安全分析报告:
安全分数
安全分数 42/100
风险评级
等级
- A
- B
- C
- F
严重性分布 (%)
隐私风险
4
用户/设备跟踪器
调研结果
高危
8
中危
35
信息
4
安全
1
关注
25
高危 应用程序在加密算法中使用ECB模式。ECB模式是已知的弱模式,因为它对相同的明文块[UNK]产生相同的密文
应用程序在加密算法中使用ECB模式。ECB模式是已知的弱模式,因为它对相同的明文块[UNK]产生相同的密文 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x04g-Testing-Cryptography.md#weak-block-cipher-mode Files: bykvm_19do/bykvm_19do/bykvm_19do/bykvm_new1/a.java, line(s) 16,28 com/zsyj/pandasdk/util/a.java, line(s) 14 com/zsyj/pandasdk/util/n0.java, line(s) 146,260 com/zsyj/sharesdk/l/j.java, line(s) 200,234
高危 不安全的Web视图实现。Web视图忽略SSL证书错误并接受任何SSL证书。此应用程序易受MITM攻击
不安全的Web视图实现。Web视图忽略SSL证书错误并接受任何SSL证书。此应用程序易受MITM攻击 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x05g-Testing-Network-Communication.md#webview-server-certificate-verification Files: c/b/g/b/c.java, line(s) 89,87 com/carozhu/fastdev/widget/webview/CommWebView.java, line(s) 83,81 com/dhcw/sdk/bl/c.java, line(s) 93,92 com/szy/gamemorphvox/ui/common/a.java, line(s) 185,184 com/vivo/ic/webview/HtmlWebViewClient.java, line(s) 130,149,248 com/vivo/mobilead/web/b.java, line(s) 251,270,149 com/wgs/sdk/activity/RewardVideoAdActivity.java, line(s) 101,100 com/wgs/sdk/third/report/screen/ScreenActivityOne.java, line(s) 85,84 com/wgs/sdk/third/report/screen/ScreenActivityTwo.java, line(s) 129,128 com/wgs/sdk/third/report/screen/ScreenWebActivity.java, line(s) 84,83
高危 该文件是World Writable。任何应用程序都可以写入文件
该文件是World Writable。任何应用程序都可以写入文件 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x05d-Testing-Data-Storage.md#testing-local-storage-for-sensitive-data-mstg-storage-1-and-mstg-storage-2 Files: c/l/a/a/c.java, line(s) 70,54 com/carozhu/fastdev/helper/n.java, line(s) 15,11 com/zsyj/pandasdk/util/j0.java, line(s) 59,17 com/zsyj/sharesdk/l/h.java, line(s) 43,53
高危 使用弱加密算法
使用弱加密算法 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x04g-Testing-Cryptography.md#identifying-insecure-andor-deprecated-cryptographic-algorithms-mstg-crypto-4 Files: c/b/g/e/b.java, line(s) 19
高危 应用程序使用带PKCS5/PKCS7填充的加密模式CBC。此配置容易受到填充oracle攻击。
应用程序使用带PKCS5/PKCS7填充的加密模式CBC。此配置容易受到填充oracle攻击。 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x04g-Testing-Cryptography.md#identifying-insecure-andor-deprecated-cryptographic-algorithms-mstg-crypto-4 Files: c/b/d/a/a/a/a/c.java, line(s) 28,57 c/l/a/b/a/a.java, line(s) 38,49 com/vivo/mobilead/util/g.java, line(s) 50
高危 如果一个应用程序使用WebView.loadDataWithBaseURL方法来加载一个网页到WebView,那么这个应用程序可能会遭受跨站脚本攻击
如果一个应用程序使用WebView.loadDataWithBaseURL方法来加载一个网页到WebView,那么这个应用程序可能会遭受跨站脚本攻击 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x05h-Testing-Platform-Interaction.md#static-analysis-7 Files: com/dhcw/sdk/l/k.java, line(s) 682,20
高危 默认情况下,调用Cipher.getInstance("AES")将返回AES ECB模式。众所周知,ECB模式很弱,因为它导致相同明文块的密文相同
默认情况下,调用Cipher.getInstance("AES")将返回AES ECB模式。众所周知,ECB模式很弱,因为它导致相同明文块的密文相同
https://github.com/MobSF/owasp-mstg/blob/master/Document/0x04g-Testing-Cryptography.md#weak-block-cipher-mode
Files:
com/dhcw/sdk/ac/a.java, line(s) 20,32
com/dhcw/sdk/bh/a.java, line(s) 24,48
高危 WebView域控制不严格漏洞
WebView域控制不严格漏洞 Files: com/carozhu/fastdev/widget/webview/CommWebView.java, line(s) 235,232,253 com/vivo/ic/webview/CommonWebView.java, line(s) 240,231
中危 应用程序已启用明文网络流量
[android:usesCleartextTraffic=true] 应用程序打算使用明文网络流量,例如明文HTTP,FTP协议,DownloadManager和MediaPlayer。针对API级别27或更低的应用程序,默认值为“true”。针对API级别28或更高的应用程序,默认值为“false”。避免使用明文流量的主要原因是缺乏机密性,真实性和防篡改保护;网络攻击者可以窃听传输的数据,并且可以在不被检测到的情况下修改它。
中危 应用程序数据可以被备份
[android:allowBackup=true] 这个标志允许任何人通过adb备份你的应用程序数据。它允许已经启用了USB调试的用户从设备上复制应用程序数据。
中危 Activity (com.szy.gamemorphvox.ui.adjustvoice.SoundEffectActivity) 未被保护。
[android:exported=true] 发现 Activity与设备上的其他应用程序共享,因此可被设备上的任何其他应用程序访问。
中危 Activity (com.szy.gamemorphvox.ui.common.WebActivity) 未被保护。
[android:exported=true] 发现 Activity与设备上的其他应用程序共享,因此可被设备上的任何其他应用程序访问。
中危 Activity (com.szy.gamemorphvox.ui.activity.VoiceListActivity) 未被保护。
存在一个intent-filter。 发现 Activity与设备上的其他应用程序共享,因此让它可以被设备上的任何其他应用程序访问。intent-filter的存在表明这个Activity是显式导出的。
中危 Activity (com.szy.gamemorphvox.MainActivity) 未被保护。
[android:exported=true] 发现 Activity与设备上的其他应用程序共享,因此可被设备上的任何其他应用程序访问。
中危 Activity (com.szy.gamemorphvox.wxapi.WXEntryActivity) 未被保护。
[android:exported=true] 发现 Activity与设备上的其他应用程序共享,因此可被设备上的任何其他应用程序访问。
中危 Activity (com.szy.gamemorphvox.wxapi.WXPayEntryActivity) 未被保护。
[android:exported=true] 发现 Activity与设备上的其他应用程序共享,因此可被设备上的任何其他应用程序访问。
中危 Activity (com.szy.gamemorphvox.ui.common.CurrencyWebActivity) 未被保护。
[android:exported=true] 发现 Activity与设备上的其他应用程序共享,因此可被设备上的任何其他应用程序访问。
中危 Activity (com.tencent.tauth.AuthActivity) 未被保护。
[android:exported=true] 发现 Activity与设备上的其他应用程序共享,因此可被设备上的任何其他应用程序访问。
中危 Activity (com.szy.gamemorphvox.ui.custom.CustomSoundEffectActivity) 未被保护。
[android:exported=true] 发现 Activity与设备上的其他应用程序共享,因此可被设备上的任何其他应用程序访问。
中危 Activity (com.szy.gamemorphvox.ui.activity.AliBindAccountToCashOutActivity) 未被保护。
[android:exported=true] 发现 Activity与设备上的其他应用程序共享,因此可被设备上的任何其他应用程序访问。
中危 Activity (com.szy.gamemorphvox.ui.activity.CashOutRecordActivity) 未被保护。
[android:exported=true] 发现 Activity与设备上的其他应用程序共享,因此可被设备上的任何其他应用程序访问。
中危 Activity (com.szy.gamemorphvox.ui.permission.PermissionManagerActivity) 未被保护。
[android:exported=true] 发现 Activity与设备上的其他应用程序共享,因此可被设备上的任何其他应用程序访问。
中危 Activity (com.szy.gamemorphvox.ui.activity.CourseActivity) 未被保护。
[android:exported=true] 发现 Activity与设备上的其他应用程序共享,因此可被设备上的任何其他应用程序访问。
中危 Activity (com.szy.gamemorphvox.ui.vip.VipActivity) 未被保护。
[android:exported=true] 发现 Activity与设备上的其他应用程序共享,因此可被设备上的任何其他应用程序访问。
中危 Activity设置了TaskAffinity属性
