安全分析报告:
安全分数
安全分数 51/100
风险评级
等级
- A
- B
- C
- F
严重性分布 (%)
隐私风险
8
用户/设备跟踪器
调研结果
高危
1
中危
17
信息
2
安全
1
关注
0
高危 应用程序包含隐私跟踪程序
此应用程序有多个8隐私跟踪程序。跟踪器可以跟踪设备或用户,是终端用户的隐私问题。
中危 应用程序可以安装在存在漏洞的 Android 版本上
Android 8.0, minSdk=26] 该应用程序可以安装在具有多个漏洞的旧版本 Android 上。支持 Android 版本 => 10、API 29 以接收合理的安全更新。
中危 应用程序数据存在被泄露的风险
未设置[android:allowBackup]标志 这个标志 [android:allowBackup]应该设置为false。默认情况下它被设置为true,允许任何人通过adb备份你的应用程序数据。它允许已经启用了USB调试的用户从设备上复制应用程序数据。
中危 Activity (com.facebook.CustomTabActivity) 未被保护。
[android:exported=true] 发现 Activity与设备上的其他应用程序共享,因此使其对设备上的任何其他应用程序都可访问。
中危 Activity (com.google.firebase.auth.internal.GenericIdpActivity) 未被保护。
[android:exported=true] 发现 Activity与设备上的其他应用程序共享,因此使其对设备上的任何其他应用程序都可访问。
中危 Activity (com.google.firebase.auth.internal.RecaptchaActivity) 未被保护。
[android:exported=true] 发现 Activity与设备上的其他应用程序共享,因此使其对设备上的任何其他应用程序都可访问。
中危 Service (androidx.work.impl.background.systemjob.SystemJobService) 受权限保护, 但是应该检查权限的保护级别。
Permission: android.permission.BIND_JOB_SERVICE [android:exported=true] 发现一个 Service被共享给了设备上的其他应用程序,因此让它可以被设备上的任何其他应用程序访问。它受到一个在分析的应用程序中没有定义的权限的保护。因此,应该在定义它的地方检查权限的保护级别。如果它被设置为普通或危险,一个恶意应用程序可以请求并获得这个权限,并与该组件交互。如果它被设置为签名,只有使用相同证书签名的应用程序才能获得这个权限。
中危 Broadcast Receiver (androidx.work.impl.diagnostics.DiagnosticsReceiver) 受权限保护, 但是应该检查权限的保护级别。
Permission: android.permission.DUMP [android:exported=true] 发现一个 Broadcast Receiver被共享给了设备上的其他应用程序,因此让它可以被设备上的任何其他应用程序访问。它受到一个在分析的应用程序中没有定义的权限的保护。因此,应该在定义它的地方检查权限的保护级别。如果它被设置为普通或危险,一个恶意应用程序可以请求并获得这个权限,并与该组件交互。如果它被设置为签名,只有使用相同证书签名的应用程序才能获得这个权限。
中危 Broadcast Receiver (androidx.profileinstaller.ProfileInstallReceiver) 受权限保护, 但是应该检查权限的保护级别。
Permission: android.permission.DUMP [android:exported=true] 发现一个 Broadcast Receiver被共享给了设备上的其他应用程序,因此让它可以被设备上的任何其他应用程序访问。它受到一个在分析的应用程序中没有定义的权限的保护。因此,应该在定义它的地方检查权限的保护级别。如果它被设置为普通或危险,一个恶意应用程序可以请求并获得这个权限,并与该组件交互。如果它被设置为签名,只有使用相同证书签名的应用程序才能获得这个权限。
中危 文件可能包含硬编码的敏感信息,如用户名、密码、密钥等
文件可能包含硬编码的敏感信息,如用户名、密码、密钥等 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x05d-Testing-Data-Storage.md#checking-memory-for-sensitive-data-mstg-storage-10 Files: com/amplitude/api/AmplitudeClient.java, line(s) 43,45,46,47,48,49,50,53 com/apphud/sdk/ApphudUserProperty.java, line(s) 95 com/apphud/sdk/storage/SharedPreferencesStorage.java, line(s) 26,27,34,35,28,29,31,32,33,36,39,40,41,42,43,44,45 com/appsflyer/appsflyersdk/AppsFlyerConstants.java, line(s) 6 com/dexterous/flutterlocalnotifications/FlutterLocalNotificationsPlugin.java, line(s) 141 com/dexterous/flutterlocalnotifications/isolate/IsolatePreferences.java, line(s) 8,9 com/dexterous/flutterlocalnotifications/models/NotificationDetails.java, line(s) 51,65 com/tekartik/sqflite/Constant.java, line(s) 54 com/vk/api/sdk/VKApiConfig.java, line(s) 205 com/vk/api/sdk/VKApiCredentials.java, line(s) 59 com/vk/api/sdk/auth/VKAccessToken.java, line(s) 40,39,24 