安全分数
安全分数 47/100
风险评级
等级
- A
- B
- C
- F
严重性分布 (%)
隐私风险
6
用户/设备跟踪器
调研结果
高危
4
中危
18
信息
1
安全
2
关注
0
高危 Activity (com.google.android.play.core.missingsplits.PlayCoreMissingSplitsActivity) 的启动模式不是standard模式
Activity 不应将启动模式属性设置为 "singleTask/singleInstance",因为这会使其成为根 Activity,并可能导致其他应用程序读取调用 Intent 的内容。因此,当 Intent 包含敏感信息时,需要使用 "standard" 启动模式属性。
高危 如果一个应用程序使用WebView.loadDataWithBaseURL方法来加载一个网页到WebView,那么这个应用程序可能会遭受跨站脚本攻击
如果一个应用程序使用WebView.loadDataWithBaseURL方法来加载一个网页到WebView,那么这个应用程序可能会遭受跨站脚本攻击 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x05h-Testing-Platform-Interaction.md#static-analysis-7 Files: com/applovin/impl/adview/b.java, line(s) 494,14 com/applovin/impl/sdk/e/q.java, line(s) 98,4
高危 已启用远程WebView调试
已启用远程WebView调试 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x04c-Tampering-and-Reverse-Engineering.md#debugging-and-tracing Files: com/applovin/impl/adview/d.java, line(s) 134,10,11
高危 应用程序包含隐私跟踪程序
此应用程序有多个6隐私跟踪程序。跟踪器可以跟踪设备或用户,是终端用户的隐私问题。
中危 Activity (com.photoappworld.photo.sticker.creator.wastickerapps.EditionActivity) 未被保护。
存在一个intent-filter。 发现 Activity与设备上的其他应用程序共享,因此让它可以被设备上的任何其他应用程序访问。intent-filter的存在表明这个Activity是显式导出的。
中危 Activity (com.photoappworld.photo.sticker.creator.wastickerapps.InstallFontActivity) 未被保护。
存在一个intent-filter。 发现 Activity与设备上的其他应用程序共享,因此让它可以被设备上的任何其他应用程序访问。intent-filter的存在表明这个Activity是显式导出的。
中危 Content Provider (com.photoappworld.photo.sticker.creator.wastickerapps.StickerContentProvider) 未被保护。
[android:exported=true] 发现 Content Provider与设备上的其他应用程序共享,因此可被设备上的任何其他应用程序访问。
中危 Activity (androidx.core.google.shortcuts.TrampolineActivity) 未被保护。
[android:exported=true] 发现 Activity与设备上的其他应用程序共享,因此可被设备上的任何其他应用程序访问。
中危 Service (com.google.android.gms.auth.api.signin.RevocationBoundService) 受权限保护, 但是应该检查权限的保护级别。
Permission: com.google.android.gms.auth.api.signin.permission.REVOCATION_NOTIFICATION [android:exported=true] 发现一个 Service被共享给了设备上的其他应用程序,因此让它可以被设备上的任何其他应用程序访问。它受到一个在分析的应用程序中没有定义的权限的保护。因此,应该在定义它的地方检查权限的保护级别。如果它被设置为普通或危险,一个恶意应用程序可以请求并获得这个权限,并与该组件交互。如果它被设置为签名,只有使用相同证书签名的应用程序才能获得这个权限。
中危 Broadcast Receiver (com.google.firebase.iid.FirebaseInstanceIdReceiver) 受权限保护, 但是应该检查权限的保护级别。
Permission: com.google.android.c2dm.permission.SEND [android:exported=true] 发现一个 Broadcast Receiver被共享给了设备上的其他应用程序,因此让它可以被设备上的任何其他应用程序访问。它受到一个在分析的应用程序中没有定义的权限的保护。因此,应该在定义它的地方检查权限的保护级别。如果它被设置为普通或危险,一个恶意应用程序可以请求并获得这个权限,并与该组件交互。如果它被设置为签名,只有使用相同证书签名的应用程序才能获得这个权限。
中危 Service (androidx.work.impl.background.systemjob.SystemJobService) 受权限保护, 但是应该检查权限的保护级别。
Permission: android.permission.BIND_JOB_SERVICE [android:exported=true] 发现一个 Service被共享给了设备上的其他应用程序,因此让它可以被设备上的任何其他应用程序访问。它受到一个在分析的应用程序中没有定义的权限的保护。因此,应该在定义它的地方检查权限的保护级别。如果它被设置为普通或危险,一个恶意应用程序可以请求并获得这个权限,并与该组件交互。如果它被设置为签名,只有使用相同证书签名的应用程序才能获得这个权限。
中危 Broadcast Receiver (androidx.work.impl.diagnostics.DiagnosticsReceiver) 受权限保护, 但是应该检查权限的保护级别。
