应用安全检测报告
应用安全检测报告,支持文件搜索、内容检索和AI代码分析
移动应用安全检测报告
Android TV Notifier v0.8.0
55
安全评分
安全基线评分
55/100
低风险
综合风险等级
风险等级评定
- A
- B
- C
- F
应用存在一定安全风险,建议优化
漏洞与安全项分布
1
高危
28
中危
1
信息
3
安全
隐私风险评估
3
第三方跟踪器
中等隐私风险
检测到少量第三方跟踪器
检测结果分布
高危安全漏洞
1
中危安全漏洞
28
安全提示信息
1
已通过安全项
3
重点安全关注
3
高危安全漏洞 基本配置不安全地配置为允许到所有域的明文流量。
Scope: *
中危安全漏洞 应用已启用明文网络流量
[android:usesCleartextTraffic=true] 应用允许明文网络流量(如 HTTP、FTP 协议、DownloadManager、MediaPlayer 等)。API 级别 27 及以下默认启用,28 及以上默认禁用。明文流量缺乏机密性、完整性和真实性保护,攻击者可窃听或篡改传输数据。建议关闭明文流量,仅使用加密协议。
中危安全漏洞 Activity (com.smrtprjcts.atvnotif.tasker.ActivityConfigMessage) 未受保护。
[android:exported=true] 检测到 Activity 已导出,未受任何权限保护,任意应用均可访问。
中危安全漏洞 Activity (com.smrtprjcts.atvnotif.tasker.ActivityEnable) 未受保护。
[android:exported=true] 检测到 Activity 已导出,未受任何权限保护,任意应用均可访问。
中危安全漏洞 Activity (com.smrtprjcts.atvnotif.tasker.ActivityDisable) 未受保护。
[android:exported=true] 检测到 Activity 已导出,未受任何权限保护,任意应用均可访问。
中危安全漏洞 Service (com.smrtprjcts.atvnotif.service.NotificationListener) 受权限保护,但应检查权限保护级别。
Permission: android.permission.BIND_NOTIFICATION_LISTENER_SERVICE [android:exported=true] 检测到 Service 已导出并受未在本应用定义的权限保护。请在权限定义处核查其保护级别。若为 normal 或 dangerous,恶意应用可申请并与组件交互;若为 signature,仅同证书签名应用可访问。
中危安全漏洞 Activity (com.smrtprjcts.atvnotif.ui.tv.AtvActivity) 未受保护。
[android:exported=true] 检测到 Activity 已导出,未受任何权限保护,任意应用均可访问。
中危安全漏洞 Broadcast Receiver (com.smrtprjcts.atvnotif.receiver.tv.ServerStartReceiver) 未受保护。
[android:exported=true] 检测到 Broadcast Receiver 已导出,未受任何权限保护,任意应用均可访问。
中危安全漏洞 Broadcast Receiver (com.smrtprjcts.atvnotif.receiver.SmsReceiver) 未受保护。
[android:exported=true] 检测到 Broadcast Receiver 已导出,未受任何权限保护,任意应用均可访问。
中危安全漏洞 Broadcast Receiver (com.smrtprjcts.atvnotif.receiver.MmsReceiver) 未受保护。
[android:exported=true] 检测到 Broadcast Receiver 已导出,未受任何权限保护,任意应用均可访问。
中危安全漏洞 Content Provider (rikka.shizuku.ShizukuProvider) 受权限保护,但应检查权限保护级别。
Permission: android.permission.INTERACT_ACROSS_USERS_FULL [android:exported=true] 检测到 Content Provider 已导出并受未在本应用定义的权限保护。请在权限定义处核查其保护级别。若为 normal 或 dangerous,恶意应用可申请并与组件交互;若为 signature,仅同证书签名应用可访问。
中危安全漏洞 Broadcast Receiver (com.smrtprjcts.updater.lib.receiver.UpdateStatusReceiver) 受权限保护,但应检查权限保护级别。
Permission: com.smrtprjcts.permission.APP_UPDATE [android:exported=true] 检测到 Broadcast Receiver 已导出并受未在本应用定义的权限保护。请在权限定义处核查其保护级别。若为 normal 或 dangerous,恶意应用可申请并与组件交互;若为 signature,仅同证书签名应用可访问。
中危安全漏洞 Service (androidx.work.impl.background.systemjob.SystemJobService) 受权限保护,但应检查权限保护级别。
Permission: android.permission.BIND_JOB_SERVICE [android:exported=true] 检测到 Service 已导出并受未在本应用定义的权限保护。请在权限定义处核查其保护级别。若为 normal 或 dangerous,恶意应用可申请并与组件交互;若为 signature,仅同证书签名应用可访问。
中危安全漏洞 Broadcast Receiver (androidx.work.impl.diagnostics.DiagnosticsReceiver) 受权限保护,但应检查权限保护级别。
Permission: android.permission.DUMP [android:exported=true] 检测到 Broadcast Receiver 已导出并受未在本应用定义的权限保护。请在权限定义处核查其保护级别。若为 normal 或 dangerous,恶意应用可申请并与组件交互;若为 signature,仅同证书签名应用可访问。
中危安全漏洞 Broadcast Receiver (com.google.firebase.iid.FirebaseInstanceIdReceiver) 受权限保护,但应检查权限保护级别。
Permission: com.google.android.c2dm.permission.SEND [android:exported=true] 检测到 Broadcast Receiver 已导出并受未在本应用定义的权限保护。请在权限定义处核查其保护级别。若为 normal 或 dangerous,恶意应用可申请并与组件交互;若为 signature,仅同证书签名应用可访问。
中危安全漏洞 Broadcast Receiver (com.joaomgcd.taskerpluginlibrary.action.BroadcastReceiverAction) 未受保护。
[android:exported=true] 检测到 Broadcast Receiver 已导出,未受任何权限保护,任意应用均可访问。
中危安全漏洞 Service (com.joaomgcd.taskerpluginlibrary.action.IntentServiceAction) 未受保护。
[android:exported=true] 检测到 Service 已导出,未受任何权限保护,任意应用均可访问。
