安全分析报告: VSM FAST NET v1.0

安全分数


安全分数 40/100

风险评级


等级

  1. A
  2. B
  3. C
  4. F

严重性分布 (%)


隐私风险

0

用户/设备跟踪器


调研结果

高危 7
中危 22
信息 3
安全 1
关注 0

高危 Activity (com.technore.tunnel.activities.SplashActivity) is vulnerable to StrandHogg 2.0 

已发现活动存在 StrandHogg 2.0 栈劫持漏洞的风险。漏洞利用时,其他应用程序可以将恶意活动放置在易受攻击的应用程序的活动栈顶部,从而使应用程序成为网络钓鱼攻击的易受攻击目标。可以通过将启动模式属性设置为“singleInstance”并设置空 taskAffinity (taskAffinity="") 来修复此漏洞。您还可以将应用的目标 SDK 版本 (27) 更新到 29 或更高版本以在平台级别修复此问题。

高危 Activity (com.technore.tunnel.activities.OpenVPNClient) is vulnerable to StrandHogg 2.0 

已发现活动存在 StrandHogg 2.0 栈劫持漏洞的风险。漏洞利用时,其他应用程序可以将恶意活动放置在易受攻击的应用程序的活动栈顶部,从而使应用程序成为网络钓鱼攻击的易受攻击目标。可以通过将启动模式属性设置为“singleInstance”并设置空 taskAffinity (taskAffinity="") 来修复此漏洞。您还可以将应用的目标 SDK 版本 (27) 更新到 29 或更高版本以在平台级别修复此问题。

高危 Activity (com.technore.tunnel.activities.ExceptionActivity) is vulnerable to StrandHogg 2.0 

已发现活动存在 StrandHogg 2.0 栈劫持漏洞的风险。漏洞利用时,其他应用程序可以将恶意活动放置在易受攻击的应用程序的活动栈顶部,从而使应用程序成为网络钓鱼攻击的易受攻击目标。可以通过将启动模式属性设置为“singleInstance”并设置空 taskAffinity (taskAffinity="") 来修复此漏洞。您还可以将应用的目标 SDK 版本 (27) 更新到 29 或更高版本以在平台级别修复此问题。

高危 Activity (com.applisto.appcloner.classes.DefaultProvider$MyActivity) is vulnerable to StrandHogg 2.0 

已发现活动存在 StrandHogg 2.0 栈劫持漏洞的风险。漏洞利用时,其他应用程序可以将恶意活动放置在易受攻击的应用程序的活动栈顶部,从而使应用程序成为网络钓鱼攻击的易受攻击目标。可以通过将启动模式属性设置为“singleInstance”并设置空 taskAffinity (taskAffinity="") 来修复此漏洞。您还可以将应用的目标 SDK 版本 (27) 更新到 29 或更高版本以在平台级别修复此问题。

高危 启用了调试配置。生产版本不能是可调试的 

启用了调试配置。生产版本不能是可调试的
https://github.com/MobSF/owasp-mstg/blob/master/Document/0x04c-Tampering-and-Reverse-Engineering.md#debugging-and-tracing

Files:
andhook/lib/BuildConfig.java, line(s) 2,5
com/applisto/appcloner/classes/BuildConfig.java, line(s) 2,5

高危 默认情况下,调用Cipher.getInstance("AES")将返回AES ECB模式。众所周知,ECB模式很弱,因为它导致相同明文块的密文相同 

默认情况下,调用Cipher.getInstance("AES")将返回AES ECB模式。众所周知,ECB模式很弱,因为它导致相同明文块的密文相同
https://github.com/MobSF/owasp-mstg/blob/master/Document/0x04g-Testing-Cryptography.md#weak-block-cipher-mode

Files:
com/applisto/appcloner/classes/util/SimpleCrypt.java, line(s) 55

高危 使用弱加密算法 

使用弱加密算法
https://github.com/MobSF/owasp-mstg/blob/master/Document/0x04g-Testing-Cryptography.md#identifying-insecure-andor-deprecated-cryptographic-algorithms-mstg-crypto-4

Files:
v5/a.java, line(s) 556,616

中危 应用程序存在Janus漏洞 

应用程序使用了v1签名方案进行签名,如果只使用v1签名方案,那么它就容易受到安卓5.0-8.0上的Janus漏洞的攻击。在安卓5.0-7.0上运行的使用了v1签名方案的应用程序,以及同时使用了v2/v3签名方案的应用程序也同样存在漏洞。

中危 应用程序可以安装在有漏洞的已更新 Android 版本上 

Android 5.0-5.0.2, [minSdk=21]
该应用程序可以安装在具有多个未修复漏洞的旧版本 Android 上。这些设备不会从 Google 接收合理的安全更新。支持 Android 版本 => 10、API 29 以接收合理的安全更新。

中危 应用程序已启用明文网络流量 

[android:usesCleartextTraffic=true]
应用程序打算使用明文网络流量,例如明文HTTP,FTP协议,DownloadManager和MediaPlayer。针对API级别27或更低的应用程序,默认值为“true”。针对API级别28或更高的应用程序,默认值为“false”。避免使用明文流量的主要原因是缺乏机密性,真实性和防篡改保护;网络攻击者可以窃听传输的数据,并且可以在不被检测到的情况下修改它。

中危 Activity (com.technore.tunnel.activities.OpenVPNClient) 未被保护。 

[android:exported=true]
发现 Activity与设备上的其他应用程序共享,因此使其对设备上的任何其他应用程序都可访问。

中危 Activity (com.technore.tunnel.activities.ExceptionActivity) 未被保护。 

[android:exported=true]
发现 Activity与设备上的其他应用程序共享,因此使其对设备上的任何其他应用程序都可访问。

中危 Service (com.technore.tunnel.service.UDPService) 受权限保护, 但是应该检查权限的保护级别。 

Permission: android.permission.BIND_VPN_SERVICE [android:exported=true]
发现一个 Service被共享给了设备上的其他应用程序,因此让它可以被设备上的任何其他应用程序访问。它受到一个在分析的应用程序中没有定义的权限的保护。因此,应该在定义它的地方检查权限的保护级别。如果它被设置为普通或危险,一个恶意应用程序可以请求并获得这个权限,并与该组件交互。如果它被设置为签名,只有使用相同证书签名的应用程序才能获得这个权限。

中危 Service (com.technore.tunnel.service.VPNService) 受权限保护, 但是应该检查权限的保护级别。 

Permission: android.permission.BIND_VPN_SERVICE [android:exported=true]
发现一个 Service被共享给了设备上的其他应用程序,因此让它可以被设备上的任何其他应用程序访问。它受到一个在分析的应用程序中没有定义的权限的保护。因此,应该在定义它的地方检查权限的保护级别。如果它被设置为普通或危险,一个恶意应用程序可以请求并获得这个权限,并与该组件交互。如果它被设置为签名,只有使用相同证书签名的应用程序才能获得这个权限。

中危 Service (com.technore.tunnel.service.InjectorService) 未被保护。 

[android:exported=true]
发现 Service与设备上的其他应用程序共享,因此使其对设备上的任何其他应用程序都可访问。

中危 Service (androidx.work.impl.background.systemjob.SystemJobService) 受权限保护, 但是应该检查权限的保护级别。 

Permission: android.permission.BIND_JOB_SERVICE [android:exported=true]
发现一个 Service被共享给了设备上的其他应用程序,因此让它可以被设备上的任何其他应用程序访问。它受到一个在分析的应用程序中没有定义的权限的保护。因此,应该在定义它的地方检查权限的保护级别。如果它被设置为普通或危险,一个恶意应用程序可以请求并获得这个权限,并与该组件交互。如果它被设置为签名,只有使用相同证书签名的应用程序才能获得这个权限。

中危 Broadcast Receiver (androidx.work.impl.diagnostics.DiagnosticsReceiver) 受权限保护, 但是应该检查权限的保护级别。 

