应用安全检测报告
应用安全检测报告,支持文件搜索、内容检索和AI代码分析
移动应用安全检测报告
Clipboard v6.5.1
50
安全评分
安全基线评分
50/100
低风险
综合风险等级
风险等级评定
- A
- B
- C
- F
应用存在一定安全风险,建议优化
漏洞与安全项分布
1
高危
26
中危
3
信息
1
安全
隐私风险评估
3
第三方跟踪器
中等隐私风险
检测到少量第三方跟踪器
检测结果分布
高危安全漏洞
1
中危安全漏洞
26
安全提示信息
3
已通过安全项
1
重点安全关注
3
高危安全漏洞 该文件是World Writable。任何应用程序都可以写入文件
该文件是World Writable。任何应用程序都可以写入文件 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x05d-Testing-Data-Storage.md#testing-local-storage-for-sensitive-data-mstg-storage-1-and-mstg-storage-2 Files: B9/C0977b.java, line(s) 39 B9/b.java, line(s) 19,39
中危安全漏洞 应用数据允许备份
[android:allowBackup=true] 该标志允许通过 adb 工具备份应用数据。启用 USB 调试的用户可直接复制应用数据,存在数据泄露风险。
中危安全漏洞 Activity (com.mason.ship.clipboard.ui.activity.TrashActivity) 未受保护。
[android:exported=true] 检测到 Activity 已导出,未受任何权限保护,任意应用均可访问。
中危安全漏洞 Activity (com.mason.ship.clipboard.ui.activity.ClipActivity) 未受保护。
[android:exported=true] 检测到 Activity 已导出,未受任何权限保护,任意应用均可访问。
中危安全漏洞 Activity (com.mason.ship.clipboard.ui.activity.SettingsActivity) 未受保护。
[android:exported=true] 检测到 Activity 已导出,未受任何权限保护,任意应用均可访问。
中危安全漏洞 Activity (com.mason.ship.clipboard.ui.activity.TagListActivity) 未受保护。
[android:exported=true] 检测到 Activity 已导出,未受任何权限保护,任意应用均可访问。
中危安全漏洞 Activity (com.mason.ship.clipboard.ui.activity.TagActivity) 未受保护。
[android:exported=true] 检测到 Activity 已导出,未受任何权限保护,任意应用均可访问。
中危安全漏洞 Activity (com.mason.ship.clipboard.ui.activity.SelectTagsActivity) 未受保护。
[android:exported=true] 检测到 Activity 已导出,未受任何权限保护,任意应用均可访问。
中危安全漏洞 Activity (com.mason.ship.clipboard.ui.activity.PreviewActivity) 未受保护。
[android:exported=true] 检测到 Activity 已导出,未受任何权限保护,任意应用均可访问。
中危安全漏洞 Activity (com.mason.ship.clipboard.ui.activity.IntegrationsActivity) 未受保护。
[android:exported=true] 检测到 Activity 已导出,未受任何权限保护,任意应用均可访问。
中危安全漏洞 Activity (com.facebook.CustomTabActivity) 未受保护。
[android:exported=true] 检测到 Activity 已导出,未受任何权限保护,任意应用均可访问。
中危安全漏洞 Activity (com.google.firebase.auth.internal.GenericIdpActivity) 未受保护。
[android:exported=true] 检测到 Activity 已导出,未受任何权限保护,任意应用均可访问。
中危安全漏洞 Activity (com.google.firebase.auth.internal.RecaptchaActivity) 未受保护。
[android:exported=true] 检测到 Activity 已导出,未受任何权限保护,任意应用均可访问。
中危安全漏洞 Service (com.google.android.gms.auth.api.signin.RevocationBoundService) 受权限保护,但应检查权限保护级别。
Permission: com.google.android.gms.auth.api.signin.permission.REVOCATION_NOTIFICATION [android:exported=true] 检测到 Service 已导出并受未在本应用定义的权限保护。请在权限定义处核查其保护级别。若为 normal 或 dangerous,恶意应用可申请并与组件交互;若为 signature,仅同证书签名应用可访问。
中危安全漏洞 Service (androidx.work.impl.background.systemjob.SystemJobService) 受权限保护,但应检查权限保护级别。