Permission: android.permission.DUMP [android:exported=true] 发现一个 Broadcast Receiver被共享给了设备上的其他应用程序,因此让它可以被设备上的任何其他应用程序访问。它受到一个在分析的应用程序中没有定义的权限的保护。因此,应该在定义它的地方检查权限的保护级别。如果它被设置为普通或危险,一个恶意应用程序可以请求并获得这个权限,并与该组件交互。如果它被设置为签名,只有使用相同证书签名的应用程序才能获得这个权限。
中危 Service (com.google.android.play.core.assetpacks.AssetPackExtractionService) 未被保护。
[android:exported=true] 发现 Service与设备上的其他应用程序共享,因此可被设备上的任何其他应用程序访问。
中危 应用程序使用不安全的随机数生成器
应用程序使用不安全的随机数生成器 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x04g-Testing-Cryptography.md#weak-random-number-generators Files: com/applovin/impl/a/l.java, line(s) 17 g/c0/a.java, line(s) 3 g/c0/b.java, line(s) 4 g/c0/e/a.java, line(s) 4
中危 文件可能包含硬编码的敏感信息,如用户名、密码、密钥等
文件可能包含硬编码的敏感信息,如用户名、密码、密钥等 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x05d-Testing-Data-Storage.md#checking-memory-for-sensitive-data-mstg-storage-10 Files: ch/qos/logback/classic/joran/action/ConfigurationAction.java, line(s) 20 ch/qos/logback/classic/sift/ContextBasedDiscriminator.java, line(s) 7 ch/qos/logback/core/CoreConstants.java, line(s) 14,21,30,32,48,72,73 ch/qos/logback/core/net/ssl/SSL.java, line(s) 4 ch/qos/logback/core/rolling/helper/DateTokenConverter.java, line(s) 12 ch/qos/logback/core/rolling/helper/IntegerTokenConverter.java, line(s) 7 com/applovin/impl/sdk/m.java, line(s) 625 com/applovin/mediation/AppLovinUtils.java, line(s) 22 com/applovin/mediation/ads/MaxAdView.java, line(s) 170,160 com/applovin/mediation/ads/MaxInterstitialAd.java, line(s) 82,72 com/applovin/mediation/ads/MaxRewardedAd.java, line(s) 111,101 com/applovin/mediation/ads/MaxRewardedInterstitialAd.java, line(s) 76,66 com/applovin/mediation/nativeAds/MaxNativeAdLoader.java, line(s) 66,61 com/applovin/sdk/AppLovinSdk.java, line(s) 236 com/applovin/sdk/AppLovinWebViewActivity.java, line(s) 19 com/zipoapps/premiumhelper/toto/TotoService.java, line(s) 371
中危 应用程序可以读取/写入外部存储器,任何应用程序都可以读取写入外部存储器的数据
应用程序可以读取/写入外部存储器,任何应用程序都可以读取写入外部存储器的数据 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x05d-Testing-Data-Storage.md#external-storage Files: c/h/e/a.java, line(s) 151 c/h/e/b.java, line(s) 199 ch/qos/logback/core/android/AndroidContextUtil.java, line(s) 60,64,73,75 com/photoappworld/photo/sticker/creator/wastickerapps/InstallFontActivity.java, line(s) 49 com/photoappworld/photo/sticker/creator/wastickerapps/gallery/StickerTemplateActivityFolder.java, line(s) 51 com/photoappworld/photo/sticker/creator/wastickerapps/x1/k.java, line(s) 51,59,108 com/photoappworld/photo/sticker/creator/wastickerapps/x1/q.java, line(s) 151,141
中危 应用程序使用SQLite数据库并执行原始SQL查询。原始SQL查询中不受信任的用户输入可能会导致SQL注入。敏感信息也应加密并写入数据库
应用程序使用SQLite数据库并执行原始SQL查询。原始SQL查询中不受信任的用户输入可能会导致SQL注入。敏感信息也应加密并写入数据库 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x04h-Testing-Code-Quality.md#injection-flaws-mstg-arch-2-and-mstg-platform-2 Files: c/t/a/g/a.java, line(s) 5,6,7,8,66,115 ch/qos/logback/classic/android/SQLiteAppender.java, line(s) 3,4,5,55,318,319,320 d/b/b/b/i/a0/j/r0.java, line(s) 5,6,70,93,149,277,296,328,524,707 d/b/b/b/i/a0/j/t0.java, line(s) 4,5,130