Permission: android.permission.DUMP [android:exported=true]
发现一个 Broadcast Receiver被共享给了设备上的其他应用程序,因此让它可以被设备上的任何其他应用程序访问。它受到一个在分析的应用程序中没有定义的权限的保护。因此,应该在定义它的地方检查权限的保护级别。如果它被设置为普通或危险,一个恶意应用程序可以请求并获得这个权限,并与该组件交互。如果它被设置为签名,只有使用相同证书签名的应用程序才能获得这个权限。

中危 Content Provider (com.applisto.appcloner.classes.DefaultProvider) 未被保护。 

[android:exported=true]
发现 Content Provider与设备上的其他应用程序共享,因此使其对设备上的任何其他应用程序都可访问。

中危 Service (com.applisto.appcloner.service.RemoteService) 未被保护。 

[android:exported=true]
发现 Service与设备上的其他应用程序共享,因此使其对设备上的任何其他应用程序都可访问。

中危 Broadcast Receiver (com.applisto.appcloner.classes.DefaultProvider$DefaultReceiver) 未被保护。 

[android:exported=true]
发现 Broadcast Receiver与设备上的其他应用程序共享,因此使其对设备上的任何其他应用程序都可访问。

中危 Activity (com.applisto.appcloner.classes.DefaultProvider$MyActivity) 未被保护。 

[android:exported=true]
发现 Activity与设备上的其他应用程序共享,因此使其对设备上的任何其他应用程序都可访问。

中危 应用程序可以读取/写入外部存储器,任何应用程序都可以读取写入外部存储器的数据 

应用程序可以读取/写入外部存储器,任何应用程序都可以读取写入外部存储器的数据
https://github.com/MobSF/owasp-mstg/blob/master/Document/0x05d-Testing-Data-Storage.md#external-storage

Files:
com/applisto/appcloner/classes/BundleObb.java, line(s) 92
q1/a.java, line(s) 105

中危 MD5是已知存在哈希冲突的弱哈希 

MD5是已知存在哈希冲突的弱哈希
https://github.com/MobSF/owasp-mstg/blob/master/Document/0x04g-Testing-Cryptography.md#identifying-insecure-andor-deprecated-cryptographic-algorithms-mstg-crypto-4

Files:
andhook/lib/xposed/XposedHelpers.java, line(s) 1090
v5/a.java, line(s) 26,573

中危 应用程序使用不安全的随机数生成器 

应用程序使用不安全的随机数生成器
https://github.com/MobSF/owasp-mstg/blob/master/Document/0x04g-Testing-Cryptography.md#weak-random-number-generators

Files:
com/technore/tunnel/activities/OpenVPNClient.java, line(s) 49
com/technore/tunnel/service/InjectorService.java, line(s) 28
q5/f.java, line(s) 12

中危 SHA-1是已知存在哈希冲突的弱哈希 

SHA-1是已知存在哈希冲突的弱哈希
https://github.com/MobSF/owasp-mstg/blob/master/Document/0x04g-Testing-Cryptography.md#identifying-insecure-andor-deprecated-cryptographic-algorithms-mstg-crypto-4

Files:
m1/m.java, line(s) 72
v5/a.java, line(s) 505

中危 应用程序使用SQLite数据库并执行原始SQL查询。原始SQL查询中不受信任的用户输入可能会导致SQL注入。敏感信息也应加密并写入数据库 

应用程序使用SQLite数据库并执行原始SQL查询。原始SQL查询中不受信任的用户输入可能会导致SQL注入。敏感信息也应加密并写入数据库
https://github.com/MobSF/owasp-mstg/blob/master/Document/0x04h-Testing-Code-Quality.md#injection-flaws-mstg-arch-2-and-mstg-platform-2

Files:
o0/e.java, line(s) 5,251
s0/c.java, line(s) 6,7,8,219

中危 应用程序创建临时文件。敏感信息永远不应该被写进临时文件 

应用程序创建临时文件。敏感信息永远不应该被写进临时文件


Files:
com/applisto/appcloner/classes/Utils.java, line(s) 424
o0/i.java, line(s) 33