Permission: android.permission.BIND_JOB_SERVICE [android:exported=true] 检测到 Service 已导出并受未在本应用定义的权限保护。请在权限定义处核查其保护级别。若为 normal 或 dangerous,恶意应用可申请并与组件交互;若为 signature,仅同证书签名应用可访问。
中危安全漏洞 Broadcast Receiver (androidx.work.impl.diagnostics.DiagnosticsReceiver) 受权限保护,但应检查权限保护级别。
Permission: android.permission.DUMP [android:exported=true] 检测到 Broadcast Receiver 已导出并受未在本应用定义的权限保护。请在权限定义处核查其保护级别。若为 normal 或 dangerous,恶意应用可申请并与组件交互;若为 signature,仅同证书签名应用可访问。
中危安全漏洞 Broadcast Receiver (androidx.profileinstaller.ProfileInstallReceiver) 受权限保护,但应检查权限保护级别。
Permission: android.permission.DUMP [android:exported=true] 检测到 Broadcast Receiver 已导出并受未在本应用定义的权限保护。请在权限定义处核查其保护级别。若为 normal 或 dangerous,恶意应用可申请并与组件交互;若为 signature,仅同证书签名应用可访问。
中危安全漏洞 文件可能包含硬编码的敏感信息,如用户名、密码、密钥等
文件可能包含硬编码的敏感信息,如用户名、密码、密钥等 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x05d-Testing-Data-Storage.md#checking-memory-for-sensitive-data-mstg-storage-10 Files: I3/C1721c.java, line(s) 32 I9/C1749i.java, line(s) 151 I9/i.java, line(s) 143 U/AbstractC2575b.java, line(s) 17 U3/h.java, line(s) 40 V3/C2650b.java, line(s) 44 X3/d.java, line(s) 40 X3/z.java, line(s) 97 com/dotlottie/dlplayer/Event.java, line(s) 200 com/revenuecat/purchases/amazon/AmazonBillingKt.java, line(s) 4 com/revenuecat/purchases/amazon/AmazonCacheKt.java, line(s) 4 com/revenuecat/purchases/common/BackendKt.java, line(s) 13,12 com/revenuecat/purchases/common/caching/DeviceCache.java, line(s) 63,35,36,37 com/revenuecat/purchases/common/diagnostics/DiagnosticsEntry.java, line(s) 17,20,23,29 com/revenuecat/purchases/common/diagnostics/DiagnosticsHelper.java, line(s) 11 com/revenuecat/purchases/common/diagnostics/DiagnosticsTracker.java, line(s) 29,39,42,45,48,51,54,57 com/revenuecat/purchases/common/offlineentitlements/ProductEntitlementMapping.java, line(s) 14,16,17,18 com/revenuecat/purchases/common/verification/DefaultSignatureVerifier.java, line(s) 10 com/revenuecat/purchases/common/verification/Signature.java, line(s) 115 com/revenuecat/purchases/strings/ConfigureStrings.java, line(s) 16 com/revenuecat/purchases/subscriberattributes/SubscriberAttributeKt.java, line(s) 7 fb/S.java, line(s) 52 u4/g.java, line(s) 140
中危安全漏洞 应用程序使用不安全的随机数生成器
应用程序使用不安全的随机数生成器 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x04g-Testing-Cryptography.md#weak-random-number-generators Files: G1/o.java, line(s) 31 H9/C1632d1.java, line(s) 10 H9/C1684v0.java, line(s) 21 H9/D1.java, line(s) 14 I9/C1752l.java, line(s) 55 I9/l.java, line(s) 49 O9/w.java, line(s) 27 R3/C0567d.java, line(s) 48 Z4/g.java, line(s) 24 ia/a.java, line(s) 3 ia/c.java, line(s) 3 k5/C1872s.java, line(s) 10 k5/S.java, line(s) 10
中危安全漏洞 MD5是已知存在哈希冲突的弱哈希
