安全分析报告:
安全分数
安全分数 33/100
风险评级
等级
- A
- B
- C
- F
严重性分布 (%)
隐私风险
1
用户/设备跟踪器
调研结果
高危
18
中危
27
信息
2
安全
2
关注
5
高危 Activity (com.uzmap.pkg.LauncherUI) is vulnerable to StrandHogg 2.0
已发现活动存在 StrandHogg 2.0 栈劫持漏洞的风险。漏洞利用时,其他应用程序可以将恶意活动放置在易受攻击的应用程序的活动栈顶部,从而使应用程序成为网络钓鱼攻击的易受攻击目标。可以通过将启动模式属性设置为“singleInstance”并设置空 taskAffinity (taskAffinity="") 来修复此漏洞。您还可以将应用的目标 SDK 版本 (28) 更新到 29 或更高版本以在平台级别修复此问题。
高危 Activity (com.uzmap.pkg.EntranceActivity) 的启动模式不是standard模式
Activity 不应将启动模式属性设置为 "singleTask/singleInstance",因为这会使其成为根 Activity,并可能导致其他应用程序读取调用 Intent 的内容。因此,当 Intent 包含敏感信息时,需要使用 "standard" 启动模式属性。
高危 Activity (com.mob.id.MobIDActivity) is vulnerable to StrandHogg 2.0
已发现活动存在 StrandHogg 2.0 栈劫持漏洞的风险。漏洞利用时,其他应用程序可以将恶意活动放置在易受攻击的应用程序的活动栈顶部,从而使应用程序成为网络钓鱼攻击的易受攻击目标。可以通过将启动模式属性设置为“singleInstance”并设置空 taskAffinity (taskAffinity="") 来修复此漏洞。您还可以将应用的目标 SDK 版本 (28) 更新到 29 或更高版本以在平台级别修复此问题。
高危 Activity (com.mob.id.MobIDSYActivity) is vulnerable to StrandHogg 2.0
已发现活动存在 StrandHogg 2.0 栈劫持漏洞的风险。漏洞利用时,其他应用程序可以将恶意活动放置在易受攻击的应用程序的活动栈顶部,从而使应用程序成为网络钓鱼攻击的易受攻击目标。可以通过将启动模式属性设置为“singleInstance”并设置空 taskAffinity (taskAffinity="") 来修复此漏洞。您还可以将应用的目标 SDK 版本 (28) 更新到 29 或更高版本以在平台级别修复此问题。
高危 Activity (com.mob.guard.MobTranPullUpActivity) is vulnerable to StrandHogg 2.0
已发现活动存在 StrandHogg 2.0 栈劫持漏洞的风险。漏洞利用时,其他应用程序可以将恶意活动放置在易受攻击的应用程序的活动栈顶部,从而使应用程序成为网络钓鱼攻击的易受攻击目标。可以通过将启动模式属性设置为“singleInstance”并设置空 taskAffinity (taskAffinity="") 来修复此漏洞。您还可以将应用的目标 SDK 版本 (28) 更新到 29 或更高版本以在平台级别修复此问题。
高危 Activity (com.mob.guard.MobTranPullLockActivity) is vulnerable to StrandHogg 2.0
已发现活动存在 StrandHogg 2.0 栈劫持漏洞的风险。漏洞利用时,其他应用程序可以将恶意活动放置在易受攻击的应用程序的活动栈顶部,从而使应用程序成为网络钓鱼攻击的易受攻击目标。可以通过将启动模式属性设置为“singleInstance”并设置空 taskAffinity (taskAffinity="") 来修复此漏洞。您还可以将应用的目标 SDK 版本 (28) 更新到 29 或更高版本以在平台级别修复此问题。
高危 Activity (cn.jpush.android.ui.PopWinActivity) is vulnerable to StrandHogg 2.0
已发现活动存在 StrandHogg 2.0 栈劫持漏洞的风险。漏洞利用时,其他应用程序可以将恶意活动放置在易受攻击的应用程序的活动栈顶部,从而使应用程序成为网络钓鱼攻击的易受攻击目标。可以通过将启动模式属性设置为“singleInstance”并设置空 taskAffinity (taskAffinity="") 来修复此漏洞。您还可以将应用的目标 SDK 版本 (28) 更新到 29 或更高版本以在平台级别修复此问题。
高危 Activity (cn.jpush.android.ui.PushActivity) is vulnerable to StrandHogg 2.0
已发现活动存在 StrandHogg 2.0 栈劫持漏洞的风险。漏洞利用时,其他应用程序可以将恶意活动放置在易受攻击的应用程序的活动栈顶部,从而使应用程序成为网络钓鱼攻击的易受攻击目标。可以通过将启动模式属性设置为“singleInstance”并设置空 taskAffinity (taskAffinity="") 来修复此漏洞。您还可以将应用的目标 SDK 版本 (28) 更新到 29 或更高版本以在平台级别修复此问题。
高危 Activity (cn.jpush.android.service.JNotifyActivity) is vulnerable to StrandHogg 2.0
已发现活动存在 StrandHogg 2.0 栈劫持漏洞的风险。漏洞利用时,其他应用程序可以将恶意活动放置在易受攻击的应用程序的活动栈顶部,从而使应用程序成为网络钓鱼攻击的易受攻击目标。可以通过将启动模式属性设置为“singleInstance”并设置空 taskAffinity (taskAffinity="") 来修复此漏洞。您还可以将应用的目标 SDK 版本 (28) 更新到 29 或更高版本以在平台级别修复此问题。