中危 IP地址泄露 

IP地址泄露


Files:
com/applisto/appcloner/classes/HostsBlocker.java, line(s) 148

中危 此应用可能包含硬编码机密信息 

从应用程序中识别出以下机密确保这些不是机密或私人信息
xx3Dqkf5ozzZAMepRKbves4FmqxEraJr1hOYu0Sqo3LfGYiwR6ziLsoI1bkD8up2nVGDv1f1tXbJ
hxpdRa1ur4e6GVYXoDXh6LkaS1L0KfzopwBfR7sy+62wWw9ksSWvvLwQD3GVEa+uuwcPWrsy6uiw
nfL7dvi6D8VV9u97GL5HfJUyr88J4muc+SbfhzhGf3yV8qd7FA42sHE67h/cDjqxReav14CWT9SZ1
1x1AiLkoPfeAEESYpXs16IdSEIilOjbokU4Qnbk+dPaRTl+BvTI649RJX82qLTvtkB10o5h7JuGH
nHnBVfyvNFQFwECwRYsEGOVQcDxtjwTsBZhwZA2PBLAVgbxwLY/EFGFAcSwJAtz8iWSpPMVbEDRF5
nsbEn4DiwoP2i7DDyK42h4dbNEfwtsZTcv7lv8wWdoeyw1i7zBaeW49bND/8XwZTzn8Eh8iuRkuCh
nJu5ekaLzpOcR5Tisq/mxzSfjXrjI5aP4Gv0WzZfmouQH4juBtfqe8zLyLZqg5ouxJ+4HtJ7zpNkl
nxi2c9SZfj873MJHZHH25h8oRn98gSITuvm+Q9gx9uIfwD5raJnm7wbMmnPVQeav06BGarBx4tuTG
n5cgy1k4ASf3A5cAFuJXKKaF9KpBPgDvM7KP4g1oIIGkCMADcBJwb2p8KOMvMPoUaCCBpALgfmBba
qdCwXB0XFobrkfUGSBcWhuuR9QZIF1DYteCiSQxSUcmitQ==
DFfsfsoGDisBV/M1kAwbMwELrzPREQhtJnfxNdA1PQ08XfMm1wAICgFM5CLQAgE=
n7im7pfKN+BTuB7SQ86PJeOY6s6XvoNIU7iuvle+wyRH8LbSg8Y/Ba+NdkZDusrkT8iySoPOl7xHm
H1KUTokLp1sdUJxNyBHlGA5YlF+YD+NbGzc=
JroogcuZ4FMGuiiBy5OOPHrZQe7B+oQ/Y8JP6rX6hTcMuiiBy5ngUwa6KIHr
nxmuMyiZEq/XgEZ71UHyPhPQhtc8lFbqH8xSR3gN83dm2b7KkUmOK7N8lvsUzT6rcvhCN9l1Kqt++
c103703e120ae8cc73c9248622f3cd1e
nqhOx1A5aN8GgCaDSG0Rlw7sOqdVDGA==
SEz3Wbn5nOUpSv8M+bGf4npY+VT09JPiKUr/DLb50vBnHvlCoPmV9Hs=
naz2vu+MAfIBmNr7y9BAyyXFzpfTkATLMazit9+5Vdc9rPa+74xoyxmM6pLU=
nqeGwziKEAMTe2YPCNdJWtrnVqbIt0TqFkuSxziHiOcST45C1CO84uL7ni7AP5l2zpfKNsSruLsC0
nFaTuUniD0bAPuNYGYoL9tA+41x5igu7SD67tN2SUxtFxru03aarFsRWzpVJ4gMWxFrDMU2KC/NMP
fyZSKR7SpqpuLUQ2GMix7XEmGAs+6JbbUAdiEjfygcVKAXkVIg==
dBggRaHpAG9hGCJHoe0HPHEeIkbo40lsYB4qSe3h
nvtzwD4XLKkq08OMSga8hTKra4ynk2lJlt+eyBozKJne4h/8WkPRdTLnRsziMyipOt9vFLpD3Nkq7
n3NUkjdxQHbfwyRSQ9xx5t97GIZHZLRW/48EUjdo2ebfy3SSNyi18pfTGEZP1JQa6hOMhjMhdfqv1
cJigNDhZf+lSjqA0Ll16/RebtX0mWWqwF5i5ZD5FLu5SjKFxOUhi9VmY
nJUKm3ugRgq8iaaPcsxGf2i5Kt4fKIZHZUUq24d0uhcsqRLfa4yOCyiF8pfHsEYXLXUe4h84Rn98m
n4EPbNtXMNgNzgO0pJjfLc54Q9QnnUoOaUIYAPh3VtjxGkQhzM+wXdSDCxzgR/iipbLkIXQNuy2sY
r+fbCMOLEiWT+sgbwYMbYMbm30nfgwV2kebfDY4=
ndbnhySLn8lUCgdLFNbGkJ2WN+LUtssgUTrzgySGBy1VPu8GyCIzKKWK/2rcPha8iearctiqN3FFo
08W1lemfJ2Pexares5Uye96Z9trtk2pOyN69yfObKEjV2KzS+5MnasTPiMnyjC1v1dg=
wVnDPHVcBkugUNIpYw4HWOwVyyhyFElJ8lrcNGIZGxnuVMc4JhIGTaBGzyk=
nv/Ol7xH6BY2z57HOJ+0pu5b4i7Eo7ge0nvOlwSHyK8Ch7NbwJONevKD9pcER8Ae3s+aj43LvOLOY
n3i2e9C0eod3KdoatXXm74vQ4g99dfLzfxSua2CZuufHOeI32AEy82tUtkd8LfKPg9ySNrC54t/C2
n2yp5qt7GIZHZAE648LcRn98gYoL89Q+41h5igv7DD7jWIGKC/f0PuNcwYoLu3w+41jBigu7fD7jX
MIS3HOfXaI49hKhXvd19lj3Y9FPj2yWjK5+/QP3TZ6U2ma5b9dtohyeOikD8xGKCNpk=
fy9A3LXj+Il8OgPMp+PnlT8+T86h8fqedj0=
f1gLio+1JaB5RhbCj6587m5RE5qIs22nFg==
9Tlsic8uXG72LC+bwSxfavQ=
nUGKUxtQtru03TKrFsRWk7lJ4nNWxFbrQUnuK57APuNcKYoLu8Q+411Nigv23D67tN3qUxtFxru03
njMomRKv14BGd5CF8qd7GeYzxKk688rN4hcghG77atieN9SVCq/XOKZ3PJl+p2+wRhNhdT7vOxi+R
dxQDVYfSkVpRDUAbwvWKWQQAA0KLzowcVgQRQ4fSlllAQQJPwtWKWQQCDF+Hz5YcUwATFpHUgV9B
HBE/AVPZOw4YACUbS986BQwINg==
mGFDHOVqWESNfU0K5mxTCK41Ag==
nKUGq3793kd8LfL7wtimBryF8pfTDJb7FT0Xe8bJ35NQAWt3X3XmQ9F1Ft+O+IYCsEEephNEQg/Zd
nH9vycmdDWYUH6LkmMxcH+UakuW98RUCAU6ahPGgsC9NGpLlwelVflgimoTwxA1jRbKS7YT8sC9NE
nWBf88wCExg5SFrKNAM2PVgxz54Qq
nibUE+gXBvuezzgHlK7uw8Z+0J/ItmqD41vgV7z20nvOlwSHyKrOl76DSFO4rltr4i7Eo7ge0nvOj
nuYa+I5D0XUy50bICgqwXYqDxxRSB5SVMq/LjI4LbVHyl9MY4gvEqf7nnshiM3FBbudroD4XLAE+q
uRl/QRzAsHGMGGoNWeiPXd4FYgYX0apz3gRuEAzdt2DeEHkOFJiLZJsYXTE3mKd7jBMrBxbK5HWS
nlaUyxke8j0Gcun2MR77LAo6lZoFL8oQRj799gFX7yxWU9nuAQL6eBJW1d85FvYUPnrVmh0m8ywOX
