安全分析报告:
安全分数
安全分数 45/100
风险评级
等级
- A
- B
- C
- F
严重性分布 (%)
隐私风险
2
用户/设备跟踪器
调研结果
高危
9
中危
47
信息
4
安全
3
关注
6
高危 基本配置不安全地配置为允许到所有域的明文流量。
Scope: *
高危 程序可被任意调试
[android:debuggable=true] 应用可调试标签被开启,这使得逆向工程师更容易将调试器挂接到应用程序上。这允许导出堆栈跟踪和访问调试助手类。
高危 Activity (im.isfyeeywzr.tel.CallApiAbove29Dialer) 容易受到StrandHogg 2.0的攻击
已发现活动存在 StrandHogg 2.0 栈劫持漏洞的风险。漏洞利用时,其他应用程序可以将恶意活动放置在易受攻击的应用程序的活动栈顶部,从而使应用程序成为网络钓鱼攻击的易受攻击目标。可以通过将启动模式属性设置为“singleInstance”并设置空 taskAffinity (taskAffinity="") 来修复此漏洞。您还可以将应用的目标 SDK 版本 (28) 更新到 29 或更高版本以在平台级别修复此问题。
高危 App 链接 assetlinks.json 文件未找到
[android:name=im.isfyeeywzr.ui.LaunchActivity][android:host=http://m12345.cc] App Link 资产验证 URL (http://m12345.cc/.well-known/assetlinks.json) 未找到或配置不正确。(状态代码:None)。应用程序链接允许用户从 Web URL/电子邮件重定向到移动应用程序。如果此文件丢失或为 App Link 主机/域配置不正确,则恶意应用程序可以劫持此类 URL。这可能会导致网络钓鱼攻击,泄露 URI 中的敏感数据,例如 PII、OAuth 令牌、魔术链接/密码重置令牌等。您必须通过托管 assetlinks.json 文件并通过 Activity intent-filter 中的 [android:autoVerify=“true”] 启用验证来验证 App Link 网域。
高危 App 链接 assetlinks.json 文件未找到
[android:name=im.isfyeeywzr.ui.LaunchActivity][android:host=https://m12345.cc] App Link 资产验证 URL (https://m12345.cc/.well-known/assetlinks.json) 未找到或配置不正确。(状态代码:None)。应用程序链接允许用户从 Web URL/电子邮件重定向到移动应用程序。如果此文件丢失或为 App Link 主机/域配置不正确,则恶意应用程序可以劫持此类 URL。这可能会导致网络钓鱼攻击,泄露 URI 中的敏感数据,例如 PII、OAuth 令牌、魔术链接/密码重置令牌等。您必须通过托管 assetlinks.json 文件并通过 Activity intent-filter 中的 [android:autoVerify=“true”] 启用验证来验证 App Link 网域。
高危 Activity (im.isfyeeywzr.messenger.OpenChatReceiver) 容易受到StrandHogg 2.0的攻击
已发现活动存在 StrandHogg 2.0 栈劫持漏洞的风险。漏洞利用时,其他应用程序可以将恶意活动放置在易受攻击的应用程序的活动栈顶部,从而使应用程序成为网络钓鱼攻击的易受攻击目标。可以通过将启动模式属性设置为“singleInstance”并设置空 taskAffinity (taskAffinity="") 来修复此漏洞。您还可以将应用的目标 SDK 版本 (28) 更新到 29 或更高版本以在平台级别修复此问题。
高危 应用程序使用带PKCS5/PKCS7填充的加密模式CBC。此配置容易受到填充oracle攻击。
应用程序使用带PKCS5/PKCS7填充的加密模式CBC。此配置容易受到填充oracle攻击。 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x04g-Testing-Cryptography.md#identifying-insecure-andor-deprecated-cryptographic-algorithms-mstg-crypto-4 Files: com/alivc/rtc/device/utils/AESUtils.java, line(s) 39,46 im/isfyeeywzr/network/DohNet.java, line(s) 96 im/isfyeeywzr/network/DotNet.java, line(s) 157 im/isfyeeywzr/ui/hui/friendscircle/okhttphelper/AESHelper.java, line(s) 50 im/isfyeeywzr/ui/utils/AesUtils.java, line(s) 41,63,72,81 im/isfyeeywzr/ui/utils/ChiperUtils.java, line(s) 51,73,82
高危 如果一个应用程序使用WebView.loadDataWithBaseURL方法来加载一个网页到WebView,那么这个应用程序可能会遭受跨站脚本攻击
如果一个应用程序使用WebView.loadDataWithBaseURL方法来加载一个网页到WebView,那么这个应用程序可能会遭受跨站脚本攻击 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x05h-Testing-Platform-Interaction.md#static-analysis-7 Files: im/isfyeeywzr/ui/ArticleViewer.java, line(s) 7064,61,62 im/isfyeeywzr/ui/components/EmbedBottomSheet.java, line(s) 688,33,34
高危 启用了调试配置。生产版本不能是可调试的
启用了调试配置。生产版本不能是可调试的 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x04c-Tampering-and-Reverse-Engineering.md#debugging-and-tracing Files: com/litesuits/orm/BuildConfig.java, line(s) 3,4 com/serenegiant/uvccamera/BuildConfig.java, line(s) 3,6 im/isfyeeywzr/messenger/BuildConfig.java, line(s) 3,6
中危 应用程序已启用明文网络流量
[android:usesCleartextTraffic=true] 应用程序打算使用明文网络流量,例如明文HTTP,FTP协议,DownloadManager和MediaPlayer。针对API级别27或更低的应用程序,默认值为“true”。针对API级别28或更高的应用程序,默认值为“false”。避免使用明文流量的主要原因是缺乏机密性,真实性和防篡改保护;网络攻击者可以窃听传输的数据,并且可以在不被检测到的情况下修改它。
中危 Service (im.isfyeeywzr.messenger.GcmPushListenerService) 未被保护。
存在一个intent-filter。 发现 Service与设备上的其他应用程序共享,因此让它可以被设备上的任何其他应用程序访问。intent-filter的存在表明这个Service是显式导出的。
中危 Broadcast Receiver (com.google.android.gms.measurement.AppMeasurementReceiver) 未被保护。
存在一个intent-filter。 发现 Broadcast Receiver与设备上的其他应用程序共享,因此让它可以被设备上的任何其他应用程序访问。intent-filter的存在表明这个Broadcast Receiver是显式导出的。
中危 Broadcast Receiver (im.isfyeeywzr.tel.IncomingCallReceiver) 未被保护。
[android:exported=true] 发现 Broadcast Receiver与设备上的其他应用程序共享,因此可被设备上的任何其他应用程序访问。
中危 Activity (im.isfyeeywzr.tel.CallApiAbove29Dialer) 未被保护。
[android:exported=true] 发现 Activity与设备上的其他应用程序共享,因此可被设备上的任何其他应用程序访问。
中危 Service (im.isfyeeywzr.tel.CallApiAbove29ScreeningService) 受权限保护, 但是应该检查权限的保护级别。
Permission: android.permission.BIND_SCREENING_SERVICE [android:exported=true] 发现一个 Service被共享给了设备上的其他应用程序,因此让它可以被设备上的任何其他应用程序访问。它受到一个在分析的应用程序中没有定义的权限的保护。因此,应该在定义它的地方检查权限的保护级别。如果它被设置为普通或危险,一个恶意应用程序可以请求并获得这个权限,并与该组件交互。如果它被设置为签名,只有使用相同证书签名的应用程序才能获得这个权限。
中危 Activity (im.isfyeeywzr.ui.ShareActivity) 未被保护。
存在一个intent-filter。 发现 Activity与设备上的其他应用程序共享,因此让它可以被设备上的任何其他应用程序访问。intent-filter的存在表明这个Activity是显式导出的。
中危 Activity (im.isfyeeywzr.ui.ExternalActionActivity) 未被保护。
存在一个intent-filter。 发现 Activity与设备上的其他应用程序共享,因此让它可以被设备上的任何其他应用程序访问。intent-filter的存在表明这个Activity是显式导出的。
中危 Activity (im.isfyeeywzr.messenger.OpenChatReceiver) 未被保护。
[android:exported=true] 发现 Activity与设备上的其他应用程序共享,因此可被设备上的任何其他应用程序访问。
中危 Activity (im.isfyeeywzr.ui.hui.visualcall.VisualCallActivity) 未被保护。
[android:exported=true] 发现 Activity与设备上的其他应用程序共享,因此可被设备上的任何其他应用程序访问。
中危 Activity (im.isfyeeywzr.ui.hui.visualcall.VisualCallReceiveActivity) 未被保护。
[android:exported=true] 发现 Activity与设备上的其他应用程序共享,因此可被设备上的任何其他应用程序访问。
中危 Activity设置了TaskAffinity属性
(im.isfyeeywzr.ui.VoIPActivity) 如果设置了 taskAffinity,其他应用程序可能会读取发送到属于另一个任务的 Activity 的 Intent。为了防止其他应用程序读取发送或接收的 Intent 中的敏感信息,请始终使用默认设置,将 affinity 保持为包名
中危 Activity设置了TaskAffinity属性
(im.isfyeeywzr.ui.VoIPPermissionActivity) 如果设置了 taskAffinity,其他应用程序可能会读取发送到属于另一个任务的 Activity 的 Intent。为了防止其他应用程序读取发送或接收的 Intent 中的敏感信息,请始终使用默认设置,将 affinity 保持为包名
中危 Activity设置了TaskAffinity属性
(im.isfyeeywzr.ui.VoIPFeedbackActivity) 如果设置了 taskAffinity,其他应用程序可能会读取发送到属于另一个任务的 Activity 的 Intent。为了防止其他应用程序读取发送或接收的 Intent 中的敏感信息,请始终使用默认设置,将 affinity 保持为包名
中危 Service (im.isfyeeywzr.messenger.AuthenticatorService) 未被保护。
[android:exported=true] 发现 Service与设备上的其他应用程序共享,因此可被设备上的任何其他应用程序访问。
中危 Service (im.isfyeeywzr.messenger.ContactsSyncAdapterService) 未被保护。
[android:exported=true] 发现 Service与设备上的其他应用程序共享,因此可被设备上的任何其他应用程序访问。
中危 Service (im.isfyeeywzr.messenger.AppChooserTargetService) 受权限保护, 但是应该检查权限的保护级别。
Permission: android.permission.BIND_CHOOSER_TARGET_SERVICE [android:exported=true] 发现一个 Service被共享给了设备上的其他应用程序,因此让它可以被设备上的任何其他应用程序访问。它受到一个在分析的应用程序中没有定义的权限的保护。因此,应该在定义它的地方检查权限的保护级别。如果它被设置为普通或危险,一个恶意应用程序可以请求并获得这个权限,并与该组件交互。如果它被设置为签名,只有使用相同证书签名的应用程序才能获得这个权限。
中危 Service (im.isfyeeywzr.messenger.MusicPlayerService) 未被保护。
[android:exported=true] 发现 Service与设备上的其他应用程序共享,因此可被设备上的任何其他应用程序访问。
中危 Service (im.isfyeeywzr.messenger.MusicBrowserService) 未被保护。
[android:exported=true] 发现 Service与设备上的其他应用程序共享,因此可被设备上的任何其他应用程序访问。
中危 Service (im.isfyeeywzr.messenger.WearDataLayerListenerService) 未被保护。
存在一个intent-filter。 发现 Service与设备上的其他应用程序共享,因此让它可以被设备上的任何其他应用程序访问。intent-filter的存在表明这个Service是显式导出的。
中危 Service (im.isfyeeywzr.messenger.voip.AppConnectionService) 受权限保护, 但是应该检查权限的保护级别。
Permission: android.permission.BIND_TELECOM_CONNECTION_SERVICE [android:exported=true] 发现一个 Service被共享给了设备上的其他应用程序,因此让它可以被设备上的任何其他应用程序访问。它受到一个在分析的应用程序中没有定义的权限的保护。因此,应该在定义它的地方检查权限的保护级别。如果它被设置为普通或危险,一个恶意应用程序可以请求并获得这个权限,并与该组件交互。如果它被设置为签名,只有使用相同证书签名的应用程序才能获得这个权限。
中危 Broadcast Receiver (im.isfyeeywzr.messenger.MusicPlayerReceiver) 未被保护。
存在一个intent-filter。 发现 Broadcast Receiver与设备上的其他应用程序共享,因此让它可以被设备上的任何其他应用程序访问。intent-filter的存在表明这个Broadcast Receiver是显式导出的。
中危 Broadcast Receiver (im.isfyeeywzr.messenger.voip.VoIPMediaButtonReceiver) 未被保护。
存在一个intent-filter。 发现 Broadcast Receiver与设备上的其他应用程序共享,因此让它可以被设备上的任何其他应用程序访问。intent-filter的存在表明这个Broadcast Receiver是显式导出的。
中危 Broadcast Receiver (im.isfyeeywzr.messenger.AppStartReceiver) 未被保护。
存在一个intent-filter。 发现 Broadcast Receiver与设备上的其他应用程序共享,因此让它可以被设备上的任何其他应用程序访问。intent-filter的存在表明这个Broadcast Receiver是显式导出的。
中危 Broadcast Receiver (im.isfyeeywzr.messenger.RefererReceiver) 受权限保护, 但是应该检查权限的保护级别。
Permission: android.permission.INSTALL_PACKAGES [android:exported=true] 发现一个 Broadcast Receiver被共享给了设备上的其他应用程序,因此让它可以被设备上的任何其他应用程序访问。它受到一个在分析的应用程序中没有定义的权限的保护。因此,应该在定义它的地方检查权限的保护级别。如果它被设置为普通或危险,一个恶意应用程序可以请求并获得这个权限,并与该组件交互。如果它被设置为签名,只有使用相同证书签名的应用程序才能获得这个权限。
中危 Content Provider (im.isfyeeywzr.messenger.voip.CallNotificationSoundProvider) 未被保护。
[android:exported=true] 发现 Content Provider与设备上的其他应用程序共享,因此可被设备上的任何其他应用程序访问。
中危 Service (im.isfyeeywzr.keepalive.ChannelService) 未被保护。
