6615A 1285CE19CF6FAC8C8DE3CC9439DC697E2E85D14146BA0C56CD87BDB2660B3BE36A09C9ECC1B02A6378CDBAE80EB0237C 97bcf97c359801ec95f8c965cc920f 882EA9689C37C66833EB41A87D99D138 8EDEDB9AAAB6D41F59A4B53E0ECF6732 E4F3FAB5B9F5BE722F26141E2BD655F443D6D05E514C489A114C45BA70CC1673 54F1A687613DE487106C41AC0B2EDC92 F955D6CD6E76262A05BB244F1A2C5B7E1325261436A1124E99905AA1F1368466 805DC61EDA2351955360A309B8BD9EBA5118071B49D6531601266065A033D96B7747E549223BABA092D55DB072C29E7CF148957D8A11E7AF2D9DBA7BD48AA7E439C68B9B5EA64A71 1FC618E831D14ADCDE7B948E1891DA9A BC2F2A5B5235795FC936EFDE95646080 97b6b97bd19801ec95f8c965cc920f 6F08F6E4ABB7AA63F0DEA6CFD356CA8F 406659E6E08B5997A6BDD15813D1921C0943BD4E7C5F247E7E16FACFDD3A1098 JbQbUG5JMJUoI6brnx0x3vZF6jilxsapbXGVfjhN8Fg= CC1DD7C95D48200E76B7A77265F8F0C0 6F08F6E4ABB7AA63BE5EF3CB2F674AE3 97b6b7f0e47f149b0723b0787b0721 C143F7D6FB88D6EC0D804FEB93A82C4C ef37c9111210854f5986fc9ebb5548b2ae AA6A6B46E1AEEC2917C80752C243A66CA8AE91726F6C1EFD 97bcf97c3598082c95f8c965cc920f 97bd097bd097c35b0b6fc920fb0722 82FEBEA9DDB5090F5BFA1B2DB3F7A900 805DC61EDA235195835F9B3377DE9F2FEB7CCD8EB19FFE01FD0AFFE56565B8F707D306404A382D5BE2F84EC0F07D6895FC8B862BBC84731B02A38043655B291465E5A6035B5D9D43 F3FA29A454D58C281AC864E4D3CD2FF1C562E2D40EF22DE489747B5C837AA6A2 F88AF004D42BE2E2A4A6B62EFDFD422A895A1421FE2D595671E7A3C18D19670D86B37AD2A58A0B66C7F39D2B88FE1093 OlFXpWEoON2n+EuUuvDOod5lauDh98GLYmCsvBgMwts= UZJDjsNp1+4M5x9cbbdflB779y5YRBcV6Z6rBMLIrO4= 97bd09801d98082c95f8e1cfcc920f df45df6a3d9583b9c286c3b60764cb21 C17BA30A1506D2F771E950BAF7DB22435950753DEFBB95005CA33C38C890BE87 B6F7519866F39E535F2F64AA203F71E76AC2AC915822EC56941A47865788227D 8f2f54c08600aa25915617fa1371441b 5FCD12DE8DD36A56F1F416707F39C32B 251DF560A41CE6C33C769746E5C41AD2FB519A0383624D74 34DFA62279E55324696D1FB81E292E7C D6E7520CC664C117467388B15ED3BABA 9778397bd097c36b0b6fc9210c8dc2 7f0e37f0e37f14898082b0723b02d5 54F1A687613DE487D99311F51858570F 8537C174988EF331327881D9846F979F254815C9F442B6975121F134A2F6234B F955D6CD6E76262AB0BB177417B0F4E900F4BCBADC2A72B1B7A2E3CAD4CD7331 7A7E53F71C6813491663E1E6B648E727 E85F941F852633C41413CBA935905FDF 091FE04B40D78654CF02E18D5FED0E67 7f07e7f0e47f531b0723b0b6fb0721 758CB5A7B208A09936F64E52305802D1A8B62F339EFD403FFF1A07AC9E46FDB1ADE8948FA15FB65376BB2EA021ADA7F4 D4A737180F99CAB727E24BAE6FBC256BA940D1E488300D30D10CCA08B5B95176 3A1669229F6BA3247BDBCACFE88765C2 A8B3935A5AF942C8E6B4307C0B594BCA2947B9CE575A82ABD1E43B3C432527EF767C08ABC0AE81840EBECEBB5DFE3E2D 7f0e37f0e37f14898082b072297c35 06815C5C82775F2A131876A3C58207A5 1A9D6DD3D7B942BEC338CFD61E9F75BC60A61858FE4E3377 D1FC3C141C09DF2B30554C880792B19BB51778051FD8D791 FB0EA09AC009DA48B1402CC3F5DC830EE4E734AD29EACF310091FCF8F9AAC3BC BF414359B1C23DB3EA0DF015F1B2C5AF306B4176216D907E 50FD1D84C447912A1ADC14C15FB56994 57D462518C50403D3F0DA0193B2C596E 805DC61EDA235195826ACC2DCDAE6A93338CF0CA439130901D29CC931D4DBD6CB747AE5D945E16FBBB51458874507B73 9778397bd097c36b0b6fc9274c91aa DD2C128842403852C7D98FD676D78F74FB80D1CA1A793CFFEF3E2C25D6391C12 6F868D2063D650801E98BD1068BDFD22 2D04BA851107EEB5B6122C84FA5A3C9A640DD6C39A6AB5396291BE0D68192C84 71BF65DF8979788932577F7C7117A487 AD93F687A22D1561CB44F7E156F8B8855E2B3B8A5BB81AF9 0AE6A788DFDCDA3D50B9C86353873E07