AuG5erALvncB9Pp+rxq2YAHhuza8C6o=
m81A9IieIEf0yU3ou68KVLLUS/OtpgsQ
ns+PVwiviXbTD7rDGKfIskqDzpe8R5wTMn+GLsRDiB7Se86XBIfIqsMn4ndok7ji8oP2lwRHwB7ey
X43GpfzHWu5cmIWi9NBQ7kbBzK3owVjlXInLsA==
n7R6HJSw/ACe1GtoxIkkyEOUdxjAicw09pBeJLGdrFTG3ENpr
XsB8I7qBjxVS1WIpoYyVAULXZDmykJM=
nJTQIEOcbOFRkDxYr42U6RyQ3AmX0Jgl+Hx8cd8gOBXYfLBNlwQ0AHBA5IWbBbR1XGQ8DZMErAXEf
nSbfxzhGf3yVApt7FMrXlFF2r8v8Qg6wpfKX0wyW+xV0CqtzzJIHbAEy0wbNwjdsqearevyWc9Sl8
EVDZcrzuY2gLWtljquNnbAxM2WO45nxlHl2VZw==
e9pblF3rEuZ4mXePSPYa/iqbbIhB8V3kKI5xjkDsdw==
nEhNvwjsjQjUTO2a5K3hxHCkhZ4odCXwfHwNisDpwRD9NOljFEw12BU5mTbgNC30tATYO1xAiXDg9
n5Tisq/mxzSfjXrjI5aP4Gv0WzZfmouQH4juBtfqe8zLyLZqg5ouxJ+4HtJ7zpNkl8iiBg+Wf7xHm
nHHu35MYvtc8mb7aEyRiB9SVCq/PRLZPJCHmn874UhMgDFbnl5Dac5xxlvNrCd4XkXF+lzsYhkdlR
n00Tx60N+RFuARL67OWAKIdNGpv9zZEh0ngT06D4pBg6ASo67PDFUTocU/bkmMwNY32ykuz5hQ1+B
nR1YyY3k5UGJteHBibVV0VlhCawpZWFJsTDIxaGFXNHZZWEJ3Y3c9PQ==
1ZG7DA8oO0blvM8ySh0tWr2EgThdFyBNvfTffEAKaUX8sYouAQ==
YSvY5lUh81VibfT7GwjqVyxdy8cbdLpxaSCR
xYT48E8ECLCh5/WeJxQZvq7glpw2A2DaxYT4
8i9wTgd8HmH/L28FXXYLef9zMwEDcFNM6TR4Eh14EUr0MmkJFXAeaOUlXg8dfxRu5DJ8FBp2Ew==
H0WySyEbPQoSRa0AexEoEhIZ8QQlF3AxPWaLKRAw
VD3P7GuKQAVJIMKnfJEcFFUr2q12gQ==
nGU7aFSBFPjYTcMUeCmIcPDV4sB0FehoyE07HHkJyED5mF9UKIQESTSJ78DgsfA0BKHSyGTF6Lwpq
qDrEWiM8w2aDJsROJTnLfoc3iGpy
tdrQQBzQ5Ku4hZhYF9Tm8eaSj0Md0q698ZOPFQ==
paGjj8FG7KOlv7fT4ED85KKmpJzaRufj6r2imdtM7cSprqCY/Uby6Lc=
2LRaSvHunB3v+19H572XUvW+W0v0vZlS9L0PVPq7hhe7
nL5HbAHiq2v8kkPAiSLuHyROQ8VV4uPPoJIzLE2K6h9EQgqwTfKnexjmE2CJvu4TFK4GvJR+24cEp
nY6ZzdaYvyJdkomI65zrExXKrf3WoauDZY7VyOuMnhdR4qWN78iWF1HiqN3WmLsDEcqlhdeo8wNN4
nAMTA2IC0a+NemanvsMoQ7y7Bh+GL7w/mOZGT8o3SJ+JeuKDxj8Fz7ymnlfOk5xH6Oa+l47HrD+Fe
BWHVZWqZ43AjWtUxPpPjSmZE8isvmPkDY14=
n4LYng8ohfKXz6zCR2Rx9uYfKEZ/fIEiE7r5vkPcMfbTh0S6Q9zZKu4fKD5zlUEirzsYhkdkATrjw
nD9s3g77ardUPzR+mtcyX0yXNH6PA8pS2Fd4iw6TEqrYV2CLDp9SQtw/bJqW+2q23D9s42r7ardkR
nAP7xsB0qOvNGAL+5kIrOvBGghKD60AgQmEYAONDD9oSiM98ndOlrwNdAPL4fjn7G/UKyedoX+C60
w+qYSbsXphPkv780rQq3F+Wl1g==
MMjnJGUHtqoUyfUgKQi9+FmLvChmCreqCtb0JmAIu+8dirErbAu2qgmU4Q==
h8nSgCTMFySKyc3LfsYCPIqVkc8gwFoIreH6/QQ=
hKpM3bK0pfez5UnQpOeuuKmgTdy356C4qKMZw7nhv/3n
gXtCNevF1JqMe11+sc/BgownAUjL4eWmvUdqScnp9Le9R3tS3Ovu
n8g8nVm0ZZ2nhLQFKOEAQZ8oxEGVtE3lur28tBTZIZHTHEiFabh8qY9cNOHVXTyAOsh8xYhENIRjP
n7j8xaRYAJBC4FSNZKgtibPk/cGMpOSpYsi0sUBxFbyutcWUecD0cZaAfDWEJMRRowx0cdnBVfwyt
1iDIUMSp44LLINBCyK/tmcc101TCr+GS1g==
3HgvEvXVkuTreTQT4NWmy8oqDhj1g4f3uUMNR6c=
xHQHno3Y9f3xdRLSyPDK0aN4Fsycyefx4HoH28jS5On2fgDKyMbz9+47PM6NztfIzTsQ0ZrF
8S+TIUWCc/LFD+NiXoRv8scfpmU=
njY7OJr0mLOpwiHpt4BgUi6Q3PCZi8h1SSjpR0vaM9LxEkHSMh69dMRHz7agGfUSIhqhzKG50dHiJ
no9yza4zKJkSr9eARneQhfKnexnmM8SpOvPKzeIXIIRu+2rYnjfUlQqv1zimdzyZfvc7oEYTbKkS0
nEWYD347Bz/VmtmYM96cSWoCWRCLMJVsE38naNXQ+k30gdExyI+kVj3Z1fpu0Jssdnp1GWxEkHSTp
u3Q1M3LWtaW9ciskAabQpcsDXjMHoM6yuXknXQiisbjXYSlSGdKwuM8L
nZWtL6D4gxleEjTgRsiZreZ8nNC9qRwx6BC0WIWuyNpCzY/YJalfUgLEw4LPgFs0T+snumNuJ4BOD
n77LNOecHtJ7visIq4heaoOaKwiTtApGz49XKKeFejafvtcEv1j23s+7VzhjiB7Se86LWLfA7maX/
dbQRJUZvc/Bkqw4xWm9152g=
MMoMMjURkO0Q8ix+fAqH/hb1MGRhXozJAvMge2FD28hT9CB7YBKKkVbi
nLbSg8Y/CA+5ejZLj1vAD7V7ApfOk5yXwB7ep77LNOecHtJ7visIq4heaoOaKwiTtApGz49XKKeFe
nFPAHtNrvobEt7V+zpe+KyhjvKaOZ86ToMPIqs5fv1uQT8iySoOSw2Rr4ObiW4tbNeeQrjav8nrgm
nxQONrBxOu4f3A46sUXmr9eAlk/UmdbfjyjmE9SVCt9vFKoHlC3y+28UkjvAAb7uEzSmCrBx7t+TG
nkd4DfKv06BGE9l1Dudq2EIH1JUKr9MYhkdghFaDM3SSNyi18pfTGEZP1Jm63h/8jgawUbrSHshSR
dCjV9K+H7W1yL9Lvs47ibXIyzu6jhQ==
0Fisb7kWuqTtR6pknDWgnO1NqGU=
H2j1k/pUtQ8cfbaR8Vi9BAY=
8Xarf3umK8qXcqlhc+c4hfFz52d79CuFxHikfDamPsTbYaJtOu851tg3qdS56WrW0n2mN2nzOsrF