中危安全漏洞 Service (com.joaomgcd.taskerpluginlibrary.condition.IntentServiceCondition) 未受保护。
[android:exported=true] 检测到 Service 已导出,未受任何权限保护,任意应用均可访问。
中危安全漏洞 Broadcast Receiver (com.joaomgcd.taskerpluginlibrary.condition.BroadcastReceiverCondition) 未受保护。
[android:exported=true] 检测到 Broadcast Receiver 已导出,未受任何权限保护,任意应用均可访问。
中危安全漏洞 Broadcast Receiver (androidx.profileinstaller.ProfileInstallReceiver) 受权限保护,但应检查权限保护级别。
Permission: android.permission.DUMP [android:exported=true] 检测到 Broadcast Receiver 已导出并受未在本应用定义的权限保护。请在权限定义处核查其保护级别。若为 normal 或 dangerous,恶意应用可申请并与组件交互;若为 signature,仅同证书签名应用可访问。
中危安全漏洞 SHA-1是已知存在哈希冲突的弱哈希
SHA-1是已知存在哈希冲突的弱哈希 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x04g-Testing-Cryptography.md#identifying-insecure-andor-deprecated-cryptographic-algorithms-mstg-crypto-4 Files: p043/C6480.java, line(s) 129 p048/C0675.java, line(s) 180 p066/C6849.java, line(s) 129 p117/C7537.java, line(s) 250 p132/C7717.java, line(s) 97 p229/C9768.java, line(s) 43 p235/C9907.java, line(s) 24 p347/C11179.java, line(s) 61 p358/C11346.java, line(s) 24
中危安全漏洞 应用程序使用不安全的随机数生成器
应用程序使用不安全的随机数生成器 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x04g-Testing-Cryptography.md#weak-random-number-generators Files: p019/C0350.java, line(s) 3 p020/C6303.java, line(s) 3 p020/C6305.java, line(s) 15 p033/C6556.java, line(s) 3 p033/C6558.java, line(s) 15 p049/AbstractC0685.java, line(s) 3 p049/C0683.java, line(s) 3 p058/C6795.java, line(s) 3 p121/AbstractC7598.java, line(s) 3 p121/C7596.java, line(s) 3 p136/C8323.java, line(s) 8 p137/C8478.java, line(s) 39 p158/C8941.java, line(s) 21 p225/C9361.java, line(s) 8 p226/C9516.java, line(s) 42 p258/C10081.java, line(s) 21 p266/C10413.java, line(s) 37 p392/C11861.java, line(s) 52
中危安全漏洞 IP地址泄露
IP地址泄露 Files: p052/AbstractC0695.java, line(s) 609 p129/AbstractC7635.java, line(s) 609
中危安全漏洞 应用程序创建临时文件。敏感信息永远不应该被写进临时文件
应用程序创建临时文件。敏感信息永远不应该被写进临时文件 Files: p052/AbstractC0695.java, line(s) 558 p129/AbstractC7635.java, line(s) 558 p229/C9771.java, line(s) 75 p347/C11182.java, line(s) 75
中危安全漏洞 应用程序使用SQLite数据库并执行原始SQL查询。原始SQL查询中不受信任的用户输入可能会导致SQL注入。敏感信息也应加密并写入数据库
应用程序使用SQLite数据库并执行原始SQL查询。原始SQL查询中不受信任的用户输入可能会导致SQL注入。敏感信息也应加密并写入数据库 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x04h-Testing-Code-Quality.md#injection-flaws-mstg-arch-2-and-mstg-platform-2 Files: p137/C8474.java, line(s) 4,5,36 p137/C8582.java, line(s) 5,6,337,447,1145,1349 p138/C8607.java, line(s) 5,32 p204/C9466.java, line(s) 3,9,10,11,12,13 p204/C9468.java, line(s) 3,9,10,11,12,13 p204/C9469.java, line(s) 3,9 p204/C9470.java, line(s) 3,9,10,11 p204/C9473.java, line(s) 3,9,10,11 p204/C9476.java, line(s) 3,9 p204/C9478.java, line(s) 3,9,10,11 p204/C9481.java, line(s) 4,5,50 p204/C9484.java, line(s) 5,6,237,282,330,403,453,479 p226/C9468.java, line(s) 5,6,7,8,214 p226/C9512.java, line(s) 4,5,36 p226/C9519.java, line(s) 17,18,3429,4442,5321 p226/C9570.java, line(s) 5,220,1339 p226/C9620.java, line(s) 5,6,101,436,886,2569,2598,2770,2851 p226/RunnableC9503.java, line(s) 4,47 p227/C9645.java, line(s) 5,32 p280/C10664.java, line(s) 4,5,6,7,8,55,77 p316/C10804.java, line(s) 3,9,10,11,12,13 p316/C10806.java, line(s) 3,9,10,11,12,13 p316/C10807.java, line(s) 3,9 p316/C10808.java, line(s) 3,9,10,11 p316/C10811.java, line(s) 3,9,10,11 p316/C10814.java, line(s) 3,9 p316/C10816.java, line(s) 3,9,10,11 p316/C10819.java, line(s) 4,5,50 p316/C10822.java, line(s) 5,6,237,282,330,403,453,479 p413/C12224.java, line(s) 4,5,6,7,8,55,77