信息 应用程序记录日志信息,不得记录敏感信息
应用程序记录日志信息,不得记录敏感信息 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x05d-Testing-Data-Storage.md#logs Files: annotator/Main.java, line(s) 509,518,520,524,526,527,528,982,1039,1067,1083,1103,1129,1149,1166,1197,1198,1199,1200,441,457,462,463,464,465,477,504,845,848,1035 annotator/Source.java, line(s) 97,109 annotator/find/ASTPathCriterion.java, line(s) 101,104,142,152 annotator/find/InClassCriterion.java, line(s) 262 annotator/find/Insertion.java, line(s) 98 annotator/find/Insertions.java, line(s) 98,110,259,283,359,462,465,471,484,846,850 annotator/find/TreeFinder.java, line(s) 550,556,1281,1296,1298,1413,434,1261 annotator/scanner/NewScanner.java, line(s) 62 annotator/specification/IndexFileSpecification.java, line(s) 83,84,109,115,155,156,332 cn/hutool/core/lang/Console.java, line(s) 88,117,10,39,84 cn/hutool/cron/Scheduler.java, line(s) 100 cn/hutool/cron/listener/TaskListenerManager.java, line(s) 51 cn/hutool/cron/timingwheel/TimingWheel.java, line(s) 37 cn/hutool/db/Db.java, line(s) 122,134 cn/hutool/db/dialect/DialectFactory.java, line(s) 27 cn/hutool/db/ds/GlobalDSFactory.java, line(s) 14,40 cn/hutool/extra/expression/engine/ExpressionFactory.java, line(s) 16 cn/hutool/extra/pinyin/engine/PinyinFactory.java, line(s) 16 cn/hutool/extra/template/engine/TemplateFactory.java, line(s) 22 cn/hutool/extra/tokenizer/engine/TokenizerFactory.java, line(s) 16 cn/hutool/log/dialect/jdk/JdkLogFactory.java, line(s) 30 cn/hutool/setting/Setting.java, line(s) 129 cn/hutool/setting/dialect/Props.java, line(s) 381 cn/hutool/socket/aio/AcceptHandler.java, line(s) 19 cn/hutool/socket/aio/SimpleIoAction.java, line(s) 12 cn/hutool/socket/nio/AcceptHandler.java, line(s) 14,23 cn/hutool/socket/nio/NioServer.java, line(s) 84 com/blankj/utilcode/util/ActivityUtils.java, line(s) 764,789,824,827 com/blankj/utilcode/util/ApiUtils.java, line(s) 78,82 com/blankj/utilcode/util/AppUtils.java, line(s) 145,158 com/blankj/utilcode/util/BusUtils.java, line(s) 175,201,212,214,407,437,460,126 com/blankj/utilcode/util/CacheDiskUtils.java, line(s) 95 com/blankj/utilcode/util/ClickUtils.java, line(s) 238 com/blankj/utilcode/util/FileIOUtils.java, line(s) 67,201,204,212,273,281,345,640,710 com/blankj/utilcode/util/FlashlightUtils.java, line(s) 66,71 com/blankj/utilcode/util/FragmentUtils.java, line(s) 473 com/blankj/utilcode/util/ImageUtils.java, line(s) 1002,1005,1008,1093 com/blankj/utilcode/util/KeyboardUtils.java, line(s) 131,207,241 com/blankj/utilcode/util/LanguageUtils.java, line(s) 