(com.wgs.sdk.third.report.screen.ScreenActivityOne) 如果设置了 taskAffinity,其他应用程序可能会读取发送到属于另一个任务的 Activity 的 Intent。为了防止其他应用程序读取发送或接收的 Intent 中的敏感信息,请始终使用默认设置,将 affinity 保持为包名
中危 Activity (com.wgs.sdk.third.report.screen.ScreenActivityOne) 未被保护。
[android:exported=true] 发现 Activity与设备上的其他应用程序共享,因此可被设备上的任何其他应用程序访问。
中危 Activity设置了TaskAffinity属性
(com.wgs.sdk.third.report.screen.ScreenActivityTwo) 如果设置了 taskAffinity,其他应用程序可能会读取发送到属于另一个任务的 Activity 的 Intent。为了防止其他应用程序读取发送或接收的 Intent 中的敏感信息,请始终使用默认设置,将 affinity 保持为包名
中危 Activity (com.wgs.sdk.third.report.screen.ScreenActivityTwo) 未被保护。
[android:exported=true] 发现 Activity与设备上的其他应用程序共享,因此可被设备上的任何其他应用程序访问。
中危 Activity (com.zsyj.sharesdk.QQLoginActivity) 未被保护。
[android:exported=true] 发现 Activity与设备上的其他应用程序共享,因此可被设备上的任何其他应用程序访问。
中危 Activity (com.zsyj.sharesdk.QQShareActivity) 未被保护。
[android:exported=true] 发现 Activity与设备上的其他应用程序共享,因此可被设备上的任何其他应用程序访问。
中危 Activity (com.kwad.sdk.api.proxy.app.BaseFragmentActivity$RequestInstallPermissionActivity) 未被保护。
存在一个intent-filter。 发现 Activity与设备上的其他应用程序共享,因此让它可以被设备上的任何其他应用程序访问。intent-filter的存在表明这个Activity是显式导出的。
中危 Broadcast Receiver (com.anythink.china.common.NotificationBroadcaseReceiver) 未被保护。
存在一个intent-filter。 发现 Broadcast Receiver与设备上的其他应用程序共享,因此让它可以被设备上的任何其他应用程序访问。intent-filter的存在表明这个Broadcast Receiver是显式导出的。
中危 IP地址泄露
IP地址泄露 Files: bykvm_19do/bykvm_19do/bykvm_19do/bykvm_19do/bykvm_char12/a.java, line(s) 221 bykvm_19do/bykvm_19do/bykvm_19do/bykvm_19do/bykvm_else10/b.java, line(s) 254 bykvm_19do/bykvm_19do/bykvm_19do/bykvm_for12/a.java, line(s) 101 bykvm_19do/bykvm_19do/bykvm_19do/bykvm_for12/bykvm_if122/b.java, line(s) 59 bykvm_19do/bykvm_19do/bykvm_19do/bykvm_int108/a.java, line(s) 356,370,321,196,463,77,349,363,335,148,435 bykvm_19do/bykvm_19do/bykvm_19do/bykvm_new1/i.java, line(s) 244 bykvm_19do/bykvm_19do/bykvm_19do/bykvm_new1/t.java, line(s) 8 com/carozhu/fastdev/a.java, line(s) 12 com/carozhu/rxhttp/b.java, line(s) 10 com/vivo/mobilead/net/m.java, line(s) 122 com/vivo/mobilead/util/DeviceInfo.java, line(s) 154 com/zsyj/pandasdk/util/e0.java, line(s) 20,78,22,81 com/zsyj/pandasdk/util/i0.java, line(s) 447 com/zsyj/sharesdk/l/f.java, line(s) 20,78,22,81 com/zsyj/sharesdk/l/g.java, line(s) 259
中危 应用程序可以读取/写入外部存储器,任何应用程序都可以读取写入外部存储器的数据
应用程序可以读取/写入外部存储器,任何应用程序都可以读取写入外部存储器的数据 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x05d-Testing-Data-Storage.md#external-storage Files: bykvm_19do/bykvm_19do/bykvm_19do/bykvm_new1/i.java, line(s) 234,317 bykvm_19do/bykvm_19do/bykvm_19do/bykvm_new1/k.java, line(s) 285,288 bykvm_19do/bykvm_19do/bykvm_19do/bykvm_new1/v.java, line(s) 31,31 c/b/c/h/a.java, line(s) 82 c/b/d/a/a/b/b.java, line(s) 100,306,307 c/b/d/a/a/d/b.java, line(s) 12,23,27 c/i/a/c.java, line(s) 75 c/l/a/b/a/j.java, line(s) 47 c/l/a/c/a/c.java, line(s) 81,126 com/carozhu/fastdev/d/a.java, line(s) 9,40 com/carozhu/fastdev/helper/d.java, line(s) 58,54,61 com/carozhu/fastdev/l/i.java, line(s) 98,213,215 com/dhcw/sdk/bk/c.java, line(s) 46,47 com/dhcw/sdk/bl/c.java, line(s) 180 com/dhcw/sdk/bm/c.java, line(s) 46,47 com/dhcw/sdk/bm/k.java, line(s) 10,19 com/dhcw/sdk/k/j.java, line(s) 557 com/dhcw/sdk/l/k.java, line(s) 300 com/github/gzuliyujiang/oaid/b.java, line(s) 212,213 com/ss/android/downloadlib/addownload/g.java, line(s) 209 com/ss/android/downloadlib/addownload/j.java, line(s) 195,197 com/ss/android/downloadlib/g/l.java, line(s) 143,190,455 com/szy/gamemorphvox/c.java, line(s) 135 com/szy/gamemorphvox/n/d.java, line(s) 178,224,225,227 com/szy/gamemorphvox/n/f.java, line(s) 110,109 com/szy/gamemorphvox/tools/a.java, line(s) 19 com/szy/gamemorphvox/tools/d.java, line(s) 127 com/szy/gamemorphvox/tools/e/c.java, line(s) 151 com/szy/gamemorphvox/ui/adjustvoice/SoundEffectActivity.java, line(s) 1166 com/tencent/a/a/a/a/b.java, line(s) 21,23,35,44 com/vivo/ad/exoplayer2/extend/b.java, line(s) 36 com/vivo/ic/minidownload/MiniDownloader.java, line(s) 16 com/vivo/ic/webview/HtmlWebChromeClient.java, line(s) 92 com/vivo/mobilead/util/l.java, line(s) 153 com/wgs/sdk/third/report/screen/ScreenActivityOne.java, line(s) 144 com/wgs/sdk/third/report/screen/ScreenActivityTwo.java, line(s) 604 com/wgs/sdk/third/report/screen/ScreenWebActivity.java, line(s) 131 com/yalantis/ucrop/f/e.java, line(s) 51 com/zsyj/pandasdk/d/b.java, line(s) 25 com/zsyj/pandasdk/util/p.java, line(s) 216 com/zsyj/pandasdk/util/s.java, line(s) 24,77,93,21,89,136,137,139 com/zsyj/pandasdk/util/s0.java, line(s) 61 com/zsyj/pandasdk/util/t.java, line(s) 33,37,38,40,57,487 com/zsyj/sharesdk/k/a.java, line(s) 45,46,48 com/zsyj/sharesdk/l/c.java, line(s) 28,32,33,35,52,375 tech/oom/idealrecorder/c.java, line(s) 323
中危 应用程序使用不安全的随机数生成器
应用程序使用不安全的随机数生成器 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x04g-Testing-Cryptography.md#weak-random-number-generators Files: c/b/g/d/c.java, line(s) 15 c/l/a/b/a/g.java, line(s) 3 c/l/a/d/d.java, line(s) 9 c/l/a/d/f.java, line(s) 3 c/n/a/a/i/a.java, line(s) 8 com/carozhu/fastdev/l/n.java, line(s) 3 com/carozhu/fastdev/l/q.java, line(s) 22 com/dhcw/sdk/aa/b.java, line(s) 6 com/hjq/permissions/j.java, line(s) 19 com/lsjwzh/widget/recyclerviewpager/FragmentStatePagerAdapter.java, line(s) 15 com/szy/gamemorphvox/ui/adjustvoice/SoundEffectActivity.java, line(s) 79 com/vivo/ad/exoplayer2/j/a/h.java, line(s) 19 com/vivo/mobilead/unified/base/a.java, line(s) 18 com/vivo/mobilead/util/PositionHelper.java, line(s) 10 com/vivo/mobilead/util/UnionWorker.java, line(s) 13 org/greenrobot/greendao/test/DbTest.java, line(s) 7 q/rorbin/badgeview/b.java, line(s) 12
中危 应用程序使用SQLite数据库并执行原始SQL查询。原始SQL查询中不受信任的用户输入可能会导致SQL注入。敏感信息也应加密并写入数据库