中危安全漏洞 文件可能包含硬编码的敏感信息,如用户名、密码、密钥等
文件可能包含硬编码的敏感信息,如用户名、密码、密钥等 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x05d-Testing-Data-Storage.md#checking-memory-for-sensitive-data-mstg-storage-10 Files: com/smrtprjcts/atvnotif/tasker/GetMessageInput.java, line(s) 10,13,16,19,22,25,31,28,34,37,40,43,46,49,52 com/smrtprjcts/atvnotif/ui/PhoneActivity.java, line(s) 539 p022/C6347.java, line(s) 34 p036/C6623.java, line(s) 34 p038/InterfaceC6431.java, line(s) 101 p057/InterfaceC6781.java, line(s) 101 p255/C10258.java, line(s) 34 p255/C10259.java, line(s) 37 p255/C10281.java, line(s) 68 p290/C10769.java, line(s) 48 p379/C11702.java, line(s) 34 p379/C11703.java, line(s) 37 p379/C11725.java, line(s) 67 p425/C12340.java, line(s) 48
中危安全漏洞 MD5是已知存在哈希冲突的弱哈希
MD5是已知存在哈希冲突的弱哈希 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x04g-Testing-Cryptography.md#identifying-insecure-andor-deprecated-cryptographic-algorithms-mstg-crypto-4 Files: p136/C8323.java, line(s) 37 p137/C8478.java, line(s) 209 p225/C9361.java, line(s) 37 p226/C9516.java, line(s) 216
中危安全漏洞 应用程序包含隐私跟踪程序
此应用程序有多个3隐私跟踪程序。跟踪器可以跟踪设备或用户,是终端用户的隐私问题。
中危安全漏洞 此应用可能包含硬编码机密信息
从应用程序中识别出以下机密确保这些不是机密或私人信息 "com.google.firebase.crashlytics.mapping_file_id" : "56a24bfecc1443b7ab692d0e4c96d329" "google_api_key" : "AIzaSyDds0B5DnnlBJPHwDn98B11xkv1aCGQNmA" "google_app_id" : "1:645400720847:android:95221248ab218e3428ceba" "google_crash_reporting_api_key" : "AIzaSyDds0B5DnnlBJPHwDn98B11xkv1aCGQNmA" "key_perm_call_log" : "perm_call_log" "key_perm_phone_state" : "perm_phone_state" "key_perm_sms_mms" : "perm_sms_mms" "key_pref_atv" : "pref_atv" "key_pref_atv_bg_color" : "pref_atv_bg_color" "key_pref_atv_default" : "pref_atv_default" "key_pref_atv_duration_sec" : "pref_atv_duration_sec" "key_pref_atv_enable" : "pref_atv_enable" "key_pref_atv_install" : "pref_atv_install" "key_pref_atv_position" : "pref_atv_position" "key_pref_atv_show_no_clearable" : "pref_atv_show_clearable" "key_pref_atv_sound" : "pref_atv_sound" "key_pref_atv_tasker_enable" : "pref_atv_tasker_enable" "key_pref_atv_test" : "pref_atv_test" "key_pref_atv_wakeup" : "pref_atv_wakeup" "key_pref_atv_working_timeframe" : "pref_atv_working_timeframe" "key_pref_atv_working_timeframe_end" : "pref_atv_working_timeframe_end" "key_pref_atv_working_timeframe_start" : "pref_atv_working_timeframe_start" "key_pref_auto_revoke_permissions" : "pref_auto_revoke_permissions" "key_pref_check" : "pref_check" "key_pref_installer" : "pref_installer" "key_pref_installer_seamless" : "pref_installer_seamless" "key_pref_notification" : "pref_notification" "key_pref_permission_notif" : "pref_permission_notif" "key_pref_permission_plugin" : "pref_permission_plugin" "key_pref_phone" : "pref_phone" "key_pref_sms" : "pref_sms" "key_pref_status" : "pref_status" 86254750241babac4b8d52996a675549 B3EEABB8EE11C2BE770B684D95219ECB 470fa2b4ae81cd56ecbcda9735803434cec591fa 1cbd3130fa23b59692c061c594c16cc0 f8L7o2HxjA4p9Z1nQw3E5r6T8yU2iCv0B9kM4sD1f7G3hJ5lK2z0X9cW8vQ6b5N3m1Rg8F2o0Lp7A1e9I4u3Y2t0H8x6W5v4Z1n9Q2w7E3r5T8y6U1i0C9vB8k7M4s3D1f2G0h9J5l8K4z7X3cW2v1Q0b9N8m6A5r4F3o2Lp1E0u9I8y7Y6t5H4x3W2v1Z0n9Q8w7E6r5T4y3U2i1C0v9B8k7M6s5D4f3G2h1J0l9K8z7X6cW5v4Q3b2N1m0Rg9F8o7Lp6A5e4I3u2Y1t0H8x7W6v5Z4n3Q2w1E0r9T8y7U6i5C4v3B2k1M0s9D8f7G6h5J4l3K2z1X0cW9v8Q7b6N5m4A3r2F1o0Lp9E8u7I6y5T4h3W2v1Z0n0Q9w8E7r6T5y4U3i2C1v0B9k8M7s6D5f4G3h2J1l0K9z8X7cW6v5Q4b3N2m1R0g9F8o7L6p5A4e3I2u1Y0t9H8x7W6v5Z4n3Q2w1E0r9T8y7U6i5C4v3B2k1M0s9D8f7G6h5J4l3K2z1X0cW9v8Q7b6N5m4A3r2F1o0Lp9E8u7I6y5T4h3W2 fbaadfe1705a00620c983cc56a150b59