[android:exported=true] 发现 Service与设备上的其他应用程序共享,因此可被设备上的任何其他应用程序访问。
中危 Service (im.isfyeeywzr.keepalive.DaemonService) 未被保护。
[android:exported=true] 发现 Service与设备上的其他应用程序共享,因此可被设备上的任何其他应用程序访问。
中危 Service (im.isfyeeywzr.keepalive.ScheduleService) 受权限保护, 但是应该检查权限的保护级别。
Permission: android.permission.BIND_JOB_SERVICE [android:exported=true] 发现一个 Service被共享给了设备上的其他应用程序,因此让它可以被设备上的任何其他应用程序访问。它受到一个在分析的应用程序中没有定义的权限的保护。因此,应该在定义它的地方检查权限的保护级别。如果它被设置为普通或危险,一个恶意应用程序可以请求并获得这个权限,并与该组件交互。如果它被设置为签名,只有使用相同证书签名的应用程序才能获得这个权限。
中危 Broadcast Receiver (im.isfyeeywzr.keepalive.MonitorReceiver) 未被保护。
存在一个intent-filter。 发现 Broadcast Receiver与设备上的其他应用程序共享,因此让它可以被设备上的任何其他应用程序访问。intent-filter的存在表明这个Broadcast Receiver是显式导出的。
中危 Broadcast Receiver (im.isfyeeywzr.keepalive.ScreenReceiver) 未被保护。
[android:exported=true] 发现 Broadcast Receiver与设备上的其他应用程序共享,因此可被设备上的任何其他应用程序访问。
中危 Service (com.blankj.utilcode.util.MessengerUtils$ServerService) 未被保护。
存在一个intent-filter。 发现 Service与设备上的其他应用程序共享,因此让它可以被设备上的任何其他应用程序访问。intent-filter的存在表明这个Service是显式导出的。
中危 Broadcast Receiver (com.google.firebase.iid.FirebaseInstanceIdReceiver) 受权限保护, 但是应该检查权限的保护级别。
Permission: com.google.android.c2dm.permission.SEND [android:exported=true] 发现一个 Broadcast Receiver被共享给了设备上的其他应用程序,因此让它可以被设备上的任何其他应用程序访问。它受到一个在分析的应用程序中没有定义的权限的保护。因此,应该在定义它的地方检查权限的保护级别。如果它被设置为普通或危险,一个恶意应用程序可以请求并获得这个权限,并与该组件交互。如果它被设置为签名,只有使用相同证书签名的应用程序才能获得这个权限。
中危 Service (com.google.android.gms.auth.api.signin.RevocationBoundService) 受权限保护, 但是应该检查权限的保护级别。
Permission: com.google.android.gms.auth.api.signin.permission.REVOCATION_NOTIFICATION [android:exported=true] 发现一个 Service被共享给了设备上的其他应用程序,因此让它可以被设备上的任何其他应用程序访问。它受到一个在分析的应用程序中没有定义的权限的保护。因此,应该在定义它的地方检查权限的保护级别。如果它被设置为普通或危险,一个恶意应用程序可以请求并获得这个权限,并与该组件交互。如果它被设置为签名,只有使用相同证书签名的应用程序才能获得这个权限。
中危 Broadcast Receiver (com.qiniu.android.dns.NetworkReceiver) 未被保护。
存在一个intent-filter。 发现 Broadcast Receiver与设备上的其他应用程序共享,因此让它可以被设备上的任何其他应用程序访问。intent-filter的存在表明这个Broadcast Receiver是显式导出的。
中危 SHA-1是已知存在哈希冲突的弱哈希
SHA-1是已知存在哈希冲突的弱哈希 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x04g-Testing-Cryptography.md#identifying-insecure-andor-deprecated-cryptographic-algorithms-mstg-crypto-4 Files: com/alivc/rtc/device/UTUtdid.java, line(s) 344 im/isfyeeywzr/messenger/Utilities.java, line(s) 227,241 im/isfyeeywzr/ui/PassportActivity.java, line(s) 2566 im/isfyeeywzr/ui/utils/DeviceIdUtil.java, line(s) 89 im/isfyeeywzr/utils/DeviceUtils.java, line(s) 96 im/isfyeeywzr/utils/FingerprintUtil.java, line(s) 155
中危 文件可能包含硬编码的敏感信息,如用户名、密码、密钥等
文件可能包含硬编码的敏感信息,如用户名、密码、密钥等 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x05d-Testing-Data-Storage.md#checking-memory-for-sensitive-data-mstg-storage-10 Files: com/alivc/rtc/device/UTUtdid.java, line(s) 23,24,43 com/bjz/comm/net/bean/AtUserBean.java, line(s) 60 com/bjz/comm/net/bean/FCEntitysRequest.java, line(s) 49 com/bjz/comm/net/bean/FCEntitysResponse.java, line(s) 121 com/bjz/comm/net/bean/FcUserInfoBean.java, line(s) 116 com/bjz/comm/net/bean/MiniGameBean.java, line(s) 113 com/bjz/comm/net/bean/ResponseAccessTokenBean.java, line(s) 60 com/litesuits/orm/db/assit/SQLBuilder.java, line(s) 62 com/litesuits/orm/db/model/EntityTable.java, line(s) 32 com/litesuits/orm/db/model/MapProperty.java, line(s) 7 com/zhy/http/okhttp/builder/PostFormBuilder.java, line(s) 48 im/isfyeeywzr/javaBean/ShareInstallConfigBean.java, line(s) 46 im/isfyeeywzr/messenger/BuildVars.java, line(s) 7,6 im/isfyeeywzr/messenger/ContactsController.java, line(s) 1265,1606 im/isfyeeywzr/messenger/FileRefController.java, line(s) 129,161,178,193,198,203,210,228,225,231 im/isfyeeywzr/messenger/ImageLoader.java, line(s) 773 im/isfyeeywzr/messenger/LocaleController.java, line(s) 724 im/isfyeeywzr/messenger/NotificationsController.java, line(s) 2178,2223 im/isfyeeywzr/messenger/SendMessagesHelper.java, line(s) 2488,1700,1708,3250 im/isfyeeywzr/network/NetworkConstant.java, line(s) 5,4,15 im/isfyeeywzr/ui/ArticleViewer.java, line(s) 1779,4557,3875 im/isfyeeywzr/ui/ChannelCreateActivity.java, line(s) 130 im/isfyeeywzr/ui/ChatEditTypeActivity.java, line(s) 120 im/isfyeeywzr/ui/DataAutoDownloadActivity.java, line(s) 300,442,315,452,308,447 im/isfyeeywzr/ui/DataSettingsActivity.java, line(s) 210,364,222,372,216,368 im/isfyeeywzr/ui/LaunchActivity.java, line(s) 1840 im/isfyeeywzr/ui/NotificationsCustomSettingsActivity.java, line(s) 352,350,348 im/isfyeeywzr/ui/NotificationsSettingsActivity.java, line(s) 367 im/isfyeeywzr/ui/PassportActivity.java, line(s) 3963,3573,4001,3579,3969,4005,3975,3978,883,4600,3954,3985,878,4592,3966,3960,3989,3957,3987,3587,3999,3972,881,4596,874,4580,3583,4003,3566,3995,3569,3997,886,4584 im/isfyeeywzr/ui/ProxyListActivity.java, line(s) 120,130,135,142,145 im/isfyeeywzr/ui/QuickRepliesSettingsActivity.java, line(s) 165,161,157,153 im/isfyeeywzr/ui/actionbar/Theme.java, line(s) 2774,3204,3272 im/isfyeeywzr/ui/adapters/MentionsAdapter.java, line(s) 396 im/isfyeeywzr/ui/components/AlertsCreator.java, line(s) 535,537 im/isfyeeywzr/ui/components/EmojiView.java, line(s) 3997,4001 im/isfyeeywzr/ui/components/EmojiViewV2.java, line(s) 3981,3985 im/isfyeeywzr/ui/hui/contacts/CreateGroupingActivity.java, line(s) 545 im/isfyeeywzr/ui/hui/contacts/PhonebookUsersActivity.java, line(s) 194 im/isfyeeywzr/ui/hui/friendscircle_v1/view/CommFCArcView.java, line(s) 18,24,30 im/isfyeeywzr/ui/hui/friendscircle_v1/view/edittext/span/User.java, line(s) 152 im/isfyeeywzr/ui/hui/login/LoginContronllerActivity.java, line(s) 76 im/isfyeeywzr/ui/hui/packet/SelecteContactsActivity.java, line(s) 163,167 im/isfyeeywzr/ui/hviews/MrySwitch.java, line(s) 71,89,72,90,73,74,91,92 im/isfyeeywzr/ui/settings/AutoDownloadSettingActivity.java, line(s) 78,470,88,485,83,478 im/isfyeeywzr/ui/settings/DataAndStoreSettingActivity.java, line(s) 286,294,290 im/isfyeeywzr/ui/settings/ProxySettingActivity.java, line(s) 509,519,524,531,534
中危 应用程序使用不安全的随机数生成器
应用程序使用不安全的随机数生成器 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x04g-Testing-Cryptography.md#weak-random-number-generators Files: com/alivc/rtc/device/UTUtdid.java, line(s) 16 com/alivc/rtc/device/utils/PhoneInfoUtils.java, line(s) 7 com/socks/library/klog/FileLog.java, line(s) 12 im/isfyeeywzr/network/DotNet.java, line(s) 20 im/isfyeeywzr/ui/hui/visualcall/VisualCallReceiveService.java, line(s) 26 im/isfyeeywzr/ui/utils/NameUtil.java, line(s) 3 im/isfyeeywzr/ui/utils/number/StringUtils.java, line(s) 4 im/isfyeeywzr/ui/utils/translate/ssrc/SSRC.java, line(s) 14 im/isfyeeywzr/utils/VerifyCodeUtils.java, line(s) 7
中危 应用程序可以读取/写入外部存储器,任何应用程序都可以读取写入外部存储器的数据
应用程序可以读取/写入外部存储器,任何应用程序都可以读取写入外部存储器的数据 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x05d-Testing-Data-Storage.md#external-storage Files: com/alivc/rtc/device/core/persistent/PersistentConfiguration.java, line(s) 52,151,326,376 com/danikula/videocache/StorageUtils.java, line(s) 25,44 im/isfyeeywzr/messenger/AndroidUtilities.java, line(s) 1463,835,1457,1458 im/isfyeeywzr/messenger/FileLog.java, line(s) 49,82,331 im/isfyeeywzr/messenger/ImageLoader.java, line(s) 1420,1421 im/isfyeeywzr/messenger/SharedConfig.java, line(s) 685 im/isfyeeywzr/messenger/voip/VoIPController.java, line(s) 300 im/isfyeeywzr/ui/DocumentSelectActivity.java, line(s) 429,521,521,521,524 im/isfyeeywzr/ui/SettingsActivity.java, line(s) 1134 im/isfyeeywzr/ui/components/voip/VoIPHelper.java, line(s) 486 im/isfyeeywzr/ui/dialogs/McShareDialog.java, line(s) 167 im/isfyeeywzr/ui/fragments/MeFragmentV2.java, line(s) 854 im/isfyeeywzr/ui/hui/chats/GroupShareActivity.java, line(s) 264 im/isfyeeywzr/ui/hui/mine/AboutAppActivity.java, line(s) 374 im/isfyeeywzr/ui/hui/mine/QrCodeActivity.java, line(s) 368 im/isfyeeywzr/ui/hviews/helper/MryDisplayHelper.java, line(s) 270 im/isfyeeywzr/ui/utils/DownloadUtils.java, line(s) 142
中危 IP地址泄露
IP地址泄露 Files: com/danikula/videocache/HttpProxyCacheServer.java, line(s) 31 im/isfyeeywzr/network/NetworkConstant.java, line(s) 13 im/isfyeeywzr/tgnet/NetworkConfig.java, line(s) 211,203,213,201
中危 应用程序创建临时文件。敏感信息永远不应该被写进临时文件
