安全分析报告:
安全分数
安全分数 44/100
风险评级
等级
- A
- B
- C
- F
严重性分布 (%)
隐私风险
3
用户/设备跟踪器
调研结果
高危
5
中危
27
信息
2
安全
1
关注
5
高危 应用程序使用了调试证书进行签名
应用程序使用了调试证书进行签名。生产环境的应用程序不能使用调试证书发布。
高危 程序可被任意调试
[android:debuggable=true] 应用可调试标签被开启,这使得逆向工程师更容易将调试器挂接到应用程序上。这允许导出堆栈跟踪和访问调试助手类。
高危 App 链接 assetlinks.json 文件未找到
[android:name=com.globalfoundation.app.activities.SplashActivity][android:host=https://www.gogetskill.in] App Link 资产验证 URL (https://www.gogetskill.in/.well-known/assetlinks.json) 未找到或配置不正确。(状态代码:None)。应用程序链接允许用户从 Web URL/电子邮件重定向到移动应用程序。如果此文件丢失或为 App Link 主机/域配置不正确,则恶意应用程序可以劫持此类 URL。这可能会导致网络钓鱼攻击,泄露 URI 中的敏感数据,例如 PII、OAuth 令牌、魔术链接/密码重置令牌等。您必须通过托管 assetlinks.json 文件并通过 Activity intent-filter 中的 [android:autoVerify=“true”] 启用验证来验证 App Link 网域。
高危 如果一个应用程序使用WebView.loadDataWithBaseURL方法来加载一个网页到WebView,那么这个应用程序可能会遭受跨站脚本攻击
如果一个应用程序使用WebView.loadDataWithBaseURL方法来加载一个网页到WebView,那么这个应用程序可能会遭受跨站脚本攻击 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x05h-Testing-Platform-Interaction.md#static-analysis-7 Files: com/razorpay/B$$W$.java, line(s) 340,343,16,17 com/razorpay/CheckoutActivity.java, line(s) 50,5
高危 已启用远程WebView调试
已启用远程WebView调试 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x04c-Tampering-and-Reverse-Engineering.md#debugging-and-tracing Files: com/onesignal/inAppMessages/internal/display/impl/WebViewManager.java, line(s) 820,7
中危 应用程序数据可以被备份
[android:allowBackup=true] 这个标志允许任何人通过adb备份你的应用程序数据。它允许已经启用了USB调试的用户从设备上复制应用程序数据。
中危 Broadcast Receiver (com.onesignal.notifications.receivers.FCMBroadcastReceiver) 受权限保护, 但是应该检查权限的保护级别。
Permission: com.google.android.c2dm.permission.SEND [android:exported=true] 发现一个 Broadcast Receiver被共享给了设备上的其他应用程序,因此让它可以被设备上的任何其他应用程序访问。它受到一个在分析的应用程序中没有定义的权限的保护。因此,应该在定义它的地方检查权限的保护级别。如果它被设置为普通或危险,一个恶意应用程序可以请求并获得这个权限,并与该组件交互。如果它被设置为签名,只有使用相同证书签名的应用程序才能获得这个权限。
中危 Activity (com.onesignal.notifications.activities.NotificationOpenedActivityHMS) 未被保护。
[android:exported=true] 发现 Activity与设备上的其他应用程序共享,因此可被设备上的任何其他应用程序访问。
中危 Broadcast Receiver (com.onesignal.notifications.receivers.NotificationDismissReceiver) 未被保护。
[android:exported=true] 发现 Broadcast Receiver与设备上的其他应用程序共享,因此可被设备上的任何其他应用程序访问。
中危 Broadcast Receiver (com.onesignal.notifications.receivers.BootUpReceiver) 未被保护。
[android:exported=true] 发现 Broadcast Receiver与设备上的其他应用程序共享,因此可被设备上的任何其他应用程序访问。
中危 Broadcast Receiver (com.onesignal.notifications.receivers.UpgradeReceiver) 未被保护。
[android:exported=true] 发现 Broadcast Receiver与设备上的其他应用程序共享,因此可被设备上的任何其他应用程序访问。
中危 Activity (com.onesignal.notifications.activities.NotificationOpenedActivity) 未被保护。
[android:exported=true] 发现 Activity与设备上的其他应用程序共享,因此可被设备上的任何其他应用程序访问。
中危 Activity (com.onesignal.notifications.activities.NotificationOpenedActivityAndroid22AndOlder) 未被保护。
[android:exported=true] 发现 Activity与设备上的其他应用程序共享,因此可被设备上的任何其他应用程序访问。
中危 Activity (com.google.firebase.auth.internal.GenericIdpActivity) 未被保护。
[android:exported=true] 发现 Activity与设备上的其他应用程序共享,因此可被设备上的任何其他应用程序访问。
中危 Activity (com.google.firebase.auth.internal.RecaptchaActivity) 未被保护。
[android:exported=true] 发现 Activity与设备上的其他应用程序共享,因此可被设备上的任何其他应用程序访问。
中危 Broadcast Receiver (com.razorpay.RzpTokenReceiver) 未被保护。
[android:exported=true] 发现 Broadcast Receiver与设备上的其他应用程序共享,因此可被设备上的任何其他应用程序访问。
中危 Activity (com.razorpay.CheckoutActivity) 未被保护。
[android:exported=true] 发现 Activity与设备上的其他应用程序共享,因此可被设备上的任何其他应用程序访问。
中危 Service (com.google.android.gms.auth.api.signin.RevocationBoundService) 受权限保护, 但是应该检查权限的保护级别。
Permission: com.google.android.gms.auth.api.signin.permission.REVOCATION_NOTIFICATION [android:exported=true] 发现一个 Service被共享给了设备上的其他应用程序,因此让它可以被设备上的任何其他应用程序访问。它受到一个在分析的应用程序中没有定义的权限的保护。因此,应该在定义它的地方检查权限的保护级别。如果它被设置为普通或危险,一个恶意应用程序可以请求并获得这个权限,并与该组件交互。如果它被设置为签名,只有使用相同证书签名的应用程序才能获得这个权限。
中危 Broadcast Receiver (com.google.firebase.iid.FirebaseInstanceIdReceiver) 受权限保护, 但是应该检查权限的保护级别。
Permission: com.google.android.c2dm.permission.SEND [android:exported=true] 发现一个 Broadcast Receiver被共享给了设备上的其他应用程序,因此让它可以被设备上的任何其他应用程序访问。它受到一个在分析的应用程序中没有定义的权限的保护。因此,应该在定义它的地方检查权限的保护级别。如果它被设置为普通或危险,一个恶意应用程序可以请求并获得这个权限,并与该组件交互。如果它被设置为签名,只有使用相同证书签名的应用程序才能获得这个权限。