安全提示信息 应用程序记录日志信息,不得记录敏感信息
应用程序记录日志信息,不得记录敏感信息 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x05d-Testing-Data-Storage.md#logs Files: com/github/appintro/internal/LogHelper.java, line(s) 25,87,44,55,93,99 com/smrtprjcts/updater/installer/C0104.java, line(s) 161 com/smrtprjcts/updater/installer/C6228.java, line(s) 164 p002/CallableC6137.java, line(s) 91 p003/C6166.java, line(s) 19 p003/CallableC6257.java, line(s) 93 p004/C6286.java, line(s) 19 p006/C6176.java, line(s) 10,9,15 p008/C0167.java, line(s) 66 p008/C0175.java, line(s) 68 p008/C0199.java, line(s) 87 p008/C0201.java, line(s) 37,47 p008/C0208.java, line(s) 218,75,314 p008/C6184.java, line(s) 74 p008/C6210.java, line(s) 48,52,58,61,83 p010/C0228.java, line(s) 49,87,145,148 p011/C0245.java, line(s) 37,38 p011/C0246.java, line(s) 14,13 p011/C6225.java, line(s) 49 p011/C6320.java, line(s) 10,9,15 p014/C0279.java, line(s) 77 p014/C0282.java, line(s) 60 p014/C6243.java, line(s) 150 p015/C6334.java, line(s) 74 p015/C6360.java, line(s) 48,52,58,61,83 p015/RunnableC6268.java, line(s) 86 p015/RunnableC6272.java, line(s) 93,94 p016/C0331.java, line(s) 202 p016/C0341.java, line(s) 68,121,125 p017/C6381.java, line(s) 126 p017/C6389.java, line(s) 66 p017/C6394.java, line(s) 136 p017/C6413.java, line(s) 87 p017/C6415.java, line(s) 37,47 p017/C6422.java, line(s) 251,74,347 p021/C6451.java, line(s) 49 p023/C6352.java, line(s) 36,49,57,66 p024/C6469.java, line(s) 150 p025/RunnableC6494.java, line(s) 86 p025/RunnableC6498.java, line(s) 93,94 p027/C6506.java, line(s) 57,95,154,157 p029/C6524.java, line(s) 37,38 p029/C6525.java, line(s) 15,14 p030/AsyncTaskC0464.java, line(s) 37 p031/C6535.java, line(s) 863,893,941,977,1016 p032/C0492.java, line(s) 11 p032/C0497.java, line(s) 21,18 p032/C0503.java, line(s) 11 p033/C6405.java, line(s) 54,60,109,119,61,122 p033/C6406.java, line(s) 76 p037/C6628.java, line(s) 36,49,57,66 p041/C6460.java, line(s) 238,243,85,86,229,231 p042/C6647.java, line(s) 93,196 p042/C6650.java, line(s) 64 p043/C6478.java, line(s) 77,80,82,129,150,124,148 p043/C6480.java, line(s) 70,133 p043/C6482.java, line(s) 36,39 p043/C6485.java, line(s) 194 p043/C6494.java, line(s) 36,38,49 p043/C6501.java, line(s) 402,122,129,395 p043/C6505.java, line(s) 30 p043/CallableC6471.java, line(s) 42,52 p043/RunnableC6506.java, line(s) 33 p044/C6507.java, line(s) 30,44 p047/C6718.java, line(s) 217 p047/C6720.java, line(s) 322,336,337,338,339,340,341,342,343,344,345,346,347,348,349,350,351,352,353,354,413,414,415,416,417,418,419,420,421,422,423,424,425,426,427,428,429,430,431 p047/C6728.java, line(s) 71,127,131 p048/C0675.java, line(s) 279,328,172,186,189,193,196,202 p048/C6543.java, line(s) 76,95 p051/C6752.java, line(s) 54,60,109,119,61,122 p051/C6753.java, line(s) 76 p052/C6616.java, line(s) 96,103,104 p052/RunnableC6636.java, line(s) 40 p053/AbstractBinderC6649.java, line(s) 44 p053/C6641.java, line(s) 32,45 p053/C6650.java, line(s) 67,71 p053/C6652.java, line(s) 30 p053/C6659.java, line(s) 101,119,126 p053/C6664.java, line(s) 63,66,40 p053/C6671.java, line(s) 35 p053/HandlerC6658.java, line(s) 30 p058/C0789.java, line(s) 34 p062/C6818.java, line(s) 238,243,85,86,229,231 p066/C6836.java, line(s) 159 p066/C6841.java, line(s) 64 p066/C6847.java, line(s) 76,79,81,109,130,104,128 p066/C6849.java, line(s) 70,133 p066/C6851.java, line(s) 36,39 p066/C6854.java, line(s) 194 p066/C6863.java, line(s) 36,38,49 p066/C6870.java, line(s) 