高危 Activity (cn.android.service.JTransitActivity) is vulnerable to StrandHogg 2.0
已发现活动存在 StrandHogg 2.0 栈劫持漏洞的风险。漏洞利用时,其他应用程序可以将恶意活动放置在易受攻击的应用程序的活动栈顶部,从而使应用程序成为网络钓鱼攻击的易受攻击目标。可以通过将启动模式属性设置为“singleInstance”并设置空 taskAffinity (taskAffinity="") 来修复此漏洞。您还可以将应用的目标 SDK 版本 (28) 更新到 29 或更高版本以在平台级别修复此问题。
高危 Activity (cn.jpush.android.service.DActivity) is vulnerable to StrandHogg 2.0
已发现活动存在 StrandHogg 2.0 栈劫持漏洞的风险。漏洞利用时,其他应用程序可以将恶意活动放置在易受攻击的应用程序的活动栈顶部,从而使应用程序成为网络钓鱼攻击的易受攻击目标。可以通过将启动模式属性设置为“singleInstance”并设置空 taskAffinity (taskAffinity="") 来修复此漏洞。您还可以将应用的目标 SDK 版本 (28) 更新到 29 或更高版本以在平台级别修复此问题。
高危 不安全的Web视图实现。Web视图忽略SSL证书错误并接受任何SSL证书。此应用程序易受MITM攻击
不安全的Web视图实现。Web视图忽略SSL证书错误并接受任何SSL证书。此应用程序易受MITM攻击 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x05g-Testing-Network-Communication.md#webview-server-certificate-verification Files: com/uzmap/pkg/uzcore/i/d.java, line(s) 156,166,151
高危 该文件是World Readable。任何应用程序都可以读取文件
该文件是World Readable。任何应用程序都可以读取文件 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x05d-Testing-Data-Storage.md#testing-local-storage-for-sensitive-data-mstg-storage-1-and-mstg-storage-2 Files: com/apicloud/fileBrowser/fileexplorer/FileIconHelper.java, line(s) 29,40,47,54,61,68,75,83 com/apicloud/fileBrowser/fileexplorer/FileListAdapter.java, line(s) 41,52,58,75 com/apicloud/fileBrowser/fileexplorer/FileListItem.java, line(s) 74,81,100,115,142,167 com/apicloud/fileBrowser/fileexplorer/FileViewActivity.java, line(s) 158,202,307,315 com/apicloud/fileBrowser/fileexplorer/FileViewInteractionHub.java, line(s) 135,317,327,334,342,350,358,366,374,382,390,396 com/deepe/b/f/a.java, line(s) 228 com/unionpay/UPPayAssistEx.java, line(s) 646
高危 如果一个应用程序使用WebView.loadDataWithBaseURL方法来加载一个网页到WebView,那么这个应用程序可能会遭受跨站脚本攻击
如果一个应用程序使用WebView.loadDataWithBaseURL方法来加载一个网页到WebView,那么这个应用程序可能会遭受跨站脚本攻击 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x05h-Testing-Platform-Interaction.md#static-analysis-7 Files: com/uzmap/pkg/openapi/SuperWebview.java, line(s) 488,13 com/uzmap/pkg/uzcore/i/b/f.java, line(s) 143,14
高危 该文件是World Writable。任何应用程序都可以写入文件
该文件是World Writable。任何应用程序都可以写入文件 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x05d-Testing-Data-Storage.md#testing-local-storage-for-sensitive-data-mstg-storage-1-and-mstg-storage-2 Files: com/apicloud/fileBrowser/fileexplorer/FileIconHelper.java, line(s) 27,38,45,52,59,66,73,81 com/apicloud/fileBrowser/fileexplorer/FileListAdapter.java, line(s) 50,66,76 com/apicloud/fileBrowser/fileexplorer/FileListItem.java, line(s) 72,79,98,113,140,147,149,164 com/apicloud/fileBrowser/fileexplorer/FileViewActivity.java, line(s) 156,198,305,313 com/apicloud/fileBrowser/fileexplorer/FileViewInteractionHub.java, line(s) 315,325,332,340,348,356,364,372,380,388,406 com/deepe/c/k/g.java, line(s) 38