应用程序使用SQLite数据库并执行原始SQL查询。原始SQL查询中不受信任的用户输入可能会导致SQL注入。敏感信息也应加密并写入数据库 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x04h-Testing-Code-Quality.md#injection-flaws-mstg-arch-2-and-mstg-platform-2 Files: bykvm_19do/bykvm_19do/bykvm_19do/bykvm_for12/bykvm_19do/i.java, line(s) 8,119 bykvm_19do/bykvm_19do/bykvm_19do/bykvm_for12/bykvm_19do/j.java, line(s) 4,5,15 c/b/g/i/a.java, line(s) 5,6,67 c/d/b/c.java, line(s) 6,7,171 c/g/a/a/a/b.java, line(s) 5,48 c/n/a/a/c.java, line(s) 8,9,323 com/kwai/filedownloader/a/d.java, line(s) 5,6,7,155 com/kwai/filedownloader/a/e.java, line(s) 4,5,14 com/ss/android/downloadlib/d/b.java, line(s) 4,5,17 com/szy/gamemorphvox/db/HistoryKeywordDao.java, line(s) 4,24 com/szy/gamemorphvox/db/LocalVoiceWorkDao.java, line(s) 4,40 com/szy/gamemorphvox/db/ScriptRecordInfoDao.java, line(s) 4,30 com/vivo/mobilead/a/a.java, line(s) 4,5,17 com/zsyj/sharesdk/k/d/a.java, line(s) 4,5,18 org/greenrobot/greendao/AbstractDao.java, line(s) 6,7,373 org/greenrobot/greendao/DbUtils.java, line(s) 6,37 org/greenrobot/greendao/database/StandardDatabase.java, line(s) 5,64
中危 MD5是已知存在哈希冲突的弱哈希
MD5是已知存在哈希冲突的弱哈希 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x04g-Testing-Cryptography.md#identifying-insecure-andor-deprecated-cryptographic-algorithms-mstg-crypto-4 Files: bykvm_19do/bykvm_19do/bykvm_19do/bykvm_new1/j.java, line(s) 41 bykvm_19do/bykvm_19do/bykvm_19do/bykvm_new1/m.java, line(s) 20 c/j/a/d/f.java, line(s) 200 c/n/a/a/j/f.java, line(s) 10 com/carozhu/fastdev/l/q.java, line(s) 106 com/dhcw/sdk/aa/d.java, line(s) 42 com/dhcw/sdk/bh/c.java, line(s) 42 com/kwai/filedownloader/e/f.java, line(s) 292 com/kwai/sodler/lib/b/b.java, line(s) 41 com/sun/mail/smtp/a.java, line(s) 70 com/vivo/mobilead/marterial/MaterialHelper.java, line(s) 59 com/vivo/mobilead/net/h.java, line(s) 12 com/vivo/mobilead/util/MD5Util.java, line(s) 21 com/vivo/mobilead/util/g.java, line(s) 31 com/zsyj/pandasdk/util/b.java, line(s) 16 com/zsyj/pandasdk/util/c0.java, line(s) 13 com/zsyj/pandasdk/util/i0.java, line(s) 518 com/zsyj/pandasdk/util/n0.java, line(s) 225 com/zsyj/pandasdk/util/t.java, line(s) 544 com/zsyj/sharesdk/l/e.java, line(s) 36 com/zsyj/sharesdk/l/g.java, line(s) 585 com/zsyj/sharesdk/l/j.java, line(s) 81
中危 文件可能包含硬编码的敏感信息,如用户名、密码、密钥等
文件可能包含硬编码的敏感信息,如用户名、密码、密钥等 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x05d-Testing-Data-Storage.md#checking-memory-for-sensitive-data-mstg-storage-10 Files: bykvm_19do/bykvm_19do/bykvm_19do/bykvm_19do/bykvm_try19/a.java, line(s) 23 com/dhcw/sdk/ah/j.java, line(s) 59 com/dhcw/sdk/ak/d.java, line(s) 35 com/dhcw/sdk/ak/p.java, line(s) 92 com/dhcw/sdk/ak/x.java, line(s) 66 com/vivo/ic/CookieHelper.java, line(s) 33 com/vivo/ic/webview/CommonJsBridge.java, line(s) 26 com/vivo/mobilead/model/Constants.java, line(s) 27 com/zsyj/pandasdk/net/bean/ADSDKUserLoginInfo.java, line(s) 350
中危 SHA-1是已知存在哈希冲突的弱哈希
SHA-1是已知存在哈希冲突的弱哈希 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x04g-Testing-Cryptography.md#identifying-insecure-andor-deprecated-cryptographic-algorithms-mstg-crypto-4 Files: XI/K0/XI/XI.java, line(s) 78 c/b/d/a/a/a/a/b.java, line(s) 11 c/b/d/a/a/a/a/c.java, line(s) 39 c/b/d/a/a/a/b.java, line(s) 74 c/d/c/a/a/g.java, line(s) 80 c/l/a/d/d.java, line(s) 306 c/p/a/a/e/a/g/d.java, line(s) 102 com/github/gzuliyujiang/oaid/h/k.java, line(s) 77 com/jg/ids/f/d.java, line(s) 82
中危 不安全的Web视图实现。可能存在WebView任意代码执行漏洞
不安全的Web视图实现。可能存在WebView任意代码执行漏洞 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x05h-Testing-Platform-Interaction.md#testing-javascript-execution-in-webviews-mstg-platform-5 Files: com/carozhu/fastdev/widget/webview/CommWebView.java, line(s) 251,322,242 com/szy/gamemorphvox/ui/common/WebActivity.java, line(s) 285,279 com/szy/gamemorphvox/ui/common/a.java, line(s) 335,317 com/szy/gamemorphvox/ui/fragment/SzyGameFragment.java, line(s) 259,250 com/wgs/sdk/third/report/screen/ScreenActivityOne.java, line(s) 155,141 com/wgs/sdk/third/report/screen/ScreenActivityTwo.java, line(s) 617,601
中危 应用程序创建临时文件。敏感信息永远不应该被写进临时文件
应用程序创建临时文件。敏感信息永远不应该被写进临时文件 Files: com/kwai/sodler/lib/c.java, line(s) 163
中危 应用程序包含隐私跟踪程序
此应用程序有多个4隐私跟踪程序。跟踪器可以跟踪设备或用户,是终端用户的隐私问题。
中危 此应用可能包含硬编码机密信息
从应用程序中识别出以下机密确保这些不是机密或私人信息 友盟统计的=> "UMENG_APPKEY" : "5eb4bc03167edd68b50000d8" 友盟统计的=> "UMENG_CHANNEL" : "bsq_014" 腾讯云 信鸽推送SDK的=> "com.tencent.rdm.uuid" : "d7a3eee7-22cc-45a2-b8e1-6b4b750304eb" "anythink_myoffer_feedback_violation_of_laws" : "Illegal" 523af537946b79c4f8369ed39ba78605 2F0buRl2GGnQF4QJwyuINtTLWSIjNI9TsfuvNQTxiq 2BMqOVHM8X6Qiphp2ckuQfZd5oqXcQSpUwEC8GnzKSv2XA7QfOG4kdVwxu9WNAUas0fky1Cq 99e23fb052699749627a10fed365b9d1 d6fc3a4a06adbde89223b 2bee6d61b6fb4e3c9df48b3ec27a7f8b 2BP0yAVt1ZRSyy5AsSfeNGwoa6AmPkwxjpni6quiOuuID1wZbrrj2PvG9 16cf243386ff255db9e9239ba05f3279 0000016742C00BDA259000000168CE0F13200000016588840DCE7118A0002FBF1C31C3275D78 e58d1bf9f73546cb815fbc12adeca738 150100434a4e42345207c969b41a4300 5eb4bc03167edd68b50000d8 TCyQK79QVYlci6Rlm4sPmxszSWUnLb 2F0YPlU6Hh38scNSTeTaOW1j8vMxdGB6bWg1fZNIq3T7t b7ce714d1d284ab786b270a7c04da108 