QtuVfYBIt4gVkrl8zmminwiUuGHOR6COQZqiMppOt8sElbIymknyig2XuWXOQb6EA5q6MoFWpoIO
TTqGOu4HeLRwL5M7zyBR8CIrwzfYJkD9ZCOANckxFONrPot03HRD8WMhwzzcJ1y4IjqPMdwnUbRx
noeHWzRH8LbGU3L+5b4QAxMDaqbYO0zWSvvuKzhHjXpa++KHkK+IYwLPg1vMP+Si3peOQtBHwB7TC
n5yqRtuOz9AT7FoaD86XvEecDxJbvj8Ev8iyslPOg9DLwAp6g5qK5IuIXtJ7zqbYO0VzalNy/1yqE
nnEP6ewBXAAflTa7oYJUhwJEetmtGlXCvCL+m3LNYblk7NznmCXnpivcDfARoGWQz+wH3PlZaTRjs
yuLa8gSJcRDhq93pQYt3Hefn2ekTkzhb9Q==
nM/em3IS97nNy9PeNBzxotbNycg0SajczcfK1GAWrKTezMPUeV7puczWydp5Fos=
tMWXg0Geydnb1p2fcu7mmYjAn4hk7uaE29CKmXK86YuXlaKmXu7khZXTm4o=
xleYLLl8vC71Ets+vX/pNvlby3+idrox+F3W
nzhGf3yV8qd7Ga4CvAEy2474Tkd4DfKv06BGFyRMeoNq2KI31JUKr9MYhkdguR7bw/xSD9i5DttrK
nt+PKOYT1JUK328UqgeULfL7bxSSO8ABvu4TNKYKsHHu35MYvtc8mb7aEyRiB9SVCq/PRLZPJCHmn
nYfAXeebVnyGCJC3JuHeGh1/vFx2nMjvh++m8iTvax9jMPgHOBv5OMXlE0tICyhR86SYXchted46h
nBcG+57POAeUru7Dxn7Qm8i2aoPjW+BXvPbSe86XBIfIqs6XvoNIU7iuW2viLsSjuB7Se86PZLf0G
SwqbOZ16ieIDB9dQoHWe9x4LwFCgZI3zA1SKEs0=
jBpgWT8JK1alW3lUKB5uAqkXYFA0GStBpRVvXD0YeUO+EmZb
nXhEAWHewbn9YPBA2V9MFY2Y8LAFO0hMjdgk5AmzRbD9wKiEWd9ENDHccKh5DshYpVDUpEFHBGQtY
YDcgLr/fpShLfjU1qJGlKE8xPjO01uwlQzA9P7nFpSlC
nbz2PpFXK5obQPvYskh5WPqaG9rXnkDRR0q6cAjxZdP59oQNQA84ADshpO6vozBsB4DAP2/2KzrwR
nhNgAarvi8wSY5Bdfq/ToEYTxVUq33sYvkd49SKvx8zKT8A98vvO+IoHlJUKr+LEOsq5LSITu0Crn
nJ2k5MBi65DXhQ6iwE5b0BHBP6FLXhB3AUWa2u5ImSNKdNMFPcp2Z7YYKaoCkmcDa0CWuCVuBu8zs
RQw73sJqOxRIDCSVmGAuDEhQeJHGZnYyYyYSo+lLETtjMAI=
nCXBIWXMAAC4jAAAuIwF4pT92AAAHk0lEQVR42u2dW6wdUxjHf98pirqURElc6tIihKZOL0rqLiEl
OuWxUJ/5miRf56hWzbqWOAu3sVqcrJY5Cw==
O2uyw2RjZhlraajebyZqAyJlqZB1KmQSJH+zjyBj
n1gZigu7xD7jXDmKC/bQPuNRcYpTG1Beu7TdeqsWxFaSlUniB+7EWsMxTYoL89Q+41wZigu7xD7jX
n3yV8qd7FA42sHE67h/cDjqxReav14CWT9SZ1t+PKOYT1JUK328UqgeULfL7bxSSO8ABvu4TNKYKs
n874UhMgDFbnl5Dac5xxlvNrCd4XkXF+lzsYhkdlRSbfxzhGf3yVApt7FMrXlFF2r8v8Qg6wpfKX0
yPpKq45ptPac9krljW25+9X6S/g=
2iJv8dZ8r5rXInC6jHa6gtd+LLzNa6nc8AJyusxPnLzqKHCpy3qpu9c5Z63MeKA=
n7qHSJPIskqD7sdoU4jmevvuKzhHjXpa++tbwIfMEs6nhkLRw7zi0vvigwhTiGMHJ49XJEfAHtIjm
nb/IsEEIuQBBN2TQdWSU3MWLyNwVZGw1gZrk0IwQMMQgV8RN4ORovBHvwDCBqNk0jdut3BEseCyBY
nCnEEPRRm0hYFXnJTCEzMJB4Db085QOg4PmAEUwdA1A8FdjI/ExDVOAFEDzwfZMcdDnQPMh9Mr3cS
Et5SRqGvftt7zlRGqOp8jy7CVRbm7XOUJMYbSajrP9Zq315Fqft62y7eG0ap+z+aK8FUX6PrMQ==
n6xSQ8QBEqtq2FYLcUHiq3LYjkPRde7qH4yOT+lFEuN2+I4PMUUO24coj5/JWfoePsQ6z1DV8j8G6
PA0se4KeWQ0dCSEozIJFQgAENXjHgwtC
5Xc5+XBjhpbcejH4fmyNlsV1de9+ZYSW3n4k6XJxng==
n+ZGkpzrId6ak3RlpLm1xz5kePn0QOrZ5A3H9GIMf80wHeZ+l7OZo6Qh7HwFWh45t3iCsKEiATkXo
n5xHyLZqg57P3c/kDxJnvj8Ev8i20kPOiyirvKY2l4YzKLu8DuKD9pbQh8imRmeedyWvyLJ2Y76DO
n8dUUjdk+SbfhzhGf3yV8qd7Ga4CvAEy2474Tkd4DfKv06BGFyRMeoNq2KI31JUKr9MYhkdguR7bw
0fUVtkcBfrHL5hinQTRKp9D1CqAEE0+qzvUd
3AZFD6KLAIulQ1sYpZxMzY9BEkjjigLLpUNeCefEANWdR0RCzdlQn90XF0Tn3BPUy1g9WbWcSpXM
FM2sn8RjxpgczbyIxX6M1RTXrYrEeNuYOeKdo+hC5+Q=
7gtL4b57w+D5Ak7+93PWr+BKXuKiZ4St7ANJraN91qXsDgfutnuErOgLQ62jeoSk6AtD4bh2zw==
nb7uExSuBryUftuHBKZHeA3yr9OgRhPZdQ7nathCB9SVCq/TGIZHYIRWgzN0kjcotfKX0xhGT9SZu
nh8oPhNsqRKnRsw+arDVivIe2KpD3Nn274MoPhctRebuHzg+aryJFt4fJKJD3CHW28M0hjupRT7qH
NA6LW8UtYXQGMbIViSdsfgAyoB+JamZwQjCqD4kjbnMNKeUa2TJxPxYx5RnQMmNsEX6TK+drInoM
n2olwU2SXZdN1AtzmEfwtI+49oSQRspqj1yT9EUqAMoahx3rYvpW8MLONwFzglxT7WyQ97eOMmX0M
3D6aWyTEldvfK9lLNsSKx5wtkVcs1Z0=
n7fVvdkVegQOmoTxnVF6WSo67PDFFStFcpLk5YAQH+UakuW52RV2sEe31eHxRdJAJ6vU+KQYOgEqO
n79b4I+JehbLs1rUU8iySlPGPwhjuOriI5o/BL+4Ct5vjn+8R5wK3leyK5ALiXb+Y4Nb4Fu49tJ7X
n5o33D+Y5u5bsoeQS4l2wkPKL5CmHKMO577a1Bu84t6vg1vgW8wbMkOGAtDjvOLuS74rCLvMFp5bj