122,177 com/blankj/utilcode/util/LogUtils.java, line(s) 553,624 com/blankj/utilcode/util/MessengerUtils.java, line(s) 150,46,78,170,187,190,37,49,56,70,83,212,165 com/blankj/utilcode/util/PermissionUtils.java, line(s) 125,381,406,410,413,234 com/blankj/utilcode/util/ProcessUtils.java, line(s) 45,47,58 com/blankj/utilcode/util/SpanUtils.java, line(s) 858,871 com/blankj/utilcode/util/ThreadUtils.java, line(s) 315,338,436,497,516,521,562,505 com/blankj/utilcode/util/UiMessageUtils.java, line(s) 175,63,71,80,92,97,138 com/blankj/utilcode/util/UriUtils.java, line(s) 63,74,91,99,138,140,145,165,179,188,194,222,225,232,236,246,318 com/blankj/utilcode/util/Utils.java, line(s) 59,82 com/blankj/utilcode/util/UtilsActivityLifecycleImpl.java, line(s) 361,406,415,427 com/blankj/utilcode/util/ZipUtils.java, line(s) 212,222,303 com/bumptech/glide/GeneratedAppGlideModuleImpl.java, line(s) 13,12 com/bumptech/glide/Glide.java, line(s) 214,223,141,140,213,220,252,253 com/bumptech/glide/gifdecoder/GifHeaderParser.java, line(s) 236,275,235,274 com/bumptech/glide/gifdecoder/StandardGifDecoder.java, line(s) 151,169,188,150,168,187,209,218 com/bumptech/glide/load/data/AssetPathFetcher.java, line(s) 36,35 com/bumptech/glide/load/data/HttpUrlFetcher.java, line(s) 53,133,52,56,61,68,132,65,69 com/bumptech/glide/load/data/LocalUriFetcher.java, line(s) 38,37 com/bumptech/glide/load/data/mediastore/ThumbFetcher.java, line(s) 52,51 com/bumptech/glide/load/data/mediastore/ThumbnailStreamOpener.java, line(s) 61,111,60,110 com/bumptech/glide/load/engine/DecodeJob.java, line(s) 341,387,448 com/bumptech/glide/load/engine/DecodePath.java, line(s) 56,57 com/bumptech/glide/load/engine/Engine.java, line(s) 27,111 com/bumptech/glide/load/engine/GlideException.java, line(s) 81 com/bumptech/glide/load/engine/SourceGenerator.java, line(s) 89,90 com/bumptech/glide/load/engine/bitmap_recycle/LruArrayPool.java, line(s) 89,143,90,144 com/bumptech/glide/load/engine/bitmap_recycle/LruBitmapPool.java, line(s) 144,174,182,206,89,96,143,153,173,181,195,205,214,90,97,154,220,196 com/bumptech/glide/load/engine/cache/DiskLruCacheWrapper.java, line(s) 52,62,76,82,112,123,53,77,63,83,113,124 com/bumptech/glide/load/engine/cache/MemorySizeCalculator.java, line(s) 64,48 com/bumptech/glide/load/engine/executor/GlideExecutor.java, line(s) 183,180 com/bumptech/glide/load/engine/executor/RuntimeCompat.java, line(s) 37,36 com/bumptech/glide/load/engine/prefill/BitmapPreFillRunner.java, line(s) 69,68 com/bumptech/glide/load/model/ByteBufferEncoder.java, line(s) 20,19 com/bumptech/glide/load/model/ByteBufferFileLoader.java, line(s) 59,58 com/bumptech/glide/load/model/FileLoader.java, line(s) 64,63 com/bumptech/glide/load/model/ResourceLoader.java, line(s) 39,40 com/bumptech/glide/load/model/StreamEncoder.java, line(s) 39,38 