应用程序创建临时文件。敏感信息永远不应该被写进临时文件 Files: im/isfyeeywzr/ui/components/paint/Slice.java, line(s) 20 im/isfyeeywzr/ui/utils/translate/ssrc/SSRC.java, line(s) 780
中危 不安全的Web视图实现。可能存在WebView任意代码执行漏洞
不安全的Web视图实现。可能存在WebView任意代码执行漏洞 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x05h-Testing-Platform-Interaction.md#testing-javascript-execution-in-webviews-mstg-platform-5 Files: im/isfyeeywzr/messenger/utils/PlayerUtils.java, line(s) 1236,1243 im/isfyeeywzr/ui/ArticleViewer.java, line(s) 6947,6942 im/isfyeeywzr/ui/WebviewActivity.java, line(s) 270,257 im/isfyeeywzr/ui/components/EmbedBottomSheet.java, line(s) 664,221 im/isfyeeywzr/ui/components/WebPlayerView.java, line(s) 1186,1188
中危 MD5是已知存在哈希冲突的弱哈希
MD5是已知存在哈希冲突的弱哈希 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x04g-Testing-Cryptography.md#identifying-insecure-andor-deprecated-cryptographic-algorithms-mstg-crypto-4 Files: com/bjz/comm/net/utils/MD5Utils.java, line(s) 19 com/danikula/videocache/ProxyCacheUtils.java, line(s) 74 com/litesuits/orm/db/assit/Encrypt.java, line(s) 35 im/isfyeeywzr/messenger/AndroidUtilities.java, line(s) 2409 im/isfyeeywzr/messenger/FileUploadOperation.java, line(s) 417 im/isfyeeywzr/messenger/Utilities.java, line(s) 372 im/isfyeeywzr/translate/MD5.java, line(s) 21,52 im/isfyeeywzr/ui/hui/friendscircle/okhttphelper/MD5Utils.java, line(s) 19 im/isfyeeywzr/ui/utils/ChiperUtils.java, line(s) 17
中危 可能存在跨域漏洞。在 WebView 中启用从 URL 访问文件可能会泄漏文件系统中的敏感信息
可能存在跨域漏洞。在 WebView 中启用从 URL 访问文件可能会泄漏文件系统中的敏感信息 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x05h-Testing-Platform-Interaction.md#static-analysis-6 Files: im/isfyeeywzr/ui/fragments/TabWebFragment.java, line(s) 81,74 im/isfyeeywzr/ui/hui/discoveryweb/DiscoveryJumpToPage.java, line(s) 255,247,269
中危 应用程序使用SQLite数据库并执行原始SQL查询。原始SQL查询中不受信任的用户输入可能会导致SQL注入。敏感信息也应加密并写入数据库
应用程序使用SQLite数据库并执行原始SQL查询。原始SQL查询中不受信任的用户输入可能会导致SQL注入。敏感信息也应加密并写入数据库 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x04h-Testing-Code-Quality.md#injection-flaws-mstg-arch-2-and-mstg-platform-2 Files: com/danikula/videocache/sourcestorage/DatabaseSourceInfoStorage.java, line(s) 6,7,28 com/litesuits/orm/db/assit/Querier.java, line(s) 4,14
中危 应用程序包含隐私跟踪程序
此应用程序有多个2隐私跟踪程序。跟踪器可以跟踪设备或用户,是终端用户的隐私问题。
中危 此应用可能包含硬编码机密信息
从应用程序中识别出以下机密确保这些不是机密或私人信息 谷歌地图的=> "com.google.android.maps.v2.API_KEY" : "AIzaSyA-t0jLPjUt2FxrA8VPK2EiYHcYcboIR6k" 百度地图的=> "com.baidu.lbsapi.API_KEY" : "oYnHR3odlaw9KUleHaQP5BrTLivxSCz1" openinstall统计的=> "com.openinstall.APP_KEY" : "v5le90" "Sessions" : "Sesi" "key_walletDefaultBackground" : "walletDefaultBackground" "TypePrivate" : "Privat" "PasswordCode" : "Code" "google_api_key" : "AIzaSyC6uk1nvjb5BYzqEzgaWy_iTryf5373Nyw" "PaymentPasswordTitle" : "Password" "TypePrivate2" : "Private" "TypePrivateGroup" : "peribadi" "YourPasswordSuccess" : "Berjaya!" "pref_speakerphone_key" : "speakerphone_preference" "PayPasswordSetting" : "Zahlungskennworteinstellung" "PasscodePassword" : "Passwort" "YourPasswordSuccess" : "Sucesso!" "UseProxyPassword" : "Passwort" "PasscodePassword" : "Password" "UseProxyUsername" : "Benutzername" "TypePrivateGroup" : "privat" "RestorePasswordNoEmailTitle" : "Entschuldigung" "UseProxyPassword" : "Senha" "TypePrivate" : "Pribadi" "UseProxySecret" : "Geheimnis" "UseProxySecret" : "Rahasia" "YourPasswordSuccess" : "Sukses!" "PaymentPasswordTitle" : "Senha" "UseProxySecret" : "Segredo" "PaymentPasswordEmailTitle" : "Wiederherstellungs-E-Mail" "RestorePasswordNoEmailTitle" : "Sorry" "LoginPassword" : "Password" "key_windowBackgroundWhite" : "windowBackgroundWhite" "TypePrivate2" : "Privado" "UseProxyUsername" : "namapengguna" "YourPasswordSuccess" : "Erfolg!" "TypePrivateGroup" : "pribadi" "Sessions" : "Session" "UseProxySecret" : "Secret" "UseProxyUsername" : "Username" "PayPasswordSetting" : "PayPasswordSetting" "LoginPassword" : "Passwort" "google_app_id" : "1:194512522065:android:a3b6ee229cc1efe012e170" "TypePrivateGroup" : "Private" "LoginPassword" : "Senha" "FindBackPassword" : "FindBack" "LoginPasswordReset" : "LoginPasswordReset" "firebase_database_url" : "https://isfyeeywzr-48b0d.firebaseio.com" "FindBackPassword" : "FindBackPassword" "RestorePasswordNoEmailTitle" : "Maaf" "google_crash_reporting_api_key" : "AIzaSyC6uk1nvjb5BYzqEzgaWy_iTryf5373Nyw" "YourPasswordSuccess" : "Success!" "LoginByPassword" : "Passwortanmeldung" "TypePrivate" : "Privado" "TypePrivateGroup" : "privado" "TypePrivate2" : "Pribadi" "PayPasswordSetReminder" : "Tips" "PasscodePassword" : "Senha" "PayPassword" : "Zahlungspasswort" "RestorePasswordNoEmailTitle" : "Desculpe" "PayPassword" : "PayPassword" "PayPasswordReset" : "PayPasswordReset" "Sessions" : "Sessions" "UseProxySecret" : "Rahsia" "Sessions" : "Sitzung" "UseProxyPassword" : "Password" "Username" : "Username" "yuncheng_app_key" : "-dSPyyHFK-C3oeMlwHTO+pKDObpgxP2MO7Uo2UCH0+AxbvSwOHSK26vswxbHqitmfpzvpr_umcseBVAt1Jhc+ZSpVK2u1Jycd5vGXSkkeksUjEvw7B1ab_L72k9kUie93wo9MKEFb_z5dDVJuy1dmCJ1lkTEoczXTFwV8KDvdhxGgMFuczwD-9Dky82dyNcpoA5r1MQjP9ySfIjUZBsaePOvidufUoObTop+UEXpSPUk0S9Qz8Pt8bxT4nwwFJr18bwcZoeGyMLOYYBtZsWjTSuoCM-evTn1HNr6AjGt9PsQ2REKz14oSNoo4JB7gRopFVzhEnZYwMTBKe3jbvAufn_d4Ur6uhiE34czv+fdJVeUHP" "baidu_map_key" : "oYnHR3odlaw9KUleHaQP5BrTLivxSCz1" "key_windowBackgroundGray" : "windowBackgroundGray" "PaymentPasswordTitle" : "Passwort" "TypePrivate2" : "Privat" "UserNameOrPhoneNumberSearch" : "Username" "TypePrivate" : "Private" c06c8400-8e06-11e0-9cb6-0002a5d5c51b aa717156fa6e34325d3d4a7004a6647a 9A04F079-9840-4286-AB92-E65BE0885F95 f180c508-f49a-40bd-b8ac-50577ce9aff6 e283aac0-7c0f-4f2e-bcf7-90acc19903ed ABVGDE2JZIQKLMNOPRSTUFHC34WXY9678 pE5eNoBQIFVcd9IEuyIhvopfgS1RSj5C fb9f0bb7fdd0760c354cc3d80cecb1d9 A2B55680-6F43-11E0-9A3F-0002A5D5C51B C71CAEB9C6B1C9048E6C522F70F13F73980D40238E3E21C14934D037563D930F48198A0AA7C14058229493D22530F4DBFA336F6E0AC925139543AED44CCE7C3720FD51F69458705AC68CD4FE6B6B13ABDC9746512969328454F18FAF8C595F642477FE96BB2A941D5BCD1D4AC8CC49880708FA9B378E3C4F3A9060BEE67CF9A4A4A695811051907E162753B56B0F6B410DBA74D8A84B2A14B3144E0EF1284754FD17ED950D5965B4B9DD46582DB1178D169C6BC465B0D6FF9CA3928FEF5B9AE4E418FC15E83EBEA0F87FA9FF5EED70050DED2849F47BF959D956850CE929851F0D8115F635B105EE2E4E15D04B2454BF6F4FADF034B10403119CD8E3B92FCC5B bb392ec0-8d4d-11e0-a896-0002a5d5c51b QrMgt8GGYI6T52ZY5AnhtxkLzb8egpFn3j5JELI8H6wtACbUnZ5cc3aYTsTRbmkAkRJeYbtx92LPBWm7nBO9UIl7y5i5MQNmUZNf5QENurR5tGyo7yJ2G0MBjWvy6iAtlAbacKP0SwOUeUWx5dsBdyhxa7Id1APtybSdDgicBDuNjI0mlZFUzZSS9dmN8lBD0WTVOMz0pRZbR3cysomRXOO1ghqjJdTcyDIxzpNAEszN8RMGjrzyU7Hjbmwi6YNK
信息 应用程序记录日志信息,不得记录敏感信息
应用程序记录日志信息,不得记录敏感信息 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x05d-Testing-Data-Storage.md#logs Files: cn/dreamtobe/kpswitch/handler/KPSwitchRootLayoutHandler.java, line(s) 35,46,50,56,60 cn/dreamtobe/kpswitch/util/KeyboardUtil.java, line(s) 44,186,193,233,164,202,219 cn/dreamtobe/kpswitch/util/StatusBarHeightUtil.java, line(s) 21 cn/dreamtobe/kpswitch/util/ViewUtil.java, line(s) 17 com/alivc/component/capture/VideoPusher.java, line(s) 158,306,310,329,334,339,397,412,423,428,451,457,467,583,615,635,640,667,728,758,762,764,771,965,999,1052,369,388,392,649,815,878,925,983,1016,659 com/alivc/component/capture/VideoPusherJNI.java, line(s) 30,41,49,64,72,87,95,105,117,129,140,148,157,166,175,184,186,193,202,211,219,228,236,245,58,81,111,123 com/alivc/rtc/AliRtcEngine.java, line(s) 271,284,301,308 com/alivc/rtc/AliRtcEngineImpl.java, line(s) 