高危 使用弱加密算法
使用弱加密算法 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x04g-Testing-Cryptography.md#identifying-insecure-andor-deprecated-cryptographic-algorithms-mstg-crypto-4 Files: com/unionpay/utils/d.java, line(s) 15
高危 启用了调试配置。生产版本不能是可调试的
启用了调试配置。生产版本不能是可调试的 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x04c-Tampering-and-Reverse-Engineering.md#debugging-and-tracing Files: com/apicloud/glide/BuildConfig.java, line(s) 3,6 com/example/gprintersdkv1/BuildConfig.java, line(s) 3,4
高危 SSL的不安全实现。信任所有证书或接受自签名证书是一个关键的安全漏洞。此应用程序易受MITM攻击
SSL的不安全实现。信任所有证书或接受自签名证书是一个关键的安全漏洞。此应用程序易受MITM攻击 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x05g-Testing-Network-Communication.md#android-network-apis Files: com/lidroid/xutils/http/client/DefaultSSLSocketFactory.java, line(s) 61,13,14,15 com/lidroid/xutils/util/OtherUtils.java, line(s) 212,212,14,15,16,17,18
中危 应用程序已启用明文网络流量
[android:usesCleartextTraffic=true] 应用程序打算使用明文网络流量,例如明文HTTP,FTP协议,DownloadManager和MediaPlayer。针对API级别27或更低的应用程序,默认值为“true”。针对API级别28或更高的应用程序,默认值为“false”。避免使用明文流量的主要原因是缺乏机密性,真实性和防篡改保护;网络攻击者可以窃听传输的数据,并且可以在不被检测到的情况下修改它。
中危 Service (com.mob.MobACService) 未被保护。
[android:exported=true] 发现 Service与设备上的其他应用程序共享,因此可被设备上的任何其他应用程序访问。
中危 Activity (com.mob.id.MobIDActivity) 未被保护。
[android:exported=true] 发现 Activity与设备上的其他应用程序共享,因此可被设备上的任何其他应用程序访问。
中危 Activity (com.mob.id.MobIDSYActivity) 未被保护。
[android:exported=true] 发现 Activity与设备上的其他应用程序共享,因此可被设备上的任何其他应用程序访问。
中危 Service (com.mob.id.MobIDService) 未被保护。
[android:exported=true] 发现 Service与设备上的其他应用程序共享,因此可被设备上的任何其他应用程序访问。
中危 Activity (com.mob.guard.MobTranPullUpActivity) 未被保护。
[android:exported=true] 发现 Activity与设备上的其他应用程序共享,因此可被设备上的任何其他应用程序访问。
中危 Activity (com.mob.guard.MobTranPullLockActivity) 未被保护。
[android:exported=true] 发现 Activity与设备上的其他应用程序共享,因此可被设备上的任何其他应用程序访问。
中危 Service (com.mob.guard.MobGuardPullUpService) 未被保护。
[android:exported=true] 发现 Service与设备上的其他应用程序共享,因此可被设备上的任何其他应用程序访问。
中危 Activity (cn.jpush.android.ui.PopWinActivity) 未被保护。
[android:exported=true] 发现 Activity与设备上的其他应用程序共享,因此可被设备上的任何其他应用程序访问。
中危 Activity (cn.jpush.android.ui.PushActivity) 未被保护。
[android:exported=true] 发现 Activity与设备上的其他应用程序共享,因此可被设备上的任何其他应用程序访问。
中危 Content Provider (cn.jpush.android.service.DownloadProvider) 未被保护。