com/vk/api/sdk/auth/VKAuthParams.java, line(s) 18,19,20 com/vk/api/sdk/exceptions/VKApiCodes.java, line(s) 121 com/vk/api/sdk/okhttp/OkHttpExecutorConfig.java, line(s) 65 com/vk/sdk/api/account/dto/AccountChangePasswordResponse.java, line(s) 58 com/vk/sdk/api/audio/dto/AudioAudio.java, line(s) 125 com/vk/sdk/api/base/dto/BaseRequestParam.java, line(s) 62 com/vk/sdk/api/docs/dto/DocsDoc.java, line(s) 131 com/vk/sdk/api/friends/dto/FriendsUserXtrPhone.java, line(s) 1335 com/vk/sdk/api/groups/dto/GroupsCallbackServer.java, line(s) 103 com/vk/sdk/api/groups/dto/GroupsLongPollServer.java, line(s) 67 com/vk/sdk/api/groups/dto/GroupsUserXtrRole.java, line(s) 1337 com/vk/sdk/api/leadForms/dto/LeadFormsAnswer.java, line(s) 56 com/vk/sdk/api/leadForms/dto/LeadFormsAnswerItem.java, line(s) 58 com/vk/sdk/api/leadForms/dto/LeadFormsQuestionItem.java, line(s) 83 com/vk/sdk/api/leadForms/dto/LeadFormsQuestionItemOption.java, line(s) 58 com/vk/sdk/api/market/dto/MarketMarketItem.java, line(s) 178 com/vk/sdk/api/market/dto/MarketMarketItemFull.java, line(s) 283 com/vk/sdk/api/messages/dto/MessagesAudioMessage.java, line(s) 97 com/vk/sdk/api/messages/dto/MessagesGraffiti.java, line(s) 104 com/vk/sdk/api/messages/dto/MessagesLongpollParams.java, line(s) 79 com/vk/sdk/api/newsfeed/dto/NewsfeedItemDigestItem.java, line(s) 232 com/vk/sdk/api/newsfeed/dto/NewsfeedNewsfeedItem.java, line(s) 411 com/vk/sdk/api/newsfeed/dto/NewsfeedNewsfeedPhoto.java, line(s) 225 com/vk/sdk/api/photos/dto/PhotosPhoto.java, line(s) 194 com/vk/sdk/api/photos/dto/PhotosPhotoFull.java, line(s) 193 com/vk/sdk/api/photos/dto/PhotosPhotoFullXtrRealOffset.java, line(s) 265 com/vk/sdk/api/photos/dto/PhotosPhotoXtrRealOffset.java, line(s) 217 com/vk/sdk/api/photos/dto/PhotosPhotoXtrTagInfo.java, line(s) 225 com/vk/sdk/api/storage/dto/StorageValue.java, line(s) 56 com/vk/sdk/api/stories/dto/StoriesStory.java, line(s) 311,311 com/vk/sdk/api/streaming/dto/StreamingGetServerUrlResponse.java, line(s) 62 com/vk/sdk/api/textlives/dto/TextlivesTextpostAttachment.java, line(s) 114 com/vk/sdk/api/users/dto/UsersUserFull.java, line(s) 1314 com/vk/sdk/api/utils/dto/UtilsLastShortenedLink.java, line(s) 115 com/vk/sdk/api/utils/dto/UtilsLinkStats.java, line(s) 63 com/vk/sdk/api/utils/dto/UtilsLinkStatsExtended.java, line(s) 63 com/vk/sdk/api/utils/dto/UtilsShortLink.java, line(s) 87 com/vk/sdk/api/video/dto/VideoSaveResult.java, line(s) 114 com/vk/sdk/api/video/dto/VideoVideo.java, line(s) 513 com/vk/sdk/api/video/dto/VideoVideoFull.java, line(s) 540 com/vk/sdk/api/wall/dto/WallGraffiti.java, line(s) 107 com/vk/sdk/api/wall/dto/WallWallpostAttachment.java, line(s) 204 com/vk/sdk/api/wall/dto/WallWallpostFull.java, line(s) 346 io/flutter/app/FlutterActivityDelegate.java, line(s) 33 io/flutter/embedding/android/FlutterActivityAndFragmentDelegate.java, line(s) 29,30 