30820268308201d102044a9c4610300d06092a864886f70d0101040500307a310b3009060355040613025553310b3009060355040813024341311230100603550407130950616c6f20416c746f31183016060355040a130f46616365626f6f6b204d6f62696c653111300f060355040b130846616365626f6f6b311d301b0603550403131446616365626f6f6b20436f72706f726174696f6e3020170d3039303833313231353231365a180f32303530303932353231353231365a307a310b3009060355040613025553310b3009060355040813024341311230100603550407130950616c6f20416c746f31183016060355040a130f46616365626f6f6b204d6f62696c653111300f060355040b130846616365626f6f6b311d301b0603550403131446616365626f6f6b20436f72706f726174696f6e30819f300d06092a864886f70d010101050003818d0030818902818100c207d51df8eb8c97d93ba0c8c1002c928fab00dc1b42fca5e66e99cc3023ed2d214d822bc59e8e35ddcf5f44c7ae8ade50d7e0c434f500e6c131f4a2834f987fc46406115de2018ebbb0d5a3c261bd97581ccfef76afc7135a6d59e8855ecd7eacc8f8737e794c60a761c536b72b11fac8e603f5da1a2d54aa103b8a13c0dbc10203010001300d06092a864886f70d0101040500038181005ee9be8bcbb250648d3b741290a82a1c9dc2e76a0af2f2228f1d9f9c4007529c446a70175c5a900d5141812866db46be6559e2141616483998211f4a673149fb2232a10d247663b26a9031e15f84bc1c74d141ff98a02d76f85b2c8ab2571b6469b232d8e768a7f7ca04f7abe4a775615916c07940656b58717457b42bd928a2 e44046539bb5b584279553ca6eacca937c8e16cf MYfLBmRgKecqe2610B7+jt2rVdTeFDsR1IqqW92w6FM= af5abcfa13f146c3937bfe53ec27bc42 6X8Y4XdM2Vhvn0KfzcEatGnWaNU= 6594493629af45e79b7d9c263460ab77 mHwLcKi4VdCaotVurSD4YwwGknoHsPfZ efedc24fecde188aaa9161 2Fyr0luWfhhKDPGtYpuk4xBZrHvsbVvgjHGwqY6zIQFFGy6lNVfTvKV b6cbad6cbd5ed0d209afc69ad3b7a617efaae9b3c47eabe0be42d924936fa78c8001b1fd74b079e5ff9690061dacfa4768e981a526b9ca77156ca36251cf2f906d105481374998a7e6e6e18f75ca98b8ed2eaf86ff402c874cca0a263053f22237858206867d210020daa38c48b20cc9dfd82b44a51aeb5db459b22794e2d649 XwYp8WL8bm6S4wu6yEYmLGy4RRRdJDIhxCBdk3CiNZTwGoj1bScVZEeVp9vBiiIsgwDtqZHP8QLoFM6o6MRYjW8QqyrZBI654mqoUk5SOLDyzordzOU5QhYguEJh54q3K1KqMEXpdEQJJjs1Urqjm2s4jgPfCZ4hMuIjAMRrEQluA7FeoqWMJOwghcLcPVleQ8PLzAcaKidybmwhvNAxIyKRpbZlcDjNCcUvsJYvyzEA9VUIaHkIAJ62lpA3EE3H 21c8b5470a64adbb25bc84316cbc449361d86839 9cfafdb73fdb4c8e9342eb516c79637f 059131a10ce74355b7194b44e182ec9c 4cdd37d5f6074bd9a2f6a0cdf6a2f2f1 ab1ba86743e4316baed82180958c92af 6e2c7e24b7c7eae9fc94882c9f31befa00594872 51cfd3be575361381642b2c76afe7b17
信息 应用程序记录日志信息,不得记录敏感信息
应用程序记录日志信息,不得记录敏感信息 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x05d-Testing-Data-Storage.md#logs Files: b/a/a.java, line(s) 11,27,23,39,15,31,43,47,19,35 bykvm_19do/bykvm_19do/bykvm_19do/bykvm_19do/bykvm_case1/e.java, line(s) 46 bykvm_19do/bykvm_19do/bykvm_19do/bykvm_19do/bykvm_case1/f.java, line(s) 106 bykvm_19do/bykvm_19do/bykvm_19do/bykvm_new1/a0.java, line(s) 22 bykvm_19do/bykvm_19do/bykvm_if122/bykvm_19do/bykvm_19do/bykvm_for12/bykvm_int108/a.java, line(s) 9,14 bykvm_19do/bykvm_19do/bykvm_if122/bykvm_19do/bykvm_19do/bykvm_for12/bykvm_int108/d.java, line(s) 13 bykvm_19do/bykvm_19do/bykvm_if122/bykvm_19do/bykvm_19do/bykvm_for12/bykvm_int108/e.java, line(s) 21 c/a/a/a/e/b.java, line(s) 161,150,159 c/a/a/a/g/a.java, line(s) 87,96,106,109 c/a/a/a/g/c.java, line(s) 48,83,70,59,37 c/c/d/c.java, line(s) 458 c/d/b/a/c.java, line(s) 378 c/d/b/g.java, line(s) 637,641 c/d/d/b/f.java, line(s) 143 c/d/d/c/e.java, line(s) 240 c/d/e/d/a.java, line(s) 287,338,343 c/d/f/d/a.java, line(s) 291,350,360 c/d/g/c/c.java, line(s) 83,268 c/d/g/d/a.java, line(s) 282,369,373,376 c/d/g/d/f.java, line(s) 22,27,30 c/g/a/a/a/b.java, line(s) 188,134,173 c/h/c/a/b/a/b.java, line(s) 69 c/j/a/a/a.java, line(s) 62,69,74,79 c/l/a/a/a.java, line(s) 33,43,68,84 c/l/a/a/b.java, line(s) 73,133,142,155,77,80,151 c/l/a/a/c.java, line(s) 49,67,84,24,43,61 c/l/a/b/a/f.java, line(s) 102,21,86,90,110,113,116 c/l/a/b/a/j.java, line(s) 25,28 c/l/a/b/a/k.java, line(s) 13 c/m/b/c.java, line(s) 49,24 com/anythink/banner/api/ATBannerView.java, line(s) 93,432,488,495,583,558 com/app/hubert/guide/core/b.java, line(s) 253 com/carozhu/fastdev/base/i.java, line(s) 47,51,55,59,64,133,142,168,171,176 com/carozhu/fastdev/base/j.java, line(s) 238 com/carozhu/fastdev/base/l.java, line(s) 141,41,104,121,208,217 com/carozhu/fastdev/base/m.java, line(s) 141,42,157,174,189,201 com/carozhu/fastdev/comm/CommWebActivity.java, line(s) 109,124,117 com/carozhu/fastdev/comm/b.java, line(s) 44 com/carozhu/fastdev/helper/c.java, line(s) 145,158,87 com/carozhu/fastdev/helper/d.java, line(s) 45,47,64,70,73,85 com/carozhu/fastdev/helper/i.java, line(s) 94 com/carozhu/fastdev/helper/k.java, line(s) 15 com/carozhu/fastdev/helper/o.java, line(s) 16,22,25 com/carozhu/fastdev/helper/p.java, line(s) 696,698 com/carozhu/fastdev/j/a.java, line(s) 35,38,42,45,48,140 com/carozhu/fastdev/k/a.java, line(s) 53,201 com/carozhu/fastdev/l/a.java, line(s) 135,139,142,145,146 com/carozhu/fastdev/l/b.java, line(s) 161,215,290,350,472,718 com/carozhu/fastdev/l/e.java, line(s) 23,122 com/carozhu/fastdev/l/i.java, line(s) 78,160,170,180,66 com/carozhu/fastdev/l/l.java, line(s) 187,195,199,206,88 com/carozhu/fastdev/l/q.java, line(s) 131,561,119,122,155,156,442,444,553,555 com/carozhu/fastdev/l/r.java, line(s) 123,127 com/carozhu/fastdev/widget/PasswordEditText.java, line(s) 136 com/carozhu/fastdev/widget/progress/LabProgressLayout.java, line(s) 43 com/carozhu/rxhttp/i/a.java, line(s) 126,202,66,138,226,78,150,90,162,102,114,174,186,214,238 com/contrarywind/view/WheelView.java, line(s) 239 com/dhcw/base/utils/AppUtil.java, line(s) 19 com/dhcw/sdk/ae/c.java, line(s) 276,285,229,153,228,275,282,154 com/dhcw/sdk/af/a.java, line(s) 513 com/dhcw/sdk/ag/a.java, line(s) 151,150 com/dhcw/sdk/ai/b.java, line(s) 31,30 com/dhcw/sdk/ai/j.java, line(s) 61,172,60,64,70,77,171,74,78 com/dhcw/sdk/ai/l.java, line(s) 31,30 com/dhcw/sdk/aj/c.java, line(s) 110,109 com/dhcw/sdk/aj/e.java, line(s) 76,75 com/dhcw/sdk/ak/h.java, line(s) 343,266,342,540,600 com/dhcw/sdk/ak/i.java, line(s) 61,62 com/dhcw/sdk/ak/k.java, line(s) 28,223 com/dhcw/sdk/ak/q.java, line(s) 197 com/dhcw/sdk/ak/z.java, line(s) 34,35 com/dhcw/sdk/al/j.java, line(s) 116,222,117,223 com/dhcw/sdk/al/k.java, line(s) 