导航菜单
登录 注册

应用安全检测报告

应用安全检测报告,支持文件搜索、内容检索和AI代码分析

移动应用安全检测报告

应用图标

SonicAid v2.3.9

Android APK dfc0510a...
85
安全评分

安全基线评分

85/100

安全

综合风险等级

风险等级评定
  1. A
  2. B
  3. C
  4. F

应用安全状况良好,可正常使用

漏洞与安全项分布

0 高危
2 中危
3 信息
2 安全

隐私风险评估

0
第三方跟踪器

隐私安全
未检测到第三方跟踪器


检测结果分布

高危安全漏洞 0
中危安全漏洞 2
安全提示信息 3
已通过安全项 2
重点安全关注 0

中危安全漏洞 应用数据存在泄露风险 

未设置[android:allowBackup]标志
建议将 [android:allowBackup] 显式设置为 false。默认值为 true,允许通过 adb 工具备份应用数据,存在数据泄露风险。

中危安全漏洞 应用程序可以读取/写入外部存储器,任何应用程序都可以读取写入外部存储器的数据 

应用程序可以读取/写入外部存储器,任何应用程序都可以读取写入外部存储器的数据
https://github.com/OWASP/owasp-mstg/blob/master/Document/0x05d-Testing-Data-Storage.md#external-storage

Files:
org/qtproject/qt/android/multimedia/QtMultimediaUtils.java, line(s) 71,73

安全提示信息 应用程序记录日志信息,不得记录敏感信息 

应用程序记录日志信息,不得记录敏感信息
https://github.com/OWASP/owasp-mstg/blob/master/Document/0x05d-Testing-Data-Storage.md#logs

Files:
org/qtproject/qt/android/CursorHandle.java, line(s) 66
org/qtproject/qt/android/EditPopupMenu.java, line(s) 66
org/qtproject/qt/android/ExtractStyle.java, line(s) 123,129,805,214
org/qtproject/qt/android/QtAccessibilityDelegate.java, line(s) 309,310,311,313,81,112,229,234,242,250,263,290,301,364
org/qtproject/qt/android/QtActivityDelegate.java, line(s) 530,285,344
org/qtproject/qt/android/QtActivityLoader.java, line(s) 91,69,78
org/qtproject/qt/android/QtClipboardManager.java, line(s) 106,122,164,192
org/qtproject/qt/android/QtEmbeddedDelegate.java, line(s) 201
org/qtproject/qt/android/QtInputConnection.java, line(s) 48,66
org/qtproject/qt/android/QtInputDelegate.java, line(s) 331
org/qtproject/qt/android/QtLoader.java, line(s) 121,127,133,136,174,210,219,222,299,322,326,333,345,350,313,291
org/qtproject/qt/android/QtMessageDialogHelper.java, line(s) 120
org/qtproject/qt/android/QtNative.java, line(s) 181,193,210,377,424,204
org/qtproject/qt/android/QtQuickView.java, line(s) 102
org/qtproject/qt/android/QtQuickViewContent.java, line(s) 71,80,89,100
org/qtproject/qt/android/QtServiceBase.java, line(s) 13,23,27
org/qtproject/qt/android/QtView.java, line(s) 113
org/qtproject/qt/android/bluetooth/QtBluetoothBroadcastReceiver.java, line(s) 46,57,64,72,81,89,96,121
org/qtproject/qt/android/bluetooth/QtBluetoothInputStreamThread.java, line(s) 40,48
org/qtproject/qt/android/bluetooth/QtBluetoothLE.java, line(s) 215,319,323,327,336,430,491,505,557,768,861,1044,1087,1096,1101,1191,117,118,119,315,351,358,365,407,420,429,442,450,458,462,466,480,490,514,521,525,538,541,549,560,583,593,605,608,621,626,632,783,787,796,799,802,837,843,850,853,854,864,881,892,903,926,949,970,991,1012,1099,1109,1177,1189,1258,1285
org/qtproject/qt/android/bluetooth/QtBluetoothLEServer.java, line(s) 358,109,125,93,189,296,302,308,310,316,320,334,346,355,374,381,388,398,401,419,422,436,447,456,459,466,474,487,490,549,573,580,584,587,598,603,610,651,656,663,685,693
org/qtproject/qt/android/bluetooth/QtBluetoothSocketServer.java, line(s) 56,61,71,75,80,87,90,107
org/qtproject/qt/android/multimedia/QtAndroidMediaPlayer.java, line(s) 482,494,506,652,260,272,285,296,307,320,341,363,398,457,464,488,500,514,520,532,544,571,633
org/qtproject/qt/android/multimedia/QtAudioDeviceManager.java, line(s) 191
org/qtproject/qt/android/multimedia/QtCamera2.java, line(s) 190,196,449,158,262,323,369,395,440,474,483,492,503,519
org/qtproject/qt/android/multimedia/QtExifDataHandler.java, line(s) 40,43
org/qtproject/qt/android/multimedia/QtMultimediaUtils.java, line(s) 112
org/sinemed/ultrasound/MyActivity.java, line(s) 42,85
org/sinemed/ultrasound/SystemUtil.java, line(s) 64,152
org/sinemed/ultrasound/WifiUtil.java, line(s) 45,54,64

安全提示信息 此应用侦听剪贴板更改。一些恶意软件也会监听剪贴板更改 

此应用侦听剪贴板更改。一些恶意软件也会监听剪贴板更改
https://github.com/OWASP/owasp-mstg/blob/master/Document/0x04b-Mobile-App-Security-Testing.md#clipboard

Files:
org/qtproject/qt/android/QtClipboardManager.java, line(s) 47,5

安全提示信息 此应用程序将数据复制到剪贴板。敏感数据不应复制到剪贴板,因为其他应用程序可以访问它 

此应用程序将数据复制到剪贴板。敏感数据不应复制到剪贴板,因为其他应用程序可以访问它
https://github.com/OWASP/owasp-mstg/blob/master/Document/0x04b-Mobile-App-Security-Testing.md#clipboard

Files:
org/qtproject/qt/android/QtClipboardManager.java, line(s) 5,116,118
org/qtproject/qt/android/QtMessageDialogHelper.java, line(s) 7,277

已通过安全项 此应用程序使用SSL Pinning 来检测或防止安全通信通道中的MITM攻击 

此应用程序使用SSL Pinning 来检测或防止安全通信通道中的MITM攻击
https://github.com/OWASP/owasp-mstg/blob/master/Document/0x05g-Testing-Network-Communication.md#testing-custom-certificate-stores-and-certificate-pinning-mstg-network-4

Files:
org/qtproject/qt/android/QtNative.java, line(s) 416,415,414,414

已通过安全项 此应用程序没有隐私跟踪程序 

此应用程序不包括任何用户或设备跟踪器。在静态分析期间没有找到任何跟踪器。

综合安全基线评分总结

应用图标

SonicAid v2.3.9

Android APK
85
综合安全评分
低风险