io/flutter/embedding/android/FlutterActivityLaunchConfigs.java, line(s) 16,18,19,3,4,17 io/flutter/embedding/engine/loader/ApplicationInfoLoader.java, line(s) 13,12 io/flutter/embedding/engine/loader/FlutterLoader.java, line(s) 31,36,34,35,37,39,40,38,41,44 io/flutter/embedding/engine/systemchannels/SettingsChannel.java, line(s) 11 io/flutter/plugin/editing/SpellCheckPlugin.java, line(s) 15,17,18 io/flutter/plugins/firebase/auth/Constants.java, line(s) 23,16 io/flutter/plugins/firebase/crashlytics/Constants.java, line(s) 5,17 io/flutter/plugins/googlemobileads/FlutterRequestAgentProvider.java, line(s) 7,8 io/flutter/plugins/imagepicker/ImagePickerCache.java, line(s) 23,24,13,25,26,27,28,29 org/jsoup/helper/W3CDom.java, line(s) 45 org/jsoup/nodes/Comment.java, line(s) 6 org/jsoup/nodes/DocumentType.java, line(s) 11,12,14
中危 应用程序使用不安全的随机数生成器
应用程序使用不安全的随机数生成器 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x04g-Testing-Cryptography.md#weak-random-number-generators Files: com/vk/api/sdk/utils/ExponentialBackoff.java, line(s) 3 org/jsoup/helper/DataUtil.java, line(s) 17
中危 应用程序使用SQLite数据库并执行原始SQL查询。原始SQL查询中不受信任的用户输入可能会导致SQL注入。敏感信息也应加密并写入数据库
应用程序使用SQLite数据库并执行原始SQL查询。原始SQL查询中不受信任的用户输入可能会导致SQL注入。敏感信息也应加密并写入数据库 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x04h-Testing-Code-Quality.md#injection-flaws-mstg-arch-2-and-mstg-platform-2 Files: com/amplitude/api/DatabaseHelper.java, line(s) 6,7,8,9,10,84 com/tekartik/sqflite/Database.java, line(s) 9,10,11,12,13,459
中危 MD5是已知存在哈希冲突的弱哈希
MD5是已知存在哈希冲突的弱哈希 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x04g-Testing-Cryptography.md#identifying-insecure-andor-deprecated-cryptographic-algorithms-mstg-crypto-4 Files: com/vk/api/sdk/utils/VKUtils.java, line(s) 263
中危 应用程序可以读取/写入外部存储器,任何应用程序都可以读取写入外部存储器的数据
应用程序可以读取/写入外部存储器,任何应用程序都可以读取写入外部存储器的数据 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x05d-Testing-Data-Storage.md#external-storage Files: io/flutter/plugins/pathprovider/Messages.java, line(s) 123,145,201,222 io/flutter/plugins/pathprovider/PathProviderPlugin.java, line(s) 89,206 io/flutter/plugins/share/Share.java, line(s) 130
中危 不安全的Web视图实现。可能存在WebView任意代码执行漏洞
不安全的Web视图实现。可能存在WebView任意代码执行漏洞 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x05h-Testing-Platform-Interaction.md#testing-javascript-execution-in-webviews-mstg-platform-5 Files: com/shushper/cloudpayments/sdk/three_ds/ThreeDsDialogFragment.java, line(s) 67,65
中危 SHA-1是已知存在哈希冲突的弱哈希
SHA-1是已知存在哈希冲突的弱哈希 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x04g-Testing-Cryptography.md#identifying-insecure-andor-deprecated-cryptographic-algorithms-mstg-crypto-4 Files: com/shushper/cloudpayments/sdk/cp_card/CPCard.java, line(s) 137,150 dev/fluttercommunity/plus/packageinfo/PackageInfoPlugin.java, line(s) 163
中危 应用程序创建临时文件。敏感信息永远不应该被写进临时文件