中危 SHA-1是已知存在哈希冲突的弱哈希
SHA-1是已知存在哈希冲突的弱哈希 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x04g-Testing-Cryptography.md#identifying-insecure-andor-deprecated-cryptographic-algorithms-mstg-crypto-4 Files: com/applovin/impl/sdk/utils/StringUtils.java, line(s) 30 com/applovin/impl/sdk/utils/l.java, line(s) 148 com/zipoapps/premiumhelper/util/q.java, line(s) 422
中危 应用程序创建临时文件。敏感信息永远不应该被写进临时文件
应用程序创建临时文件。敏感信息永远不应该被写进临时文件 Files: c/r/c.java, line(s) 128
中危 IP地址泄露
IP地址泄露 Files: com/applovin/mediation/BuildConfig.java, line(s) 4
中危 Firebase远程配置已启用
Firebase远程配置URL ( https://firebaseremoteconfig.googleapis.com/v1/projects/535841330151/namespaces/firebase:fetch?key=AIzaSyA6Zo54SJbt50_0CHw5wTNTdIWgQJbzV2c ) 已启用。请确保这些配置不包含敏感信息。响应内容如下所示: { "entries": { "ad_type_test": "adaptive", "ad_unit_admob_banner": "ca-app-pub-4563216819962244/9810745752", "ad_unit_admob_banner_exit": "ca-app-pub-4563216819962244/4340393353", "ad_unit_admob_interstitial": "ca-app-pub-4563216819962244/6831465954", "ad_unit_admob_native": "ca-app-pub-4563216819962244/1579139272", "ad_unit_admob_native_exit": "ca-app-pub-4563216819962244/1579139272", "ad_unit_admob_rewarded": "ca-app-pub-4563216819962244/4022196135", "ad_unit_applovin_banner": "52581e299e029ba7", "ad_unit_applovin_banner_exit": "01a29ee50286c01c", "ad_unit_applovin_interstitial": "834834efeb1b5804", "ad_unit_applovin_mrec_banner": "01a29ee50286c01c", "ad_unit_applovin_native": "7dc63cc8a23a5269", "ad_unit_applovin_native_exit": "7dc63cc8a23a5269", "ad_unit_applovin_rewarded": "7d5f8d563db69db4", "ad_unit_banner": "ca-app-pub-4563216819962244/4340393353", "ads_provider": "admob", "disable_onboarding_premium_offering": "false", "disable_relaunch_premium_offering": "false", "interstitial_capping_seconds": "120", "interstitial_capping_type": "global", "interstitial_muted": "true", "main_sku": "s1_v68t0_01500_trial_3d_weekly", "prevent_ad_fraud": "true", "prevent_ad_fraud_timeout_seconds": "7", "rate_us_mode": "validate_intent", "rateus_session_start": "2", "show_ad_on_app_exit": "false", "show_premium_offering_after_creation": "true" }, "state": "UPDATE", "templateVersion": "138" }
中危 此应用可能包含硬编码机密信息
从应用程序中识别出以下机密确保这些不是机密或私人信息 AdMob广告平台的=> "com.google.android.gms.ads.APPLICATION_ID" : "@string/admob_app_id" "admob_app_id" : "ca-app-pub-4563216819962244~4780017685" "google_api_key" : "AIzaSyA6Zo54SJbt50_0CHw5wTNTdIWgQJbzV2c" "google_app_id" : "1:535841330151:android:d78c5f2c97eee002746342" "google_crash_reporting_api_key" : "AIzaSyA6Zo54SJbt50_0CHw5wTNTdIWgQJbzV2c" Y29tLmFuZHJvaWQudmVuZGluZy5saWNlbnNpbmcuSUxpY2Vuc2luZ1NlcnZpY2U= HSrCHRtOan6wp2kwOIGJC1RDtuSrF2mWVbio2aBcMHX9KF3iTJ1lLSzCKP1ZSo5yNolPNw1kCTtWpxELFF4ah1 2e1a4db5f9be9d82747e791845a00669205f3c4
信息 应用程序记录日志信息,不得记录敏感信息