MD5是已知存在哈希冲突的弱哈希 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x04g-Testing-Cryptography.md#identifying-insecure-andor-deprecated-cryptographic-algorithms-mstg-crypto-4 Files: G8/b.java, line(s) 135 M3/c.java, line(s) 115 k5/C1872s.java, line(s) 52 k5/S.java, line(s) 50
中危安全漏洞 向Firebase上传数据
向Firebase上传数据 Files: I9/o.java, line(s) 105,252,21
中危安全漏洞 应用程序使用SQLite数据库并执行原始SQL查询。原始SQL查询中不受信任的用户输入可能会导致SQL注入。敏感信息也应加密并写入数据库
应用程序使用SQLite数据库并执行原始SQL查询。原始SQL查询中不受信任的用户输入可能会导致SQL注入。敏感信息也应加密并写入数据库 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x04h-Testing-Code-Quality.md#injection-flaws-mstg-arch-2-and-mstg-platform-2 Files: H6/C1567l.java, line(s) 6,7,923,1062,1407,1657,2542,2568 H6/O1.java, line(s) 16,1239 H6/l.java, line(s) 9,10,509,745,1425 J1/b0.java, line(s) 10,227 S7/i.java, line(s) 3,4,11,12,13,14,23,24,25,26,27 V8/c.java, line(s) 14,122,134 W4/h.java, line(s) 7,75 X4/j.java, line(s) 5,6,77 d2/c.java, line(s) 6,7,71,76
中危安全漏洞 SHA-1是已知存在哈希冲突的弱哈希
SHA-1是已知存在哈希冲突的弱哈希 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x04g-Testing-Cryptography.md#identifying-insecure-andor-deprecated-cryptographic-algorithms-mstg-crypto-4 Files: com/revenuecat/purchases/common/UtilsKt.java, line(s) 45
中危安全漏洞 应用程序创建临时文件。敏感信息永远不应该被写进临时文件
应用程序创建临时文件。敏感信息永远不应该被写进临时文件 Files: com/sun/jna/Native.java, line(s) 254
中危安全漏洞 Firebase远程配置已启用
Firebase远程配置URL ( https://firebaseremoteconfig.googleapis.com/v1/projects/223708902027/namespaces/firebase:fetch?key=AIzaSyCmIIh3hbUNwcqQFIiY5LB6W3UVKrk4Kfw ) 已启用。请确保这些配置不包含敏感信息。响应内容如下所示:
{
"entries": {
"ad_unit_reward_backup": "ca-app-pub-2387797785150191/9071201812",
"ad_unit_reward_trial": "ca-app-pub-2387797785150191/7423078224",
"clip_flow_ad_position": "",
"country_tier": "1",
"free_trial_on": "false",
"free_trial_on_v2": "false",
"max_ai_summary_trial_count": "3",
"open_app_ad_interval": "5",
"purchase_offering_id": "default_standard_offering",
"purchase_paywall": "false",
"show_ad_in_clip_detail": "false",
"show_ad_in_flow": "false",
"show_ad_in_tag": "false",
"show_ad_open_app": "false",
"sync_count": "10"
},
"state": "UPDATE",
"templateVersion": "63"
}
中危安全漏洞 应用程序包含隐私跟踪程序
此应用程序有多个3隐私跟踪程序。跟踪器可以跟踪设备或用户,是终端用户的隐私问题。
中危安全漏洞 此应用可能包含硬编码机密信息
从应用程序中识别出以下机密确保这些不是机密或私人信息 