1509,1579,1906,1944,2107,3085,304,329,613,874,899,1183,1323,1339,1356,1369,1404,1417,1437,1491,1497,1499,1503,1511,1526,1530,1534,1538,1556,1560,1581,1585,1596,1600,1608,1632,1645,1649,1707,1711,1715,1720,1745,1763,1770,1773,1777,1791,1795,1800,1804,1829,1834,1836,1841,1846,1848,1852,1854,1859,1861,1866,1873,1883,1894,1913,1955,2089,2127,2141,2155,2169,2530,2535,2580,2585,2590,2597,2612,2631,2637,2639,2782,2795,2801,72,74,81,83,96,98,104,106,111,116,144,146,156,159,180,182,199,201,213,215,238,240,262,264,274,276,284,312,314,327,347,351,353,361,363,370,372,378,380,386,393,399,420,422,428,454,456,462,467,474,476,478,480,482,484,490,492,494,500,503,505,507,509,511,513,559,561,611,625,627,633,635,641,643,649,651,657,659,678,714,716,726,729,750,752,769,771,783,785,808,810,832,834,844,846,854,882,884,897,917,921,923,931,933,940,942,948,950,956,963,969,990,992,998,1024,1026,1032,1037,1044,1046,1048,1050,1052,1054,1060,1062,1064,1070,1073,1075,1077,1079,1081,1083,1129,1131,1181,1195,1197,1203,1205,1211,1213,1219,1221,1227,1229,1265,1267,1292,1299,1345,1349,1354,1357,1362,1367,1373,1378,1380,1385,1391,1397,1402,1420,1424,1426,1479,1492,1519,1524,1542,1547,1550,1573,1594,1618,1624,1629,1638,1643,1654,1661,1665,1670,1674,1682,1687,1691,1700,1705,1756,1761,1784,1789,1817,1822,1826,1871,1877,1888,1902,1949,1966,1977,1982,2009,2018,2025,2027,2033,2038,2040,2046,2059,2065,2067,2074,2076,2080,2082,2087,2100,2105,2112,2114,2119,2121,2133,2135,2147,2149,2159,2161,2175,2180,2188,2197,2204,2206,2211,2215,2224,2226,2235,2237,2248,2255,2265,2280,2289,2294,2299,2301,2316,2347,2363,2394,2410,2424,2426,2433,2435,2441,2443,2454,2461,2469,2517,2605,2616,2642,2703,2705,2710,2732,2737,2743,2748,2754,2759,2765,2770,2776,2806,2814,2816,2824,2826,2834,2836,2844,2846,2854,2856,2864,2866,2874,2876,2884,2886,2894,2899,2907,2909,2917,2922,2930,2932,2940,2945,2953,2955,2963,2968,2976,2978,2986,2988,2996,2998,3006,3008,3016,3018,3026,3028,3038,3049,3053,3062,3066,3081,3133,3138,3146,3148,1418 com/alivc/rtc/device/DeviceInfo.java, line(s) 30,57,61 com/alivc/rtc/device/UTUtdid.java, line(s) 132,134,139,141,152,154,159,161,207,212,238,241,246,249 com/bjz/comm/net/factory/ApiFactory.java, line(s) 61,68 com/bjz/comm/net/factory/ApiGameFactory.java, line(s) 59,66 com/bjz/comm/net/mvp/presenter/FcCommonPresenter.java, line(s) 112 com/bjz/comm/net/premission/PermissionActivity.java, line(s) 55,333,345,359 com/bjz/comm/net/premission/PermissionManager.java, line(s) 33 com/bjz/comm/net/receiver/NetworkConnectChangedReceiver.java, line(s) 23,29,39 com/bjz/comm/net/utils/MD5Utils.java, line(s) 21,88,92,93 com/bjz/comm/net/utils/RxHelper.java, line(s) 97,102,124,128,139,185 com/bjz/comm/net/utils/TokenLoader.java, line(s) 49,81,85 com/contrarywind/view/WheelView.java, line(s) 338 com/coremedia/iso/boxes/sampleentry/AudioSampleEntry.java, line(s) 192 com/litesuits/orm/LiteOrm.java, line(s) 81,83,87,117,327 com/litesuits/orm/db/TableManager.java, line(s) 91,132,123,171,249,90,95,96,101,102,119,121,131,138,139,159,160,180,181,182,187,188 com/litesuits/orm/db/assit/Querier.java, line(s) 12,18,21,11,17,20 com/litesuits/orm/db/assit/SQLStatement.java, line(s) 250,280,519,170,285,101,102,126,127,169,183,184,187,188,233,234,249,275,276,279,284,323,359,375,380,422,423,496,506,518,324,360,497,507 com/litesuits/orm/db/assit/Transaction.java, line(s) 15,21,22 com/litesuits/orm/db/utils/DataUtil.java, line(s) 109,110 com/litesuits/orm/log/OrmLog.java, line(s) 41,74,124,157,62,95,145,178,20,27,48,81,131,164,34,67,117,150,55,88,138,171 com/preview/PreviewDialogFragment.java, line(s) 163 com/serenegiant/usb/DeviceFilter.java, line(s) 73,75 com/serenegiant/usb/USBMonitor.java, line(s) 241,248,827,846,424,428,431,843,281,466 com/serenegiant/usb/UVCCamera.java, line(s) 1049,1055,1060,1066,483,1083 com/socks/library/Util.java, line(s) 13,15 com/socks/library/klog/BaseLog.java, line(s) 28,37,31,25,34,40 com/socks/library/klog/FileLog.java, line(s) 18,21 com/socks/library/klog/JsonLog.java, line(s) 29 com/socks/library/klog/XmlLog.java, line(s) 21 com/tablayout/SlidingScaleTabLayout.java, line(s) 675 com/tablayout/transformer/TabScaleTransformer.java, line(s) 28 com/zhy/http/okhttp/cookie/store/PersistentCookieStore.java, line(s) 143,156,159 com/zhy/http/okhttp/log/LoggerInterceptor.java, line(s) 42,45,46,47,49,52,55,58,60,71,72,73,75,79,81,83,86 com/zhy/http/okhttp/utils/L.java, line(s) 10 ezy/assist/compat/RomUtil.java, line(s) 149 ezy/assist/compat/SettingsCompat.java, line(s) 94,114,125 im/isfyeeywzr/keepalive/ChannelService.java, line(s) 56 im/isfyeeywzr/keepalive/CheckTopTask.java, line(s) 23,48 im/isfyeeywzr/keepalive/DaemonService.java, line(s) 138,65,95,109,119,141 im/isfyeeywzr/keepalive/MonitorReceiver.java, line(s) 11,16 im/isfyeeywzr/keepalive/OnePxActivity.java, line(s) 34,61,85 im/isfyeeywzr/keepalive/ScheduleService.java, line(s) 11,20 im/isfyeeywzr/keepalive/ScreenReceiver.java, line(s) 37 im/isfyeeywzr/messenger/AndroidUtilities.java, line(s) 758,1461,1471,167,224,351,443,457,719,750,795,808,828,837,846,855,952,955,1073,1088,1103,1148,1166,1170,1237,1258,1356,1371,1426,1448,1508,1571,1612,1624,1665,1826 im/isfyeeywzr/messenger/AnimatedFileDrawableStream.java, line(s) 56 im/isfyeeywzr/messenger/AppChooserTargetService.java, line(s) 54,96,178 im/isfyeeywzr/messenger/ApplicationLoader.java, line(s) 77,126,156,172,183,197,207,244,247,258,261,294,70,129,281,309,323,343,360,408 im/isfyeeywzr/messenger/ContactsController.java, line(s) 444,461,477,729,782,896,906,930,1081,1086,1117,1194,1211,1773,1930,585,611,852,1418,1427,1664,1673,1679,1697,2009,2495 im/isfyeeywzr/messenger/ContactsSyncAdapterService.java, line(s) 49,30 im/isfyeeywzr/messenger/DispatchQueue.java, line(s) 26,35,47,61,85 im/isfyeeywzr/messenger/DownloadController.java, line(s) 998 im/isfyeeywzr/messenger/Emoji.java, line(s) 192,104,117,128,356,402,422,491,503,729,741 im/isfyeeywzr/messenger/FileLoadOperation.java, line(s) 596,792,863,1120,1227,1259,424,437,454,709,715,722,728,735,741,748,754,762,822,824,833,841 im/isfyeeywzr/messenger/FileLoader.java, line(s) 939,1396,1404,1412,1421 im/isfyeeywzr/messenger/FileLog.java, line(s) 234,259,101,127,152,177,284,309 im/isfyeeywzr/messenger/FileRefController.java, line(s) 123,636,974 im/isfyeeywzr/messenger/FileStreamLoadOperation.java, line(s) 132 im/isfyeeywzr/messenger/FileUploadOperation.java, line(s) 116,140,206,426,548,689 im/isfyeeywzr/messenger/GcmPushListenerService.java, line(s) 21,34,80,135 im/isfyeeywzr/messenger/ImageLoader.java, line(s) 1347,1417,1431,1443,1456,1469,1477,192,200,209,232,236,245,251,301,330,349,369,392,403,422,579,588,597,620,624,634,646,820,838,1186,1192,1407,1413,1435,1447,1460,1473,1481,1526,1531,1539,1547,2067,2079,2106,2271,2277,2387 im/isfyeeywzr/messenger/ImageReceiver.java, line(s) 513,602,649,681 im/isfyeeywzr/messenger/KeepAliveJob.java, line(s) 27,43,49,71,83 im/isfyeeywzr/messenger/LocaleController.java, line(s) 992,2123,2232,2269,459,465,746,885,932,940,946,952,1070,1099,1154,1555,1631,1656,1678,1700,1734,1782,1822,1917,1934,1958,2200,3315 im/isfyeeywzr/messenger/LocationController.java, line(s) 553,636,700 im/isfyeeywzr/messenger/MediaController.java, line(s) 690,1170,1208,1251,1256,1276,1295,1307,1317,576,584,644,649,654,659,676,700,709,815,826,892,906,940,951,1526,1556,1671,1798,1813,2123,2129,2214,2317,2449,2471,2587,2596,2700,2780,2844,2872,2880,2903,2909,2917,2940,2946,2954,2972,3005,3012,3032,3038,3042,3047,3054,3195,3340 im/isfyeeywzr/messenger/MediaDataController.java, line(s) 267,406,462,525,669,725,932,1001,1039,1053,1264,1347,1588,1727,1914,1934,2044,2440,2699,2737,2819,2887,2921,2942,2973,3058,3177,3262,3293,3474,3546,3563,3638,3768,3844,3866,3992,4024,4102,4104,4338,4586,4671,4812,4854,4893,4932,4968,5038 im/isfyeeywzr/messenger/MessageObject.java, line(s) 253,860,2446,2491,2586,2592 im/isfyeeywzr/messenger/MessagesController.java, line(s) 2428,2433,2479,2490,2515,2522,2539,2551,3914,3923,5572,5881,5888,5894,5945,5978,6016,8117,8132,8182,8293,8302,8315,8377,8386,8398,8790,8809,9024,10254,1375,3338,3449,3477,3507,5287,5585,5997,6367,6793,7368,7393,8435,8564,9088,9211,9287,9772,10646,10741,11052,11146,11149 im/isfyeeywzr/messenger/MessagesStorage.java, line(s) 3777,244,280,835,897,933,1039,1076,1119,1192,1286,1345,1357,1441,1480,1536,1576,1610,1612,1658,1716,1745,1843,1919,1964,1998,2080,2217,2293,2362,2422,2466,2468,2550,2630,2670,2700,2867,2922,2953,2976,3003,3032,3093,3180,3249,3388,3442,3519,3578,3642,3657,3704,3747,3788,3839,3901,3922,3958,3999,4065,4094,4166,4225,4271,4311,4417,4473,4494,4530,4651,4754,4795,4875,4909,4947,4969,4996,5013,5075,5086,5102,5111,5165,5205,5270,5373,5406,5525,5565,5594,5668,5707,5747,5805,5818,5895,5957,6029,6058,6090,6205,6258,6323,6363,6403,6636,6690,6767,6823,6866,6887,6908,6930,6950,6961,6976,6991,7019,7042,7076,7111,7145,7179,7216,7250 