com/bumptech/glide/load/resource/ImageDecoderResourceDecoder.java, line(s) 64,65 com/bumptech/glide/load/resource/bitmap/BitmapEncoder.java, line(s) 62,61,78,79 com/bumptech/glide/load/resource/bitmap/BitmapImageDecoderResourceDecoder.java, line(s) 19,20 com/bumptech/glide/load/resource/bitmap/DefaultImageHeaderParser.java, line(s) 115,122,139,146,179,189,201,215,229,235,239,244,250,254,114,121,138,145,178,188,200,214,228,234,238,243,249,253 com/bumptech/glide/load/resource/bitmap/Downsampler.java, line(s) 213,334,367,165,186,212,296,333,366,166,297,393 com/bumptech/glide/load/resource/bitmap/DrawableToBitmapConverter.java, line(s) 44,49,45,50 com/bumptech/glide/load/resource/bitmap/HardwareConfigState.java, line(s) 133,134 com/bumptech/glide/load/resource/bitmap/TransformationUtils.java, line(s) 169,113,122,129,146,151,168,114,123,130,131,132,136,147,152 com/bumptech/glide/load/resource/bitmap/VideoDecoder.java, line(s) 134,133 com/bumptech/glide/load/resource/gif/ByteBufferGifDecoder.java, line(s) 81,86,91,100,82,87,92,101 com/bumptech/glide/load/resource/gif/GifDrawableEncoder.java, line(s) 25,26 com/bumptech/glide/load/resource/gif/StreamGifDecoder.java, line(s) 55,56 com/bumptech/glide/manager/DefaultConnectivityMonitor.java, line(s) 22,21,51,69,52,70 com/bumptech/glide/manager/DefaultConnectivityMonitorFactory.java, line(s) 15,14 com/bumptech/glide/manager/RequestManagerFragment.java, line(s) 123,124 com/bumptech/glide/manager/RequestManagerRetriever.java, line(s) 319,320,328 com/bumptech/glide/manager/RequestTracker.java, line(s) 24,25 com/bumptech/glide/manager/SupportRequestManagerFragment.java, line(s) 130,139,131,140 com/bumptech/glide/module/ManifestParser.java, line(s) 22,29,40,45,21,28,33,39,44,34 com/bumptech/glide/request/SingleRequest.java, line(s) 407,54,528,454 com/bumptech/glide/request/target/CustomViewTarget.java, line(s) 280,281,295,296 com/bumptech/glide/request/target/ViewTarget.java, line(s) 277,278,292,293 com/bumptech/glide/signature/ApplicationVersionSignature.java, line(s) 46 com/bumptech/glide/util/ContentLengthInputStream.java, line(s) 28,27 com/bumptech/glide/util/pool/FactoryPools.java, line(s) 89,90 com/danikula/videocache/Logger.java, line(s) 14,32,20,26 com/efs/sdk/base/a/h/d.java, line(s) 24,26,7,14,16 com/efs/sdk/base/newsharedpreferences/SharedPreferencesNewImpl.java, line(s) 1138 com/efs/sdk/base/newsharedpreferences/SharedPreferencesUtils.java, line(s) 87 com/efs/sdk/pa/PAFactory.java, line(s) 131,134 com/efs/sdk/pa/a/a.java, line(s) 85 com/efs/sdk/pa/a/c.java, line(s) 108,142 com/efs/sdk/pa/a/f.java, line(s) 19 com/efs/sdk/pa/c.java, line(s) 36 com/efs/sdk/pa/config/ConfigManager.java, line(s) 138,142,144,151 com/flurry/android/FlurryAgent.java, line(s) 830 com/lzy/okgo/utils/OkLogger.java, line(s) 33,63,43,23,53 com/polymerization/app/v2/ui/bls/utils/play/BlsHlsPlaylistParser.java, line(s) 499 