应用程序记录日志信息,不得记录敏感信息 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x05d-Testing-Data-Storage.md#logs Files: br/com/blackmountain/util/filters/NativeFilter.java, line(s) 14,26 c/a/o/g.java, line(s) 129,162,239 c/f/a/d.java, line(s) 199 c/f/b/a/a.java, line(s) 95,98 c/f/b/b/j.java, line(s) 895 c/h/e/a.java, line(s) 115 c/h/e/f/c.java, line(s) 56 c/h/e/f/d.java, line(s) 66 c/h/e/f/h.java, line(s) 131,140,265 c/h/f/g.java, line(s) 406,411 c/h/f/i.java, line(s) 82 c/h/f/j.java, line(s) 40,75 c/h/f/k.java, line(s) 52,110 c/h/f/n.java, line(s) 96,99 c/h/f/o.java, line(s) 97 c/h/j/e.java, line(s) 27,31,35 c/h/j/k.java, line(s) 33 c/h/l/c.java, line(s) 35,47,59,73 c/h/n/c0.java, line(s) 1447,1309,1446 c/h/n/d0.java, line(s) 20,31 c/h/n/f.java, line(s) 63 c/h/n/f0.java, line(s) 19,34,55,82,103,124,145 c/h/n/k.java, line(s) 20,29 c/h/n/k0.java, line(s) 364,381,125,137,144,153,43,62,355 c/h/n/l0/c.java, line(s) 169 c/h/n/n.java, line(s) 14 c/h/n/n0/b.java, line(s) 74 c/j/b/c.java, line(s) 401 c/m/a/a.java, line(s) 242,771,969,736,750,986,1194 c/p/a/a.java, line(s) 30 c/q/a/b.java, line(s) 45,60,68,92,189,208,315,342,348,52 c/q/b/c.java, line(s) 79 c/r/a.java, line(s) 230,349,405,194,201,203,209,331,342,353,389,107,138,197,205,212,225,236,248,265,311 c/r/c.java, line(s) 55,66,68,109,111,129,150,190,232,254,289,299,302,306,105,113,122,242,258,273,297 c/t/a/c.java, line(s) 36,39,51,29,43 c/v/a.java, line(s) 35 c/w/i0.java, line(s) 34,87 c/w/y.java, line(s) 38,47,49 c/x/a/a/i.java, line(s) 978 ch/qos/logback/classic/android/LogcatAppender.java, line(s) 30,53,22,29,36,37,43,52,23,44 ch/qos/logback/classic/net/SimpleSocketServer.java, line(s) 68,69 ch/qos/logback/classic/pattern/TargetLengthBasedClassNameAbbreviator.java, line(s) 28,37 ch/qos/logback/classic/spi/ThrowableProxy.java, line(s) 96 ch/qos/logback/core/joran/util/ConfigurationWatchListUtil.java, line(s) 31 ch/qos/logback/core/net/DefaultSocketConnector.java, line(s) 24 ch/qos/logback/core/net/SocketConnectorBase.java, line(s) 32 ch/qos/logback/core/recovery/ResilientOutputStreamBase.java, line(s) 45 ch/qos/logback/core/spi/ContextAwareBase.java, line(s) 59 ch/qos/logback/core/spi/ContextAwareImpl.java, line(s) 54 ch/qos/logback/core/subst/Node.java, line(s) 60,61,66 com/applovin/impl/adview/activity/b/f.java, line(s) 542 com/applovin/impl/sdk/a/f.java, line(s) 70,76,82 com/applovin/impl/sdk/e.java, line(s) 111,114 com/applovin/impl/sdk/nativeAd/AppLovinMediaView.java, line(s) 151 com/applovin/impl/sdk/v.java, line(s) 45,62,97,58,105,66,113,70,89 com/applovin/mediation/rtb/AppLovinRtbBannerRenderer.java, line(s) 34,40,46,58,63,69 com/iab/omid/library/applovin/d/c.java, line(s) 18,11 com/photoappworld/photo/sticker/creator/wastickerapps/CutActivity.java, line(s) 108 com/photoappworld/photo/sticker/creator/wastickerapps/EditMetadataActivity.java, line(s) 17,29,57,88 com/photoappworld/photo/sticker/creator/wastickerapps/EditionActivity.java, line(s) 