中危 Service (androidx.work.impl.background.systemjob.SystemJobService) 受权限保护, 但是应该检查权限的保护级别。
Permission: android.permission.BIND_JOB_SERVICE [android:exported=true] 发现一个 Service被共享给了设备上的其他应用程序,因此让它可以被设备上的任何其他应用程序访问。它受到一个在分析的应用程序中没有定义的权限的保护。因此,应该在定义它的地方检查权限的保护级别。如果它被设置为普通或危险,一个恶意应用程序可以请求并获得这个权限,并与该组件交互。如果它被设置为签名,只有使用相同证书签名的应用程序才能获得这个权限。
中危 Broadcast Receiver (androidx.work.impl.diagnostics.DiagnosticsReceiver) 受权限保护, 但是应该检查权限的保护级别。
Permission: android.permission.DUMP [android:exported=true] 发现一个 Broadcast Receiver被共享给了设备上的其他应用程序,因此让它可以被设备上的任何其他应用程序访问。它受到一个在分析的应用程序中没有定义的权限的保护。因此,应该在定义它的地方检查权限的保护级别。如果它被设置为普通或危险,一个恶意应用程序可以请求并获得这个权限,并与该组件交互。如果它被设置为签名,只有使用相同证书签名的应用程序才能获得这个权限。
中危 Broadcast Receiver (androidx.profileinstaller.ProfileInstallReceiver) 受权限保护, 但是应该检查权限的保护级别。
Permission: android.permission.DUMP [android:exported=true] 发现一个 Broadcast Receiver被共享给了设备上的其他应用程序,因此让它可以被设备上的任何其他应用程序访问。它受到一个在分析的应用程序中没有定义的权限的保护。因此,应该在定义它的地方检查权限的保护级别。如果它被设置为普通或危险,一个恶意应用程序可以请求并获得这个权限,并与该组件交互。如果它被设置为签名,只有使用相同证书签名的应用程序才能获得这个权限。
中危 高优先级的Intent (999)
[android:priority] 通过设置一个比另一个Intent更高的优先级,应用程序有效地覆盖了其他请求。
中危 应用程序使用不安全的随机数生成器
应用程序使用不安全的随机数生成器 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x04g-Testing-Cryptography.md#weak-random-number-generators Files: carbon/internal/MathUtils.java, line(s) 3 com/annimon/stream/RandomCompat.java, line(s) 6 com/onesignal/common/AndroidUtils.java, line(s) 26 com/onesignal/notifications/internal/display/impl/NotificationDisplayer.java, line(s) 39 com/onesignal/notifications/internal/display/impl/SummaryNotificationDisplayer.java, line(s) 27
中危 文件可能包含硬编码的敏感信息,如用户名、密码、密钥等
文件可能包含硬编码的敏感信息,如用户名、密码、密钥等 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x05d-Testing-Data-Storage.md#checking-memory-for-sensitive-data-mstg-storage-10 Files: carbon/internal/Menu.java, line(s) 26,28 com/globalfoundation/app/model/SettingsModel.java, line(s) 270 com/globalfoundation/app/model/UserProfileModel.java, line(s) 224 com/onesignal/inAppMessages/internal/display/impl/WebViewManager.java, line(s) 50,51,52,45 com/onesignal/inAppMessages/internal/prompt/InAppMessagePromptTypes.java, line(s) 8,9 com/onesignal/inAppMessages/internal/prompt/impl/InAppMessagePrompt.java, line(s) 36 com/onesignal/notifications/bridges/OneSignalHmsEventBridge.java, line(s) 24,25 com/onesignal/notifications/internal/Notification.java, line(s) 477 com/onesignal/notifications/internal/bundle/impl/NotificationBundleProcessor.java, line(s) 23 com/onesignal/notifications/internal/common/NotificationConstants.java, line(s) 18,12,13,14,15,16 com/onesignal/notifications/internal/common/NotificationHelper.java, line(s) 34 com/onesignal/notifications/receivers/FCMBroadcastReceiver.java, line(s) 19 com/razorpay/AnalyticsConstants.java, line(s) 105,119,57 com/razorpay/BaseConstants.java, line(s) 20,27 com/razorpay/OtpElfData.java, line(s) 7 com/scottyab/showhidepasswordedittext/ShowHidePasswordEditText.java, line(s) 21,22
中危 应用程序使用SQLite数据库并执行原始SQL查询。原始SQL查询中不受信任的用户输入可能会导致SQL注入。敏感信息也应加密并写入数据库
应用程序使用SQLite数据库并执行原始SQL查询。原始SQL查询中不受信任的用户输入可能会导致SQL注入。敏感信息也应加密并写入数据库 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x04h-Testing-Code-Quality.md#injection-flaws-mstg-arch-2-and-mstg-platform-2 Files: com/onesignal/core/internal/database/impl/OSDatabase.java, line(s) 7,8,9,10,11,475 com/onesignal/session/internal/outcomes/impl/OutcomeTableProvider.java, line(s) 3,4,15
中危 不安全的Web视图实现。可能存在WebView任意代码执行漏洞
不安全的Web视图实现。可能存在WebView任意代码执行漏洞 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x05h-Testing-Platform-Interaction.md#testing-javascript-execution-in-webviews-mstg-platform-5 Files: com/onesignal/inAppMessages/internal/display/impl/WebViewManager.java, line(s) 638,635 com/pierfrancescosoffritti/androidyoutubeplayer/core/player/views/WebViewYouTubePlayer.java, line(s) 111,108 com/razorpay/BaseUtils.java, line(s) 224,203
中危 IP地址泄露
IP地址泄露 Files: carbon/BuildConfig.java, line(s) 9
中危 应用程序可以读取/写入外部存储器,任何应用程序都可以读取写入外部存储器的数据