com/polymerization/app/v2/ui/cn/utils/CnJsonCallback.java, line(s) 40 com/polymerization/app/v2/ui/dk/fragment/DkShortVideoFragment.java, line(s) 230 com/polymerization/app/v2/ui/fg/utils/play/FgHlsPlaylistParser.java, line(s) 493 com/polymerization/app/v2/ui/home/activity/PlayVideoActivity.java, line(s) 142,162 com/polymerization/app/v2/ui/ttt/utils/play/TttHlsPlaylistParser.java, line(s) 493 com/polymerization/app/v2/utils/CrashHandler.java, line(s) 94,56,88,96,128 com/polymerization/app/v2/utils/FileUtils.java, line(s) 25,88,90,34,104,108,116,131,144,69,153 com/polymerization/app/v2/utils/cache/AppHlsPlaylistParser.java, line(s) 475 com/px/DaemonService.java, line(s) 38,74,80,88 com/uc/crashsdk/a/a.java, line(s) 8,27,29,54,20,38,14,46 com/uc/crashsdk/b.java, line(s) 553 com/wang/avi/AVLoadingIndicatorView.java, line(s) 206 org/checkerframework/checker/calledmethods/CalledMethodsChecker.java, line(s) 54 org/checkerframework/checker/guieffect/GuiEffectTypeFactory.java, line(s) 145,149,154,159,214 org/checkerframework/checker/guieffect/GuiEffectVisitor.java, line(s) 73,163,168,181 org/checkerframework/checker/i18nformatter/I18nFormatterAnnotatedTypeFactory.java, line(s) 61,78,86,96,100,104 org/checkerframework/checker/propkey/PropertyKeyAnnotatedTypeFactory.java, line(s) 143 org/checkerframework/com/github/javaparser/printer/XmlPrinter.java, line(s) 73 org/checkerframework/com/github/javaparser/printer/YamlPrinter.java, line(s) 83 org/checkerframework/com/github/javaparser/utils/CollectionStrategy.java, line(s) 59,61,64,66,81,88,95 org/checkerframework/com/github/javaparser/utils/Log.java, line(s) 66,69,53,58 org/checkerframework/com/github/javaparser/utils/ParserCollectionStrategy.java, line(s) 94 org/checkerframework/com/github/javaparser/utils/SourceRoot.java, line(s) 214,369,557,106,339,434 org/checkerframework/com/github/javaparser/utils/SourceZip.java, line(s) 38,55,76,89 org/checkerframework/common/basetype/BaseTypeChecker.java, line(s) 252 org/checkerframework/common/util/count/AnnotationStatistics.java, line(s) 44,46,48,119,130,132,135,144,145,147,150,159,167,175,177,185,187,195,202,210,219,227 org/checkerframework/common/util/count/JavaCodeStatistics.java, line(s) 40,42,43,44,45 org/checkerframework/common/util/debug/EmptyProcessor.java, line(s) 12 org/checkerframework/common/util/debug/SignaturePrinter.java, line(s) 289,266 org/checkerframework/common/util/debug/TreeDebug.java, line(s) 48 org/checkerframework/common/util/debug/TreePrinter.java, line(s) 22 org/checkerframework/dataflow/cfg/builder/CFGBuilder.java, line(s) 81 org/checkerframework/dataflow/cfg/visualize/CFGVisualizeLauncher.java, line(s) 141,224,225,226,227,228,229,230,231 org/checkerframework/framework/ajava/InsertAjavaAnnotations.java, line(s) 72,78,358 org/checkerframework/framework/source/AggregateChecker.java, line(s) 60 