AdMob广告平台的=> "com.google.android.gms.ads.APPLICATION_ID" : "ca-app-pub-2387797785150191~6078092377" "androidx.credentials.TYPE_PUBLIC_KEY_CREDENTIAL" : "Passkey" "firebase_database_url" : "https://clipboard-410fc-default-rtdb.firebaseio.com" "android.credentials.TYPE_PASSWORD_CREDENTIAL" : "Sandi" "android.credentials.TYPE_PASSWORD_CREDENTIAL" : "Password" "android.credentials.TYPE_PASSWORD_CREDENTIAL" : "Passwort" "google_crash_reporting_api_key" : "AIzaSyCmIIh3hbUNwcqQFIiY5LB6W3UVKrk4Kfw" "google_app_id" : "1:223708902027:android:456c34a4697bec623b9a8e" "android.credentials.TYPE_PASSWORD_CREDENTIAL" : "Senha" "android.credentials.TYPE_PASSWORD_CREDENTIAL" : "Palavra-passe" "google_api_key" : "AIzaSyCmIIh3hbUNwcqQFIiY5LB6W3UVKrk4Kfw" "com.google.firebase.crashlytics.mapping_file_id" : "385d5bc71bff48aab13decc4c9b7c3f9" "firebase_web_host" : "CHANGE-ME" 5ff9f18f586c404e3486407e506300a6 35B7ACFAB37723A3B2131238563BC29B f8L7o2HxjA4p9Z1nQw3E5r6T8yU2iCv0B9kM4sD1f7G3hJ5lK2z0X9cW8vQ6b5N3m1Rg8F2o0Lp7A1e9I4u3Y2t0H8x6W5v4Z1n9Q2w7E3r5T8y6U1i0C9vB8k7M4s3D1f2G0h9J5l8K4z7X3cW2v1Q0b9N8m6A5r4F3o2Lp1E0u9I8y7Y6t5H4x3W2v1Z0n9Q8w7E6r5T4y3U2i1C0v9B8k7M6s5D4f3G2h1J0l9K8z7X6cW5v4Q3b2N1m0Rg9F8o7Lp6A5e4I3u2Y1t0H8x7W6v5Z4n3Q2w1E0r9T8y7U6i5C4v3B2k1M0s9D8f7G6h5J4l3K2z1X0cW9v8Q7b6N5m4A3r2F1o0Lp9E8u7I6y5T4h3W2v1Z0n0Q9w8E7r6T5y4U3i2C1v0B9k8M7s6D5f4G3h2J1l0K9z8X7cW6v5Q4b3N2m1R0g9F8o7L6p5A4e3I2u1Y0t9H8x7W6v5Z4n3Q2w1E0r9T8y7U6i5C4v3B2k1M0s9D8f7G6h5J4l3K2z1X0cW9v8Q7b6N5m4A3r2F1o0Lp9E8u7I6y5T4h3W2 d3bc2ef6f09d7fcb009a9aa19a2e0850 86254750241babac4b8d52996a675549 UC1upXWg5QVmyOSwozp755xLqquBKjjU+di6U8QhMlM= a-95ed6082-b8e9-46e8-a73f-ff56f00f5d9d B3EEABB8EE11C2BE770B684D95219ECB 470fa2b4ae81cd56ecbcda9735803434cec591fa
安全提示信息 应用程序记录日志信息,不得记录敏感信息
应用程序记录日志信息,不得记录敏感信息 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x05d-Testing-Data-Storage.md#logs Files: A3/u.java, line(s) 580,587,593 B1/C0938a.java, line(s) 16 B9/C0976a.java, line(s) 19,24 B9/a.java, line(s) 18,22 C8/C1050D.java, line(s) 461,484,594,704,709,444,445 C8/e.java, line(s) 13 D4/f.java, line(s) 46 D8/C0137f.java, line(s) 61,93,99,103 D8/C0138g.java, line(s) 55,80,84 D8/G.java, line(s) 234,245 E4/C1281A.java, line(s) 45,44 E4/C1283b.java, line(s) 61,60,70,84,85 E4/a.java, line(s) 44,43 E4/i.java, line(s) 102,127,134,144,148,151,154,161,164,195,199,101,122,133,143,147,150,153,160,163,194,198 E4/p.java, line(s) 47,50,48,51 F1/h.java, line(s) 22 F2/d.java, line(s) 23 G1/e.java, line(s) 121 G4/d.java, line(s) 95 H/AbstractC1509j.java, line(s) 161,166 H/j.java, line(s) 158,163 H/w.java, line(s) 106,110 H4/g.java, line(s) 114,113,166 H6/C1522B.java, line(s) 153,156 H6/RunnableC1592t1.java, line(s) 370,111 H6/V.java, line(s) 164 H6/b.java, line(s) 154,157 H9/RunnableC1690y0.java, line(s) 489,493,360 I3/AbstractC1723e.java, line(s) 1000,826,846,850,854 I3/C1720b.java, line(s) 246,262,270,704,385,388,392,396,428,431,434,437,440 I3/C1722d.java, line(s) 605 I3/C1726h.java, line(s) 112,115 