[android:exported=true] 发现 Content Provider与设备上的其他应用程序共享,因此可被设备上的任何其他应用程序访问。
中危 Activity (cn.jpush.android.service.JNotifyActivity) 未被保护。
[android:exported=true] 发现 Activity与设备上的其他应用程序共享,因此可被设备上的任何其他应用程序访问。
中危 Activity (cn.android.service.JTransitActivity) 未被保护。
[android:exported=true] 发现 Activity与设备上的其他应用程序共享,因此可被设备上的任何其他应用程序访问。
中危 Service (cn.jpush.android.service.DaemonService) 未被保护。
[android:exported=true] 发现 Service与设备上的其他应用程序共享,因此可被设备上的任何其他应用程序访问。
中危 Activity (cn.jpush.android.service.DActivity) 未被保护。
[android:exported=true] 发现 Activity与设备上的其他应用程序共享,因此可被设备上的任何其他应用程序访问。
中危 高优先级的Intent (1000)
[android:priority] 通过设置一个比另一个Intent更高的优先级,应用程序有效地覆盖了其他请求。
中危 应用程序可以读取/写入外部存储器,任何应用程序都可以读取写入外部存储器的数据
应用程序可以读取/写入外部存储器,任何应用程序都可以读取写入外部存储器的数据 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x05d-Testing-Data-Storage.md#external-storage Files: com/apicloud/a/i/a/d/g.java, line(s) 27 com/apicloud/devlop/FNImageClip/SaveUtil.java, line(s) 38,72 com/apicloud/fileBrowser/fileexplorer/FileOperationHelper.java, line(s) 53,102,173 com/apicloud/fileBrowser/fileexplorer/FileViewInteractionHub.java, line(s) 263 com/apicloud/fileBrowser/fileexplorer/Util.java, line(s) 36,60,386,390 com/apicloud/wxphotopicker/Utils/ImageUtil.java, line(s) 24,22 com/apicloud/wxphotopicker/Utils/UriUtils.java, line(s) 24,26 com/deepe/b/f.java, line(s) 35 com/deepe/c/a/j.java, line(s) 20,36,52 com/gprinter/command/GpUtils.java, line(s) 87 com/lidroid/xutils/util/OtherUtils.java, line(s) 81 com/unionpay/utils/j.java, line(s) 30 com/uzmap/pkg/uzcore/g/c.java, line(s) 30 com/uzmap/pkg/uzcore/g/d.java, line(s) 230 com/uzmap/pkg/uzmodules/photoBrowser/ImageLoader.java, line(s) 74,79 com/uzmap/pkg/uzmodules/uzFNScanner/Zxing/decoding/Utils.java, line(s) 31 com/uzmap/pkg/uzmodules/uzFNScanner/utlis/ScanUtil.java, line(s) 76,237 com/uzmap/pkg/uzmodules/uzFNScanner/utlis/UriUtils.java, line(s) 24,26 com/uzmap/pkg/uzmodules/uzimageBrowser/activity/BaseActivity.java, line(s) 55 com/uzmap/pkg/uzmodules/uzimageBrowser/activity/ImageActivity.java, line(s) 301,305 com/uzmap/pkg/uzmodules/uzimageFilter/uzimageFilter.java, line(s) 289,387,497 net/apicloud/selector/utils/TakePhotoUtil.java, line(s) 43,24,38 top/zibin/luban/LubanUtils.java, line(s) 29,31
中危 应用程序使用不安全的随机数生成器
应用程序使用不安全的随机数生成器 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x04g-Testing-Cryptography.md#weak-random-number-generators Files: cn/smssdk/gui/ContactsPage.java, line(s) 27 com/deepe/c/i/d.java, line(s) 5 com/deepe/c/j/e/a/c.java, line(s) 10 com/lidroid/xutils/http/client/multipart/MultipartEntity.java, line(s) 11 com/uzmap/pkg/uzcore/UZCoreUtil.java, line(s) 22