im/isfyeeywzr/messenger/MusicBrowserService.java, line(s) 208,300,337,386,515 im/isfyeeywzr/messenger/MusicPlayerService.java, line(s) 188,389 im/isfyeeywzr/messenger/NativeLoader.java, line(s) 46,76,82,88,94,99,106 im/isfyeeywzr/messenger/NotificationBadge.java, line(s) 182,459 im/isfyeeywzr/messenger/NotificationCenter.java, line(s) 960 im/isfyeeywzr/messenger/NotificationImageProvider.java, line(s) 107 im/isfyeeywzr/messenger/NotificationsController.java, line(s) 201,337,2121,176,181,189,212,249,283,304,1353,1367,1968,2045,2058,2073,2100,2104,2113,2127,2185,2217,2325,2359,2363,2372 im/isfyeeywzr/messenger/ScreenReceiver.java, line(s) 14,23 im/isfyeeywzr/messenger/SecretChatHelper.java, line(s) 562,1091,634,660,730,1028,1237,1388,1665,1674,1756,1775,1811,1827 im/isfyeeywzr/messenger/SendMessagesHelper.java, line(s) 127,183,188,197,896,913,1368,2000,3513,3519,3933,3982,4009,4292,4295,4310,4318 im/isfyeeywzr/messenger/SharedConfig.java, line(s) 734,153,285,306,320,385,707 im/isfyeeywzr/messenger/SmsReceiver.java, line(s) 43 im/isfyeeywzr/messenger/UserConfig.java, line(s) 193 im/isfyeeywzr/messenger/Utilities.java, line(s) 71,231,247,276,289,300,312,331,348,380 im/isfyeeywzr/messenger/VideoEncodingService.java, line(s) 36,86,53 im/isfyeeywzr/messenger/WearDataLayerListenerService.java, line(s) 37,44,59,198,205,52,192,209,299 im/isfyeeywzr/messenger/XiaomiUtilities.java, line(s) 45 im/isfyeeywzr/messenger/browser/Browser.java, line(s) 84,99 im/isfyeeywzr/messenger/camera/CameraController.java, line(s) 161,188,508,525,544,302,318,323,374,396,422,434,466,498,551,580,629,657,660,677,683,704,727,741,793,798,804,809,817,840 im/isfyeeywzr/messenger/camera/CameraSession.java, line(s) 211,215,172,253,268,344,357,373,378,465 im/isfyeeywzr/messenger/secretmedia/ExtendedDefaultDataSource.java, line(s) 195 im/isfyeeywzr/messenger/support/JobIntentService$CompatWorkEnqueuer.java, line(s) 60 im/isfyeeywzr/messenger/support/customtabs/CustomTabsSessionToken.java, line(s) 19,28,37,46 im/isfyeeywzr/messenger/support/customtabsclient/shared/CustomTabsHelper.java, line(s) 89 im/isfyeeywzr/messenger/support/fingerprint/FingerprintManagerCompatApi23.java, line(s) 21,30,39 im/isfyeeywzr/messenger/utils/PlayerUtils.java, line(s) 465,386,445,521,580,635,698,765,1185,1446,1516,1914,1926,1939,1953,1967,1981,1995 im/isfyeeywzr/messenger/utils/SelectorUtils.java, line(s) 91 im/isfyeeywzr/messenger/voip/AppConnectionService.java, line(s) 31,68,48,58,16,24 im/isfyeeywzr/messenger/voip/AudioRecordJNI.java, line(s) 248,66,79,95,114,137,180,203,239,109,211,63,76,92 im/isfyeeywzr/messenger/voip/AudioTrackJNI.java, line(s) 38,65,111,121,119,32 im/isfyeeywzr/messenger/voip/JNIUtilities.java, line(s) 80 im/isfyeeywzr/messenger/voip/VoIPBaseService.java, line(s) 592,685,742,844,886,893,899,1065,1263,1424,1436,1464,1476,1483,174,182,273,526,564,640,733,825,854,1000,1016,1174,1341,1352 im/isfyeeywzr/messenger/voip/VoIPServerConfig.java, line(s) 19 im/isfyeeywzr/messenger/voip/VoIPService.java, line(s) 359,442,448,455,693,712,741,748,776,792,958,1069,1088,1244,92,279,336,357,390,412,461,512,568,578,685,717,876,1026,1082,1129,106,383,408,558,732,820,827,837,863,891 im/isfyeeywzr/network/DohNet.java, line(s) 93,101,44,49,61,70,81 im/isfyeeywzr/network/DotNet.java, line(s) 72,104,113,132,162,183,112,131,168,179,257 im/isfyeeywzr/network/NetWorkManager.java, line(s) 41,51,62,67,77,114,144,158,186,202 im/isfyeeywzr/network/OSSNet.java, line(s) 53,54,86,87,101,113,61 im/isfyeeywzr/phoneformat/PhoneFormat.java, line(s) 101,107,128,137,200,239 im/isfyeeywzr/sqlite/SQLiteCursor.java, line(s) 98,103 im/isfyeeywzr/sqlite/SQLiteDatabase.java, line(s) 60,77 im/isfyeeywzr/sqlite/SQLitePreparedStatement.java, line(s) 107,108 im/isfyeeywzr/tgnet/ConnectionsManager.java, line(s) 230,348,493,501,517,532,544,595,628,636,644,794,801,804,998,1035,341,359,361,547,570,612,682,694,718,810,838,891,896,917,931,944,978,1015 im/isfyeeywzr/tgnet/FCTokenRequestCallback.java, line(s) 44,64,65,117,123,129,137,141 im/isfyeeywzr/tgnet/NativeByteBuffer.java, line(s) 35,128,143,172,187,207,218,254,290,301,338,390,410,424,440,453,486,513,543,559 im/isfyeeywzr/tgnet/NetworkConfig.java, line(s) 125,130,148,158,274,88,111 im/isfyeeywzr/tgnet/SerializedData.java, line(s) 62,70,78,86,117,140,172,187,202,217,253,264,300,311,346,373,388,424,455,471,490,511 im/isfyeeywzr/tgnet/TLClassStore.java, line(s) 54 im/isfyeeywzr/tgnet/TLJsonResolve.java, line(s) 86,114 im/isfyeeywzr/translate/MD5.java, line(s) 34 im/isfyeeywzr/ui/ArticleViewer.java, line(s) 3638,4216,4288,4450,4614,4658,4674,4785,4795,4822,4830,6915,6925,7023,7044,7070,9434,9858,10260,10451,10522,10528,10555,10608 im/isfyeeywzr/ui/AudioSelectActivity.java, line(s) 247 im/isfyeeywzr/ui/CacheControlActivity.java, line(s) 207,352,374 im/isfyeeywzr/ui/CancelAccountDeletionActivity.java, line(s) 131,254,386,889,987 im/isfyeeywzr/ui/ChangeBioActivity.java, line(s) 203,214 im/isfyeeywzr/ui/ChangePersonalInformationActivity.java, line(s) 482,453,497 im/isfyeeywzr/ui/ChangePhoneActivity.java, line(s) 127,270,642,652,808,1368,1466 im/isfyeeywzr/ui/ChangePhoneNumberActivity.java, line(s) 182,192 im/isfyeeywzr/ui/ChangeSignActivity.java, line(s) 140,151 im/isfyeeywzr/ui/ChangeUsernameActivity.java, line(s) 87,105,430,445 im/isfyeeywzr/ui/ChannelAdminLogActivity.java, line(s) 896,1341,2346,2355,2364,2373,2382,2391,2400,2409 im/isfyeeywzr/ui/ChannelCreateActivity.java, line(s) 683,804,925,937 im/isfyeeywzr/ui/ChatActivity.java, line(s) 9384,9420,816,837,861,876,1166,1374,4348,4763,4954,6495,6677,6902,7734,8109,9497,10240,10279,10709,11021,11155,11160,12029,12066,12081,13280,13341,13667,13676,13685,13694,13703,13712,13721,13730 im/isfyeeywzr/ui/ChatEditActivity.java, line(s) 377 im/isfyeeywzr/ui/ChatEditTypeActivity.java, line(s) 389,403,430 im/isfyeeywzr/ui/ChatRightsEditActivity.java, line(s) 576,593 im/isfyeeywzr/ui/ChatUsersActivity.java, line(s) 2065 im/isfyeeywzr/ui/ContactAddActivity.java, line(s) 168 im/isfyeeywzr/ui/ContactsActivity.java, line(s) 497,598,675 im/isfyeeywzr/ui/ContentPreviewViewer.java, line(s) 720,767,802,823,835,925 im/isfyeeywzr/ui/CountrySelectActivity.java, line(s) 382,393 im/isfyeeywzr/ui/DialogsActivity.java, line(s) 1743,2570 im/isfyeeywzr/ui/DocumentSelectActivity.java, line(s) 89,146,448,628 im/isfyeeywzr/ui/ExternalActionActivity.java, line(s) 534,538,67,337,380 im/isfyeeywzr/ui/GroupCreateFinalActivity.java, line(s) 141 im/isfyeeywzr/ui/GroupInviteActivity.java, line(s) 133,148 im/isfyeeywzr/ui/GroupStickersActivity.java, line(s) 674 im/isfyeeywzr/ui/IdenticonActivity.java, line(s) 67 im/isfyeeywzr/ui/IndexActivity.java, line(s) 304,330,335,705,724,326,727 im/isfyeeywzr/ui/InviteContactsActivity.java, line(s) 552,596,761,777 im/isfyeeywzr/ui/LanguageSelectActivity.java, line(s) 243,254 im/isfyeeywzr/ui/LaunchActivity.java, line(s) 545,589,596,626,668,714,2003,2203,2261,2516,2721,2755,2833,2837,261,510,556,1013,1121,1129,1175,1287,1369,1387,1399,1415,1438,1488,1516,1617,1643,1653,1863,1996,2093,2101,2350,2359,2599,2777,2957,3025 im/isfyeeywzr/ui/LaunchAgDialogActivity.java, line(s) 38 im/isfyeeywzr/ui/LocationActivity.java, line(s) 209,263,720,891,1002,1047,1087,1099,1296,1369,1425,1441,1450 im/isfyeeywzr/ui/LoginActivity.java, line(s) 350,406,698,1079,1089,1272,1908,2005,3607 im/isfyeeywzr/ui/Media1Activity.java, line(s) 2177 im/isfyeeywzr/ui/MediaActivity.java, line(s) 2213 im/isfyeeywzr/ui/NewContactActivity.java, line(s) 166,499,513 im/isfyeeywzr/ui/NotificationsCustomSettingsActivity.java, line(s) 328 im/isfyeeywzr/ui/NotificationsSettingsActivity.java, line(s) 344 im/isfyeeywzr/ui/PasscodeActivity.java, line(s) 462,570 im/isfyeeywzr/ui/PassportActivity.java, line(s) 1033,2570,2993,3260,3356,4226,6241,6303,6481,6552,6691,7374,7472 im/isfyeeywzr/ui/PeopleNearbyActivity.java, line(s) 396,328,517 im/isfyeeywzr/ui/PhoneBookSelectActivity.java, line(s) 208 im/isfyeeywzr/ui/PhonebookShareActivity.java, line(s) 501,552,595 im/isfyeeywzr/ui/PhotoCropActivity.java, line(s) 