org/checkerframework/framework/source/SourceChecker.java, line(s) 340,395,1174 org/checkerframework/framework/stub/AnnotationFileUtil.java, line(s) 408 org/checkerframework/framework/stub/JavaStubifier.java, line(s) 36,69,73 org/checkerframework/framework/stub/RemoveAnnotationsForInference.java, line(s) 48,140 org/checkerframework/framework/stub/StubGenerator.java, line(s) 282,283 org/checkerframework/framework/stub/ToIndexFileConverter.java, line(s) 113,114 org/checkerframework/framework/type/AnnotatedTypeFactory.java, line(s) 785,789,815,819 org/checkerframework/framework/util/CheckerMain.java, line(s) 486 org/checkerframework/framework/util/dependenttypes/DependentTypesHelper.java, line(s) 127,164,174,201,220,239,272,284,298,311,380,426,655 org/checkerframework/io/github/classgraph/Scanner.java, line(s) 647,669,687 org/checkerframework/javacutil/AbstractTypeProcessor.java, line(s) 51 org/checkerframework/javacutil/Resolver.java, line(s) 105 org/checkerframework/org/plumelib/bcelutil/BcelUtil.java, line(s) 219,223,225,227,231,233 org/checkerframework/org/plumelib/bcelutil/InstructionListUtils.java, line(s) 79,139,142,227,230,341 org/checkerframework/org/plumelib/bcelutil/StackMapUtils.java, line(s) 876,877,882,883,884 org/checkerframework/org/plumelib/options/Options.java, line(s) 286,376,385,388,390,507,509,521 org/checkerframework/org/plumelib/options/OptionsDoclet.java, line(s) 82,87,104 org/checkerframework/org/plumelib/util/EntryReader.java, line(s) 416,424,433,439 org/repackage/com/miui/deviceid/IdentifierManager.java, line(s) 25,61 org/repackage/com/vivo/identifier/DataBaseOperation.java, line(s) 44 org/repackage/com/vivo/identifier/IdentifierIdClient.java, line(s) 153,81,163,172 org/repackage/com/vivo/identifier/IdentifierIdObserver.java, line(s) 24 scenelib/annotations/el/AScene.java, line(s) 260,262 scenelib/annotations/el/AnnotationDef.java, line(s) 209,214 scenelib/annotations/io/ASTPath.java, line(s) 1171,1174 scenelib/annotations/io/JavapParser.java, line(s) 292,295,308 scenelib/annotations/io/classfile/ClassAnnotationSceneReader.java, line(s) 317,406,127,732,733 scenelib/annotations/io/classfile/ClassFileReader.java, line(s) 40,41,42,43,48,57,68,80,84,85,88,89,91,92,93,94,106,107 scenelib/annotations/io/classfile/ClassFileWriter.java, line(s) 95,96,97,98,31,40,45,59,60,69,75,81,84,87,88,89,90 scenelib/annotations/tools/Anncat.java, line(s) 22,29,63,72,79,81,93,98,118,123,54 scenelib/annotations/tools/IndexFileMerger.java, line(s) 182,183,184,185 scenelib/annotations/util/MethodRecorder.java, line(s) 63,64 scenelib/annotations/util/SceneOps.java, line(s) 23 xyz/doikki/videoplayer/util/L.java, line(s) 14,20,26,32
信息 此应用程序将数据复制到剪贴板。敏感数据不应复制到剪贴板,因为其他应用程序可以访问它
此应用程序将数据复制到剪贴板。敏感数据不应复制到剪贴板,因为其他应用程序可以访问它 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x04b-Mobile-App-Security-Testing.md#clipboard Files: com/blankj/utilcode/util/ClipboardUtils.java, line(s) 5,12,16,20 com/cloudinject/feature/̙̗/C0289.java, line(s) 9,312