中危 MD5是已知存在哈希冲突的弱哈希
MD5是已知存在哈希冲突的弱哈希 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x04g-Testing-Cryptography.md#identifying-insecure-andor-deprecated-cryptographic-algorithms-mstg-crypto-4 Files: cn/smssdk/logger/a.java, line(s) 41 cn/smssdk/net/h/f.java, line(s) 14 com/deepe/c/g/f.java, line(s) 13 com/lidroid/xutils/cache/MD5FileNameGenerator.java, line(s) 10 com/unionpay/utils/b.java, line(s) 182 com/uzmap/pkg/uzmodules/photoBrowser/ImageDownLoader.java, line(s) 167 com/uzmap/pkg/uzmodules/photoBrowser/ImageLoader.java, line(s) 227 com/uzmap/pkg/uzmodules/uzimageBrowser/ImageLoader.java, line(s) 122 com/uzmap/pkg/uzmodules/uzimageBrowser/activity/ImageActivity.java, line(s) 267 com/uzmap/pkg/uzmodules/uzimageBrowser/utils/ImageDownLoader.java, line(s) 149
中危 SHA-1是已知存在哈希冲突的弱哈希
SHA-1是已知存在哈希冲突的弱哈希 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x04g-Testing-Cryptography.md#identifying-insecure-andor-deprecated-cryptographic-algorithms-mstg-crypto-4 Files: com/deepe/c/g/f.java, line(s) 45 com/deepe/c/j/f.java, line(s) 161 com/deepe/c/l/b/b.java, line(s) 247 com/unionpay/utils/UPUtils.java, line(s) 16 com/unionpay/utils/b.java, line(s) 167
中危 应用程序使用SQLite数据库并执行原始SQL查询。原始SQL查询中不受信任的用户输入可能会导致SQL注入。敏感信息也应加密并写入数据库
应用程序使用SQLite数据库并执行原始SQL查询。原始SQL查询中不受信任的用户输入可能会导致SQL注入。敏感信息也应加密并写入数据库 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x04h-Testing-Code-Quality.md#injection-flaws-mstg-arch-2-and-mstg-platform-2 Files: com/deepe/f/a/a.java, line(s) 4,5,14 com/lidroid/xutils/DbUtils.java, line(s) 5,752
中危 应用程序创建临时文件。敏感信息永远不应该被写进临时文件
应用程序创建临时文件。敏感信息永远不应该被写进临时文件 Files: com/eclipsesource/v8/NodeJS.java, line(s) 75
中危 文件可能包含硬编码的敏感信息,如用户名、密码、密钥等
文件可能包含硬编码的敏感信息,如用户名、密码、密钥等 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x05d-Testing-Data-Storage.md#checking-memory-for-sensitive-data-mstg-storage-10 Files: com/unionpay/tsmservice/data/Constant.java, line(s) 189,191 com/unionpay/tsmservice/data/ResultCode.java, line(s) 73,60 com/unionpay/tsmservice/mi/data/Constant.java, line(s) 131,135 com/unionpay/tsmservice/mi/data/ResultCode.java, line(s) 31,29 com/uzmap/pkg/uzkit/fineHttp/RequestParam.java, line(s) 16 com/uzmap/pkg/uzmodules/uzFNScanner/Zxing/decoding/Intents.java, line(s) 45 compile/Properties.java, line(s) 10,26
中危 IP地址泄露
IP地址泄露 Files: com/apicloud/zhaofei/xprinterplus/Constant.java, line(s) 14 com/apicloud/zhaofei/xprinterplus/XPrinterPlusModule.java, line(s) 239