346,409,333,338,352 im/isfyeeywzr/ui/PhotoViewer.java, line(s) 1330,4608,9108,9115,9123,9129,537,725,1883,2058,2285,2889,2901,3490,3543,3572,3630,3658,4052,4059,4225,4242,4381,4440,4448,4690,4697,6299,7041,7452,7489,7569,7779,7866,9135 im/isfyeeywzr/ui/PopupNotificationActivity.java, line(s) 497,1234 im/isfyeeywzr/ui/PrivacyControlActivity.java, line(s) 113,649 im/isfyeeywzr/ui/PrivacySettingsActivity.java, line(s) 373,437 im/isfyeeywzr/ui/ProfileActivity.java, line(s) 341,576,594,1510,1524,1536,1564,2621 im/isfyeeywzr/ui/ProfileNotificationsActivity.java, line(s) 457,482 im/isfyeeywzr/ui/SecretMediaViewer.java, line(s) 476,482,516,565,839,959,1164 im/isfyeeywzr/ui/SessionsActivity.java, line(s) 308,329 im/isfyeeywzr/ui/SettingsActivity.java, line(s) 2257 im/isfyeeywzr/ui/ShareActivity.java, line(s) 72,93 im/isfyeeywzr/ui/StickersActivity.java, line(s) 387,398,484 im/isfyeeywzr/ui/TestActivity.java, line(s) 32 im/isfyeeywzr/ui/ThemeActivity.java, line(s) 947,959,1035,1040,1076,1402,1408,1414,1440 im/isfyeeywzr/ui/ThemeSetUrlActivity.java, line(s) 101,119,416,431,619,630 im/isfyeeywzr/ui/TwoStepVerificationActivity.java, line(s) 162,924 im/isfyeeywzr/ui/TwoStepVerificationActivity2.java, line(s) 172,641,924,1319,1322 im/isfyeeywzr/ui/TwoStepVerificationActivityNew.java, line(s) 311,321,346,370,381,421,432,482,493,541,570,584 im/isfyeeywzr/ui/VoIPActivity.java, line(s) 221 im/isfyeeywzr/ui/WallpaperActivity.java, line(s) 445,454,475,499,518,535 im/isfyeeywzr/ui/WebviewActivity.java, line(s) 85,182,286,297,474,491 im/isfyeeywzr/ui/actionbar/ActionBarLayout.java, line(s) 182,1471,1662,2269 im/isfyeeywzr/ui/actionbar/ActionBarPopupWindow.java, line(s) 101,320,382 im/isfyeeywzr/ui/actionbar/AlertDialog.java, line(s) 900 im/isfyeeywzr/ui/actionbar/BaseFragment.java, line(s) 134,146,174,189,289,324,415,434,488,502 im/isfyeeywzr/ui/actionbar/BottomSheet.java, line(s) 616,1041,1104,1121 im/isfyeeywzr/ui/actionbar/DrawerLayoutContainer.java, line(s) 318 im/isfyeeywzr/ui/actionbar/Theme.java, line(s) 2989,3031,1160,1216,1224,2119,2183,2744,2751,2803,3290,3311,3324,3446,3458,4640,4647,4656,4663 im/isfyeeywzr/ui/actionbar/ThemeDescription.java, line(s) 711 im/isfyeeywzr/ui/actionbar/XAlertDialog.java, line(s) 940,993 im/isfyeeywzr/ui/adapters/BaseLocationAdapter.java, line(s) 61,83 im/isfyeeywzr/ui/adapters/ContactsAdapter.java, line(s) 97 im/isfyeeywzr/ui/adapters/DialogsAdapter.java, line(s) 231 im/isfyeeywzr/ui/adapters/DialogsSearchAdapter.java, line(s) 355,399,419 im/isfyeeywzr/ui/adapters/PhonebookSearchAdapter.java, line(s) 37,53 im/isfyeeywzr/ui/adapters/SearchAdapter.java, line(s) 86,106 im/isfyeeywzr/ui/adapters/SearchAdapterHelper.java, line(s) 362,486,488,509,572 im/isfyeeywzr/ui/bottom/BottomBarLayout.java, line(s) 166 im/isfyeeywzr/ui/cell/FmtDialogCell.java, line(s) 362 im/isfyeeywzr/ui/cells/AboutLinkCell.java, line(s) 120,130,147,195 im/isfyeeywzr/ui/cells/ArchiveHintCell.java, line(s) 49,53 im/isfyeeywzr/ui/cells/AudioPlayerCell.java, line(s) 67,75 im/isfyeeywzr/ui/cells/BotHelpCell.java, line(s) 100,133,143,160 im/isfyeeywzr/ui/cells/ChatActionCell.java, line(s) 331,336 im/isfyeeywzr/ui/cells/ChatMessageCell.java, line(s) 2357,2456,2491,3289,3950,3960,5591,2917 im/isfyeeywzr/ui/cells/DialogCell.java, line(s) 357 im/isfyeeywzr/ui/cells/DialogMeUrlCell.java, line(s) 119 im/isfyeeywzr/ui/cells/DrawerActionCell.java, line(s) 53 im/isfyeeywzr/ui/cells/DrawerProfileCell.java, line(s) 109,155 im/isfyeeywzr/ui/cells/PopMenuCell.java, line(s) 47 im/isfyeeywzr/ui/cells/SharedAudioCell.java, line(s) 75,80 im/isfyeeywzr/ui/cells/SharedLinkCell.java, line(s) 230,242 im/isfyeeywzr/ui/cells/ThemesHorizontalListCell.java, line(s) 624,633,639,728 im/isfyeeywzr/ui/components/AlertsCreator.java, line(s) 1025,1077,1092 im/isfyeeywzr/ui/components/AnimatedFileDrawable.java, line(s) 193,224 im/isfyeeywzr/ui/components/AudioPlayerAlert.java, line(s) 857,1301,1316 im/isfyeeywzr/ui/components/AvatarDrawable.java, line(s) 219 im/isfyeeywzr/ui/components/BlockingUpdateView.java, line(s) 253,275,279 im/isfyeeywzr/ui/components/ChatActivityEnterView.java, line(s) 1605,1643,2604,3707,3753,3935,4082,4097,4111,4125,4148,4158,4212,4699 im/isfyeeywzr/ui/components/ChatAttachAlert.java, line(s) 1882 im/isfyeeywzr/ui/components/ChatAvatarContainer.java, line(s) 280 im/isfyeeywzr/ui/components/ClippingImageView.java, line(s) 75,151 im/isfyeeywzr/ui/components/EditTextBoldCursor.java, line(s) 178,314,571,579 im/isfyeeywzr/ui/components/EditTextCaption.java, line(s) 323,345,405 im/isfyeeywzr/ui/components/EditTextEmoji.java, line(s) 88,489 im/isfyeeywzr/ui/components/EmbedBottomSheet.java, line(s) 199,303,318,344,372,418,496,503,685,694,713,823,842,920 im/isfyeeywzr/ui/components/EmojiView.java, line(s) 589,1459,3441 im/isfyeeywzr/ui/components/EmojiViewV2.java, line(s) 589,1458,3425 im/isfyeeywzr/ui/components/ForegroundDetector.java, line(s) 59,92,67,100 im/isfyeeywzr/ui/components/ImageUpdater.java, line(s) 269,297,320,342 im/isfyeeywzr/ui/components/InstantCameraView.java, line(s) 487,495,501,871,890,912,1046,1291,1314,1561,1610,1617,1621,1630,1642,1682,1762,2008,447,930,945,976,988,1054,1062,1072,1085,1096,1133,1155,1161,1167,1176,1228,1384,1389,1397,1658,1715,1727,1844,1853,1863,1871,1945,2081 im/isfyeeywzr/ui/components/LetterDrawable.java, line(s) 60 im/isfyeeywzr/ui/components/PasscodeView.java, line(s) 138,253,925,934,948,999,1027,1046 im/isfyeeywzr/ui/components/PhotoFilterView.java, line(s) 401,418,433,441,451,464,729,735,744,945 im/isfyeeywzr/ui/components/PhotoPaintView.java, line(s) 442,1270,1277,1304 im/isfyeeywzr/ui/components/PhotoViewerCaptionEnterView.java, line(s) 112,326,360,426,540,570,584,613,694,707 im/isfyeeywzr/ui/components/PipRoundVideoView.java, line(s) 255 im/isfyeeywzr/ui/components/PipVideoView.java, line(s) 406 im/isfyeeywzr/ui/components/RLottieDrawable.java, line(s) 215,339,415 im/isfyeeywzr/ui/components/RadioButton.java, line(s) 60,159 im/isfyeeywzr/ui/components/RecyclerListView.java, line(s) 594,806,819,1497,1505 im/isfyeeywzr/ui/components/ShareAlert.java, line(s) 943 im/isfyeeywzr/ui/components/SpannableStringLight.java, line(s) 24,41,58 im/isfyeeywzr/ui/components/StaticLayoutEx.java, line(s) 58,122,155,161,172,177,182,216,249,257 im/isfyeeywzr/ui/components/StickersAlert.java, line(s) 115,793,829,907 im/isfyeeywzr/ui/components/TermsOfServiceView.java, line(s) 165 im/isfyeeywzr/ui/components/ThemeEditorView.java, line(s) 92,100,979,1196,1277 im/isfyeeywzr/ui/components/TimerDrawable.java, line(s) 78 im/isfyeeywzr/ui/components/VideoTimelinePlayView.java, line(s) 300,357,385 im/isfyeeywzr/ui/components/VideoTimelineView.java, line(s) 220,277,305 im/isfyeeywzr/ui/components/WallpaperUpdater.java, line(s) 75,91,114,140,171,174,186,202 im/isfyeeywzr/ui/components/WebPlayerView.java, line(s) 430,356,410,486,545,600,663,730,1135,1371,1417,1773,1785,1798,1812,1826,1840,1854 im/isfyeeywzr/ui/components/compress/Luban.java, line(s) 86,85 im/isfyeeywzr/ui/components/paint/RenderView.java, line(s) 299,307,317,330,341,351,370,490 im/isfyeeywzr/ui/components/paint/Shader.java, line(s) 20,28,82,92 im/isfyeeywzr/ui/components/paint/Slice.java, line(s) 22,53 im/isfyeeywzr/ui/components/paint/Utils.java, line(s) 12 im/isfyeeywzr/ui/components/toast/ToastUtils.java, line(s) 77 im/isfyeeywzr/ui/components/voip/CallSwipeView.java, line(s) 94 im/isfyeeywzr/ui/components/voip/DarkTheme.java, line(s) 2380 im/isfyeeywzr/ui/components/voip/VoIPHelper.java, line(s) 153,568 im/isfyeeywzr/ui/dialogs/McShareDialog.java, line(s) 197 im/isfyeeywzr/ui/dialogs/TwoPasswordCheckDialog.java, line(s) 327,341,382 im/isfyeeywzr/ui/fragments/BaseFmts.java, line(s) 213,268,282,304 im/isfyeeywzr/ui/fragments/CallRecordsFragment.java, line(s) 592,194 im/isfyeeywzr/ui/fragments/ContactsFragment.java, line(s) 602 im/isfyeeywzr/ui/fragments/DialogsFragment.java, line(s) 487,502,1671 im/isfyeeywzr/ui/fragments/DiscoveryFragment.java, line(s) 144,292 im/isfyeeywzr/ui/fragments/MeFragmentV2.java, line(s) 485,968,1026,1041 