93,205,246,270,92,102,181,188,204,219,245,259,269,103,110,182,189,260 com/dhcw/sdk/am/e.java, line(s) 57,67,80,92,98,130,58,93,70,81,99,131 com/dhcw/sdk/am/l.java, line(s) 91,75 com/dhcw/sdk/an/a.java, line(s) 82,79 com/dhcw/sdk/an/b.java, line(s) 39,38 com/dhcw/sdk/ao/a.java, line(s) 96,95 com/dhcw/sdk/ap/c.java, line(s) 19,18 com/dhcw/sdk/ap/d.java, line(s) 49,48 com/dhcw/sdk/ap/f.java, line(s) 119,118 com/dhcw/sdk/ap/s.java, line(s) 101,104 com/dhcw/sdk/ap/t.java, line(s) 38,37 com/dhcw/sdk/as/aa.java, line(s) 234,103,112,119,151,156,231,104,113,120,121,122,126,152,157 com/dhcw/sdk/as/ad.java, line(s) 129,126 com/dhcw/sdk/as/m.java, line(s) 201,211,223,291,298,314,322,352,370,374,379,388,391,396,200,210,222,290,297,313,321,351,369,373,378,387,390,395 com/dhcw/sdk/as/o.java, line(s) 206,317,160,176,205,285,316,161,286,345 com/dhcw/sdk/as/p.java, line(s) 45,51,46,52 com/dhcw/sdk/as/t.java, line(s) 45,46 com/dhcw/sdk/aw/a.java, line(s) 109,114,119,128,110,115,120,129 com/dhcw/sdk/aw/d.java, line(s) 26,27 com/dhcw/sdk/aw/j.java, line(s) 56,59 com/dhcw/sdk/ay/e.java, line(s) 24,31,42,47,23,30,35,41,46,36 com/dhcw/sdk/ba/j.java, line(s) 418,71,514,457 com/dhcw/sdk/bb/f.java, line(s) 62,173,174,63 com/dhcw/sdk/bb/r.java, line(s) 60,171,172,61 com/dhcw/sdk/bd/a.java, line(s) 44 com/dhcw/sdk/be/a.java, line(s) 39,40 com/dhcw/sdk/bk/c.java, line(s) 25,32,69,39 com/dhcw/sdk/bm/c.java, line(s) 25,32,69,39 com/dhcw/sdk/bm/m.java, line(s) 34,59,73,20,66,41,27 com/dhcw/sdk/g/k.java, line(s) 13 com/dhcw/sdk/k/j.java, line(s) 271 com/flyco/tablayout/c/d.java, line(s) 71 com/github/gzuliyujiang/oaid/e.java, line(s) 21 com/javaEmail/b.java, line(s) 48 com/kwai/sodler/kwai/b.java, line(s) 30 com/kwai/sodler/lib/a.java, line(s) 20,10,24 com/kwai/sodler/lib/ext/d.java, line(s) 152,179 com/kwai/sodler/lib/kwai/f.java, line(s) 153 com/lsjwzh/widget/recyclerviewpager/LoopRecyclerViewPager.java, line(s) 24,73 com/romainpiel/shimmer/d.java, line(s) 124 com/sun/activation/registries/b.java, line(s) 25,32 com/sun/mail/imap/protocol/d.java, line(s) 48,52,58,72,76,82,87,95,99,104,114,121,130,137,149,153,158,166,170,174,178,182,188,199,213,221,230,234,244,250,258,265,273,318,327,332 com/szy/gamemorphvox/c.java, line(s) 105,122,129 com/szy/gamemorphvox/db/a.java, line(s) 21,37 com/szy/gamemorphvox/manager/UserManagerUtil.java, line(s) 274,47,177 com/szy/gamemorphvox/manager/ad/AdControlManager.java, line(s) 257 com/szy/gamemorphvox/manager/ad/DownloadApkConfirmDialogWebView.java, line(s) 195 com/szy/gamemorphvox/manager/ad/MyBxmAdManager.java, line(s) 63,65,69,156,162,177,182,185,97,138 com/szy/gamemorphvox/manager/ad/RedEnvelopesAdManager.java, line(s) 111,112,113,194,198,202,254,259,264,269,280,287,295,142,170,176,210,224,228,232,238 com/szy/gamemorphvox/manager/ad/TopOnBannerAdManager.java, line(s) 41,45,49,55,60,64,68,73 com/szy/gamemorphvox/manager/ad/TopOnRewardVideoAdManage.java, line(s) 144,128,151,164,169,175,181,188,194 com/szy/gamemorphvox/manager/ad/TopOnSplashAdManage.java, line(s) 82,86,90 com/szy/gamemorphvox/manager/ad/TopOnTimeIntervalShowInterstitialManage.java, line(s) 72,126,139 com/szy/gamemorphvox/n/d.java, line(s) 54,58,62,66,76,83,101,106,117 com/szy/gamemorphvox/n/k.java, line(s) 132 com/szy/gamemorphvox/net/api/ApiManager.java, line(s) 1452,760,1528,1660 com/szy/gamemorphvox/net/bean/DecryptionBean.java, line(s) 24 com/szy/gamemorphvox/net/bean/VoiceListDecryptionBean.java, line(s) 134 com/szy/gamemorphvox/tools/a.java, line(s) 88,90,93,111,119 com/szy/gamemorphvox/tools/e/a.java, line(s) 170,92,96,103,109,161,185,202 com/szy/gamemorphvox/tools/e/c.java, line(s) 24,29,77,139,143,197 com/szy/gamemorphvox/ui/adjustvoice/AdvancedSetFragment.java, line(s) 226,253 com/szy/gamemorphvox/ui/adjustvoice/BgMusicFragment.java, line(s) 105 com/szy/gamemorphvox/ui/adjustvoice/SoundEffectActivity.java, line(s) 156,197,382,625 com/szy/gamemorphvox/ui/common/a.java, line(s) 210 com/szy/gamemorphvox/ui/fragment/MineFragment.java, line(s) 192,923 com/szy/gamemorphvox/ui/fragment/n2.java, line(s) 199,214 com/szy/gamemorphvox/ui/fragment/z1.java, line(s) 353 com/szy/gamemorphvox/ui/permission/a/c.java, line(s) 204 com/szy/gamemorphvox/ui/viewmodel/y0.java, line(s) 33,43,61,71 com/szy/gamemorphvox/ui/vip/VipActivity.java, line(s) 151 com/szy/gamemorphvox/ui/welcome/SplashActivity.java, line(s) 281,717,761,809,853,901,950,957,246,285,315,478,399,404,450,485,651,652,653 com/szy/gamemorphvox/widget/floatingview/FloatingBallView.java, line(s) 969,1179,1384 com/szy/ttutils/b.java, line(s) 26,30,44 com/szy/ttutils/e.java, line(s) 34,39,49,58,68,78,83,88,93,99,113 com/tencent/a/a/a/a/b.java, line(s) 20,42,48,28,54 com/tencent/a/a/a/a/c.java, line(s) 31,45 com/tencent/a/a/a/a/d.java, line(s) 16,32 com/tencent/a/a/a/a/e.java, line(s) 14,28 com/tencent/a/a/a/a/h.java, line(s) 31,21,61,25 com/vivo/ad/BaseAd.java, line(s) 189,438,811,121,261,570,874,125,210,62,82 com/vivo/ad/CrashHandler.java, line(s) 45,38,36 com/vivo/ad/a/a.java, line(s) 92,95,416,453,462,467,626,114,119,333,340,382,389,390,395,524 com/vivo/ad/a/c.java, line(s) 118,86 com/vivo/ad/c/c.java, line(s) 97,147,106,110,54 com/vivo/ad/exoplayer2/a/e.java, line(s) 848,339,347,361 com/vivo/ad/exoplayer2/d.java, line(s) 65,93,101,106,111,116,119 com/vivo/ad/exoplayer2/d/d/b.java, line(s) 580 com/vivo/ad/exoplayer2/d/d/e.java, line(s) 187,1023 com/vivo/ad/exoplayer2/d/d/f.java, line(s) 134,155,165,174,184,198,209,224 com/vivo/ad/exoplayer2/d/d/h.java, line(s) 27 com/vivo/ad/exoplayer2/d/e/k.java, line(s) 315 com/vivo/ad/exoplayer2/d/f/d.java, line(s) 102 