应用程序可以读取/写入外部存储器,任何应用程序都可以读取写入外部存储器的数据 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x05d-Testing-Data-Storage.md#external-storage Files: com/github/dhaval2404/imagepicker/util/FileUriUtils.java, line(s) 81,81,124 com/rajat/pdfviewer/util/FileUtils.java, line(s) 67 com/yalantis/ucrop/util/FileUtils.java, line(s) 81
中危 MD5是已知存在哈希冲突的弱哈希
MD5是已知存在哈希冲突的弱哈希 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x04g-Testing-Cryptography.md#identifying-insecure-andor-deprecated-cryptographic-algorithms-mstg-crypto-4 Files: com/globalfoundation/app/utils/Utils.java, line(s) 296
中危 应用程序包含隐私跟踪程序
此应用程序有多个3隐私跟踪程序。跟踪器可以跟踪设备或用户,是终端用户的隐私问题。
中危 此应用可能包含硬编码机密信息
从应用程序中识别出以下机密确保这些不是机密或私人信息 "com.google.firebase.crashlytics.mapping_file_id" : "00000000000000000000000000000000" "google_api_key" : "AIzaSyB7huek2AEq7JMvwo_6kyFaLEdlcQ4yn2k" "google_crash_reporting_api_key" : "AIzaSyB7huek2AEq7JMvwo_6kyFaLEdlcQ4yn2k" "image_picker_provider_authority_suffix" : ".imagepicker.provider" PHN2ZyBmaWxsPSIjRkZGRkZGIiBoZWlnaHQ9IjI0IiB2aWV3Qm94PSIwIDAgMjQgMjQiIHdpZHRoPSIyNCIgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvc3ZnIj4gICAgPHBhdGggZD0iTTguNTkgMTYuMzRsNC41OC00LjU5LTQuNTgtNC41OUwxMCA1Ljc1bDYgNi02IDZ6Ii8+ICAgIDxwYXRoIGQ9Ik0wLS4yNWgyNHYyNEgweiIgZmlsbD0ibm9uZSIvPjwvc3ZnPg== PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48c3ZnIHdpZHRoPSIxNHB4IiBoZWlnaHQ9IjE0cHgiIHZpZXdCb3g9IjAgMCAxNCAxNCIgdmVyc2lvbj0iMS4xIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIHhtbG5zOnhsaW5rPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5L3hsaW5rIj4gICAgICAgIDx0aXRsZT5Hcm91cCA2PC90aXRsZT4gICAgPGRlc2M+Q3JlYXRlZCB3aXRoIFNrZXRjaC48L2Rlc2M+ICAgIDxkZWZzPjwvZGVmcz4gICAgPGcgaWQ9IlBhZ2UtMSIgc3Ryb2tlPSJub25lIiBzdHJva2Utd2lkdGg9IjEiIGZpbGw9Im5vbmUiIGZpbGwtcnVsZT0iZXZlbm9kZCI+ICAgICAgICA8ZyBpZD0iNS4xIiB0cmFuc2Zvcm09InRyYW5zbGF0ZSgtMjUuMDAwMDAwLCAtNTI1LjAwMDAwMCkiPiAgICAgICAgICAgIDxnIGlkPSJHcm91cC02IiB0cmFuc2Zvcm09InRyYW5zbGF0ZSgyNC4wMDAwMDAsIDUyNC4wMDAwMDApIj4gICAgICAgICAgICAgICAgPHBvbHlnb24gaWQ9IlNoYXBlIiBwb2ludHM9IjAgMCAxNiAwIDE2IDE2IDAgMTYiPjwvcG9seWdvbj4gICAgICAgICAgICAgICAgPHBhdGggZD0iTTEzLjMzMzMzMzMsMS4zMzMzMzMzMyBDMTQuMDY2NjY2NywxLjMzMzMzMzMzIDE0LjY2NjY2NjcsMS45MzMzMzMzMyAxNC42NjY2NjY3LDIuNjY2NjY2NjcgTDE0LjY2NjY2NjcsMTAuNjY2NjY2NyBDMTQuNjY2NjY2NywxMS40IDE0LjA2NjY2NjcsMTIgMTMuMzMzMzMzMywxMiBMNCwxMiBMMS4zMzMzMzMzMywxNC42NjY2NjY3IEwxLjMzMzMzMzMzLDIuNjY2NjY2NjcgQzEuMzMzMzMzMzMsMS45MzMzMzMzMyAxLjkzMzMzMzMzLDEuMzMzMzMzMzMgMi42NjY2NjY2NywxLjMzMzMzMzMzIEwxMy4zMzMzMzMzLDEuMzMzMzMzMzMgWiBNNS4zMzMzMzMzMyw3LjMzMzMzMzMzIEM1LjcwMTUyMzE3LDcuMzMzMzMzMzMgNiw3LjAzNDg1NjUgNiw2LjY2NjY2NjY3IEM2LDYuMjk4NDc2ODMgNS43MDE1MjMxNyw2IDUuMzMzMzMzMzMsNiBDNC45NjUxNDM1LDYgNC42NjY2NjY2Nyw2LjI5ODQ3NjgzIDQuNjY2NjY2NjcsNi42NjY2NjY2NyBDNC42NjY2NjY2Nyw3LjAzNDg1NjUgNC45NjUxNDM1LDcuMzMzMzMzMzMgNS4zMzMzMzMzMyw3LjMzMzMzMzMzIFogTTgsNy4zMzMzMzMzMyBDOC4zNjgxODk4Myw3LjMzMzMzMzMzIDguNjY2NjY2NjcsNy4wMzQ4NTY1IDguNjY2NjY2NjcsNi42NjY2NjY2NyBDOC42NjY2NjY2Nyw2LjI5ODQ3NjgzIDguMzY4MTg5ODMsNiA4LDYgQzcuNjMxODEwMTcsNiA3LjMzMzMzMzMzLDYuMjk4NDc2ODMgNy4zMzMzMzMzMyw2LjY2NjY2NjY3IEM3LjMzMzMzMzMzLDcuMDM0ODU2NSA3LjYzMTgxMDE3LDcuMzMzMzMzMzMgOCw3LjMzMzMzMzMzIFogTTEwLjY2NjY2NjcsNy4zMzMzMzMzMyBDMTEuMDM0ODU2NSw3LjMzMzMzMzMzIDExLjMzMzMzMzMsNy4wMzQ4NTY1IDExLjMzMzMzMzMsNi42NjY2NjY2NyBDMTEuMzMzMzMzMyw2LjI5ODQ3NjgzIDExLjAzNDg1NjUsNiAxMC42NjY2NjY3LDYgQzEwLjI5ODQ3NjgsNiAxMCw2LjI5ODQ3NjgzIDEwLDYuNjY2NjY2NjcgQzEwLDcuMDM0ODU2NSAxMC4yOTg0NzY4LDcuMzMzMzMzMzMgMTAuNjY2NjY2Nyw3LjMzMzMzMzMzIFoiIGlkPSJDb21iaW5lZC1TaGFwZSIgZmlsbD0iI0ZGRkZGRiIgZmlsbC1ydWxlPSJub256ZXJvIj48L3BhdGg+ICAgICAgICAgICAgPC9nPiAgICAgICAgPC9nPiAgICA8L2c+PC9zdmc+ PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48c3ZnIHdpZHRoPSIxMnB4IiBoZWlnaHQ9IjE1cHgiIHZpZXdCb3g9IjAgMCAxMiAxNSIgdmVyc2lvbj0iMS4xIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIHhtbG5zOnhsaW5rPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5L3hsaW5rIj4gICAgICAgIDx0aXRsZT5pYy1sb2NrLTI0cHhAMng8L3RpdGxlPiAgICA8ZGVzYz5DcmVhdGVkIHdpdGggU2tldGNoLjwvZGVzYz4gICAgPGRlZnM+PC9kZWZzPiAgICA8ZyBpZD0iUGFnZS0xIiBzdHJva2U9Im5vbmUiIHN0cm9rZS13aWR0aD0iMSIgZmlsbD0ibm9uZSIgZmlsbC1ydWxlPSJldmVub2RkIj4gICAgICAgIDxnIGlkPSI1LjQiIHRyYW5zZm9ybT0idHJhbnNsYXRlKC0yNi4wMDAwMDAsIC01OTYuMDAwMDAwKSI+ICAgICAgICAgICAgPGcgaWQ9Ikdyb3VwLTciIHRyYW5zZm9ybT0idHJhbnNsYXRlKDE2LjAwMDAwMCwgNTg4LjAwMDAwMCkiPiAgICAgICAgICAgICAgICA8ZyBpZD0iaWMtbG9jay0yNHB4IiB0cmFuc2Zvcm09InRyYW5zbGF0ZSg4LjAwMDAwMCwgOC4wMDAwMDApIj4gICAgICAgICAgICAgICAgICAgIDxwb2x5Z29uIGlkPSJTaGFwZSIgcG9pbnRzPSIwIDAgMTYgMCAxNiAxNiAwIDE2Ij48L3BvbHlnb24+ICAgICAgICAgICAgICAgICAgICA8cGF0aCBkPSJNMTIsNS4zMzMzMzMzMyBMMTEuMzMzMzMzMyw1LjMzMzMzMzMzIEwxMS4zMzMzMzMzLDQgQzExLjMzMzMzMzMsMi4xNiA5Ljg0LDAuNjY2NjY2NjY3IDgsMC42NjY2NjY2NjcgQzYuMTYsMC42NjY2NjY2NjcgNC42NjY2NjY2NywyLjE2IDQuNjY2NjY2NjcsNCBMNC42NjY2NjY2Nyw1LjMzMzMzMzMzIEw0LDUuMzMzMzMzMzMgQzMuMjY2NjY2NjcsNS4zMzMzMzMzMyAyLjY2NjY2NjY3LDUuOTMzMzMzMzMgMi42NjY2NjY2Nyw2LjY2NjY2NjY3IEwyLjY2NjY2NjY3LDEzLjMzMzMzMzMgQzIuNjY2NjY2NjcsMTQuMDY2NjY2NyAzLjI2NjY2NjY3LDE0LjY2NjY2NjcgNCwxNC42NjY2NjY3IEwxMiwxNC42NjY2NjY3IEMxMi43MzMzMzMzLDE0LjY2NjY2NjcgMTMuMzMzMzMzMywxNC4wNjY2NjY3IDEzLjMzMzMzMzMsMTMuMzMzMzMzMyBMMTMuMzMzMzMzMyw2LjY2NjY2NjY3IEMxMy4zMzMzMzMzLDUuOTMzMzMzMzMgMTIuNzMzMzMzMyw1LjMzMzMzMzMzIDEyLDUuMzMzMzMzMzMgWiBNOCwxMS4zMzMzMzMzIEM3LjI2NjY2NjY3LDExLjMzMzMzMzMgNi42NjY2NjY2NywxMC43MzMzMzMzIDYuNjY2NjY2NjcsMTAgQzYuNjY2NjY2NjcsOS4yNjY2NjY2NyA3LjI2NjY2NjY3LDguNjY2NjY2NjcgOCw4LjY2NjY2NjY3IEM4LjczMzMzMzMzLDguNjY2NjY2NjcgOS4zMzMzMzMzMyw5LjI2NjY2NjY3IDkuMzMzMzMzMzMsMTAgQzkuMzMzMzMzMzMsMTAuNzMzMzMzMyA4LjczMzMzMzMzLDExLjMzMzMzMzMgOCwxMS4zMzMzMzMzIFogTTEwLjA2NjY2NjcsNS4zMzMzMzMzMyBMNS45MzMzMzMzMyw1LjMzMzMzMzMzIEw1LjkzMzMzMzMzLDQgQzUuOTMzMzMzMzMsMi44NiA2Ljg2LDEuOTMzMzMzMzMgOCwxLjkzMzMzMzMzIEM5LjE0LDEuOTMzMzMzMzMgMTAuMDY2NjY2NywyLjg2IDEwLjA2NjY2NjcsNCBMMTAuMDY2NjY2Nyw1LjMzMzMzMzMzIFoiIGlkPSJTaGFwZSIgZmlsbD0iI0ZGRkZGRiIgZmlsbC1ydWxlPSJub256ZXJvIj48L3BhdGg+ICAgICAgICAgICAgICAgIDwvZz4gICAgICAgICAgICA8L2c+ICAgICAgICA8L2c+ICAgIDwvZz48L3N2Zz4= t8I8n6wctuVfyNG49l3lUOrlJ4bYi1ZW PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48c3ZnIHZlcnNpb249IjEuMSIgaWQ9IkxheWVyXzEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgeG1sbnM6eGxpbms9Imh0dHA6Ly93d3cudzMub3JnLzE5OTkveGxpbmsiIHg9IjBweCIgeT0iMHB4IiB2aWV3Qm94PSIwIDAgMTYwIDMzIiBzdHlsZT0iZW5hYmxlLWJhY2tncm91bmQ6bmV3IDAgMCAxNjAgMzM7IiB4bWw6c3BhY2U9InByZXNlcnZlIj48c3R5bGUgdHlwZT0idGV4dC9jc3MiPi5zdDB7ZmlsbDojMkQyRDJEO308L3N0eWxlPjxnPjxwYXRoIGNsYXNzPSJzdDAiIGQ9Ik00OS42LDE0LjZjLTAuNCwwLTAuOCwwLjItMSwwLjVjLTAuMiwwLjQtMC40LDAuOS0wLjQsMS41YzAsMC43LDAuMSwxLjIsMC40LDEuNWMwLjIsMC4zLDAuNiwwLjUsMSwwLjVjMC41LDAsMC45LTAuMSwxLjEtMC40YzAuMi0wLjMsMC40LTAuOCwwLjQtMS40di0wLjJjMC0wLjctMC4xLTEuMy0wLjQtMS42QzUwLjUsMTQuNyw1MC4xLDE0LjYsNDkuNiwxNC42eiIvPjxwYXRoIGNsYXNzPSJzdDAiIGQ9Ik04Ni4zLDE3LjNjLTAuMiwwLjEtMC40LDAuNS0wLjcsMS4xYy0wLjMsMC42LTAuMywwLjktMC4yLDFjMC4xLDAuMSwwLjUsMC4yLDEuMSwwLjJjMC4zLDAsMC41LDAsMC43LDBjMC4xLDAsMC4zLDAsMC41LDBjMC4yLDAsMC4zLTAuMSwwLjQtMC4xYzAuMS0wLjEsMC4yLTAuMSwwLjMtMC4yYzAuMS0wLjEsMC4yLTAuMiwwLjItMC40bDAuOC0xLjdsLTEuOCwwQzg2LjksMTcuMSw4Ni41LDE3LjEsODYuMywxNy4zeiIvPjxwYXRoIGNsYXNzPSJzdDAiIGQ9Ik04MC42LDExLjNsLTIuNCwwbC0xLjQsMy4ybDIuNCwwYzAuNywwLDEuMi0wLjEsMS41LTAuM2MwLjMtMC4yLDAuNi0wLjUsMC44LTFsMC40LTAuOGMwLjItMC40LDAuMi0wLjcsMC0wLjlDODEuNiwxMS40LDgxLjIsMTEuMyw4MC42LDExLjN6Ii8+PHBhdGggY2xhc3M9InN0MCIgZD0iTTQzLjksMTQuNmMtMC40LDAtMC43LDAuMS0xLDAuNGMtMC4yLDAuMi0wLjQsMC42LTAuNCwxaDIuNmMwLTAuNC0wLjEtMC44LTAuMy0xQzQ0LjYsMTQuNyw0NC4zLDE0LjYsNDMuOSwxNC42eiIvPjxwYXRoIGNsYXNzPSJzdDAiIGQ9Ik0yMC4yLDE0LjZjLTAuNSwwLTAuOSwwLjItMS4xLDAuNWMtMC4zLDAuMy0wLjQsMC44LTAuNCwxLjVjMCwwLjcsMC4xLDEuMiwwLjQsMS41YzAuMywwLjMsMC42LDAuNSwxLjEsMC41YzAuNSwwLDAuOS0wLjIsMS4xLTAuNWMwLjMtMC4zLDAuNC0wLjksMC40LTEuNWMwLTAuNy0wLjEtMS4yLTAuNC0xLjVDMjEuMSwxNC44LDIwLjgsMTQuNiwyMC4yLDE0LjZ6Ii8+PHBhdGggY2xhc3M9InN0MCIgZD0iTTEwNy40LDEzLjdjLTAuNywwLTEuMiwwLjEtMS42LDAuM2MtMC4zLDAuMi0wLjYsMC41LTAuOCwxbC0xLjUsMy4zYy0wLjIsMC41LTAuMiwwLjgtMC4xLDFjMC4yLDAuMiwwLjYsMC4zLDEuMywwLjNjMC43LDAsMS4zLTAuMSwxLjYtMC4zYzAuMy0wLjIsMC42LTAuNSwwLjgtMWwxLjUtMy4zYzAuMi0wLjUsMC4yLTAuOCwwLjEtMUMxMDguNiwxMy44LDEwOC4yLDEzLjcsMTA3LjQsMTMuN3oiLz48cGF0aCBjbGFzcz0