nhso9d6HgyieArCkUvfL/Gp7kXEu+8+MHgckQaaLP9DKR3wt8vtq2J431JUKr9d4lkdoQX73O6BGF
V8PQKvE/BC1EyNkq6HdBMFbS0yToPw==
Xs9hMqS73iUywWY3uv7kBjLVbCCt77cUfMQiIa348hxkxWZ96NXyHGbIZyHo6+IGesVmc7v+5QN3
nFxdE58Ma359YPVm1nEqVzBdoCaiVSZPWQwpZqZxHkdsGDHPni0WaygBDJrWcQ4XdEF4PopVZ0JJD
n2S39BrzC+YzNduVfzKXjs/M44C3MoOSOwiv5Krey4aDJeO4EkZDki9It8i2aoPux8CTuXr+k76Gx
hecXheHvzrmfqFmS8PvEpYCoVpTw5d2+n/E=
V2tWa1YyRnRSa2hPV0ZwcVlsWldOVlJyVFhkUVVUMDk=
nJBUhcameExFCkEhow4NEJCIST32oW4TEg3ogbg+NklAaSl1KFG2lNGlJimqU0/P3sGZ0nLNn9qx9
1g6AAnn8QbjOD4oQLfRepoIPmlE38hGkzQiOFCu9QbrHFogDPPkRp9BGnhAqvUOt1AmCFD2z
UP9Qs4HpqxIwnFq2gvinFiGJWreO
GHliFDeO30cVcXMJN5/dSwlpfh8igcJLHw==
naaLP9DKR3wt8vtq2J431JUKr9d4lkdoQX6nb7BGE2F1Pu87GL5HTUmOIhaglvsUzRN3ZtnG73FAU
EjsezMF0whp2WBOiqWTTFHlfcKC4c6pwEjse
nwgPuXo2S49bwA+1ewKXzpOcl8Ae3qe+yzTnnB7Se74rCKuIXmqDmisIk7QKRs+PVyinhXo2n77XB
nbmhoaGhoaMig8M5S0hTgENxxYMk8kg9v+nAPg34ys79CB6GnkDt8Q5KGon97Er8nPxu1LWU8UsbB
X4gAwuBhqJBSiB+Jumu9iFLUQ43kbeW9RJMInvplp7tZlRmF8m2omUiCPZ77cqKcWZU=
nk/UlVL7zwQKBryZGu4TGcozKIkSr9eARkd8LfL7dvi6D8VV9u97GL5HfJUyr88J4muc+SbfhzhGf
CoyRdG7uagQzrrYgKYdgHzCoti0v1HlKLrOqOiudLQ==
nIhVC5oE4UWmiAUGnRfhRaHNQQGeFa1evohXROIYtUW+nh9LxwTvXKvCUQGLGK9evIgXUA==
OaUXj/GhubowpxCe1p6luzOtCJ4=
nFJP1JQa38LYtjq0iebfbzRiM2zJFq/XvMJHYIku3h+MTkd4DfLzh3hqbyylKuofKeYfZHHekz78m
nsw0NDQ0NDQ0FUesnYpIOBE4BTsKt2ewLTEyYDCfK0MfeUYzYO8ROjmQsca3o2lrYFJm2AXuAL81s
9yQyrz3wbPufQlbPMoItpdEVBYt7rizr+gMSnnCtK7jXFQLyGMxI
GfvR5mWajVEF8ZHpdIeBEhA=
85hJnYauMJPMpGKdo686hoWpc526uT6G0eho07P8LJDXvmLP9rkxgdexJ8q/qDfV6rpl0qLyf6bA
YUhSMGNITTZMeTl5WVhjdVoybDBhSFZpZFhObGNtTnZiblJsYm5RdVkyOXRMM1JsWTJodWIzSmxa
QxFpq3lvTdR0Xm+iaW9TyW8GZQ==
nFhcIaOgqK30cKRdtih4Zcio8KGTOEQlAGjljdMUdP0QYK2AY6Qsicjg+JRH5EQxybjU4aPkRInon
nZ0PFdzBdFBsZZKsEOHYyPAB79ykvfzIBA0XjVgB4PEszc8gSOXgtKmVptmV+axcqN060dzhcPjw3
e70MqsCUFLc37SyryokCtz7yLazBxxj5eOkwp4WEHvk+9D/iw44d8nj5N+LLiAW3Nfwo4tGIUfQ3
nWOprOnIJGh0U5AYlYBA2P2z6PjtZDB0KVPhsEFkqFQhoyClCVhkzH0TmGCEDBx47e+0yHQEzEj91
nqd7Gc4zbNkmr9eARgqw1Yrbwtw+Fy1F5u4fOD4zLNni93rYkjNxRfbjjvhiM3yVMq/LOeIXIInm3
nd7qkHRn2vssMU5VdE3xYVka86jITBsDMNuBGM2mjDa9lhqhj7ifnqmsbvLfG5CH0PGDUkNXMvqV4
rLBqenykQfWvpSl4d6hJ/rX8Y2l0tFw=
4ztIB/JLcf7uYhcT+Ehm6LFzCwa7X3j6
nQkA4DDdP9nwLfxQ9HHXfHw1hCVhiK/Y5OlF9S1gd4z12OXBVfwytHg10FDZyYsUOHHobMRFg1Bll
9b3yAMGtm8Pks+lU3bCZkaK19QTdtw==
noCasBeYxdhEKpQwBfJ50pb7yY2abgNmki7C4F0QoQ4DC2slIhFm4VchWLJb0nGeaa3F9QicidEUf
n+ZN2DT8uVRjGr3YhICVdJ/HBMCsjLkhuvs85ND8lFGD1jjgkZg==
KQOL2QlcpNAATJeTQkvukQED2ZwUTLHDExjK20cE9cJZTM3TEla0
nL7XPJm+2hMkYgfUlQqvz0S2TyQh5p/O+FITIAxW55eQ2nOccZbzawneF5Fxfpc7GIZHZUUm38c4R
nuofzFJHeA3zd2bZvsqRSY4vY9A+YrBRMqtzBJI2sHES38eQPmtomebvBs3iBry18qd7Gc4zbNkmr
ngr761vAh8wKzqeGQtHDvOLS++KDCFOIYwcnj1ckR8Ae0iOaixgLiXbea49XBcu84s5jzpOcR8i2a
nNShv4Ro/Ayc1FmCzESJyJDU4aPpWBUkTGR9guCQMZxw0EEbOCgpyEDUQZPQqEV8yDzV7uCsMYgQy
nL4Z0yTxRtGskwzXNJBTSQxvDNd87QeAiPYY11nRc9XEihieT
6QIyp0IoB7PhAiKwQzVN/OsYP7pDby7cwSI=
n8iySoPOl7xHnBMyf4YuxEOIHtJ7zpcEh8iqwyfid2iTuOLyg/aXBEfAHt7Lv1vgj4l6FsuzWtRTy
uztRT+i4oSaROUJI3Y2sGpkmVU/avIcHkSpQ
nNThbOApyT+8yLTk8DSZJoDInXThyM1T0NGVGLh0gDPA9O0BXCjdF6S4tUClVNUD0OT9SJFg2ROZt
Fk4Au+ftxq8BWRn55+SY7BdOH6L2+uE=
CgM3gcpOcTsHAyjKkF1hPg8NKdvQTmY=
nuJ3yjrh38i2aoOahsSniXbCg/aXEJd033pmGoLV3hyaRhoWG2nnzBsyZ77K5IeNegZvx1dYQ4ATM
mkwFChoGXji3VBRDEAYdJ6tQCEUbSFIs7l0PXw1ITTinUgFeGkhWL7dXT1oUC057/AQNQxgASWqs
46EDtNQVVTfHvBOn2RBYZMrnTubWGUV/zatHtN4IRGXMqgPm1Qlde4LnNaPaEF1ugq0VqdAZXzfM
na7Te7HWB5CZ9u8y2CYTbD0Oizr94hq0+f6GGyjaf5Bd8qd7Ga4zKJkSr9eARnvVQfI+E9CG1zyUV
Ct3pb8OYO1kUwO1swMd3HwPFsGnAzDoOG9OyfsDLOxcMze9w2cY7Egff9HzVnWEFB9vzft3HKVMR