应用程序创建临时文件。敏感信息永远不应该被写进临时文件 Files: io/flutter/plugins/imagepicker/ImagePickerDelegate.java, line(s) 385
中危 此应用可能包含硬编码机密信息
从应用程序中识别出以下机密确保这些不是机密或私人信息 "google_crash_reporting_api_key" : "AIzaSyBYySLoFCmOScrjuUv3maoQRs7V8zjwo9c" "google_api_key" : "AIzaSyBYySLoFCmOScrjuUv3maoQRs7V8zjwo9c" "firebase_database_url" : "https://calendar-65d50.firebaseio.com" no/ufQJVtMVT8QtPHRh8jrdkPSHCa2XV4cdFyQzR1bldZwgJcJmApzyMZFo6IQ6XU FFE391E0EA186D0734ED601E4E70E3224B7309D48E2075BAC46D8C667EAE7212 7fmduHKTdHHrlMvldlEqAIlSfii1tl35bxj1OXN5Ve8c4lU6URVu4xtSHc3BVZxS6WWJnxMDhIfQN0N0K2NDJg== nb3QgQ0EgMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALJ4gHHKeNXj 3BAF59A2E5331C30675FAB35FF5FFF0D116142D3D4664F1C3CB804068B40614F nVOujw5H5SNz/0egwLX0tdHA114gk957EWW67c4cX8jJGKLhD+rcdqsq08p8kDi1L ABi2fbt8vkzj7SJ8aD5jc4xJFTDFntdkMrYXL3itsvqY1QIw nAYYwHQYDVR0OBBYEFIQYzIU07LwMlJQuCFmcx7IQTgoIMA0GCSqGSIb3DQEBCwUA nMAkGA1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEZMBcGA1UEAxMQQW1hem9uIFJv nIFAGbHrQgLKm+a/sRxmPUDgH3KKHOVj4utWp+UhnMJbulHheb4mjUcAwhmahRWa6 nb24gUm9vdCBDQSAxMB4XDTE1MDUyNjAwMDAwMFoXDTM4MDExNzAwMDAwMFowOTEL n5MsI+yMRQ+hDKXJioaldXgjUkK642M4UwtBV8ob2xJNDd2ZhwLnoQdeXeGADbkpy VGhpcyBpcyB0aGUgcHJlZml4IGZvciBCaWdJbnRlZ2Vy nU5PMCCjjmCXPI6T53iHTfIUJrU6adTrCC2qJeHZERxhlbI1Bjjt/msv0tadQ1wUs nN+gDS63pYaACbvXy8MWy7Vu33PqUXHeeE6V/Uq2V8viTO96LXFvKWlJbYK8U90vv MIIDQTCCAimgAwIBAgITBmyfz5m/jAo54vB4ikPmljZbyjANBgkqhkiG9w0BAQsF nca9HgFB0fW7Y14h29Jlo91ghYPl0hAEvrAIthtOgQ3pOsqTQNroBvo3bSMgHFzZM E3F9E1E0CF99D0E56A055BA65E241B3399F7CEA524326B0CDD6EC1327ED0FDC1 nADA5MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6 FBA3AF4E7757D9016E953FB3EE4671CA2BD9AF725F9A53D52ED4A38EAAA08901 dZozdop5rgKNxjbrQAd5nntAGpgh9w84O1Xgg==
信息 应用程序记录日志信息,不得记录敏感信息
应用程序记录日志信息,不得记录敏感信息 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x05d-Testing-Data-Storage.md#logs Files: com/amplitude/api/AmplitudeClient.java, line(s) 1525 com/amplitude/api/AmplitudeLog.java, line(s) 31,38,49,60,71,78,82,93,100,107,114,121,128,135,142 com/amplitude/api/DatabaseHelper.java, line(s) 122,504,619 com/apphud/fluttersdk/handlers/HandlePurchasesHandler.java, line(s) 180 com/apphud/fluttersdk/handlers/MakePurchaseHandler.java, line(s) 294 com/apphud/sdk/ApphudLog.java, line(s) 44,77,61 com/appsflyer/AFLogger.java, line(s) 47,76,139,45,11,65,58 com/appsflyer/appsflyersdk/AppsflyerSdkPlugin.java, line(s) 170,623,643,648,768 com/appsflyer/internal/AFa1eSDK.java, line(s) 1576,1914,1924 com/appsflyer/internal/AFb1nSDK.java, line(s) 217,406 com/appsflyer/internal/AFb1sSDK.java, line(s) 42,47 com/appsflyer/internal/AFc1bSDK.java, line(s) 94,91,138,90,165 com/appsflyer/internal/AFd1fSDK.java, line(s) 92,105 com/appsflyer/internal/AFd1gSDK.java, line(s) 73,88 com/appsflyer/internal/AFd1hSDK.java, line(s) 61,68,72,103,119,135,150,174,189,204,223,239,257 com/appsflyer/internal/AFd1jSDK.java, line(s) 20 