I3/b.java, line(s) 560 I3/d.java, line(s) 524 I3/h.java, line(s) 111,114 I3/k.java, line(s) 441,442,404,413 I6/AbstractC1736a.java, line(s) 37,74,89,88,50,66 I6/a.java, line(s) 33,70,85,84,46,62 J1/C0264b.java, line(s) 88 J1/C0279q.java, line(s) 30,42,89,138,187,204,230 J1/Q.java, line(s) 27,39,86,135,184,201,227 J1/i0.java, line(s) 35,47,54,63 J1/m0.java, line(s) 70,86,62 J8/d.java, line(s) 195,194 L3/C1939e.java, line(s) 116,144 L5/e.java, line(s) 65,125,132 L5/f.java, line(s) 27 L5/i.java, line(s) 44 L5/j.java, line(s) 35,50 L5/l.java, line(s) 25 L5/o.java, line(s) 45 L5/r.java, line(s) 79,83 L5/u.java, line(s) 40,43,56 M8/AbstractC1999c.java, line(s) 25,18 M8/C1998b.java, line(s) 12 M8/a.java, line(s) 83,87,102 M8/b.java, line(s) 10 N1/C2025c.java, line(s) 414 N4/C2058e.java, line(s) 345,26,227,239 N4/e.java, line(s) 329,22,211,223 N6/C2085c.java, line(s) 98,148,96 N6/g.java, line(s) 133 N8/M0.java, line(s) 90 O/C0027g.java, line(s) 78,128,140,150 O/C2104g.java, line(s) 89,139,151,161 O/C2105h.java, line(s) 173 O/h.java, line(s) 167 O/u.java, line(s) 207,714 O2/C2118b.java, line(s) 60,65,72,76,87,99 O2/b.java, line(s) 54,59,66,70,81,93 O5/a.java, line(s) 45,50,54,37,66,71 O5/i.java, line(s) 20,26,28,37,44,50,52,61,68,74,76,118,86,92,94,103 P/MenuC2153l.java, line(s) 543 P/ViewOnKeyListenerC2147f.java, line(s) 437 P2/k.java, line(s) 176,175,331,335,341,344,361,370 P3/c.java, line(s) 19,29 P6/d.java, line(s) 56 P6/h.java, line(s) 187,191 Q/AbstractC2216O0.java, line(s) 35 Q/AbstractC2232Z.java, line(s) 20 Q/C0044t.java, line(s) 60 Q/C2190B0.java, line(s) 253,79,84,236 Q/C2200G0.java, line(s) 23 Q/C2215O.java, line(s) 74 Q/C2240d0.java, line(s) 90,99,190 Q/C2271t.java, line(s) 61 Q/DialogInterfaceOnClickListenerC0029I.java, line(s) 34,58,62,66 Q/DialogInterfaceOnClickListenerC2203I.java, line(s) 41,70,75,80 Q/b1.java, line(s) 80,170 Q/d0.java, line(s) 85,94,185 R1/d.java, line(s) 258 R2/AbstractC2330e.java, line(s) 20 R2/f.java, line(s) 70 S1/AbstractC2417b.java, line(s) 69,108,117 S1/C0022i.java, line(s) 343,403,406 S1/C2421f.java, line(s) 51 S1/C2424i.java, line(s) 371,431,434 S1/C2428m.java, line(s) 565,1207,1736,1741,1748,1927,1934,1943,1957,1963,1971,2117,2119,1826,334,651,1329,1343,1669 S1/F.java, line(s) 46 S1/m.java, line(s) 557,1199,1543,1548,1555,1734,1741,1750,1764,1770,1778,1924,1926,1633,326,643,1321,1335,1476 T/C2497g.java, line(s) 154 T/C2503m.java, line(s) 138,147,233,368,394,490,270,274,295,315 T/C2513w.java, line(s) 97,44 T/C2516z.java, line(s) 155 T/m.java, line(s) 132,141,226,357,383,479,263,267,288,308 T2/n.java, line(s) 56,59,62,65 