ic3QwIiBkPSJNMTUuMywxMy4yYy0wLjMtMC4yLTAuOC0wLjMtMS40LTAuM0gxM3YyLjdoMC43YzAuNywwLDEuMi0wLjEsMS42LTAuM2MwLjMtMC4yLDAuNS0wLjYsMC41LTEuMUMxNS43LDEzLjgsMTUuNiwxMy41LDE1LjMsMTMuMnoiLz48cGF0aCBjbGFzcz0ic3QwIiBkPSJNMzQuMSwxNC42Yy0wLjQsMC0wLjcsMC4xLTEsMC40Yy0wLjIsMC4yLTAuNCwwLjYtMC40LDFoMi42YzAtMC40LTAuMS0wLjgtMC4zLTFDMzQuOCwxNC43LDM0LjUsMTQuNiwzNC4xLDE0LjZ6Ii8+PHBhdGggY2xhc3M9InN0MCIgZD0iTTU4LjcsMTQuNmMtMC41LDAtMC45LDAuMS0xLjEsMC40Yy0wLjIsMC4zLTAuMywwLjgtMC4zLDEuNmMwLDAuNywwLjEsMS4zLDAuNCwxLjZjMC4yLDAuMywwLjYsMC41LDEuMSwwLjVjMC41LDAsMC44LTAuMiwxLTAuNWMwLjItMC4zLDAuNC0wLjksMC40LTEuNWMwLTAuNy0wLjEtMS4yLTAuNC0xLjVDNTkuNiwxNC44LDU5LjIsMTQuNiw1OC43LDE0LjZ6Ii8+PHBhdGggY2xhc3M9InN0MCIgZD0iTTE1Ni45LDAuMkgzLjFDMS40LDAuMiwwLDEuNiwwLDMuNHYyNi41QzAsMzEuNiwxLjQsMzMsMy4xLDMzaDE1My43YzEuNywwLDMuMS0xLjQsMy4xLTMuMVYzLjRDMTYwLDEuNiwxNTguNiwwLjIsMTU2LjksMC4yeiBNMTYsMTZjLTAuNSwwLjQtMS4zLDAuNi0yLjIsMC42SDEzdjIuOGgtMVYxMmgyYzEuOSwwLDIuOCwwLjcsMi44LDIuMkMxNi44LDE1LDE2LjUsMTUuNSwxNiwxNnogTTIyLjIsMTguN2MtMC41LDAuNS0xLjEsMC44LTEuOSwwLjhjLTAuNSwwLTEtMC4xLTEuMy0wLjRjLTAuNC0wLjItMC43LTAuNi0wLjktMWMtMC4yLTAuNC0wLjMtMS0wLjMtMS41YzAtMC45LDAuMi0xLjYsMC43LTIuMWMwLjUtMC41LDEuMS0wLjgsMS45LTAuOGMwLjgsMCwxLjQsMC4zLDEuOSwwLjhjMC41LDAuNSwwLjcsMS4yLDAuNywyLjFDMjIuOCwxNy41LDIyLjYsMTguMiwyMi4yLDE4Ljd6IE0yOS42LDE5LjRoLTEuMWwtMS0zLjJjLTAuMS0wLjItMC4xLTAuNS0wLjMtMWMtMC4xLDAuNC0wLjIsMC44LTAuMywxbC0xLDMuMmgtMS4xbC0xLjUtNS42aDEuMWwwLDAuMWMwLjMsMS40LDAuNiwyLjQsMC44LDMuMWMwLjEsMC40LDAuMiwwLjgsMC4yLDFjMC0wLjEsMC4xLTAuMiwwLjEtMC4zYzAuMS0wLjMsMC4yLTAuNSwwLjItMC43bDEtMy4yaDFsMSwzLjJjMC4xLDAuNCwwLjIsMC43LDAuMywxYzAsMCwwLTAuMSwwLTAuMWMwLjEtMC4yLDAuNC0xLjYsMS00bDAtMC4xaDEuMUwyOS42LDE5LjR6IE0zNi40LDE2LjloLTMuN2MwLDAuNiwwLjIsMSwwLjUsMS4zYzAuMywwLjMsMC43LDAuNSwxLjIsMC41YzAuNiwwLDEuMS0wLjEsMS43LTAuNGwwLjEtMC4xdjFsLTAuMSwwYy0wLjMsMC4xLTAuNiwwLjItMC44LDAuM2MtMC4zLDAuMS0wLjYsMC4xLTEsMC4xYy0wLjgsMC0xLjUtMC4zLTItMC44Yy0wLjUtMC41LTAuNy0xLjItMC43LTIuMWMwLTAuOSwwLjItMS42LDAuNy0yLjFjMC40LTAuNSwxLjEtMC44LDEuOC0wLjhjMC43LDAsMS4zLDAuMiwxLjcsMC43YzAuNCwwLjUsMC42LDEuMSwwLjYsMS44VjE2Ljl6IE00MC44LDE0LjdsLTAuMSwwYy0wLjIsMC0wLjQtMC4xLTAuNi0wLjFjLTAuNCwwLTAuOCwwLjItMSwwLjVjLTAuMywwLjMtMC40LDAuOC0wLjQsMS4zdjNoLTF2LTUuNmgwLjlsMC4xLDAuOGMwLjItMC4zLDAuNC0wLjUsMC42LTAuNmMwLjMtMC4yLDAuNi0wLjMsMS0wLjNjMC4yLDAsMC41LDAsMC43LDAuMWwwLjEsMEw0MC44LDE0Ljd6IE00Ni4yLDE2LjloLTMuN2MwLDAuNiwwLjIsMSwwLjUsMS4zYzAuMywwLjMsMC43LDAuNSwxLjIsMC41YzAuNiwwLDEuMS0wLjEsMS43LTAuNGwwLjEtMC4xdjFsLTAuMSwwYy0wLjMsMC4xLTAuNiwwLjItMC44LDAuM2MtMC4zLDAuMS0wLjYsMC4xLTEsMC4xYy0wLjgsMC0xLjUtMC4zLTItMC44Yy0wLjUtMC41LTAuNy0xLjItMC43LTIuMWMwLTAuOSwwLjItMS42LDAuNy0yLjFjMC40LTAuNSwxLjEtMC44LDEuOC0wLjhjMC43LDAsMS4zLDAuMiwxLjcsMC43YzAuNCwwLjUsMC42LDEuMSwwLjYsMS44VjE2Ljl6IE01Mi4xLDE5LjRoLTAuOWwtMC4xLTAuNmMtMC40LDAuNS0xLDAuNy0xLjcsMC43Yy0wLjcsMC0xLjMtMC4zLTEuNy0wLjhjLTAuNC0wLjUtMC42LTEuMi0wLjYtMi4xYzAtMC45LDAuMi0xLjYsMC42LTIuMWMwLjQtMC41LDEtMC44LDEuNy0wLjhjMC43LDAsMS4yLDAuMiwxLjYsMC43bDAtMC4xbDAtMC40bDAtMi4zaDFWMTkuNHogTTYwLjYsMTguN2MtMC40LDAuNS0xLDAuOC0xLjcsMC44Yy0wLjQsMC0wLjctMC4xLTEtMC4yYy0wLjMtMC4xLTAuNS0wLjMtMC43LTAuNUw1NywxOS40aC0wLjh2LTcuOWgxdjJjMCwwLjMsMCwwLjYsMCwwLjljMC40LTAuNCwwLjktMC43LDEuNi0wLjdjMC43LDAsMS4zLDAuMywxLjcsMC44YzAuNCwwLjUsMC42LDEuMiwwLjYsMi4xQzYxLjIsMTcuNSw2MSwxOC4yLDYwLjYsMTguN3ogTTY0LjUsMjAuMWMtMC4yLDAuNi0wLjUsMS4xLTAuOCwxLjNjLTAuMywwLjMtMC43LDAuNC0xLjIsMC40Yy0wLjMsMC0wLjUsMC0wLjgtMC4xbC0wLjEsMHYtMC45bDAuMSwwYzAuMiwwLDAuNCwwLjEsMC42LDAuMWMwLjUsMCwwLjktMC4zLDEuMS0wLjlsMC4zLTAuN2wtMi4yLTUuNWgxLjFsMS4yLDMuMmMwLjIsMC41LDAuMywwLjksMC40LDEuMmMwLTAuMiwwLjEtMC4zLDAuMi0wLjZjMC4xLTAuNCwwLjYtMS43LDEuMy0zLjhsMC0wLjFoMS4xTDY0LjUsMjAuMXogTTgxLjUsMjFsLTMuMiwwbC0xLTQuNmwtMS4zLDBsLTIsNC42TDcxLDIxbDUuMi0xMS43bDUuMywwYzEuNSwwLDIuNiwwLjIsMy4xLDAuNmMwLjUsMC40LDAuNiwxLDAuMiwxLjlsLTAuOSwyLjFjLTAuMywwLjctMC44LDEuMy0xLjUsMS42Yy0wLjcsMC40LTEuNCwwLjYtMi4yLDAuN0w4MS41LDIxeiBNODcuNiwyMWwwLjQtMC44Yy0wLjMsMC4zLTAuNywwLjYtMS4yLDAuN2MtMC40LDAuMi0xLjEsMC4yLTIuMSwwLjJjLTEuMiwwLTEuOS0wLjItMi4xLTAuNWMtMC4yLTAuNC0wLjEtMS4xLDAuNC0yLjNjMC41LTEsMS0xLjgsMS42LTIuMmMwLjYtMC40LDEuNC0wLjYsMi40