731,1006,150,157,235,309,449,450,521,533,547,581,737,744,999 p066/C6872.java, line(s) 38 p066/C6874.java, line(s) 30 p066/CallableC6840.java, line(s) 42,52 p067/AbstractC6796.java, line(s) 100,102 p067/AbstractC6811.java, line(s) 149,151 p067/AbstractC6827.java, line(s) 193,197 p067/C6810.java, line(s) 58,63,68 p068/C6842.java, line(s) 19 p068/C6856.java, line(s) 52,86,119,148,196,224 p068/C6858.java, line(s) 63,73 p068/C6860.java, line(s) 51,66 p068/C6880.java, line(s) 30,44 p069/C6888.java, line(s) 79 p071/C6891.java, line(s) 129,156 p072/C6917.java, line(s) 221,320 p074/C6919.java, line(s) 76,95 p078/C6952.java, line(s) 174,210 p078/C6955.java, line(s) 107,110,121,127,130 p078/C6961.java, line(s) 23,26 p078/C6964.java, line(s) 103,93,78,86,100 p078/C6969.java, line(s) 56,70 p078/C6976.java, line(s) 35 p078/C6978.java, line(s) 24 p078/C6982.java, line(s) 34,49,58 p078/C6989.java, line(s) 88,68,104 p078/RunnableC6956.java, line(s) 102,123,131,134,137 p078/RunnableC6986.java, line(s) 126 p078/ServiceConnectionC6945.java, line(s) 69,110,113,60,85 p080/AsyncTaskC7043.java, line(s) 37 p084/C7082.java, line(s) 12 p084/C7087.java, line(s) 21,18 p084/C7093.java, line(s) 12 p086/RunnableC7163.java, line(s) 40 p087/AbstractBinderC7176.java, line(s) 44 p087/C7168.java, line(s) 123,135,154,211,40,53 p087/C7177.java, line(s) 67,71 p087/C7179.java, line(s) 100,40,110,144,150,155,161,169,181 p087/C7186.java, line(s) 101,119,126 p087/C7191.java, line(s) 63,66,40 p087/C7198.java, line(s) 35 p087/C7531.java, line(s) 33,398 p087/HandlerC7185.java, line(s) 30 p092/C7573.java, line(s) 26 p093/RunnableC1066.java, line(s) 35 p098/C1119.java, line(s) 104 p098/C1124.java, line(s) 69 p099/C7635.java, line(s) 97,104,111 p099/C7647.java, line(s) 52,53 p102/C7661.java, line(s) 86 p103/C7671.java, line(s) 208 p104/C7681.java, line(s) 88,92,96,132,143,147,174,178,185,133 p104/C7686.java, line(s) 137 p111/C7861.java, line(s) 230,238 p113/AbstractC7447.java, line(s) 100,102 p113/AbstractC7462.java, line(s) 149,151 p113/AbstractC7478.java, line(s) 193,197 p113/C7461.java, line(s) 58,63,68 p114/C7955.java, line(s) 64 p115/C7503.java, line(s) 19 p115/C7517.java, line(s) 52,86,119,148,196,224 p115/C7519.java, line(s) 47,94,104 p115/C7521.java, line(s) 51,66 p115/C7974.java, line(s) 24 p115/RunnableC7505.java, line(s) 72 p116/C7978.java, line(s) 114,121 p116/C7981.java, line(s) 113,115,291,306,499,502,535,709,788,798 p116/C7986.java, line(s) 252,256,264,266 p116/C7988.java, line(s) 213 p116/C7990.java, line(s) 151,156 p116/C7992.java, line(s) 953,1238,1340,1388,823,1369 p116/C8001.java, line(s) 291 p116/C8004.java, line(s) 30,116,118 p116/C8008.java, line(s) 179,344 p116/C8012.java, line(s) 148,215,223,274,276,280 p117/C7537.java, line(s) 347,396,242,256,259,263,266,272 p118/C7571.java, line(s) 80 p122/C1437.java, line(s) 22,45,47,61,67 p123/C7608.java, line(s) 266,365 p124/AbstractC8067.java, line(s) 22,29,36 p127/C8119.java, line(s) 68 p127/C8121.java, line(s) 52,72 p131/C8269.java, line(s) 98,614,629,643,924,928,932,1074,1079,1126,1135,1298 p132/C7695.java, line(s) 174,210 p132/C7698.java, line(s) 107,110,121,127,130 p132/C7704.java, line(s) 23,26 p132/C7705.java, line(s) 976,133,157,220,254,268,276,284,294,304,322,324,385,389,391,631,761,861,971 p132/C7707.java, line(s) 48,352,342,67,123,135,149,158,264,327,335,349 p132/C7712.java, line(s) 56,70 p132/C7716.java, line(s) 45 p132/C7717.java, line(s) 111,123,105 p132/C7719.java, line(s) 35 p132/C7721.java, line(s) 24 