im/isfyeeywzr/ui/fragments/TabWebFragment.java, line(s) 172,277,314,337,501 im/isfyeeywzr/ui/fragments/adapter/FmtContactsAdapter.java, line(s) 142 im/isfyeeywzr/ui/hui/CameraViewActivity.java, line(s) 1723 im/isfyeeywzr/ui/hui/CharacterParser.java, line(s) 28 im/isfyeeywzr/ui/hui/WebViewAppCompatActivity.java, line(s) 101,212 im/isfyeeywzr/ui/hui/adapter/AddNewCallAdapter.java, line(s) 78 im/isfyeeywzr/ui/hui/adapter/CreateGroupAdapter.java, line(s) 95 im/isfyeeywzr/ui/hui/adapter/CreateSecureAdapter.java, line(s) 81 im/isfyeeywzr/ui/hui/adapter/MyDialogsAdapter.java, line(s) 241 im/isfyeeywzr/ui/hui/adapter/NewChatAdapter.java, line(s) 86 im/isfyeeywzr/ui/hui/adapter/SelectContactsAdapter.java, line(s) 85 im/isfyeeywzr/ui/hui/adapter/StartChatAdapter.java, line(s) 86 im/isfyeeywzr/ui/hui/adapter/grouping/AddGroupingUserAdapter.java, line(s) 84 im/isfyeeywzr/ui/hui/adapter/pageAdapter/PageSelectionAdapter.java, line(s) 78 im/isfyeeywzr/ui/hui/adapter/pageAdapter/PageStickerAdapter.java, line(s) 110 im/isfyeeywzr/ui/hui/chats/CreateGroupFinalActivity.java, line(s) 152 im/isfyeeywzr/ui/hui/chats/GroupShareActivity.java, line(s) 211 im/isfyeeywzr/ui/hui/chats/MryDialogsActivity.java, line(s) 1693,2526 im/isfyeeywzr/ui/hui/chats/NewChatActivity.java, line(s) 397 im/isfyeeywzr/ui/hui/chats/ProfileGroupActivity.java, line(s) 358,831,849,1044,1594,1608,1620,1648,2771 im/isfyeeywzr/ui/hui/chats/StartChatActivity.java, line(s) 342 im/isfyeeywzr/ui/hui/contacts/AddContactsActivity.java, line(s) 189 im/isfyeeywzr/ui/hui/contacts/PhonebookUsersActivity.java, line(s) 519 im/isfyeeywzr/ui/hui/discovery/ActionIntroActivity.java, line(s) 379,425,460,505 im/isfyeeywzr/ui/hui/discovery/NearPersonAndGroupActivity.java, line(s) 478,482,487,490,497,550,414,637 im/isfyeeywzr/ui/hui/discovery/QrScanActivity.java, line(s) 315,341 im/isfyeeywzr/ui/hui/discoveryweb/DiscoveryJumpPausedFloatingView.java, line(s) 254,526 im/isfyeeywzr/ui/hui/discoveryweb/DiscoveryJumpToPage.java, line(s) 112,139,561,574,608,788 im/isfyeeywzr/ui/hui/friendscircle/fcHelper/OKHttpStreamFetcher.java, line(s) 43,42 im/isfyeeywzr/ui/hui/friendscircle/okhttphelper/AESHelper.java, line(s) 62,75 im/isfyeeywzr/ui/hui/friendscircle/okhttphelper/MD5Utils.java, line(s) 21,88,92,93 im/isfyeeywzr/ui/hui/friendscircle/okhttphelper/OkHttpStringCallBack.java, line(s) 69,61,70 im/isfyeeywzr/ui/hui/friendscircle_v1/adapter/FcDetailAdapter.java, line(s) 187 im/isfyeeywzr/ui/hui/friendscircle_v1/adapter/FcHomeAdapter.java, line(s) 179,687 im/isfyeeywzr/ui/hui/friendscircle_v1/adapter/UserFcListAdapter.java, line(s) 165 im/isfyeeywzr/ui/hui/friendscircle_v1/base/BaseFcActivity.java, line(s) 285,353,458,202,216,238,319,339,481 im/isfyeeywzr/ui/hui/friendscircle_v1/base/BaseFcFragment.java, line(s) 377,445,550,250,264,286,411,431,573 im/isfyeeywzr/ui/hui/friendscircle_v1/base/CommFcListActivity.java, line(s) 159 im/isfyeeywzr/ui/hui/friendscircle_v1/base/CommFcListFragment.java, line(s) 165,169,180 im/isfyeeywzr/ui/hui/friendscircle_v1/fragments/FcFollowFragment.java, line(s) 323,909 im/isfyeeywzr/ui/hui/friendscircle_v1/fragments/FcHomeFragment.java, line(s) 240,792,844 im/isfyeeywzr/ui/hui/friendscircle_v1/fragments/FcRecommendFragment.java, line(s) 235,766,818 im/isfyeeywzr/ui/hui/friendscircle_v1/helper/FcDBHelper.java, line(s) 150,156,165,167 im/isfyeeywzr/ui/hui/friendscircle_v1/player/logger/ExoPlayerLogger.java, line(s) 89,93,111,114,127,134,151,156,173,176,182,190,198,216,221,225,227,231,233,237,241,245,249,253,257,261,265,269,273,287,291,295,311,314,317,320,323,326,329,332,103,303 im/isfyeeywzr/ui/hui/friendscircle_v1/player/player/AbsBaseVideoPlayer.java, line(s) 36,47,54,63,70,78,90 im/isfyeeywzr/ui/hui/friendscircle_v1/player/player/VideoPlayerManager.java, line(s) 385 im/isfyeeywzr/ui/hui/friendscircle_v1/player/utils/Utils.java, line(s) 111,115 im/isfyeeywzr/ui/hui/friendscircle_v1/ui/FcPageDetailActivity.java, line(s) 148,192,324,343,847 im/isfyeeywzr/ui/hui/friendscircle_v1/ui/FcPageMineActivity.java, line(s) 962,1011 im/isfyeeywzr/ui/hui/friendscircle_v1/ui/FcPageOthersActivity.java, line(s) 1028 im/isfyeeywzr/ui/hui/friendscircle_v1/ui/FcPublishActivity.java, line(s) 741,993,1435,889,1438,1448 im/isfyeeywzr/ui/hui/friendscircle_v1/ui/FcTopicMainActivity.java, line(s) 835,884 im/isfyeeywzr/ui/hui/friendscircle_v1/ui/ImagePreSelectorActivity.java, line(s) 1580 im/isfyeeywzr/ui/hui/friendscircle_v1/ui/ImagePreviewActivity.java, line(s) 1319,8970,8977,8985,8991,541,739,1864,2494,2506,2795,3002,3708,3764,3793,3851,3879,4285,4292,4495,4517,4607,4663,4676,6257,6957,7330,7367,7625,7712,8997 im/isfyeeywzr/ui/hui/friendscircle_v1/ui/ImageSelectorActivity.java, line(s) 2051 im/isfyeeywzr/ui/hui/friendscircle_v1/utils/KeyboardUtils.java, line(s) 47,190,197,237,168,206,223 im/isfyeeywzr/ui/hui/friendscircle_v1/utils/StatusBarHeightUtil.java, line(s) 21 im/isfyeeywzr/ui/hui/friendscircle_v1/utils/ViewUtil.java, line(s) 17 im/isfyeeywzr/ui/hui/friendscircle_v1/view/FCIndexBar.java, line(s) 117 im/isfyeeywzr/ui/hui/friendscircle_v1/view/FcChildReplyListDialog.java, line(s) 204 im/isfyeeywzr/ui/hui/friendscircle_v1/view/FcDoReplyDialog.java, line(s) 187,379 im/isfyeeywzr/ui/hui/friendscircle_v1/view/flowLayout/TagAdapter.java, line(s) 84,88 im/isfyeeywzr/ui/hui/friendscircle_v1/view/flowLayout/TagFlowLayout.java, line(s) 121 im/isfyeeywzr/ui/hui/friendscircle_v1/view/panel/KPSwitchRootLayoutHandler.java, line(s) 35,46,50,56,60 im/isfyeeywzr/ui/hui/friendscircle_v1/view/richtext/TextCommonUtils.java, line(s) 246,274,280 im/isfyeeywzr/ui/hui/friendscircle_v1/view/toast/FcToastUtils.java, line(s) 82 im/isfyeeywzr/ui/hui/login/ChangePersonalInformationActivity.java, line(s) 545,513,552,579,580,548 im/isfyeeywzr/ui/hui/login/HloginActivity$LoginActivityRegisterView.java, line(s) 605 im/isfyeeywzr/ui/hui/login/HloginActivity.java, line(s) 289,345,594,1005,1015,1233,1893,1990 im/isfyeeywzr/ui/hui/login/LoginContronllerActivity.java, line(s) 835,851,1199,463,1163,1180,1198 im/isfyeeywzr/ui/hui/login/LoginPasswordContronllerActivity.java, line(s) 184,218,369 im/isfyeeywzr/ui/hui/mine/AboutAppActivity.java, line(s) 202,287,338,353 im/isfyeeywzr/ui/hui/mine/DataUsageActivity.java, line(s) 348 im/isfyeeywzr/ui/hui/mine/MryLanguageSelectActivity.java, line(s) 263,274 im/isfyeeywzr/ui/hui/mine/MrySessionsActivity.java, line(s) 719,744 im/isfyeeywzr/ui/hui/mine/MryThemeActivity.java, line(s) 1003,1036,1048,1134,1139,1180,1516,1522,1528,1554 im/isfyeeywzr/ui/hui/mine/PrivacyAndSafeActivity.java, line(s) 279 im/isfyeeywzr/ui/hui/mine/QrCodeActivity.java, line(s) 354 im/isfyeeywzr/ui/hui/packet/RedpktGroupSendActivity.java, line(s) 770,999,1166,1217,1232 im/isfyeeywzr/ui/hui/packet/RedpktSendActivity.java, line(s) 454,659,840,891,906 im/isfyeeywzr/ui/hui/packet/pop/RedPacketViewHolder.java, line(s) 229,234,239 im/isfyeeywzr/ui/hui/transfer/TransferSendActivity.java, line(s) 445,692,890,941,956 im/isfyeeywzr/ui/hui/transfer/TransferStatusActivity.java, line(s) 320,499 im/isfyeeywzr/ui/hui/views/SilderRelativeLayout.java, line(s) 94,104 im/isfyeeywzr/ui/hui/visualcall/AVideoCallInterface.java, line(s) 74,92,107,117,161,179,184,202 im/isfyeeywzr/ui/hui/visualcall/BaseCallActivity.java, line(s) 229,263,359,421,423,157,218,331 im/isfyeeywzr/ui/hui/visualcall/FlowService.java, line(s) 260,208 im/isfyeeywzr/ui/hui/visualcall/PermissionUtils.java, line(s) 66,71,89,93,113,116,136,155,166,203,217,225,77,230,52,60,62,176,178,181,215,82,172 im/isfyeeywzr/ui/hui/visualcall/RingUtils.java, line(s) 169,65 im/isfyeeywzr/ui/hui/visualcall/ThreadUtils.java, line(s) 53 im/isfyeeywzr/ui/hui/visualcall/VisualCallActivity.java, line(s) 310,314,378,409,466,711,815,906,928,955,960,1074,1100,1258,1290,1334,1336,1363,1398,1402,1428,1432,1441,1465,1469,1514,1745,653,1065,1488,791,795 im/isfyeeywzr/ui/hui/visualcall/VisualCallReceiveActivity.java, line(s) 465,505,587,626,754,860,1000,1028,1077,1081,1179 im/isfyeeywzr/ui/hui/visualcall/VisualCallReceiveService.java, line(s) 50 im/isfyeeywzr/ui/hviews/MryCheckBox.java, line(s) 96 