94,106,121,127,142,166,233,245,287,291,301,303,311,325,330,335,347,371,462,465,473,481,489,566,570,574,591,596,601,667,688,727,730,747,752,757,759,767,787,791,803,806,809,831,854,891,909,935,954,1021 com/photoappworld/photo/sticker/creator/wastickerapps/InstallFontActivity.java, line(s) 88,94,95,101,103,136,159,164,230,235,243,249,288 com/photoappworld/photo/sticker/creator/wastickerapps/MainActivity.java, line(s) 87,92,102,107,166,169,178,181,236 com/photoappworld/photo/sticker/creator/wastickerapps/OrganizeActivity.java, line(s) 35,48,92,113,130,139,144,154,168,177,394,427,480 com/photoappworld/photo/sticker/creator/wastickerapps/SaveDoneActivity.java, line(s) 60,71,82,91,125,134,287,302,305 com/photoappworld/photo/sticker/creator/wastickerapps/StickerContentProvider.java, line(s) 43,57,67,74,80,83,129,162,167,188,192,202,209,234,238,246,256,278,293,297 com/photoappworld/photo/sticker/creator/wastickerapps/StickerGalleryActivity.java, line(s) 85,88,112,165 com/photoappworld/photo/sticker/creator/wastickerapps/gallery/GlideActivityFolder.java, line(s) 64,97 com/photoappworld/photo/sticker/creator/wastickerapps/gallery/GlideActivityGallery.java, line(s) 92,98,149,150,151,169,170,184 com/photoappworld/photo/sticker/creator/wastickerapps/gallery/StickerTemplateActivityFolder.java, line(s) 65 com/photoappworld/photo/sticker/creator/wastickerapps/gallery/j.java, line(s) 77 com/photoappworld/photo/sticker/creator/wastickerapps/r1.java, line(s) 57,75,80,89,97,104,121,154,178,195,208,214,220,222,238,246,250,255 com/photoappworld/photo/sticker/creator/wastickerapps/t1/b.java, line(s) 29 com/photoappworld/photo/sticker/creator/wastickerapps/u1/a3.java, line(s) 73,78 com/photoappworld/photo/sticker/creator/wastickerapps/u1/b3.java, line(s) 192,199,248,255,260,267,303,324,337,345,418,484,514,597,616,662,678,733,846,855,864,869,876,895 com/photoappworld/photo/sticker/creator/wastickerapps/u1/s2.java, line(s) 106 com/photoappworld/photo/sticker/creator/wastickerapps/u1/u2.java, line(s) 22,25,34,37,46,49,58,64,69,85,97 com/photoappworld/photo/sticker/creator/wastickerapps/u1/v2.java, line(s) 106,180,197 com/photoappworld/photo/sticker/creator/wastickerapps/u1/w2.java, line(s) 268 com/photoappworld/photo/sticker/creator/wastickerapps/u1/x2.java, line(s) 28,219,241,267,274,281,286 com/photoappworld/photo/sticker/creator/wastickerapps/u1/z2.java, line(s) 33,87,217,222,282,303,314,325 com/photoappworld/photo/sticker/creator/wastickerapps/v1/f.java, line(s) 101,108,110,341,464,471,476 com/photoappworld/photo/sticker/creator/wastickerapps/v1/h.java, line(s) 95,200 com/photoappworld/photo/sticker/creator/wastickerapps/v1/j.java, line(s) 315,388,390,393 com/photoappworld/photo/sticker/creator/wastickerapps/v1/l.java, line(s) 24,30,32,39 com/photoappworld/photo/sticker/creator/wastickerapps/v1/n.java, line(s) 233 com/photoappworld/photo/sticker/creator/wastickerapps/view/PhotoView.java, line(s) 