p132/C7722.java, line(s) 171,176 p132/C7725.java, line(s) 34,49,58 p132/C7732.java, line(s) 88,68,104 p132/RunnableC7699.java, line(s) 102,123,131,134,137 p132/RunnableC7729.java, line(s) 126 p132/ServiceConnectionC7688.java, line(s) 69,110,113,60,85 p137/BinderC8424.java, line(s) 124 p137/C8506.java, line(s) 217 p137/RunnableC8540.java, line(s) 37,41 p137/RunnableC8553.java, line(s) 86,89 p144/C8303.java, line(s) 33,398 p146/AbstractC8823.java, line(s) 95,100 p147/C1837.java, line(s) 20 p147/C1838.java, line(s) 181 p149/C8843.java, line(s) 302 p150/C8362.java, line(s) 34 p152/C8368.java, line(s) 26 p153/C8906.java, line(s) 161,173,183,237,443 p155/C8924.java, line(s) 72 p164/C8492.java, line(s) 97,104,111 p164/C8504.java, line(s) 52,53 p164/C8971.java, line(s) 23 p164/C8988.java, line(s) 40 p164/C9005.java, line(s) 28 p164/C9006.java, line(s) 199,209,272,280,313,348,354,189,306,332,358 p164/C9014.java, line(s) 74 p165/C9025.java, line(s) 34 p165/C9027.java, line(s) 75 p165/C9034.java, line(s) 442,447 p165/C9036.java, line(s) 57 p165/C9037.java, line(s) 38 p165/C9039.java, line(s) 57,87,166,232 p169/C8522.java, line(s) 86 p171/C8541.java, line(s) 208 p172/C8551.java, line(s) 88,92,96,132,143,147,174,178,185,133 p172/C8556.java, line(s) 137 p181/C8748.java, line(s) 234,242 p181/C8809.java, line(s) 889 p184/C8842.java, line(s) 64 p186/C8858.java, line(s) 142,165,173 p186/C8874.java, line(s) 24 p188/C8891.java, line(s) 114,121 p188/C8894.java, line(s) 113,115,291,306,545,548,581,755,912,922 p188/C8898.java, line(s) 1015 p188/C8899.java, line(s) 252,256,264,266 p188/C8901.java, line(s) 213 p188/C8903.java, line(s) 151,156 p188/C8905.java, line(s) 1535,1820,1977,2025,1405,2006 p188/C8914.java, line(s) 291 p188/C8917.java, line(s) 30,116,118 p188/C8921.java, line(s) 179,344 p188/C8925.java, line(s) 148,215,223,274,276,280 p190/C9297.java, line(s) 44 p192/C9322.java, line(s) 68 p192/C9325.java, line(s) 74,75 p192/C9326.java, line(s) 49,52,50,53 p192/C9336.java, line(s) 32 p194/C9382.java, line(s) 107,130,208,270,282,116,124,137,225 p197/C9002.java, line(s) 76,96 p198/AbstractC9008.java, line(s) 22,29,36 p203/C9063.java, line(s) 68 p203/C9065.java, line(s) 52,72 p204/C9484.java, line(s) 213 p212/C9578.java, line(s) 30,34,38 p213/C9606.java, line(s) 20 p215/C9284.java, line(s) 345,354,389,403,416,429,442,455,468,481,494,516,531,100,503,827,842,856,1137,1141,1145,1483,1488,1535,1544,1955,2071 p215/C9618.java, line(s) 83 p217/AbstractC9634.java, line(s) 77 p218/AbstractC9649.java, line(s) 54,67 p218/AbstractC9652.java, line(s) 32 p218/C9657.java, line(s) 18 p218/C9658.java, line(s) 33,54,68 p218/C9659.java, line(s) 100,61 p218/C9660.java, line(s) 18 p218/C9661.java, line(s) 22 p218/C9663.java, line(s) 18 p218/C9666.java, line(s) 44 p218/HandlerC9662.java, line(s) 45,58,79,76,85,113 p218/ServiceConnectionC9654.java, line(s) 85,50 p223/C9695.java, line(s) 24,33,32,38,44 p226/BinderC9462.java, line(s) 124 p226/C9519.java, line(s) 2276,2299,2275,2283 p226/C9544.java, line(s) 217 p226/C9756.java, line(s) 139,143 p226/RunnableC9578.java, line(s) 37,41 p226/RunnableC9591.java, line(s) 86,89 p229/C9768.java, line(s) 36,47 p230/C9786.java, line(s) 13,20,47,27,42 p235/C9906.java, line(s) 50,57 p235/C9910.java, line(s) 14 p236/AbstractC9874.java, line(s) 96,101 p238/AbstractC9981.java, line(s) 161 p238/C9968.java, line(s) 299,367,369 p238/RunnableC9980.java, line(s) 41,44 p241/C10002.java, line(s) 123 p241/C9900.java, line(s) 303 