com/vivo/ad/exoplayer2/d/f/k.java, line(s) 350 com/vivo/ad/exoplayer2/d/f/l.java, line(s) 63 com/vivo/ad/exoplayer2/d/f/o.java, line(s) 32,94,97 com/vivo/ad/exoplayer2/d/g/c.java, line(s) 38,59,63,79 com/vivo/ad/exoplayer2/e/a.java, line(s) 34,38,175 com/vivo/ad/exoplayer2/e/d.java, line(s) 297,299,207,344,356,361,366,371,420,425,433,440 com/vivo/ad/exoplayer2/f/b/g.java, line(s) 148,205,210,219,230 com/vivo/ad/exoplayer2/g.java, line(s) 46 com/vivo/ad/exoplayer2/h.java, line(s) 124,723,728,733,834,676,757 com/vivo/ad/exoplayer2/h/a/c.java, line(s) 763,328,340,363,377,578,718,731,836,841,845 com/vivo/ad/exoplayer2/h/a/g.java, line(s) 29 com/vivo/ad/exoplayer2/h/b/b.java, line(s) 526 com/vivo/ad/exoplayer2/h/c/a.java, line(s) 58,61 com/vivo/ad/exoplayer2/h/d/a.java, line(s) 71,82,210,214,217,220,224,227,340 com/vivo/ad/exoplayer2/h/f/e.java, line(s) 93 com/vivo/ad/exoplayer2/h/f/f.java, line(s) 149,152,213,349,398,444 com/vivo/ad/exoplayer2/j/n.java, line(s) 96 com/vivo/ad/exoplayer2/j/r.java, line(s) 159,165,177 com/vivo/ad/exoplayer2/k/b.java, line(s) 35,82 com/vivo/ad/exoplayer2/l/d.java, line(s) 218,577,583 com/vivo/ad/model/ADItemData.java, line(s) 77 com/vivo/ad/nativead/c.java, line(s) 326,94 com/vivo/ad/nativead/e.java, line(s) 19,28,37 com/vivo/ad/splash/a.java, line(s) 82 com/vivo/ad/splash/b.java, line(s) 18,27,36,45 com/vivo/ad/splash/c.java, line(s) 624,72,77,82,87,142,325,370,371,376 com/vivo/ad/splash/hot/a.java, line(s) 108 com/vivo/ad/video/a.java, line(s) 176,188,226,288,388,232 com/vivo/ad/video/b.java, line(s) 17,26,35,44,53,62,71,80,89,98 com/vivo/ad/video/video/MediaPlayer.java, line(s) 102,406,413,430,456,145,815 com/vivo/ic/BaseLib.java, line(s) 11,27,28 com/vivo/ic/CLog.java, line(s) 20,104,25,87,33,37,91,75,95,79,99 com/vivo/ic/CookieHelper.java, line(s) 66,90 com/vivo/ic/NetUtils.java, line(s) 95 com/vivo/ic/minidownload/MiniDownloadRunable.java, line(s) 130,142,243,232 com/vivo/ic/spmanager/BaseSharePreference.java, line(s) 13 com/vivo/ic/webview/CommonJsBridge.java, line(s) 43,64,336,265,296,96,142,83,117,197,290,300,328 com/vivo/ic/webview/CommonWebView.java, line(s) 108,142,158,284,222,268 com/vivo/ic/webview/HTMLFileUploader.java, line(s) 144,137 com/vivo/ic/webview/HtmlWebChromeClient.java, line(s) 121,123,129,127,125 com/vivo/ic/webview/HtmlWebViewClient.java, line(s) 239,301,337,333 com/vivo/mobilead/a.java, line(s) 63,67 com/vivo/mobilead/a/a.java, line(s) 19,27,36 com/vivo/mobilead/a/b.java, line(s) 56,68,92,105,70,107,189,129,152,155,176,182,187 com/vivo/mobilead/a/c.java, line(s) 56 com/vivo/mobilead/a/d.java, line(s) 39 com/vivo/mobilead/b/c.java, line(s) 105,146,171 com/vivo/mobilead/banner/VivoBannerAd.java, line(s) 34 com/vivo/mobilead/banner/b.java, line(s) 28,34,40 com/vivo/mobilead/banner/f.java, line(s) 18,25,31,37,43 com/vivo/mobilead/c/a.java, line(s) 15,19,17 com/vivo/mobilead/extendvideo/VVideoView.java, line(s) 214,350,385,441 com/vivo/mobilead/interstitial/VivoInterstitialAd.java, line(s) 28 com/vivo/mobilead/interstitial/e.java, line(s) 19,25,30,36,42,49 com/vivo/mobilead/listener/b.java, line(s) 18,27,36,45,54 com/vivo/mobilead/manager/StrategyManager.java, line(s) 45 com/vivo/mobilead/manager/VivoAdManager.java, line(s) 22 com/vivo/mobilead/manager/a.java, line(s) 215,222,232,235,241,245 com/vivo/mobilead/manager/b.java, line(s) 65,106,193,195,214,232,234,285,109,88,97,184 com/vivo/mobilead/manager/c.java, line(s) 39 com/vivo/mobilead/manager/d.java, line(s) 96,84,135,115,117,120,122,162,178,191,194,197,216 com/vivo/mobilead/marterial/MaterialHelper.java, line(s) 78,101,108,117,122,134,146,154,165,177,210,233,250,257,263,268,280,295,303,344,350,352,363,372,387,393,395,411,413 com/vivo/mobilead/marterial/a.java, line(s) 434 com/vivo/mobilead/nativead/VivoNativeAd.java, line(s) 27 com/vivo/mobilead/nativead/a.java, line(s) 32 com/vivo/mobilead/nativead/h.java, line(s) 140 com/vivo/mobilead/nativead/j.java, line(s) 31 com/vivo/mobilead/net/RequestTaskUtil.java, line(s) 51,173 com/vivo/mobilead/net/a.java, line(s) 17,21 com/vivo/mobilead/net/e.java, line(s) 58,105,111,114,118,122,45,70 com/vivo/mobilead/net/f.java, line(s) 99,106,117,39,48,165 com/vivo/mobilead/net/l.java, line(s) 14 com/vivo/mobilead/parser/a.java, line(s) 16 com/vivo/mobilead/parser/c.java, line(s) 14,17,21,23 com/vivo/mobilead/splash/VivoSplashAd.java, line(s) 87 com/vivo/mobilead/splash/e.java, line(s) 18 com/vivo/mobilead/splash/g.java, line(s) 95 com/vivo/mobilead/splash/k.java, line(s) 48 com/vivo/mobilead/unified/banner/UnifiedVivoBannerAd.java, line(s) 33 com/vivo/mobilead/unified/banner/b.java, line(s) 249 com/vivo/mobilead/unified/banner/d.java, line(s) 20,29,38,47,56 com/vivo/mobilead/unified/base/c.java, line(s) 90,93,96,99,106,111,120,127 com/vivo/mobilead/unified/base/view/k.java, line(s) 348,339,351,353,356 com/vivo/mobilead/unified/icon/UnifiedVivoFloaticonAd.java, line(s) 34 com/vivo/mobilead/unified/icon/a.java, line(s) 74 com/vivo/mobilead/unified/icon/b.java, line(s) 19,28,37,46,55 com/vivo/mobilead/unified/interstitial/UnifiedVivoInterstitialAd.java, line(s) 33 com/vivo/mobilead/unified/interstitial/a.java, line(s) 53,193 com/vivo/mobilead/unified/interstitial/a/b.java, line(s) 314,389 com/vivo/mobilead/unified/interstitial/d.java, line(s) 18,27,36,45,54 com/vivo/mobilead/unified/nativead/UnifiedVivoNativeExpressAd.java, line(s) 33 com/vivo/mobilead/unified/nativead/c.java, line(s) 18,27,36,45,54 com/vivo/mobilead/unified/reward/UnifiedVivoRewardVideoAd.java, line(s) 43 com/vivo/mobilead/unified/reward/e.java, line(s) 