145,159,161,162,163,169,207,212,231,287,290,374,377,385,389,400,417,424,443 com/photoappworld/photo/sticker/creator/wastickerapps/view/ShapeAdapterView.java, line(s) 23 com/photoappworld/photo/sticker/creator/wastickerapps/view/a0.java, line(s) 27 com/photoappworld/photo/sticker/creator/wastickerapps/view/c0.java, line(s) 33,42 com/photoappworld/photo/sticker/creator/wastickerapps/view/e0.java, line(s) 112,119 com/photoappworld/photo/sticker/creator/wastickerapps/view/h0.java, line(s) 117,154 com/photoappworld/photo/sticker/creator/wastickerapps/view/l0.java, line(s) 66 com/photoappworld/photo/sticker/creator/wastickerapps/view/n0.java, line(s) 28,34,39,53,58,61 com/photoappworld/photo/sticker/creator/wastickerapps/view/t.java, line(s) 26,31 com/photoappworld/photo/sticker/creator/wastickerapps/view/w.java, line(s) 58 com/photoappworld/photo/sticker/creator/wastickerapps/view/y.java, line(s) 27,32 com/photoappworld/photo/sticker/creator/wastickerapps/view/z.java, line(s) 96,100,131,206 com/photoappworld/photo/sticker/creator/wastickerapps/w1/a.java, line(s) 42 com/photoappworld/photo/sticker/creator/wastickerapps/w1/b.java, line(s) 35,40 com/photoappworld/photo/sticker/creator/wastickerapps/w1/d.java, line(s) 44,58 com/photoappworld/photo/sticker/creator/wastickerapps/w1/e.java, line(s) 49,73,77,88,92,97,116,121,127,132,140,172,176,177 com/photoappworld/photo/sticker/creator/wastickerapps/x1/j.java, line(s) 86,94 com/photoappworld/photo/sticker/creator/wastickerapps/x1/k.java, line(s) 129,141 com/photoappworld/photo/sticker/creator/wastickerapps/x1/q.java, line(s) 36,82,85,180,190,258 com/photoappworld/photo/sticker/creator/wastickerapps/x1/s.java, line(s) 24 com/photoappworld/photo/sticker/creator/wastickerapps/y1/c.java, line(s) 74 d/a/b/b/a.java, line(s) 7,13,8,14 d/b/b/b/i/y/a.java, line(s) 7,11,15,23,27 d/b/b/d/b0/d.java, line(s) 151,184 d/b/b/d/c0/b.java, line(s) 84 d/b/b/d/e0/g.java, line(s) 424 d/b/b/d/m/h.java, line(s) 49 d/b/b/e/a/a/c0.java, line(s) 15 d/b/b/e/a/a/e.java, line(s) 39,62,27,28,61 d/b/d/a/q/a/a.java, line(s) 51,61,78,87,97 d/b/d/a/q/a/b.java, line(s) 61,72 d/b/d/a/q/a/c.java, line(s) 99 l/a/a.java, line(s) 108,126
安全 此应用程序使用SSL Pinning 来检测或防止安全通信通道中的MITM攻击
此应用程序使用SSL Pinning 来检测或防止安全通信通道中的MITM攻击 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x05g-Testing-Network-Communication.md#testing-custom-certificate-stores-and-certificate-pinning-mstg-network-4 Files: ch/qos/logback/core/net/ssl/SSLContextFactoryBean.java, line(s) 37,55,82,54,54,55,56 com/zipoapps/premiumhelper/toto/TotoService.java, line(s) 414,395,413,412,412 h/g0/c.java, line(s) 103,102,101,101
安全 此应用程序可能具有Root检测功能
此应用程序可能具有Root检测功能 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x05j-Testing-Resiliency-Against-Reverse-Engineering.md#testing-root-detection-mstg-resilience-1 Files: d/b/b/e/a/a/s.java, line(s) 26