p241/C9999.java, line(s) 70 p242/AbstractBinderC10027.java, line(s) 29 p242/AbstractC10007.java, line(s) 278,306,373,380,386,395 p242/AbstractDialogInterfaceOnClickListenerC10048.java, line(s) 15 p242/C10041.java, line(s) 79 p242/C10050.java, line(s) 64,69 p242/C10056.java, line(s) 40,55 p242/C10058.java, line(s) 47 p242/C10068.java, line(s) 82,85,88,91,94,97,105,108,111,114,142,149 p243/C9914.java, line(s) 140 p245/RunnableC9961.java, line(s) 35 p247/C10128.java, line(s) 66 p249/C10021.java, line(s) 161,173,183,237,443 p252/C10042.java, line(s) 72 p252/C10176.java, line(s) 77,78 p252/C10206.java, line(s) 69,74,87,91,70,75,88,92 p255/C10047.java, line(s) 107,319,420 p255/C10052.java, line(s) 74 p255/C10262.java, line(s) 61,73 p255/C10265.java, line(s) 57 p255/C10274.java, line(s) 34 p255/RunnableC10248.java, line(s) 238,373,590 p257/C10309.java, line(s) 120,45,117,48 p257/C10310.java, line(s) 50,72,47,69 p257/C10320.java, line(s) 226,229 p258/C10326.java, line(s) 254 p267/C10118.java, line(s) 23 p267/C10134.java, line(s) 40,89,92 p267/C10135.java, line(s) 40 p267/C10152.java, line(s) 28 p267/C10153.java, line(s) 199,209,272,280,313,348,354,189,306,332,358 p267/C10161.java, line(s) 164 p268/C10172.java, line(s) 55 p268/C10174.java, line(s) 75 p268/C10181.java, line(s) 556,561 p268/C10183.java, line(s) 57 p268/C10184.java, line(s) 45 p268/C10186.java, line(s) 57,87,166,232 p279/C10639.java, line(s) 150,418 p279/C10658.java, line(s) 207,417 p279/RunnableC10634.java, line(s) 44 p280/C10668.java, line(s) 141,277 p281/C10688.java, line(s) 47 p285/C10728.java, line(s) 36,46,57 p285/C10729.java, line(s) 178,182,202 p285/C10731.java, line(s) 76 p288/C10753.java, line(s) 80 p293/ExecutorServiceC10787.java, line(s) 55,54 p298/InterfaceC10823.java, line(s) 67,71 p299/C10520.java, line(s) 44 p301/C10539.java, line(s) 63,91 p301/C10541.java, line(s) 333,400,486,497,526 p301/C10545.java, line(s) 68 p301/C10548.java, line(s) 74,75 p301/C10549.java, line(s) 49,52,50,53 p301/C10559.java, line(s) 32 p303/C10605.java, line(s) 107,130,208,270,282,116,124,137,225 p303/C11184.java, line(s) 118,119 p307/C11219.java, line(s) 35 p316/C10822.java, line(s) 213 p317/C11433.java, line(s) 92 p318/C11452.java, line(s) 77,90,92,124,119,41,54,56,114 p320/C11458.java, line(s) 214,215 p324/C10916.java, line(s) 30,34,38 p325/C10944.java, line(s) 20 p328/C10976.java, line(s) 83 p329/C10988.java, line(s) 85,85 p331/AbstractC11007.java, line(s) 77 p331/C11012.java, line(s) 201,130,131 p333/AbstractC11026.java, line(s) 54,67 p333/AbstractC11029.java, line(s) 32 p333/C11034.java, line(s) 18 p333/C11035.java, line(s) 33,54,68 p333/C11036.java, line(s) 100,61 p333/C11037.java, line(s) 18 p333/C11038.java, line(s) 22 p333/C11040.java, line(s) 18 p333/C11043.java, line(s) 44 p333/HandlerC11039.java, line(s) 45,58,79,76,85,113 p333/ServiceConnectionC11031.java, line(s) 85,50 p338/C11072.java, line(s) 24,33,32,38,44 p344/C11167.java, line(s) 139,143 p347/C11179.java, line(s) 54,65 p348/C11197.java, line(s) 13,20,47,27,42 p356/C11336.java, line(s) 22,45,47,61,67 p358/C11345.java, line(s) 50,57 p358/C11349.java, line(s) 14 p361/AbstractC11420.java, line(s) 161 p361/C11407.java, line(s) 299,367,369 p361/C11426.java, line(s) 268 p361/RunnableC11419.java, line(s) 42,45 p364/C11438.java, line(s) 70 p364/C11441.java, line(s) 123 p365/AbstractBinderC11466.java, line(s) 29 p365/AbstractC11446.java, line(s) 282,310,377,384,390,399 p365/AbstractDialogInterfaceOnClickListenerC11487.java, line(s) 