com/appsflyer/internal/AFd1lSDK.java, line(s) 36 com/appsflyer/internal/AFd1nSDK.java, line(s) 79 com/appsflyer/internal/AFd1oSDK.java, line(s) 135,137,148,153 com/appsflyer/internal/AFd1pSDK.java, line(s) 69,121 com/appsflyer/internal/AFd1rSDK.java, line(s) 78 com/appsflyer/internal/AFd1zSDK.java, line(s) 82,101,38 com/appsflyer/internal/AFe1pSDK.java, line(s) 30,31,34,75 com/appsflyer/internal/AFe1rSDK.java, line(s) 142,169 com/appsflyer/internal/AFf1hSDK.java, line(s) 180,329,170,183 com/appsflyer/share/LinkGenerator.java, line(s) 169 com/dexterous/flutterlocalnotifications/ActionBroadcastReceiver.java, line(s) 54,63 com/dexterous/flutterlocalnotifications/FlutterLocalNotificationsPlugin.java, line(s) 169,187 com/dexterous/flutterlocalnotifications/ScheduledNotificationReceiver.java, line(s) 29 com/tekartik/sqflite/Database.java, line(s) 96,112,206,291,355,383,465,475,543,129,492,568 com/tekartik/sqflite/SqflitePlugin.java, line(s) 279,285,296,316,321,359,375,401,416,432,457,466,436,461 com/tekartik/sqflite/Utils.java, line(s) 28 com/tekartik/sqflite/dev/Debug.java, line(s) 11 com/vk/api/sdk/auth/VKAuthManager.java, line(s) 124 com/vk/api/sdk/browser/WhiteListedBrowserHelper.java, line(s) 25 com/vk/api/sdk/internal/VKInitProvider.java, line(s) 54 com/vk/api/sdk/ui/VKWebViewAuthActivity.java, line(s) 281,301 com/vk/api/sdk/utils/log/DefaultApiLogger.java, line(s) 62,67,60,64 io/flutter/Log.java, line(s) 45,49,37,41,53,57 io/flutter/app/FlutterActivityDelegate.java, line(s) 329 io/flutter/embedding/android/FlutterActivity.java, line(s) 261,285,258,372,610,615 io/flutter/embedding/android/FlutterActivityAndFragmentDelegate.java, line(s) 161,193,221,231,244,263,282,305,350,359,377,387,397,411,433,437,465,475,485,500,510,523,249,364,469,479,494,504,514 io/flutter/embedding/android/FlutterFragment.java, line(s) 581,700,562,795,800 io/flutter/embedding/android/FlutterFragmentActivity.java, line(s) 178,202,175,245,263 io/flutter/embedding/android/FlutterImageView.java, line(s) 67 io/flutter/embedding/android/FlutterSplashView.java, line(s) 108,114,121,163 io/flutter/embedding/android/FlutterSurfaceView.java, line(s) 42,51,59,73,111,113,121,131,165,140,151 io/flutter/embedding/android/FlutterTextureView.java, line(s) 36,45,53,80,82,88,97,141,104,115 io/flutter/embedding/android/FlutterView.java, line(s) 807,130,216,280,335,390,423,425,428,431,457,467,511,533,623,639,783,786,789,832,834,909,914,1007 io/flutter/embedding/android/KeyboardManager.java, line(s) 125,137 io/flutter/embedding/engine/FlutterEngine.java, line(s) 107,170,189 io/flutter/embedding/engine/FlutterEngineConnectionRegistry.java, line(s) 248,265,284,298,313,327,341,355,392,451,486,61,74,71 io/flutter/embedding/engine/FlutterJNI.java, line(s) 317,658,153,161,169,498,507,516,532 io/flutter/embedding/engine/dart/DartExecutor.java, line(s) 