中危 不安全的Web视图实现。可能存在WebView任意代码执行漏洞
不安全的Web视图实现。可能存在WebView任意代码执行漏洞 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x05h-Testing-Platform-Interaction.md#testing-javascript-execution-in-webviews-mstg-platform-5 Files: com/unionpay/WebViewJavascriptBridge.java, line(s) 32,29
中危 应用程序包含隐私跟踪程序
此应用程序有多个1隐私跟踪程序。跟踪器可以跟踪设备或用户,是终端用户的隐私问题。
中危 此应用可能包含硬编码机密信息
从应用程序中识别出以下机密确保这些不是机密或私人信息 MobTech(袤博科技) 推送SDK的=> "Mob-AppKey" : "327cbd5bba87b" MobTech(袤博科技) 推送SDK的=> "Mob-AppSecret" : "0103f5423865fb98e695f04961bf5e0c" "smssdk_authorize_dialog_reject" : "Disagree" "smssdk_authorize_dialog_accept" : "Agree" ba6a81f2c13fb0ba3b96d99619 f6e50617931173015060355040b130e4368696e6120556e696 aHR0cHM6Ly93d3cuZ29vZ2xlLWFuYWx5dGljcy5jb20vYmF0Y2g= YW5kcm9pZC50ZWxlcGhvbnkuU21zTWFuYWdlcg== 64c2f89fdffa16729c9779f99562bc189d2ce4722ba0faedb11aa22d0d9db228fda 38cfad789e9808443d11f2f9be 62587239-AD3C-8190-47B4-37DE080D7E9D 1001a3e74c601e3beb1b7ae4f9ab2872a0aaf1dbc2cba89c7528cd 2c4a9fef9ffa03e5deb5973ab9 2628761069dd35867eda68fe2a 54aa526e7a37d8ba2311a1d3d2ab79b3fbeaf3ebb9e7da9e7cdd9be1ae5a53595f47 ZGlzdC9iYXNlL2FwaWJhc2UuanM= 0c0731ac543eb71311c482a2e2 c15ee2d2f01aba51d33985e6c5 d993f23339944e4de27e4b0a12 15060355040a130e4368696e6120556e696f6e50617931173015060355040b130e4 Um6KcRJbF1vsF/zTJLvpHYey5Cam3apb9vgw5B2hRjmuQKQr 861693111300f060355040713085368616e67686169311730 38197ca7950aec7020d516fbb2 1ef570e1013109c50df8f8c2015faed71e4cf7c53ca9195a99c574ca046aeefdf70bc5fd69f04b0eadf63398698f776cf1ef0db5134efddc3aa4825b69aee94b55356a15d2a50a325ef7bd2d9efe15f3ac5d2303e0bdf5147b3d0fb5fa4fd1d5ea07fe1b45912ff9d7fe472136ff49cb1176f039219bc737ec7ccad132a5ce57 fa3acdf1b118fc26668bf72a70d60aa024a2667254c5f0bb8f082bc384b38a4e6d3d1b672467a19793c8f770c63f48b409e87f5787371789af40b95eae9867b9 6e696f6e5061793111300f06035504031308556e696f6e5061 d9255940da7b6cd07483f4b4243fd1825b2705 0520d3554a69ad50a3b87d1760 D75BB2802E61738A9A03BF014F927D9A aHR0cHM6Ly93d3cuZ29vZ2xlLWFuYWx5dGljcy5jb20vY29sbGVjdA== 91d898dfde6fb787ab3d926f9d 08eb9b5c67474d027fa03ce35109b11604083ab6bb4df2c46240f879f 8cc1d6ed5e1b2cc00489215aec3fc2eac008e767b0215981cb5e e247e8b45bd557f70ac6dcc0cb 0000000023456789abcdef12123456786789abcd 11300f060355040813085368616e67686169311130 b1fdf62b0f540fca5458b063af9354925a6c3505a18ff164b6b195f6e517eaee1fb783 3015060355040a130e4368696e6120556e696 72ecd0c6ca96361c7f3bcd7144 92a864886f70d010101050003818d0030818902818100c42e6236d5054ffccaa e27eaf3fc3e24047bd5d4ec3a8 0f060355040713085368616e676861693117 e94ddc285669ec06b8a405dd4341eac4ea7030203010001300d06092a864886f70d010105050003818 