18,28,37,46,55 com/vivo/mobilead/util/AssetsTool.java, line(s) 107,110,54,60,71,86,119 com/vivo/mobilead/util/CommonHelper.java, line(s) 48,114,296,303,311,338,366,399,430,45,97,141,147,191,199,253,274,317,322,354,360,389,436,442 com/vivo/mobilead/util/DeviceInfo.java, line(s) 89,516,612,162,208,216,220,226,228,232,235,248,309,483,491,532,559,565,573,583,104,188,355 com/vivo/mobilead/util/NetUtils.java, line(s) 37,174,234,245,254,268,282,299 com/vivo/mobilead/util/PositionHelper.java, line(s) 50 com/vivo/mobilead/util/ReportUtil.java, line(s) 205,681 com/vivo/mobilead/util/Utils.java, line(s) 71,74,94,117,105 com/vivo/mobilead/util/ViewUtils.java, line(s) 178,258,292,84,147,194,196,198,201 com/vivo/mobilead/util/a.java, line(s) 52,232,92,95,98,101,108,114,122,131 com/vivo/mobilead/util/a/a.java, line(s) 21,31,34 com/vivo/mobilead/util/a/b.java, line(s) 30,33,38 com/vivo/mobilead/util/b.java, line(s) 39,42,47,51,59 com/vivo/mobilead/util/b/b.java, line(s) 126,54,137,144,150 com/vivo/mobilead/util/b/c.java, line(s) 24 com/vivo/mobilead/util/c/c.java, line(s) 316 com/vivo/mobilead/util/d/a.java, line(s) 13 com/vivo/mobilead/util/e.java, line(s) 56 com/vivo/mobilead/util/g.java, line(s) 52,54,56 com/vivo/mobilead/util/l.java, line(s) 100,103,106,133,167,181,206,154,187,196,162 com/vivo/mobilead/video/VivoVideoAd.java, line(s) 28 com/vivo/mobilead/video/b.java, line(s) 16,33,42,51,84 com/vivo/mobilead/video/g.java, line(s) 19,37,46,55,90 com/vivo/mobilead/web/VivoADSDKWebView.java, line(s) 309,466 com/vivo/mobilead/web/a.java, line(s) 268,73,79,81,202,237,363,54,134,207,234,241,260,339 com/vivo/mobilead/web/b.java, line(s) 140,184,220,216 com/vivo/secboxsdk/a/b.java, line(s) 11,19,15 com/wgs/sdk/third/glide/gifdecoder/b.java, line(s) 165,305,164,304 com/wgs/sdk/third/glide/gifdecoder/c.java, line(s) 183,199,213,182,198,212,568,577 com/wgs/sdk/third/glide/manager/SupportRequestManagerFragment.java, line(s) 108,109 com/wgs/sdk/third/glide/manager/e.java, line(s) 32,31,54,87,55,88 com/wgs/sdk/third/glide/manager/f.java, line(s) 18,17 com/wgs/sdk/third/glide/manager/k.java, line(s) 112,113 com/wgs/sdk/third/glide/manager/l.java, line(s) 133,134,142 com/wgs/sdk/third/glide/manager/n.java, line(s) 28,29 com/wgs/sdk/third/glide/util/b.java, line(s) 52,51 com/wgs/sdk/third/jcvideo/c.java, line(s) 78 com/yalantis/ucrop/UCropActivity.java, line(s) 246 com/yalantis/ucrop/e/a.java, line(s) 119 com/yalantis/ucrop/e/b.java, line(s) 57,188,221,134,200,207,213 com/yalantis/ucrop/f/a.java, line(s) 113,53,84 com/yalantis/ucrop/f/c.java, line(s) 78 com/yalantis/ucrop/f/f.java, line(s) 133,141,150,157,173,183,195,227,243,247,252,261,264,269,292,132,140,149,156,172,182,194,226,242,246,251,260,263,268 com/yalantis/ucrop/view/TransformImageView.java, line(s) 216,248,178,129 com/yanzhenjie/permission/d.java, line(s) 191 com/zhy/http/okhttp/cookie/a.java, line(s) 149,158,161 com/zhy/http/okhttp/g/c.java, line(s) 10 com/zsyj/pandasdk/base/BasePandaActivity.java, line(s) 70 com/zsyj/pandasdk/net/body/BodyMap.java, line(s) 80,95 com/zsyj/pandasdk/util/b0.java, line(s) 41,47,53,11,17,23,29,35,59,65 com/zsyj/pandasdk/util/h0.java, line(s) 98 com/zsyj/pandasdk/util/y.java, line(s) 254,271 com/zsyj/pandasdk/widget/viewpager/VerticalViewPager.java, line(s) 1047,1053,1065 com/zsyj/sharesdk/QQLoginActivity.java, line(s) 45,63,64,65,88,126,137 com/zsyj/sharesdk/k/c.java, line(s) 126 com/zsyj/sharesdk/l/g.java, line(s) 248,251 com/zsyj/sharesdk/l/j.java, line(s) 54 i/a/b.java, line(s) 63,71,23,43,27,47,79,31,51,35,39,55,59,67,75 me/drakeet/multitype/f.java, line(s) 105 me/jessyan/rxerrorhandler/handler/RetryWithDelay.java, line(s) 31 me/jessyan/rxerrorhandler/handler/RetryWithDelayOfFlowable.java, line(s) 31 org/fmod/AudioDevice.java, line(s) 26,50,56,38,42,36 org/fmod/FMOD.java, line(s) 66 org/fmod/MediaCodec.java, line(s) 120,168,170,83,89,137,53,73,80,86,112,172,226 org/greenrobot/greendao/AbstractDao.java, line(s) 593,630 org/greenrobot/greendao/DaoException.java, line(s) 15,16 org/greenrobot/greendao/DaoLog.java, line(s) 15,47,51,27,31,55,39,59,19,43,63,67 org/greenrobot/greendao/DbUtils.java, line(s) 58,91 org/greenrobot/greendao/async/AsyncOperationExecutor.java, line(s) 328 org/greenrobot/greendao/internal/LongHashMap.java, line(s) 61 org/greenrobot/greendao/query/QueryBuilder.java, line(s) 93,96 org/greenrobot/greendao/test/AbstractDaoTest.java, line(s) 25,27,56 org/greenrobot/greendao/test/AbstractDaoTestLongPk.java, line(s) 28,31 org/greenrobot/greendao/test/AbstractDaoTestSinglePk.java, line(s) 31 org/greenrobot/greendao/test/DbTest.java, line(s) 58 rx/internal/util/e.java, line(s) 75 rx/internal/util/k.java, line(s) 47 rx/q/c.java, line(s) 295 tech/oom/idealrecorder/g/b.java, line(s) 10,40,16,46,22,28,34,52 tech/oom/idealrecorder/g/c.java, line(s) 41,45,49
信息 此应用程序将数据复制到剪贴板。敏感数据不应复制到剪贴板,因为其他应用程序可以访问它
此应用程序将数据复制到剪贴板。敏感数据不应复制到剪贴板,因为其他应用程序可以访问它 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x04b-Mobile-App-Security-Testing.md#clipboard Files: com/dhcw/sdk/bf/d.java, line(s) 4,35 com/vivo/ic/webview/CommonJsBridge.java, line(s) 6,115 com/vivo/mobilead/web/a.java, line(s) 6,51
信息 邮件服务器
邮件服务器 Files: com/javaEmail/b.java, line(s) 41,51
信息 此应用程序使用SQL Cipher。SQLCipher为sqlite数据库文件提供256位AES加密
此应用程序使用SQL Cipher。SQLCipher为sqlite数据库文件提供256位AES加密 Files: org/greenrobot/greendao/database/SqlCipherEncryptedHelper.java, line(s) 15,4,5
安全 此应用程序使用SSL Pinning 来检测或防止安全通信通道中的MITM攻击