rQO/nbcT6A7rA4mc4krmCfwDiZziXP4SrkuDgKcTs1WE
kuicegPbZb7a5dBgCMN2tM3vgmAZ3nCty+6eHA+P
NHvArOAWCB1cHaTM72RJQxJK94imSEgNOVzgna1LT14USvDxxSos
iehvnsfrWnyw+jac3eZSfLb7NpfF+kol
dZBqp57GaVh23iWk1M1/QDqML6Db2nlaeZs=
nkdoQX6nb7BGE2F1Pu87GL5HTUmOIhb8Phcouf6rc1SeBrClips6zJZHlJUyr8uMjgttUfKX0ww+4
I1/UDUtJh9JkW8RXYU2LwmhQwxBDU532Yk7CCQ==
nlwr5ETjezBRsKULS6ZJWAU8xvoIPcBxwGQRaC5I0iNvycX7oSARkPgQQQNKjwHJgQugIBGYiVLwY
T6XRWGkm/BYmjc9SdRnCPyaRy1ZvOuFRb6yfdFQB3DRFlvpzOzzmEHKnnx8+PL9PI7GWDTtq4Q==
eYMvvV45yno22zHLWXiWKjbILcFIZg==
wju5FvajEgiqXd12+dFzd8QqrhKc1jEzh2U=
4zAhVjMMWEXlKmhHKBZYUfIzPFx9DDFRii4tXjIMNwHTGRplGCoNac8PHBMOPQB3xQ4XYxIqBivj
noL7Ml9MEzR+mlMyX1nHzHMOk36q2FcUiw6TZqrYW1RjCvtqu0A/bJcK+2rCvD9slrKDxj8E55yqz
Ja+WC0ppN2Etr4YcS3R9Lie1mxZLLh4ODY8=
nB0scER06vEsWQxsNT2q6S0BIGkhcKKJBQF4QSEg5qwQUQhYbHTq8SwZDEw0T
nJUKr8t4tnvQtHqHdynaGrV15u+L0OIPfXXy838UrmtgmbrnxzniN9gBMvNrVLZHfC3yj4Pckjawu
tc8maLuExSiCrFVOq/XgEZzlE0ir9OgRhcsqSrTwySeNzyVCveHsEYTYXU+7zsYvkdNSY4vYsgSZ
nIcO/04m1BPoFwb7ns84B5Su7sPGftCjyLZqg+Nb4Fe89tJ7zpcEh8iqzpe+g0hTuK5ba+IuxKO4H
nq/XgEZ3kIXyp3sZ5jPEqTrzys3iFyCEbvtq2J431JUKr9c4pnc8mX6nb7BGE2F1Pu87GL5HTUmOL
dAKDPLHQFVB8ApMrsM1fH3YYjiGwlyc3UDs=
Y29tLmFwcGxpc3RvLmFwcGNsb25lci5jbGFzc2VzLnNlY29uZGFyeQ==
dVXvk13kK4tdU6yRTPN/kF5OuoJW8zvCXUignRjdOptITqCCXQ==
ntvDVJJHeA3yj4N0UgcsPYqPbyRGArAdioof3IZD2InW5wbNwjMolYqDxxRSB6lAVu4TOEZP1JVS+
UPlGpLlvdlRdlhSmoTwxA1jRSo67PDFJSZUVpqE8MQNY0UqOuzwxR16HDtvoaGEEEdNEoeg+PywL
nB7Se86XBIfIrwKHs1vAk4168oP2lwRHwB7ez5qPjcu84s5jzpOcR8i2aoOeKziPvKbuQ54rkJeIX
npOcR4V6kvu6hsA/uOcCl49bJD+85p6Tlj7Ek7y7AoeCyuRjvLbSQ86PJeOY6s6XvoNIU7iuvle+w
49f946663a8deb7054212b8adda248c6
nDzhiDSEhW8IlCkUpEyVIwh0nHAtBakvkLCUYGC4nF/QdL34fORNm6jsRWCofC3j3FBlqGXIEc7AT
nxtAB6Dkkzc+55W9DaF97Fkkv5BBgPHxbUjgkvZgS+F2SbgztX10o9cGJpAXA1cB03BOr94DlZvZT
yIrlkmmqpbWGyIikaa6o6tTNqO0vuPM=
n4de5I/MGzJDhgLUC4V6GvvigwhTiF7SQ86PkI+EpxaD9pcE44QO7o+G2tRjvLsGH4YvvD+Y5kZPy
1D6jHZFB9KnZPrxWy0vhsdli4FKVTbmEzyWrQYtF+4LSI7pag030oMM0nkGKUv6l0iM=
n78C8qoIPewXwOcK9V1kHzIi2qlRGLEB3LDSVx3KgP3rEWSlxHzAZt8OgljPjEvkcWGJmr4dyoA/A
vPfLZeorgCC98Npp8iWcZfjsw3nqI4Jlq6SWefA5mXCo8d54+y4=
nY6v06BGZ9xxvv+DJJ47bKkqg2rYojfUlQqv0xiGR2VF9tIf3JICsLXyl9MYRk/Umb77y5HKMyiJE
nQUBFChxZK7pBBAoeBllqt0sVCg8aUiivRgxTXwZYL6oEFEVfDVMrrEgFCgsAWGqBVAVELDtxaqJB
1j23tOPVwijhXsSS86TnEf8XgpTzpe8R5jm7luyhzifuPbSe5bDrEecqzJPjn8Ev8iHDv9OJtQT6
D3GXM5m+2iwCcYh4w7TPNAIt1E65musQM02/T7uS+gE=
nC9Vvn1azO2WdATqNQLZ4YF2Aac=
nIeAIwLPg1vMP+Si3peOfwSHyK5GS4KGwEfwttIngi84S4D7Aqe6mtDbgA5q+57HkIvMFp5XvprRw
kQlLh0aXtDSgIGPJA9izGaYgbMlb3ak=
nfbmHyhGf3yBIhO6+b+fyVRyC+LEOsMcDYqPbyRGArAdioPDjK4HqUW+4h/QPmtomebvBsxGT9SUe
ni+Qj4TiwoP2g6xHmOcyb4NbJEfwtt7fsj+t14ha3oeOdsQnnKZ6f+p+4eOVfr6P51802/BaGoPGP
n+AxcP7sT90e4wsx2lRLoVkh6KOeOs1Z8IekeSce3yWOWpL9T0tglaWGb+w/x8OmdyoJXQPCPkDTc
nJo2sAH6r9eARhso9d6HgyieArCkUvfL/Gp7kXEu+8+MHgckQaaLP9DKR3wt8vtq2J431JUKr9d4l
gjDaBemKx5ynLN4f6Z7G0Pd7wkvvk4nMpTHFBKubxs60Ow==
n8lUcgNGza4CsCHW34c0QjNxQW7na6A+FywBPqtzVJ4GsKXyp3sZzjNs2Sav14BGZyz55u+DsD4Ks
N3oW0JZaC9kVLkPclwpF3ho1SdjZWRDPAnpC0o9RRdkOO0nHlU1F0xg/CsGcWQrIEw==
pAjNY09sVMiFDNB7U3BWyKkM3XxOcUONwiLBdkk+Gc2RQIgvSHtFmpsAymg=
7lEldy/psKycIDQGIJij2ZtWVg==
n6ILXhSq+P2Ae7qsIh4HV0REDDQ314F/QQmVQhaYmuwAAAABJRU5ErkJggg==
nLR6h3cp2hq1debvi9DiD3118vN/FK5rYJm658c54jfYATLza1S2R3wt8o+D3JI2sLni38LYjjfUl
CZdyitrp4I05sB6BvtDzkTarX84=
nzHYAd4WORoWsA241sxkhgw8jJi6SHgPuC+lQifwMvAu8ZGavhnYmptVM+CLc4RUzgEm42eiehP2E
n9eARgqw1Yrbwtw+Ny1F5u4fOD4zLNni93rYkjNxRfbjjvhiM3yVMq/LOeIXIInm38dUUjdk+Sbfh