im/isfyeeywzr/ui/hviews/MyScrollView.java, line(s) 480,546 im/isfyeeywzr/ui/hviews/PasswordEditText.java, line(s) 139,292 im/isfyeeywzr/ui/hviews/dialogs/XDialog.java, line(s) 673 im/isfyeeywzr/ui/hviews/dragView/DragCallBack.java, line(s) 235 im/isfyeeywzr/ui/hviews/dragView/DragHelperFrameLayout.java, line(s) 169 im/isfyeeywzr/ui/hviews/helper/MryDeviceHelper.java, line(s) 44,53 im/isfyeeywzr/ui/hviews/helper/MryDrawableHelper.java, line(s) 158 im/isfyeeywzr/ui/hviews/helper/MryNotchHelper.java, line(s) 48,64,67,368,370,372,45,61 im/isfyeeywzr/ui/hviews/page/PagerConfig.java, line(s) 43,37 im/isfyeeywzr/ui/hviews/page/PagerGridLayoutManager.java, line(s) 472,476,510,514 im/isfyeeywzr/ui/hviews/pop/BasePopup.java, line(s) 150,154 im/isfyeeywzr/ui/hviews/slidemenu/SwipeLayout.java, line(s) 779,784 im/isfyeeywzr/ui/hviews/swipelist/reservation/TopWrappedDividerItemDecoration.java, line(s) 28 im/isfyeeywzr/ui/load/animation/SpriteAnimatorBuilder.java, line(s) 146 im/isfyeeywzr/ui/newcall/NewCallActivity.java, line(s) 315 im/isfyeeywzr/ui/settings/CacheControlSettingActivity.java, line(s) 192 im/isfyeeywzr/ui/settings/NoticeAndSoundSettingActivity.java, line(s) 262,323,384 im/isfyeeywzr/ui/utils/AesUtils.java, line(s) 78,86 im/isfyeeywzr/ui/utils/AppUpdater.java, line(s) 76,138,151 im/isfyeeywzr/ui/utils/ChatActionBarHelper.java, line(s) 294 im/isfyeeywzr/ui/utils/DownloadUtils.java, line(s) 176,209 im/isfyeeywzr/ui/utils/OpenInstallUitl.java, line(s) 56,82 im/isfyeeywzr/ui/utils/QrCodeParseUtil.java, line(s) 138,153,198,235 im/isfyeeywzr/ui/utils/ThirdPartSdkInitUtil.java, line(s) 42,73,104,101 im/isfyeeywzr/ui/utils/number/MoneyUtil.java, line(s) 147 im/isfyeeywzr/ui/utils/picture/PictureUtil.java, line(s) 72 im/isfyeeywzr/ui/utils/translate/DecodeEngine.java, line(s) 114,118,134,141,169,173,267,289,297,315,323,378,382,417,445 im/isfyeeywzr/ui/utils/translate/ssrc/SSRC.java, line(s) 56,242,243,244,245,246,247,248,249,250,251,252,253,254,255,256,257,258,259,260,261,262,263,289,293,296,517,531,614,679,680,681,682,687,689,691,693,765,907,1070,1074,1118,1212,1213,1214,1215,1216,1218,1220,1222,1271,1277 im/isfyeeywzr/ui/utils/translate/utils/AudioFileUtils.java, line(s) 32,35,56,111,113,134,150 im/isfyeeywzr/ui/wallet/WalletRechargeH5Activity.java, line(s) 130,206 im/isfyeeywzr/ui/wallet/WalletWithdrawActivity.java, line(s) 302,353,368 im/isfyeeywzr/ui/wallet/WalletWithdrawAddNewAccountActivity.java, line(s) 422,429,603,629,684 im/isfyeeywzr/ui/wallet/model/BankCardListResBean.java, line(s) 83 im/isfyeeywzr/ui/wallet/model/BillRecordDetailBean.java, line(s) 89 im/isfyeeywzr/ui/wallet/model/BillRecordResBillListBean.java, line(s) 211 im/isfyeeywzr/ui/wallet/model/WalletPaymentBankCardBean.java, line(s) 77,89 im/isfyeeywzr/ui/wallet/model/WalletWithdrawTemplateBean.java, line(s) 69 org/webrtc/ali/AliHardwareAudioEncoder.java, line(s) 114,127,176,68 org/webrtc/ali/USBAudioDevice.java, line(s) 67 org/webrtc/alirtcInterface/ALI_RTC_INTERFACE_IMPL.java, line(s) 400,675,694,699,713,718,1161,289,294,303,342,347,352,357,362,367,372,377,382,387,335 org/webrtc/alirtcInterface/SophonEngine.java, line(s) 276 org/webrtc/alirtcInterface/SophonEngineImpl.java, line(s) 74,200,224,232,241,294,306,372,380,389,443,588,89,92,94,178,272,75,111,273,353,357,1066 org/webrtc/audio/AppRTCAudioManager.java, line(s) 258,272,305,347,390,399,95,100,110,113,179,191,202,214,243,255,261,270,293,297,319,329,333,350,392,497,498,528,548,554 org/webrtc/audio/AppRTCBluetoothManager.java, line(s) 61,64,72,78,94,109,113,121,123,127,132,137,142,159,190,191,193,199,214,219,228,234,240,248,255,260,264,266,298,301,303,310,316,322,331,341,344,355,178,183,221,225,118,161,165,174,348 org/webrtc/audio/AppRTCProximitySensor.java, line(s) 26,33,43,71,74,81,126,61 org/webrtc/sdk/SophonSurfaceView.java, line(s) 58,68,77,34 org/webrtc/utils/AppRTCUtils.java, line(s) 21 org/webrtc/utils/CpuMonitor.java, line(s) 100,111,118,125,164,237,178,183,185,283,318,345,351,354,357 org/webrtc/utils/MemoryMonitor.java, line(s) 33,40,63,69 org/webrtc/utils/NetworkMonitor.java, line(s) 49,55 pub/devrel/easypermissions/EasyPermissions.java, line(s) 131,133,27 pub/devrel/easypermissions/helper/ActivityPermissionHelper.java, line(s) 34 pub/devrel/easypermissions/helper/BaseSupportPermissionsHelper.java, line(s) 21
信息 此应用程序将数据复制到剪贴板。敏感数据不应复制到剪贴板,因为其他应用程序可以访问它
此应用程序将数据复制到剪贴板。敏感数据不应复制到剪贴板,因为其他应用程序可以访问它 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x04b-Mobile-App-Security-Testing.md#clipboard Files: im/isfyeeywzr/messenger/AndroidUtilities.java, line(s) 10,1424 im/isfyeeywzr/ui/ChangeUsernameActivity.java, line(s) 4,84 im/isfyeeywzr/ui/ChannelCreateActivity.java, line(s) 8,680 im/isfyeeywzr/ui/ChatActivity.java, line(s) 11,11014 im/isfyeeywzr/ui/ChatEditTypeActivity.java, line(s) 4,386,400 im/isfyeeywzr/ui/GroupInviteActivity.java, line(s) 4,129 im/isfyeeywzr/ui/PhonebookShareActivity.java, line(s) 4,549,584 im/isfyeeywzr/ui/ProfileActivity.java, line(s) 11,1507,1532 im/isfyeeywzr/ui/StickersActivity.java, line(s) 4,395 im/isfyeeywzr/ui/ThemeSetUrlActivity.java, line(s) 4,98 im/isfyeeywzr/ui/components/EmbedBottomSheet.java, line(s) 9,821 im/isfyeeywzr/ui/components/ShareAlert.java, line(s) 8,936 im/isfyeeywzr/ui/dialogs/McShareDialog.java, line(s) 5,233 im/isfyeeywzr/ui/hui/chats/ProfileGroupActivity.java, line(s) 11,1591,1616 im/isfyeeywzr/ui/hui/discovery/QrScanResultActivity.java, line(s) 4,65 im/isfyeeywzr/ui/hui/packet/BillDetailsActivity.java, line(s) 4,310
信息 应用程序可以写入应用程序目录。敏感信息应加密
应用程序可以写入应用程序目录。敏感信息应加密 Files: com/alivc/rtc/device/core/persistent/TransactionXMLFile.java, line(s) 8
信息 应用与Firebase数据库通信
该应用与位于 https://isfyeeywzr-48b0d.firebaseio.com 的 Firebase 数据库进行通信
安全 此应用程序使用SSL Pinning 来检测或防止安全通信通道中的MITM攻击
此应用程序使用SSL Pinning 来检测或防止安全通信通道中的MITM攻击 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x05g-Testing-Network-Communication.md#testing-custom-certificate-stores-and-certificate-pinning-mstg-network-4 Files: com/bjz/comm/net/factory/ApiFactory.java, line(s) 51,51 com/bjz/comm/net/factory/ApiGameFactory.java, line(s) 49,49 com/bjz/comm/net/factory/ApiHuanHuiFactory.java, line(s) 41,41 com/bjz/comm/net/factory/ApiMPFactory.java, line(s) 47,47 com/bjz/comm/net/factory/ApiTranslateAudioFactory.java, line(s) 40,40 com/zhy/http/okhttp/https/HttpsUtils.java, line(s) 110,174,42,109,135,173,98,108,108,172,172
安全 此应用程序可能具有Root检测功能
此应用程序可能具有Root检测功能 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x05j-Testing-Resiliency-Against-Reverse-Engineering.md#testing-root-detection-mstg-resilience-1 Files: im/isfyeeywzr/ui/utils/SimulatorUtil.java, line(s) 19
安全 Firebase远程配置已禁用
Firebase远程配置URL ( https://firebaseremoteconfig.googleapis.com/v1/projects/194512522065/namespaces/firebase:fetch?key=AIzaSyC6uk1nvjb5BYzqEzgaWy_iTryf5373Nyw ) 已禁用。响应内容如下所示:
{
"state": "NO_TEMPLATE"
}
关注 应用程序可能与位于OFAC制裁国家 (中国) 的服务器 (translations.m12345.cc) 通信。
{'ip': '221.228.32.13', 'country_short': 'CN', 'country_long': '中国', 'region': '江苏', 'city': '无锡', 'latitude': '31.569349', 'longitude': '120.288788'}
关注 应用程序可能与位于OFAC制裁国家 (中国) 的服务器 (m12345.cc) 通信。
{'ip': '221.228.32.13', 'country_short': 'CN', 'country_long': '中国', 'region': '江苏', 'city': '无锡', 'latitude': '31.569349', 'longitude': '120.288788'}
关注 应用程序可能与位于OFAC制裁国家 (中国) 的服务器 (www.ntsc.ac.cn) 通信。
{'ip': '159.226.242.43', 'country_short': 'CN', 'country_long': '中国', 'region': '北京', 'city': '北京', 'latitude': '39.907501', 'longitude': '116.397102'}
关注 应用程序可能与位于OFAC制裁国家 (中国) 的服务器 (impyq.gz.bcebos.com) 通信。
{'ip': '121.228.183.252', 'country_short': 'CN', 'country_long': '中国', 'region': '江苏', 'city': '苏州', 'latitude': '31.311365', 'longitude': '120.617691'}
关注 应用程序可能与位于OFAC制裁国家 (中国) 的服务器 (translations.lovechat323.com) 通信。
{'ip': '221.228.32.13', 'country_short': 'CN', 'country_long': '中国', 'region': '江苏', 'city': '无锡', 'latitude': '31.569349', 'longitude': '120.288788'}
关注 应用程序可能与位于OFAC制裁国家 (中国) 的服务器 (lovechat323.com) 通信。
{'ip': '221.228.32.13', 'country_short': 'CN', 'country_long': '中国', 'region': '江苏', 'city': '无锡', 'latitude': '31.569349', 'longitude': '120.288788'}