15 p365/C11480.java, line(s) 79 p365/C11489.java, line(s) 64,69 p365/C11495.java, line(s) 40,55 p365/C11497.java, line(s) 47 p365/C11506.java, line(s) 67,51,56,66,90,57 p365/C11507.java, line(s) 83,86,89,92,95,98,106,109,112,115,143,150 p365/HandlerC11488.java, line(s) 108,116 p370/C11567.java, line(s) 66 p376/C11620.java, line(s) 77,78 p376/C11650.java, line(s) 69,74,87,91,70,75,88,92 p379/C11706.java, line(s) 62,74 p379/C11709.java, line(s) 57 p379/C11718.java, line(s) 34 p379/RunnableC11692.java, line(s) 238,373,590 p380/C11734.java, line(s) 104 p381/C11753.java, line(s) 120,45,117,48 p381/C11754.java, line(s) 50,72,47,69 p381/C11764.java, line(s) 226,229 p382/C11770.java, line(s) 254 p395/C11936.java, line(s) 143 p409/C12153.java, line(s) 42,45,49,53,85,88,91,94,97 p412/C12199.java, line(s) 150,418 p412/C12218.java, line(s) 207,417 p412/RunnableC12194.java, line(s) 44 p413/C12228.java, line(s) 141,277 p414/C12248.java, line(s) 47 p418/C12288.java, line(s) 37,47,58 p418/C12289.java, line(s) 178,182,202 p418/C12291.java, line(s) 76 p422/C12317.java, line(s) 80 p428/ExecutorServiceC12358.java, line(s) 55,54 p429/C12366.java, line(s) 149 p435/InterfaceC12465.java, line(s) 67,71 p440/C12826.java, line(s) 118,119 p449/C12889.java, line(s) 35 p455/C13025.java, line(s) 34 p461/C13142.java, line(s) 20 p461/C13143.java, line(s) 181 p464/LayoutInflaterFactory2C13231.java, line(s) 1708,1717,1727,1736,1743,1755,1764,1480 p466/C13296.java, line(s) 92 p467/C13315.java, line(s) 77,90,92,124,119,41,54,56,114 p470/C13334.java, line(s) 223,224 rikka/shizuku/ShizukuProvider.java, line(s) 36,93
已通过安全项 此应用程序可能具有Root检测功能
此应用程序可能具有Root检测功能 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x05j-Testing-Resiliency-Against-Reverse-Engineering.md#testing-root-detection-mstg-resilience-1 Files: p043/C6480.java, line(s) 88,88,89 p066/C6849.java, line(s) 88,88,89 p257/C10309.java, line(s) 66 p381/C11753.java, line(s) 66
已通过安全项 此应用程序使用SSL Pinning 来检测或防止安全通信通道中的MITM攻击
此应用程序使用SSL Pinning 来检测或防止安全通信通道中的MITM攻击 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x05g-Testing-Network-Communication.md#testing-custom-certificate-stores-and-certificate-pinning-mstg-network-4 Files: p113/C1362.java, line(s) 101,89,100,99,99 p113/C1364.java, line(s) 39,38,37 p113/C1368.java, line(s) 39,38,37,37 p113/C1370.java, line(s) 83,73,82,90,81,81 p329/C10988.java, line(s) 175,163,174,173,173 p329/C10990.java, line(s) 39,38,37 p329/C10994.java, line(s) 39,38,37,37 p329/C10996.java, line(s) 83,73,82,90,81,81
已通过安全项 Firebase远程配置已禁用
Firebase远程配置URL ( https://firebaseremoteconfig.googleapis.com/v1/projects/645400720847/namespaces/firebase:fetch?key=AIzaSyDds0B5DnnlBJPHwDn98B11xkv1aCGQNmA ) 已禁用。响应内容如下所示:
{
"state": "NO_TEMPLATE"
}
重点安全关注 应用程序可能与位于OFAC制裁国家 (中国) 的服务器 (pagead2.googlesyndication.com) 通信。
{'ip': '180.163.150.166', 'country_short': 'CN', 'country_long': '中国', 'region': '上海', 'city': '上海', 'latitude': '31.224333', 'longitude': '121.468948'}
重点安全关注 应用程序可能与位于OFAC制裁国家 (中国) 的服务器 (app-measurement.com) 通信。
{'ip': '180.163.150.34', 'country_short': 'CN', 'country_long': '中国', 'region': '上海', 'city': '上海', 'latitude': '31.224333', 'longitude': '121.468948'}
重点安全关注 应用程序可能与位于OFAC制裁国家 (中国) 的服务器 (firebase-settings.crashlytics.com) 通信。
{'ip': '180.163.150.34', 'country_short': 'CN', 'country_long': '中国', 'region': '上海', 'city': '上海', 'latitude': '31.224333', 'longitude': '121.468948'}
综合安全基线评分总结
Android TV Notifier v0.8.0
Android APK
55
综合安全评分
中风险