53,58,77,92,72,87 io/flutter/embedding/engine/dart/DartMessenger.java, line(s) 248,322,169,179,214,222,241,253,290,309,313 io/flutter/embedding/engine/deferredcomponents/PlayStoreDeferredComponentManager.java, line(s) 56,60,64,68,72,99,108,112,116,87,147,175,192,236,316 io/flutter/embedding/engine/loader/FlutterLoader.java, line(s) 212,256 io/flutter/embedding/engine/loader/ResourceExtractor.java, line(s) 68,106 io/flutter/embedding/engine/plugins/shim/ShimPluginRegistry.java, line(s) 28 io/flutter/embedding/engine/plugins/shim/ShimRegistrar.java, line(s) 165,171,181,188,194,201 io/flutter/embedding/engine/plugins/util/GeneratedPluginRegister.java, line(s) 12,13 io/flutter/embedding/engine/renderer/FlutterRenderer.java, line(s) 87,95,182,223,257 io/flutter/embedding/engine/systemchannels/AccessibilityChannel.java, line(s) 41 io/flutter/embedding/engine/systemchannels/DeferredComponentChannel.java, line(s) 30 io/flutter/embedding/engine/systemchannels/KeyEventChannel.java, line(s) 65 io/flutter/embedding/engine/systemchannels/LifecycleChannel.java, line(s) 57 io/flutter/embedding/engine/systemchannels/LocalizationChannel.java, line(s) 58,61 io/flutter/embedding/engine/systemchannels/MouseCursorChannel.java, line(s) 28 io/flutter/embedding/engine/systemchannels/NavigationChannel.java, line(s) 29,34,39,46 io/flutter/embedding/engine/systemchannels/PlatformChannel.java, line(s) 64,286 io/flutter/embedding/engine/systemchannels/PlatformViewsChannel.java, line(s) 68 io/flutter/embedding/engine/systemchannels/RestorationChannel.java, line(s) 82 io/flutter/embedding/engine/systemchannels/SettingsChannel.java, line(s) 61 io/flutter/embedding/engine/systemchannels/SpellCheckChannel.java, line(s) 24,29 io/flutter/embedding/engine/systemchannels/SystemChannel.java, line(s) 17 io/flutter/embedding/engine/systemchannels/TextInputChannel.java, line(s) 59,247,252,257,267,272,277,282,287,292,297,302,307,342 io/flutter/plugin/common/BasicMessageChannel.java, line(s) 74,96 io/flutter/plugin/common/EventChannel.java, line(s) 79,87,101 io/flutter/plugin/common/MethodChannel.java, line(s) 80,112 io/flutter/plugin/editing/InputConnectionAdaptor.java, line(s) 182,201,233 io/flutter/plugin/editing/ListenableEditingState.java, line(s) 56,71,118,130,143,80,121 io/flutter/plugin/editing/TextEditingDelta.java, line(s) 84 io/flutter/plugin/editing/TextInputPlugin.java, line(s) 346,449 io/flutter/plugin/platform/PlatformPlugin.java, line(s) 369 io/flutter/plugin/platform/PlatformViewWrapper.java, line(s) 104,193,195,199 io/flutter/plugin/platform/PlatformViewsController.java, line(s) 113,148,166,189,224,229,247,255,267,275,774,319,324,351,467 io/flutter/plugin/platform/SingleViewPresentation.java, line(s) 89,286,295,303,314 io/flutter/plugins/GeneratedPluginRegistrant.java, line(s) 