T4/C0023a.java, line(s) 134 T4/C2543a.java, line(s) 145 U/AbstractC0027i.java, line(s) 45 U/AbstractC2582i.java, line(s) 47 U3/c.java, line(s) 31,40,45,54,63 U6/f.java, line(s) 19,20 U6/z.java, line(s) 24,33,32,38,39 V3/b.java, line(s) 73,86,72,85 V3/l.java, line(s) 86,123,85,118,122,126,131,119,127,132 V8/a.java, line(s) 9 V8/b.java, line(s) 42 V8/c.java, line(s) 230 V8/d.java, line(s) 19 V8/e.java, line(s) 16,31,42 V8/f.java, line(s) 34,46,36 W4/C2732j.java, line(s) 64 W4/j.java, line(s) 66 X1/AbstractC2760a.java, line(s) 115 X3/j.java, line(s) 148,149 X3/l.java, line(s) 25,68 X7/C2827a.java, line(s) 238 Y/C0760t0.java, line(s) 539 Y3/f.java, line(s) 47,131,197,212,46,86,92,99,127,143,149,180,192,199,211,90,107,116,147,181 Y5/f.java, line(s) 57,63,298,323,98,108,127,157,200,293,145,60,148,172,175,194 Z2/v.java, line(s) 45,51,57,63,69 Z3/c.java, line(s) 105,115,146,152,106,147,118,153 a1/e.java, line(s) 44,49 a1/g.java, line(s) 40 a1/h.java, line(s) 57 a1/i.java, line(s) 36 a1/t.java, line(s) 263 a4/C0838a.java, line(s) 45,44,69,85,93,102 a4/a.java, line(s) 43,42,67,83,91,100 a4/b.java, line(s) 373 b4/C0950b.java, line(s) 63,64 b4/C0952d.java, line(s) 61,60 b4/d.java, line(s) 57,56 b4/y.java, line(s) 62,59 com/firebase/ui/auth/ui/credentials/CredentialSaveActivity.java, line(s) 63,66,34 com/mason/ship/clipboard/receiver/NotificationBroadcastReceiver.java, line(s) 12 com/mason/ship/clipboard/ui/activity/SettingsActivity.java, line(s) 281,467,610,753,976,1120,1264,1408,1579,1723,1886 com/pairip/licensecheck/LicenseActivity.java, line(s) 21,43 com/pairip/licensecheck/LicenseClient.java, line(s) 47,144,165,182,191,82,122,200 com/revenuecat/purchases/common/DefaultLogHandler.java, line(s) 11,18,20,27,33,39 com/revenuecat/purchases/ui/revenuecatui/helpers/Logger.java, line(s) 15,20,26,31,36 com/sun/jna/Native.java, line(s) 1003,1005,1006 d2/C1228b.java, line(s) 157 d2/C1229c.java, line(s) 202,211,246,260,273,286,299,312,325,338,351,373,388,360 d2/C1233g.java, line(s) 189,272,278,354,426,441,461,468,654,821,867,887,901,935,953,1008,1049,1052,1086,1107,1126,1136,1167,1181,1191,1199,1251,1257,1269,1286,1291,1298,1379,1392,1396,1408,1418,1429,1436,1531,79,210,316,321,796,1352,1356,1360,1466,1474 d2/g.java, line(s) 158,164,240,312,327,347,354,511,557,577,591,625,643,698,739,742,826,839,843,855,865,876,883,978,62,202,207,486,799,803,807,913,921 f0/c.java, line(s) 227,311,228,312 h5/b.java, line(s) 83,129,212 h8/b.java, line(s) 167 h8/l.java, line(s) 540 i4/C1727a.java, line(s) 46,112,121,126,134,54,115,122,129,135 i4/C1734h.java, line(s) 45,46 i4/a.java, line(s) 