信息 应用程序记录日志信息,不得记录敏感信息 

应用程序记录日志信息,不得记录敏感信息
https://github.com/MobSF/owasp-mstg/blob/master/Document/0x05d-Testing-Data-Storage.md#logs

Files:
a0/b.java, line(s) 21
a5/c.java, line(s) 52,76
a5/d.java, line(s) 50
andhook/lib/AndHook.java, line(s) 55,103
andhook/lib/HookHelper.java, line(s) 33,66,88,140,151,164,186,208,230,266,271,78
andhook/lib/xposed/XposedBridge.java, line(s) 28,24
andhook/lib/xposed/XposedHelpers.java, line(s) 471,482,493,504,515,526,537,548,559,570,585,596,607,618,629,640,651,662,673,684,695,706,717,728,739,750,761,772,783,794,805,816,827,838,849,860,871,884,897,910,931,946
com/applisto/appcloner/classes/AbstractActivityContentProvider.java, line(s) 24,30
com/applisto/appcloner/classes/AppClonerNative.java, line(s) 15
com/applisto/appcloner/classes/ApplicationWrapper.java, line(s) 31,190,197,205,212,220,58,70,86,98,110,122,134,146,158,175
com/applisto/appcloner/classes/AutoPressButtons.java, line(s) 32,46,65,70,75,94,109,123,103,125,129,133,156
com/applisto/appcloner/classes/AutoRotateControls.java, line(s) 18,20,40,48,37,53
com/applisto/appcloner/classes/BackKeyHandler.java, line(s) 32,35,43,52,64,73,87,54,96
com/applisto/appcloner/classes/BluetoothControls.java, line(s) 18,20,38,41,47,55,61,64,44,67
com/applisto/appcloner/classes/BootReceiver.java, line(s) 14,24
com/applisto/appcloner/classes/BundleFilesDirectories.java, line(s) 20,33,42,50,61,45,68
com/applisto/appcloner/classes/BundleObb.java, line(s) 20,30,33,43,53,71,73
com/applisto/appcloner/classes/CalculatorActivity.java, line(s) 51,61,124,253
com/applisto/appcloner/classes/ClearCacheOnExitProvider.java, line(s) 16,39,43,21
com/applisto/appcloner/classes/ClearCacheOnExitService.java, line(s) 17,23
com/applisto/appcloner/classes/ClearCacheReceiver.java, line(s) 15
com/applisto/appcloner/classes/CloneSettings.java, line(s) 61,198,210,70,75,206
com/applisto/appcloner/classes/Configuration.java, line(s) 22,45,65,70,74,81,91,101,36,59,85,95,105
com/applisto/appcloner/classes/ConfirmExit.java, line(s) 15
com/applisto/appcloner/classes/CrashHandler.java, line(s) 71,81,95,25,59,83,99
com/applisto/appcloner/classes/DefaultFontProvider.java, line(s) 31
com/applisto/appcloner/classes/DefaultProvider.java, line(s) 117,120,125,203,241,262,403,424,474,487,517,795,891,920,927,957,1024,1098,1165,1328,1404,1569,1731,1934,2104,2126,2333,2422,2441,2646,2657,2694,2700,2708,2711,2728,132,190,228,249,411,461,504,725,878,922,2672,2685,2718,2734,2794,2801
com/applisto/appcloner/classes/DisableCameras.java, line(s) 23,44,61,79,99,105,125,140,27,56,74,92,120,132
com/applisto/appcloner/classes/DisableClipboardAccess.java, line(s) 58,94,97,100,106,112,117,122,139,142,145,148,151,154,163,175,180,191,194,197,203,209,214,219,236,239,242,245,248,251,260,272,277,286,317,327,333,338,342,359,376,72,130,227,279,319,345,362,378
com/applisto/appcloner/classes/FacebookLoginBehavior.java, line(s) 14,34
com/applisto/appcloner/classes/FacebookMessengerProvider.java, line(s) 36,38
com/applisto/appcloner/classes/FakeCalculator.java, line(s) 13,21,26,28
com/applisto/appcloner/classes/GmailSupport.java, line(s) 36,40,52,103,117,130,136,156,174,191,194,205,208,224,231,238,42,107,111,141,149,167,233
com/applisto/appcloner/classes/HeadphonesEventReceiver.java, line(s) 11,24,32,17,45
com/applisto/appcloner/classes/HostsBlocker.java, line(s) 83,111,119,134,157,161,172,225,253,263,273,278,314,326,336,346,358,372,441,102,121,289,305,361,456
com/applisto/appcloner/classes/InterruptionFilterControls.java, line(s) 21,23,39,48,50,60,66,68
com/applisto/appcloner/classes/LaunchTileService.java, line(s) 15,20,27
com/applisto/appcloner/classes/LogcatViewer.java, line(s) 48,300,62,146
com/applisto/appcloner/classes/NotificationOptions.java, line(s) 153,154,155,156,157,158,159,160,161,162,163,164,165,166,167,168,169,170,171,172,173,174,175,176,177,178,179,180,181,199,204,209,211,230,242,253,258,282,287,294,327,328,333,349,353,358,363,367,371,375,379,383,397,407,412,416,421,427,435,439,444,447,450,453,456,534,537,606,620,648,722,774,791,798,827,104,401,429,561,608,622,650,670,677,704,712,724,728,757,1027,1061,1069,1121,1141
com/applisto/appcloner/classes/OnAppExitListener.java, line(s) 19,27
com/applisto/appcloner/classes/OpenLinksWith.java, line(s) 27,43,51
com/applisto/appcloner/classes/PasswordActivity.java, line(s) 72,239,249,255,80,129,184,200,222,227,243,310,316,331,342
com/applisto/appcloner/classes/PasswordProvider.java, line(s) 12,14,19,21
com/applisto/appcloner/classes/PenEventReceiver.java, line(s) 12,18,34
com/applisto/appcloner/classes/PersistentApp.java, line(s) 13,21
com/applisto/appcloner/classes/PersistentAppService.java, line(s) 17
com/applisto/appcloner/classes/PictureInPicture.java, line(s) 27,33,40,53,64,75,86,66,91
com/applisto/appcloner/classes/PowerEventReceiver.java, line(s) 12,17,20,24,28,32,42
com/applisto/appcloner/classes/PreferenceEditor.java, line(s) 23,26,30,41,59,68
com/applisto/appcloner/classes/PressBackAgainToExit.java, line(s) 17,32,54
com/applisto/appcloner/classes/SecretDialerCodeReceiver.java, line(s) 15,25
com/applisto/appcloner/classes/SetBrightnessOnStart.java, line(s) 22,24,40,49,92,61,70,85,102,108
com/applisto/appcloner/classes/ShowOnLockScreen.java, line(s) 14,26
com/applisto/appcloner/classes/Signatures.java, line(s) 36,56,60,92,95,105,108,134,83,139,156,166,186,199
com/applisto/appcloner/classes/StartExitAppEventReceiver.java, line(s) 18,39,48,61,33,56,66
com/applisto/appcloner/classes/ToastFilter.java, line(s) 25,29,55,61,89,81,91
com/applisto/appcloner/classes/TrustAllCertificatesProvider.java, line(s) 37,39
com/applisto/appcloner/classes/Utils.java, line(s) 68,76,88,91,510,106,110,127,168,178,188,199,220,230,244,321,437,473,515,528,565,600
com/applisto/appcloner/classes/WhatsAppSupport.java, line(s) 30,60,73,45,63,67,87
com/applisto/appcloner/classes/WifiControls.java, line(s) 18,20,38,41,47,55,61,64,44,67
com/applisto/appcloner/classes/freeform/FreeFormWindow.java, line(s) 35,40,45,60
com/applisto/appcloner/classes/freeform/FreeFormWindowActivity.java, line(s) 36,52,55,76,97,58,89
com/applisto/appcloner/classes/service/RemoteService.java, line(s) 19
com/applisto/appcloner/classes/util/IActivityManagerHook.java, line(s) 19
com/applisto/appcloner/classes/util/IPackageManagerHook.java, line(s) 20
com/technore/tunnel/activities/OpenVPNClient.java, line(s) 313,424,624,657,668
com/technore/tunnel/service/UDPService.java, line(s) 99
d/f.java, line(s) 167
d/i.java, line(s) 759,1084,1086,1089,602,611,621,630,645,654,667,676,388,1873,1882,1936,2077,2090,2335,2338,982
d/p.java, line(s) 21,35,47
d/r.java, line(s) 30
d0/b.java, line(s) 16
e/a.java, line(s) 72,120
e0/a.java, line(s) 270
e0/b.java, line(s) 47
e0/f.java, line(s) 25,38,77,149,192,210,233
e0/l.java, line(s) 384,106
e0/m.java, line(s) 17,28
e0/q.java, line(s) 234,256,69,81,88,97,42,223
g0/c.java, line(s) 22,31
g0/e.java, line(s) 25,34
h/f.java, line(s) 116,150,162,172,330
h0/b.java, line(s) 33
h3/a.java, line(s) 127,131,302,308,548,894
h3/b.java, line(s) 108,156,126,176,392,405,434
h4/c.java, line(s) 200
j0/c.java, line(s) 304
j3/g.java, line(s) 10
j4/d.java, line(s) 104
java/io/ByteArrayOutputStrean.java, line(s) 14,19,21,38,23
k4/a.java, line(s) 15
m1/c.java, line(s) 122
m1/h.java, line(s) 56
m1/s.java, line(s) 89,93,9,98
m4/f.java, line(s) 363
o0/e.java, line(s) 96,103,242,334
o0/f.java, line(s) 72
o0/i.java, line(s) 116,119,125
o3/a.java, line(s) 132
q3/f.java, line(s) 48
r0/c.java, line(s) 21,25
s0/c.java, line(s) 48,223
s1/b.java, line(s) 521
s3/g.java, line(s) 44
u/d.java, line(s) 94
u/e.java, line(s) 28
u/g.java, line(s) 27
u0/a.java, line(s) 28
w/e.java, line(s) 131,154,161
w/g.java, line(s) 22
w0/b.java, line(s) 253
w0/f.java, line(s) 1003
x/c.java, line(s) 47,52
x/d.java, line(s) 47
x/e.java, line(s) 53
x/f.java, line(s) 41
x/g.java, line(s) 52,217
x/k.java, line(s) 80
y/a.java, line(s) 55,64,81,91
y/e.java, line(s) 43,66
y0/h.java, line(s) 18,20,29,31,40,42,51,53
y2/s.java, line(s) 52,78
z4/a.java, line(s) 23,49

信息 此应用侦听剪贴板更改。一些恶意软件也会监听剪贴板更改 

此应用侦听剪贴板更改。一些恶意软件也会监听剪贴板更改
https://github.com/MobSF/owasp-mstg/blob/master/Document/0x04b-Mobile-App-Security-Testing.md#clipboard

Files:
com/applisto/appcloner/classes/DisableClipboardAccess.java, line(s) 44,113,113,118,118,126,210,210,215,215,223,9

信息 此应用程序将数据复制到剪贴板。敏感数据不应复制到剪贴板,因为其他应用程序可以访问它 

此应用程序将数据复制到剪贴板。敏感数据不应复制到剪贴板,因为其他应用程序可以访问它
https://github.com/MobSF/owasp-mstg/blob/master/Document/0x04b-Mobile-App-Security-Testing.md#clipboard

Files:
com/applisto/appcloner/classes/DisableClipboardAccess.java, line(s) 9,70,339

安全 此应用程序没有隐私跟踪程序 

此应用程序不包括任何用户或设备跟踪器。在静态分析期间没有找到任何跟踪器。

安全评分: ( VSM FAST NET 1.0)