41,46,51,56,61,66,71,76,81,86,91,96,101,106,111,116,121,126,131,136,141,146,151,156,161,166,171,176,181 io/flutter/plugins/deviceinfo/DeviceInfoPlugin.java, line(s) 32,35 io/flutter/plugins/firebase/crashlytics/FlutterFirebaseCrashlyticsPlugin.java, line(s) 445 io/flutter/plugins/firebase/firebaseremoteconfig/FirebaseRemoteConfigPlugin.java, line(s) 93 io/flutter/plugins/googlemobileads/FluidAdManagerBannerAd.java, line(s) 59 io/flutter/plugins/googlemobileads/FlutterAdManagerInterstitialAd.java, line(s) 51,53,64 io/flutter/plugins/googlemobileads/FlutterAppOpenAd.java, line(s) 55,74,72,85 io/flutter/plugins/googlemobileads/FlutterInterstitialAd.java, line(s) 53,55,66 io/flutter/plugins/googlemobileads/FlutterNativeAd.java, line(s) 166 io/flutter/plugins/googlemobileads/FlutterRewardedAd.java, line(s) 84,100,102,114,138 io/flutter/plugins/googlemobileads/FlutterRewardedInterstitialAd.java, line(s) 57,73,75,87,111 io/flutter/plugins/googlemobileads/GoogleMobileAdsPlugin.java, line(s) 116,226,452,458 io/flutter/plugins/googlemobileads/GoogleMobileAdsViewFactory.java, line(s) 53 io/flutter/plugins/googlemobileads/nativetemplates/FlutterNativeTemplateFontStyle.java, line(s) 15 io/flutter/plugins/googlemobileads/nativetemplates/FlutterNativeTemplateType.java, line(s) 23 io/flutter/plugins/googlemobileads/usermessagingplatform/UserMessagingPlatformManager.java, line(s) 154 io/flutter/plugins/imagepicker/ExifDataCopier.java, line(s) 16 io/flutter/plugins/imagepicker/FileUtils.java, line(s) 25 io/flutter/plugins/imagepicker/ImageResizer.java, line(s) 145 io/flutter/plugins/pathprovider/PathProviderPlugin.java, line(s) 22 io/flutter/plugins/sharedpreferences/SharedPreferencesPlugin.java, line(s) 50 io/flutter/plugins/urllauncher/UrlLauncherPlugin.java, line(s) 28,39,49 io/flutter/view/AccessibilityBridge.java, line(s) 892 io/flutter/view/AccessibilityViewEmbedder.java, line(s) 293,299,306,313,326,355,358,372,374,381,384,387,400,402,410,441,444 io/flutter/view/FlutterNativeView.java, line(s) 140,52 io/flutter/view/FlutterView.java, line(s) 647,252
信息 此应用程序将数据复制到剪贴板。敏感数据不应复制到剪贴板,因为其他应用程序可以访问它
此应用程序将数据复制到剪贴板。敏感数据不应复制到剪贴板,因为其他应用程序可以访问它 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x04b-Mobile-App-Security-Testing.md#clipboard Files: com/amplitude/eventexplorer/EventExplorerInfoActivity.java, line(s) 5,61 io/flutter/plugin/editing/InputConnectionAdaptor.java, line(s) 4,354,363 io/flutter/plugin/platform/PlatformPlugin.java, line(s) 7,377
安全 此应用程序使用SSL Pinning 来检测或防止安全通信通道中的MITM攻击
此应用程序使用SSL Pinning 来检测或防止安全通信通道中的MITM攻击 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x05g-Testing-Network-Communication.md#testing-custom-certificate-stores-and-certificate-pinning-mstg-network-4 Files: com/amplitude/api/PinnedAmplitudeClient.java, line(s) 77,148,72,66,66,137,137 org/jsoup/helper/HttpConnection.java, line(s) 1153,1094