45,109,118,123,131,53,112,119,126,132 j3/AbstractC1780d.java, line(s) 35 j3/AbstractC1781e.java, line(s) 44 j3/RunnableC1778b.java, line(s) 318,194 j3/b.java, line(s) 103 k/AbstractActivityC1801h.java, line(s) 450,259,268 k/H.java, line(s) 421,241,250 k/n.java, line(s) 38 k/u.java, line(s) 70,87,117 k/x.java, line(s) 759,761,763,350,404,407 k4/c.java, line(s) 30,51,33,52 k4/g.java, line(s) 49,50 k4/h.java, line(s) 184,185,196 k4/j.java, line(s) 99,121,100,122 k5/d.java, line(s) 93 l6/a.java, line(s) 31 m0/f.java, line(s) 21 m6/e.java, line(s) 43 n5/J.java, line(s) 11,17,19,28 q1/m.java, line(s) 60 q8/C2314c.java, line(s) 53 q8/c.java, line(s) 48 r8/AbstractC0030a.java, line(s) 555,623,554,622,540 r8/AbstractC2361a.java, line(s) 574,742,573,741,559 t5/a.java, line(s) 67,86 u4/c.java, line(s) 39,47,50 v2/C2647d.java, line(s) 57,74,55 v2/d.java, line(s) 57,72,55 w1/b.java, line(s) 51 w1/d.java, line(s) 31 w1/x.java, line(s) 47,79,85,109,175,185,248,256,44,78,84,108,174,184,247,255,62,88,122,164 x2/C2771j.java, line(s) 28 x2/C2786z.java, line(s) 149,120 x2/L.java, line(s) 61 x2/Y.java, line(s) 42 x2/d0.java, line(s) 162 y2/n.java, line(s) 103,203,205 y2/o.java, line(s) 99,113 y2/r.java, line(s) 131 z1/AbstractC2988b.java, line(s) 61,78 z1/b.java, line(s) 60,77 z8/b.java, line(s) 127
安全提示信息 此应用程序将数据复制到剪贴板。敏感数据不应复制到剪贴板,因为其他应用程序可以访问它
此应用程序将数据复制到剪贴板。敏感数据不应复制到剪贴板,因为其他应用程序可以访问它 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x04b-Mobile-App-Security-Testing.md#clipboard Files: I3/AbstractC1723e.java, line(s) 50,311,926,312 L0/C0329g.java, line(s) 6,24,127
安全提示信息 应用与Firebase数据库通信
该应用与位于 https://clipboard-410fc-default-rtdb.firebaseio.com 的 Firebase 数据库进行通信
已通过安全项 此应用程序可能具有Root检测功能
此应用程序可能具有Root检测功能 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x05j-Testing-Resiliency-Against-Reverse-Engineering.md#testing-root-detection-mstg-resilience-1 Files: U6/f.java, line(s) 36
重点安全关注 应用程序可能与位于OFAC制裁国家 (中国) 的服务器 (apps.apple.com) 通信。
{'ip': '180.163.150.166', 'country_short': 'CN', 'country_long': '中国', 'region': '浙江', 'city': '台州', 'latitude': '28.666668', 'longitude': '121.349998'}
重点安全关注 应用程序可能与位于OFAC制裁国家 (中国) 的服务器 (app-measurement.com) 通信。
{'ip': '180.163.150.161', 'country_short': 'CN', 'country_long': '中国', 'region': '上海', 'city': '上海', 'latitude': '31.224333', 'longitude': '121.468948'}
重点安全关注 应用程序可能与位于OFAC制裁国家 (中国) 的服务器 (pagead2.googlesyndication.com) 通信。
{'ip': '180.163.150.166', 'country_short': 'CN', 'country_long': '中国', 'region': '上海', 'city': '上海', 'latitude': '31.224333', 'longitude': '121.468948'}
综合安全基线评分总结
Clipboard v6.5.1
Android APK
50
综合安全评分
中风险