信息 此应用侦听剪贴板更改。一些恶意软件也会监听剪贴板更改
此应用侦听剪贴板更改。一些恶意软件也会监听剪贴板更改 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x04b-Mobile-App-Security-Testing.md#clipboard Files: com/blankj/utilcode/util/ClipboardUtils.java, line(s) 35,39,5
安全 此应用程序使用SSL Pinning 来检测或防止安全通信通道中的MITM攻击
此应用程序使用SSL Pinning 来检测或防止安全通信通道中的MITM攻击 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x05g-Testing-Network-Communication.md#testing-custom-certificate-stores-and-certificate-pinning-mstg-network-4 Files: cn/hutool/http/HttpRequest.java, line(s) 551,402 com/flurry/sdk/df.java, line(s) 106,84,82,82 com/lzy/okgo/https/HttpsUtils.java, line(s) 134,83,132,132
安全 此应用程序可能具有Root检测功能
此应用程序可能具有Root检测功能 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x05j-Testing-Resiliency-Against-Reverse-Engineering.md#testing-root-detection-mstg-resilience-1 Files: com/blankj/utilcode/util/DeviceUtils.java, line(s) 228,31 com/uc/crashsdk/a/g.java, line(s) 397
关注 应用程序可能与位于OFAC制裁国家 (Hong Kong) 的服务器 (api.a.913vale.com) 通信。
{'ip': '49.0.231.252', 'country_short': 'HK', 'country_long': 'Hong Kong', 'region': 'Hong Kong', 'city': 'Hong Kong', 'latitude': '22.285521', 'longitude': '114.157692'}
关注 应用程序可能与位于OFAC制裁国家 (Hong Kong) 的服务器 (api1111.xianzhimeng.top) 通信。
{'ip': '47.57.233.111', 'country_short': 'HK', 'country_long': 'Hong Kong', 'region': 'Hong Kong', 'city': 'Hong Kong', 'latitude': '22.285521', 'longitude': '114.157692'}
关注 应用程序可能与位于OFAC制裁国家 (China) 的服务器 (51kcapi.5589288.com) 通信。
{'ip': '58.221.30.135', 'country_short': 'CN', 'country_long': 'China', 'region': 'Jiangsu', 'city': 'Nantong', 'latitude': '32.030281', 'longitude': '120.874718'}
关注 应用程序可能与位于OFAC制裁国家 (China) 的服务器 (weibo.com) 通信。
{'ip': '49.7.37.75', 'country_short': 'CN', 'country_long': 'China', 'region': 'Beijing', 'city': 'Beijing', 'latitude': '39.907501', 'longitude': '116.397232'}
关注 应用程序可能与位于OFAC制裁国家 (Hong Kong) 的服务器 (cwater.csforward1.me) 通信。
{'ip': '154.197.23.243', 'country_short': 'HK', 'country_long': 'Hong Kong', 'region': 'Hong Kong', 'city': 'Hong Kong', 'latitude': '22.285521', 'longitude': '114.157692'}
关注 应用程序可能与位于OFAC制裁国家 (Hong Kong) 的服务器 (api.mm4-b.sqafibb.xyz) 通信。
{'ip': '27.126.249.194', 'country_short': 'HK', 'country_long': 'Hong Kong', 'region': 'Hong Kong', 'city': 'Hong Kong', 'latitude': '22.285521', 'longitude': '114.157692'}
关注 应用程序可能与位于OFAC制裁国家 (China) 的服务器 (www.51seapi.com) 通信。
{'ip': '103.101.153.40', 'country_short': 'CN', 'country_long': 'China', 'region': 'Beijing', 'city': 'Beijing', 'latitude': '39.907501', 'longitude': '116.397232'}
关注 应用程序可能与位于OFAC制裁国家 (China) 的服务器 (www.redhat.com) 通信。
{'ip': '61.147.219.105', 'country_short': 'CN', 'country_long': 'China', 'region': 'Jiangsu', 'city': 'Nantong', 'latitude': '32.030281', 'longitude': '120.874718'}