e6a941cd02e3f29465cd438d16 dedc8bf1514d6c6a5e456fba74 f6e5061793111300f06035504031308556e696f6e50617930819f300d060 536C79B93ACFBEA950AE365D8CE1AEF91FEA9535 89504e470d0a1a0a0000000d49484452000000210000003c0806000000e8acd32a000000097048597300000b1300000b1301009a9c1800000a4d6943435050686f746f73686f70204943432070726f66696c65000078da9d53775893f7163edff7650f5642d8f0b1976c81002223ac08c81059a21092006184101240c585880a561415119c4855c482d50a489d88e2a028b867418a885a8b555c38ee1fdca7b57d7aefededfbd7fbbce79ce7fcce79cf0f8011122691e6a26a003952853c3ad81f8f4f48c4c9bd80021548e0042010e6cbc26705c50000f00379787e74b03ffc01af6f00020070d52e2412c7e1ff83ba50265700209100e02212e70b01905200c82e54c81400c81800b053b3640a009400006c797c422200aa0d00ecf4493e0500d8a993dc1700d8a21ca908008d0100992847240240bb00605581522c02c0c200a0ac40222e04c0ae018059b632470280bd0500768e58900f4060008099422ccc0020380200431e13cd03204c03a030d2bfe0a95f7085b8480100c0cb95cd974bd23314b895d01a77f2f0e0e221e2c26cb142611729106609e4229c979b231348e7034cce0c00001af9d1c1fe383f90e7e6e4e1e666e76ceff4c5a2fe6bf06f223e21f1dffebc8c020400104ecfefda5fe5e5d60370c701b075bf6ba95b00da560068dff95d33db09a05a0ad07af98b7938fc401e9ea150c83c1d1c0a0b0bed2562a1bd30e38b3eff33e16fe08b7ef6fc401efedb7af000719a4099adc0a383fd71616e76ae528ee7cb0442316ef7e723fec7857ffd8e29d1e234b15c2c158af15889b850224dc779b952914421c995e212e97f32f11f96fd0993770d00ac864fc04eb607b5cb6cc07eee01028b0e58d27600407ef32d8c1a0b91001067343279f7000093bff98f402b0100cd97a4e30000bce8185ca894174cc608000044a0812ab041070cc114acc00e9cc11dbcc01702610644400c24c03c104206e4801c0aa11896411954c03ad804b5b0031aa0119ae110b4c131380de7e0125c81eb70170660189ec218bc86090441c8081361213a8811628ed822ce0817998e04226148349280a420e988145122c5c872a402a9426a915d4823f22d7214398d5c40fa90dbc820328afc8abc47319481b25103d4027540b9a81f1a8ac6a073d174340f5d8096a26bd11ab41e3d80b6a2a7d14be87574007d8a8e6380d1310e668cd9615c8c87456089581a26c71663e55835568f35631d583776151bc09e61ef0824028b8013ec085e8410c26c82909047584c5843a825ec23b412ba085709838431c2272293a84fb4257a12f9c478623ab1905846ac26ee211e219e255e270e135f9348240ec992e44e0a21259032490b496b48db482da453a43ed210699c4c26eb906dc9dee408b280ac209791b7900f904f92fbc9c3e4b7143ac588e24c09a22452a494124a35653fe504a59f324299a0aa51cda99ed408aa883a9f5a496da076502f5387a91334759a25cd9b1643cba42da3d5d09a696769f7682fe974ba09dd831e4597d097d26be807e9e7e983f4770c0d860d83c7486228196b197b19a718b7192f994ca605d39799c85430d7321b9967980f986f55582af62a7c1591ca12953a9556957e95e7aa545573553fd579aa0b54ab550fab5e567da64655b350e3a909d416