LTAuNmwzLDBsMC4zLTAuNmMwLjItMC41LDAuMy0wLjksMC4xLTEuMWMtMC4yLTAuMi0wLjctMC4zLTEuNC0wLjNjLTAuNywwLTEuOCwwLjEtMy4yLDAuMmwwLjctMS43YzEuMS0wLjEsMi4yLTAuMiwzLjQtMC4yYzEuNiwwLDIuNiwwLjIsMy4xLDAuNmMwLjUsMC40LDAuNCwxLjItMC4xLDIuM2wtMi43LDZMODcuNiwyMXogTTk5LDIxbC03LjksMGwwLjYtMS40bDYuOS01LjZsLTQuMiwwbDAuOC0xLjdsNy42LDBsLTAuNiwxLjRsLTYuOSw1LjZsNC41LDBMOTksMjF6IE0xMDgsMjAuNGMtMC40LDAuMi0wLjgsMC40LTEuMywwLjVjLTAuNSwwLjEtMC45LDAuMi0xLjMsMC4yYy0wLjQsMC0wLjgsMC0xLjMsMGMtMC41LDAtMC45LDAtMS4zLDBjLTAuMywwLTAuNy0wLjEtMS4xLTAuMmMtMC40LTAuMS0wLjYtMC4zLTAuOC0wLjVjLTAuMi0wLjItMC4yLTAuNS0wLjItMC45YzAtMC40LDAuMS0wLjksMC40LTEuNWwxLjEtMi42YzAuMy0wLjYsMC42LTEuMSwxLTEuNWMwLjQtMC40LDAuOC0wLjgsMS4xLTFjMC40LTAuMiwwLjgtMC40LDEuMy0wLjVjMC41LTAuMSwwLjktMC4yLDEuMy0wLjJjMC40LDAsMC44LDAsMS4zLDBjMC41LDAsMC45LDAsMS4yLDBjMC4zLDAsMC43LDAuMSwxLjEsMC4yYzAuNCwwLjEsMC42LDAuMywwLjgsMC41YzAuMiwwLjIsMC4zLDAuNiwwLjIsMWMwLDAuNC0wLjEsMC45LTAuNCwxLjVMMTEwLDE4Yy0wLjMsMC42LTAuNiwxLTAuOSwxLjVDMTA4LjcsMTkuOSwxMDguMywyMC4yLDEwOCwyMC40eiBNMTA5LjgsMjFsMy45LTguN2wyLjUsMGwtMC43LDEuNWMwLjItMC40LDAuNi0wLjgsMS4zLTEuMmMwLjYtMC40LDEuMi0wLjUsMS44LTAuNWwwLjksMGwtMSwyLjJsLTAuOSwwYy0wLjcsMC0xLjMsMC4xLTEuOCwwLjNjLTAuNSwwLjItMC44LDAuNi0xLjEsMS4xbC0yLjMsNS4yTDEwOS44LDIxeiBNMTI0LjYsMjAuNWMtMC44LDAuNC0xLjgsMC43LTMuMSwwLjdjLTAuOCwwLTEuNC0wLjEtMS43LTAuMmMtMC4zLTAuMS0wLjUtMC40LTAuNC0wLjlsLTIuMSw0LjZsLTIuNiwwbDUuNi0xMi41bDIuNSwwbC0wLjQsMC45YzAuMy0wLjQsMC44LTAuNywxLjMtMC44YzAuNS0wLjIsMS4yLTAuMiwyLjEtMC4yYzAuNywwLDEuMywwLjEsMS43LDAuMmMwLjQsMC4xLDAuNywwLjMsMC44LDAuNmMwLjEsMC4zLDAuMSwwLjYsMC4xLDAuOWMtMC4xLDAuMy0wLjIsMC44LTAuNSwxLjNsLTEuMywyLjlDMTI2LDE5LjIsMTI1LjMsMjAuMSwxMjQuNiwyMC41eiBNMTMxLjgsMjFsMC40LTAuOGMtMC4zLDAuMy0wLjcsMC42LTEuMiwwLjdjLTAuNCwwLjItMS4xLDAuMi0yLjEsMC4yYy0xLjIsMC0xLjktMC4yLTIuMS0wLjVjLTAuMi0wLjQtMC4xLTEuMSwwLjQtMi4zYzAuNS0xLDEtMS44LDEuNi0yLjJjMC42LTAuNCwxLjQtMC42LDIuNC0wLjZsMywwbDAuMy0wLjZjMC4yLTAuNSwwLjMtMC45LDAuMS0xLjFjLTAuMi0wLjItMC43LTAuMy0xLjQtMC4zYy0wLjcsMC0xLjgsMC4xLTMuMiwwLjJsMC43LTEuN2MxLjEtMC4xLDIuMi0wLjIsMy40LTAuMmMxLjYsMCwyLjYsMC4yLDMuMSwwLjZjMC41LDAuNCwwLjQsMS4yLTAuMSwyLjNsLTIuNyw2TDEzMS44LDIxeiBNMTM3LjcsMjQuOGwtMi43LDBsMy4zLTMuOGwwLjQtOC43bDIuOSwwbC0wLjgsNi4ybDQuNS02LjJsMi43LDBMMTM3LjcsMjQuOHoiLz48cGF0aCBjbGFzcz0ic3QwIiBkPSJNMTMwLjUsMTcuM2MtMC4yLDAuMS0wLjQsMC41LTAuNywxLjFjLTAuMywwLjYtMC4zLDAuOS0wLjIsMWMwLjEsMC4xLDAuNSwwLjIsMS4xLDAuMmMwLjMsMCwwLjUsMCwwLjcsMGMwLjEsMCwwLjMsMCwwLjUsMGMwLjIsMCwwLjMtMC4xLDAuNC0wLjFjMC4xLTAuMSwwLjItMC4xLDAuMy0wLjJjMC4xLTAuMSwwLjItMC4yLDAuMi0wLjRsMC44LTEuN2wtMS44LDBDMTMxLjEsMTcuMSwxMzAuNywxNy4xLDEzMC41LDE3LjN6Ii8+PHBhdGggY2xhc3M9InN0MCIgZD0iTTEyMy45LDEzLjdjLTAuNywwLTEuMywwLjEtMS42LDAuM2MtMC4zLDAuMi0wLjYsMC41LTAuOCwxbC0xLjQsMy4yYy0wLjIsMC41LTAuMywwLjktMC4xLDFjMC4xLDAuMiwwLjYsMC4zLDEuNCwwLjNjMC44LDAsMS4zLTAuMSwxLjYtMC4zYzAuMy0wLjIsMC42LTAuNSwwLjgtMWwxLjQtMy4yYzAuMy0wLjYsMC4zLTAuOSwwLjItMS4xQzEyNS4zLDEzLjgsMTI0LjgsMTMuNywxMjMuOSwxMy43eiIvPjwvZz48L3N2Zz4= c682b8144a8dd52bc1ad63
信息 应用程序记录日志信息,不得记录敏感信息
应用程序记录日志信息,不得记录敏感信息 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x05d-Testing-Data-Storage.md#logs Files: carbon/Carbon.java, line(s) 531 carbon/CarbonResources.java, line(s) 256,270 carbon/drawable/CheckableDrawable.java, line(s) 126 carbon/drawable/ripple/DrawableReflectiveUtils.java, line(s) 29 carbon/drawable/ripple/LollipopDrawablesCompat.java, line(s) 228,238 carbon/internal/PercentLayoutHelper.java, line(s) 32,41,46,147,158,163,184,198,247,284,31,40,45,64,72,80,91,99,107,115,123,131,139,146,157,162,183,197,246,283,65,73,81,92,100,108,116,124,132,140 carbon/recycler/ItemTouchHelper.java, line(s) 736,740,751,755 com/caverock/androidsvg/CSSParser.java, line(s) 288 com/caverock/androidsvg/SVG.java, line(s) 362,401,450,1606 com/caverock/androidsvg/SVGAndroidRenderer.java, line(s) 286,293,282 com/caverock/androidsvg/SVGParser.java, line(s) 529,280,287,3595,3628,3658,3692,3732,3770,3802,3822,3863 com/caverock/androidsvg/SimpleAssetResolver.java, line(s) 33,47 com/github/dhaval2404/imagepicker/ImagePickerActivity.java, line(s) 115 