此应用程序使用SSL Pinning 来检测或防止安全通信通道中的MITM攻击 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x05g-Testing-Network-Communication.md#testing-custom-certificate-stores-and-certificate-pinning-mstg-network-4 Files: bykvm_19do/bykvm_19do/bykvm_if122/bykvm_19do/bykvm_19do/bykvm_if122/bykvm_if122/v.java, line(s) 211,200,209,209 com/carozhu/rxhttp/f/a.java, line(s) 30,135,29,28,28,133,133 com/carozhu/rxhttp/g/a.java, line(s) 120,62 com/zhy/http/okhttp/e/a.java, line(s) 31,103,30,29,29,101,101
关注 应用程序可能与位于OFAC制裁国家 (中国) 的服务器 (cn-pitk.birdgesdk.com) 通信。
{'ip': '120.25.247.63', 'country_short': 'CN', 'country_long': '中国', 'region': '广东', 'city': '深圳', 'latitude': '22.545673', 'longitude': '114.068108'}
关注 应用程序可能与位于OFAC制裁国家 (中国) 的服务器 (voicechanger.szsszykj.com) 通信。
{'ip': '39.97.111.12', 'country_short': 'CN', 'country_long': '中国', 'region': '北京', 'city': '北京', 'latitude': '39.907501', 'longitude': '116.397102'}
关注 应用程序可能与位于OFAC制裁国家 (中国) 的服务器 (survey.szsszykj.com) 通信。
{'ip': '47.107.166.115', 'country_short': 'CN', 'country_long': '中国', 'region': '广东', 'city': '深圳', 'latitude': '22.545673', 'longitude': '114.068108'}
关注 应用程序可能与位于OFAC制裁国家 (中国) 的服务器 (task.hzbxm.com) 通信。
{'ip': '221.231.83.100', 'country_short': 'CN', 'country_long': '中国', 'region': '浙江', 'city': '杭州', 'latitude': '30.293650', 'longitude': '120.161583'}
关注 应用程序可能与位于OFAC制裁国家 (中国) 的服务器 (adv.szsszykj.com) 通信。
{'ip': '221.231.83.100', 'country_short': 'CN', 'country_long': '中国', 'region': '北京', 'city': '北京', 'latitude': '39.907501', 'longitude': '116.397102'}
关注 应用程序可能与位于OFAC制裁国家 (中国) 的服务器 (adsdk.vivo.com.cn) 通信。
{'ip': '221.231.83.100', 'country_short': 'CN', 'country_long': '中国', 'region': '北京', 'city': '北京', 'latitude': '39.907501', 'longitude': '116.397102'}
关注 应用程序可能与位于OFAC制裁国家 (中国) 的服务器 (hydra.alibaba.com) 通信。
{'ip': '221.231.83.100', 'country_short': 'CN', 'country_long': '中国', 'region': '浙江', 'city': '杭州', 'latitude': '30.293650', 'longitude': '120.161583'}
关注 应用程序可能与位于OFAC制裁国家 (中国) 的服务器 (voice-oss.szsszykj.com) 通信。
{'ip': '61.170.44.188', 'country_short': 'CN', 'country_long': '中国', 'region': '上海', 'city': '上海', 'latitude': '31.224333', 'longitude': '121.468948'}
关注 应用程序可能与位于OFAC制裁国家 (中国) 的服务器 (pitk.birdgesdk.com) 通信。
{'ip': '221.231.83.100', 'country_short': 'CN', 'country_long': '中国', 'region': '广东', 'city': '深圳', 'latitude': '22.545673', 'longitude': '114.068108'}
关注 应用程序可能与位于OFAC制裁国家 (中国) 的服务器 (pv.sohu.com) 通信。
{'ip': '221.231.83.100', 'country_short': 'CN', 'country_long': '中国', 'region': '江苏', 'city': '台州', 'latitude': '32.492168', 'longitude': '119.910767'}
关注 应用程序可能与位于OFAC制裁国家 (中国) 的服务器 (i.snssdk.com) 通信。
{'ip': '221.231.83.100', 'country_short': 'CN', 'country_long': '中国', 'region': '山东', 'city': '济南', 'latitude': '36.668331', 'longitude': '116.997223'}
关注 应用程序可能与位于OFAC制裁国家 (中国) 的服务器 (apps.oceanengine.com) 通信。
{'ip': '221.231.83.100', 'country_short': 'CN', 'country_long': '中国', 'region': '江苏', 'city': '盐城', 'latitude': '33.385559', 'longitude': '120.125282'}
关注 应用程序可能与位于OFAC制裁国家 (中国) 的服务器 (ssp.vivo.com.cn) 通信。
{'ip': '221.229.202.237', 'country_short': 'CN', 'country_long': '中国', 'region': '江苏', 'city': '徐州', 'latitude': '34.266666', 'longitude': '117.166664'}
关注 应用程序可能与位于OFAC制裁国家 (中国) 的服务器 (cn-aa.birdgesdk.com) 通信。
{'ip': '58.49.249.230', 'country_short': 'CN', 'country_long': '中国', 'region': '广东', 'city': '深圳', 'latitude': '22.545673', 'longitude': '114.068108'}
关注 应用程序可能与位于OFAC制裁国家 (中国) 的服务器 (pangolin.snssdk.com) 通信。
{'ip': '58.49.249.230', 'country_short': 'CN', 'country_long': '中国', 'region': '湖北', 'city': '武汉', 'latitude': '30.583330', 'longitude': '114.266853'}
关注 应用程序可能与位于OFAC制裁国家 (中国) 的服务器 (appstore.vivo.com.cn) 通信。
{'ip': '221.229.202.236', 'country_short': 'CN', 'country_long': '中国', 'region': '江苏', 'city': '徐州', 'latitude': '34.266666', 'longitude': '117.166664'}
关注 应用程序可能与位于OFAC制裁国家 (中国) 的服务器 (sf6-ttcdn-tos.pstatp.com) 通信。
{'ip': '61.170.44.188', 'country_short': 'CN', 'country_long': '中国', 'region': '浙江', 'city': '台州', 'latitude': '28.666668', 'longitude': '121.349998'}
关注 应用程序可能与位于OFAC制裁国家 (中国) 的服务器 (cs.szsszykj.com) 通信。
{'ip': '47.107.166.115', 'country_short': 'CN', 'country_long': '中国', 'region': '广东', 'city': '深圳', 'latitude': '22.545673', 'longitude': '114.068108'}
关注 应用程序可能与位于OFAC制裁国家 (中国) 的服务器 (shop.vivo.com.cn) 通信。
{'ip': '61.170.44.188', 'country_short': 'CN', 'country_long': '中国', 'region': '江苏', 'city': '徐州', 'latitude': '34.266666', 'longitude': '117.166664'}
关注 应用程序可能与位于OFAC制裁国家 (中国) 的服务器 (aa.birdgesdk.com) 通信。
{'ip': '120.78.94.142', 'country_short': 'CN', 'country_long': '中国', 'region': '广东', 'city': '深圳', 'latitude': '22.545673', 'longitude': '114.068108'}
关注 应用程序可能与位于OFAC制裁国家 (中国) 的服务器 (h5.m.taobao.com) 通信。
{'ip': '221.231.83.104', 'country_short': 'CN', 'country_long': '中国', 'region': '江苏', 'city': '苏州', 'latitude': '31.311365', 'longitude': '120.617691'}
关注 应用程序可能与位于OFAC制裁国家 (中国) 的服务器 (www.chengzijianzhan.com) 通信。
{'ip': '221.231.83.104', 'country_short': 'CN', 'country_long': '中国', 'region': '江苏', 'city': '盐城', 'latitude': '33.385559', 'longitude': '120.125282'}
关注 应用程序可能与位于OFAC制裁国家 (中国) 的服务器 (wx.tenpay.com) 通信。
{'ip': '101.91.0.148', 'country_short': 'CN', 'country_long': '中国', 'region': '上海', 'city': '上海', 'latitude': '31.224333', 'longitude': '121.468948'}
关注 应用程序可能与位于OFAC制裁国家 (中国) 的服务器 (count.hzbxm.com) 通信。
{'ip': '8.136.137.241', 'country_short': 'CN', 'country_long': '中国', 'region': '浙江', 'city': '杭州', 'latitude': '30.293650', 'longitude': '120.161583'}
关注 应用程序可能与位于OFAC制裁国家 (中国) 的服务器 (yxdt.szsszykj.com) 通信。
{'ip': '39.106.231.93', 'country_short': 'CN', 'country_long': '中国', 'region': '北京', 'city': '北京', 'latitude': '39.907501', 'longitude': '116.397102'}