com/github/dhaval2404/imagepicker/provider/CropProvider.java, line(s) 101 com/github/dhaval2404/imagepicker/util/ExifDataCopier.java, line(s) 31 com/globalfoundation/app/App.java, line(s) 123,135,142 com/globalfoundation/app/activities/CourseDetailsActivity.java, line(s) 420 com/globalfoundation/app/activities/EbooksActivity.java, line(s) 116,157,158,199 com/globalfoundation/app/activities/EditProfileActivity$getUserProfile$1.java, line(s) 60,61 com/globalfoundation/app/activities/EditProfileActivity$updateUserProfile$2.java, line(s) 31,32 com/globalfoundation/app/activities/EditProfileActivity.java, line(s) 178,198,253,319 com/globalfoundation/app/activities/LiveVideosActivity.java, line(s) 108,149,150 com/globalfoundation/app/activities/LoginActivity$loginUser$1.java, line(s) 57,90,91 com/globalfoundation/app/activities/LoginActivity.java, line(s) 121 com/globalfoundation/app/activities/MainActivity.java, line(s) 249,325 com/globalfoundation/app/activities/MockTestActivity.java, line(s) 128,169,170 com/globalfoundation/app/activities/MockTestCategoryActivity.java, line(s) 115,156,157,207 com/globalfoundation/app/activities/MyOrdersActivity.java, line(s) 193,274,275 com/globalfoundation/app/activities/NotificationsActivity.java, line(s) 97,138,139 com/globalfoundation/app/activities/OtpVerificationActivity$loginUser$1.java, line(s) 57,90,91 com/globalfoundation/app/activities/OtpVerificationActivity$signUpNewUser$1.java, line(s) 48,85,86 com/globalfoundation/app/activities/OtpVerificationActivity.java, line(s) 47,59,75,201,249,277,313,263 com/globalfoundation/app/activities/PaymentActivity$purchaseItem$1.java, line(s) 25,65,66 com/globalfoundation/app/activities/PaymentActivity$startManualPaymentRequest$1.java, line(s) 66 com/globalfoundation/app/activities/PaymentActivity.java, line(s) 404,433,447,480,493,516,517,566,577,584 com/globalfoundation/app/activities/PdfNotesActivity.java, line(s) 112,153,154 com/globalfoundation/app/activities/PhonePeWVActivity.java, line(s) 51,68,86 com/globalfoundation/app/activities/QuestionsActivity$setupTimer$1.java, line(s) 29 com/globalfoundation/app/activities/QuestionsActivity.java, line(s) 217,237,266,267 com/globalfoundation/app/activities/RecordedVideosActivity.java, line(s) 118,159,160 com/globalfoundation/app/activities/ReferActivity$getReferCode$1.java, line(s) 59,60 com/globalfoundation/app/activities/ReferActivity.java, line(s) 58 com/globalfoundation/app/activities/SplashActivity$getData$1.java, line(s) 26,55,56 com/globalfoundation/app/activities/SplashActivity$loginUser$1.java, line(s) 84,104,105 com/globalfoundation/app/activities/SplashActivity.java, line(s) 84,102 com/globalfoundation/app/activities/SyllabusListActivity.java, line(s) 95,136,137 com/globalfoundation/app/activities/TestResultsActivity.java, line(s) 88,177,193,194 com/globalfoundation/app/activities/VideosCategoryActivity.java, line(s) 106,147,148 com/globalfoundation/app/activities/WalletActivity$getUserProfile$1.java, line(s) 60,61 com/globalfoundation/app/activities/WalletActivity$sendWithdrawalRequest$1.java, line(s) 25,64,65 com/globalfoundation/app/activities/WalletActivity.java, line(s) 92,124 com/globalfoundation/app/adapter/NotificationsAdapter.java, line(s) 114 com/globalfoundation/app/fragments/HomeFragment.java, line(s) 212,270,271,290,319,320,404,438,439 com/globalfoundation/app/fragments/LiveVideosFragment.java, line(s) 102,141,142 com/globalfoundation/app/fragments/ProfileFragment$getUserProfile$1.java, line(s) 61,62 com/globalfoundation/app/fragments/ProfileFragment.java, line(s) 129,185,194 com/globalfoundation/app/fragments/WebsiteFragment.java, line(s) 91,114,128 com/globalfoundation/app/utils/MyFirebaseMessagingService.java, line(s) 24,25,27,36,41,46 com/globalfoundation/app/utils/RootChecker.java, line(s) 42 com/globalfoundation/app/utils/Utils.java, line(s) 97,139,201,226,270,345,364,402,445,534,537 com/instacart/library/truetime/BootCompletedBroadcastReceiver.java, line(s) 12 com/instacart/library/truetime/DiskCacheClient.java, line(s) 30,45,65 com/instacart/library/truetime/SntpClient.java, line(s) 90,118 com/instacart/library/truetime/TrueLog.java, line(s) 19,43,49,25,13,31,37,55,61 com/instacart/library/truetime/TrueTime.java, line(s) 97,112,91,65,74 com/onesignal/common/AndroidSupportV4Compat.java, line(s) 34 com/onesignal/debug/internal/logging/Logging.java, line(s) 181,191,210,184,178,187 com/onesignal/notifications/internal/badges/impl/shortcutbadger/ShortcutBadger.java, line(s) 62,129,138,61,98,105,128,111 com/pierfrancescosoffritti/androidyoutubeplayer/core/customui/DefaultPlayerUiController$youTubePlayerStateListener$1.java, line(s) 135 com/pierfrancescosoffritti/androidyoutubeplayer/core/customui/menu/defaultMenu/DefaultYouTubePlayerMenu.java, line(s) 44 com/rajat/pdfviewer/PdfRendererCore.java, line(s) 143 com/rajat/pdfviewer/PdfViewerActivity.java, line(s) 397 com/razorpay/AppSignatureHelper.java, line(s) 47,36,50 com/razorpay/B$$W$.java, line(s) 110 com/razorpay/BaseUtils.java, line(s) 711 com/razorpay/CheckoutUtils.java, line(s) 94 com/razorpay/OpinionatedSoln.java, line(s) 276 com/razorpay/OtpElfData.java, line(s) 33 com/razorpay/SmsReceiver.java, line(s) 41,37 com/razorpay/d__1_.java, line(s) 7 com/razorpay/n$$t$.java, line(s) 90 com/razorpay/o$_b$.java, line(s) 84 com/smarteist/autoimageslider/SliderPager.java, line(s) 2252,553 com/smarteist/autoimageslider/SliderView.java, line(s) 519 com/smarteist/autoimageslider/Transformations/HorizontalFlipTransformation.java, line(s) 24,29 com/yalantis/ucrop/UCropActivity.java, line(s) 153 com/yalantis/ucrop/task/BitmapCropTask.java, line(s) 149,120 com/yalantis/ucrop/task/BitmapLoadTask.java, line(s) 122,148,177,83,86,128,137,142 com/yalantis/ucrop/util/BitmapLoadUtils.java, line(s) 120,35,66 com/yalantis/ucrop/util/EglUtils.java, line(s) 23 com/yalantis/ucrop/util/FileUtils.java, line(s) 49,90 com/yalantis/ucrop/util/ImageHeaderParser.java, line(s) 47,54,66,75,109,119,131,148,163,169,173,178,184,188,301,46,53,65,74,108,118,130,147,162,168,172,177,183,187 com/yalantis/ucrop/view/TransformImageView.java, line(s) 217,238,125,79 org/htmlcleaner/CommandLine.java, line(s) 47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,71,72,73,74,75,267,276,312,320,330 org/htmlcleaner/ConfigFileTagProvider.java, line(s) 73,74,75,76,77,79,80,104,112,120,128,136,144,152,160,200,207,220,227,238 org/jdom/JDOMException.java, line(s) 70
信息 此应用程序将数据复制到剪贴板。敏感数据不应复制到剪贴板,因为其他应用程序可以访问它
此应用程序将数据复制到剪贴板。敏感数据不应复制到剪贴板,因为其他应用程序可以访问它 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x04b-Mobile-App-Security-Testing.md#clipboard Files: com/razorpay/RzpAssist.java, line(s) 5,295
安全 此应用程序可能具有Root检测功能
此应用程序可能具有Root检测功能 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x05j-Testing-Resiliency-Against-Reverse-Engineering.md#testing-root-detection-mstg-resilience-1 Files: com/globalfoundation/app/activities/SplashActivity.java, line(s) 67 com/globalfoundation/app/utils/RootChecker.java, line(s) 25
关注 应用程序可能与位于OFAC制裁国家 (中国) 的服务器 (firebase-settings.crashlytics.com) 通信。
{'ip': '180.163.150.34', 'country_short': 'CN', 'country_long': '中国', 'region': '上海', 'city': '上海', 'latitude': '31.224333', 'longitude': '121.468948'}
关注 应用程序可能与位于OFAC制裁国家 (中国) 的服务器 (www.recaptcha.net) 通信。
{'ip': '180.163.150.34', 'country_short': 'CN', 'country_long': '中国', 'region': '上海', 'city': '上海', 'latitude': '31.224333', 'longitude': '121.468948'}
关注 应用程序可能与位于OFAC制裁国家 (中国) 的服务器 (app-measurement.com) 通信。
{'ip': '180.163.150.33', 'country_short': 'CN', 'country_long': '中国', 'region': '上海', 'city': '上海', 'latitude': '31.224333', 'longitude': '121.468948'}
关注 应用程序可能与位于OFAC制裁国家 (中国) 的服务器 (pagead2.googlesyndication.com) 通信。
{'ip': '180.163.151.38', 'country_short': 'CN', 'country_long': '中国', 'region': '上海', 'city': '上海', 'latitude': '31.224333', 'longitude': '121.468948'}
关注 应用程序可能与位于OFAC制裁国家 (中国) 的服务器 (www.gstatic.cn) 通信。
{'ip': '180.163.151.162', 'country_short': 'CN', 'country_long': '中国', 'region': '上海', 'city': '上海', 'latitude': '31.224333', 'longitude': '121.468948'}