abd5a91d55bba936aece5277528f50cf515fa3be5ffd82fa630db2868546a08648a35463b7c6198d2116c63265f15842d6725603eb2c6b984d625bb2f9ec4c7605fb1b762f7b4c534373aa66ac6691669de671cd010ec6b1e0f039d99c4ace21ce0dce7b2d032d3f2db1d66aad66ad7ead37da7adabeda62ed72ed16edebdaef75709d409d2c9df53a6d3af77509ba36ba51ba85badb75cfea3ed363eb79e909f5caf50ee9ddd147f56df4a3f517eaefd6efd11f373034083690196c313863f0cc9063e86b9869b8d1f084e1a811cb68ba91c468a3d149a327b826ee8767e33578173e66ac6f1c62ac34de65dc6b3c61626932dba4c4a4c5e4be29cd946b9a66bad1b4d374ccccc82cdcacd8acc9ec8e39d59c6b9e61bed9bcdbfc8d85a5459cc54a8b368bc796da967ccb05964d96f7ac98563e567956f556d7ac49d65ceb2ceb6dd6576c501b579b0c9b3a9bcbb6a8ad9badc4769b6ddf14e2148f29d229f5536eda31ecfcec0aec9aec06ed39f661f625f66df6cf1dcc1c121dd63b743b7c727475cc766c70bceba4e134c3a9c4a9c3e957671b67a1739df33517a64b90cb1297769717536da78aa76e9f7acb95e51aeebad2b5d3f5a39bbb9bdcadd96dd4ddcc3dc57dabfb4d2e9b1bc95dc33def41f4f0f758e271cce39da79ba7c2f390e72f5e765e595efbbd1e4fb39c269ed6306dc8dbc45be0bdcb7b603a3e3d65facee9033ec63e029f7a9f87bea6be22df3dbe237ed67e997e07fc9efb3bfacbfd8ff8bfe179f216f14e056001c101e501bd811a81b3036b031f049904a50735058d05bb062f0c3e15420c090d591f72936fc017f21bf96333dc672c9ad115ca089d155a1bfa30cc264c1ed6118e86cf08df107e6fa6f94ce9ccb60888e0476c88b81f69199917f97d14292a32aa2eea51b453747174f72cd6ace459fb67bd8ef18fa98cb93bdb6ab6727667ac6a6c526c63ec9bb880b8aab8817887f845f1971274132409ed89e4c4d8c43d89e37302e76c9a339ce49a54967463aee5dca2b917e6e9cecb9e773c593559907c3885981297b23fe5832042502f184fe5a76e4d1d13f2849b854f45bea28da251b1b7b84a3c92e69d5695f638dd3b7d43fa68864f4675c633094f522b79911992b923f34d5644d6deaccfd971d92d39949c949ca3520d6996b42bd730b728b74f662b2b930de479e66dca1b9387caf7e423f973f3db156c854cd1a3b452ae500e164c2fa82b785b185b78b848bd485ad433df66feeaf9230b82167cbd90b050b8b0b3d8b87859f1e022bf45bb16238b5317772e315d52ba647869f0d27dcb68cbb296fd50e2585255f26a79dcf28e5283d2a5a5432b82573495a994c9cb6eaef45ab9631561956455ef6a97d55b567f2a17955fac70aca8aef8b046b8e6e2574e5fd57cf5796ddadade4ab7caedeb48eba4eb6eacf759bfaf4abd6a41d5d086f00dad1bf18de51b5f6d4ade74a17a6af58ecdb4cdcacd03356135ed5bccb6acdbf2a136a3f67a9d7f5dcb56fdadabb7bed926dad6bfdd777bf30e831d153bdeef94ecbcb52b78576bbd457df56ed2ee82dd8f1a621bbabfe67eddb847774fc59e8f7ba57b07f645efeb6a746f6cdcafbfbfb2096d52368d1e483a70e59b806fda9bed9a77b5705a2a0ec241e5c127dfa67c7be350e8a1cec3dcc3cddf997fb7f508eb48792bd23abf75ac2da36da03da1bdefe88ca39d1d5e1d47beb7ff7eef31e36375c7358f579ea09d283df1f9e48293e3a764a79e9d4e3f3dd499dc79f74cfc996b5d515dbd6743cf9e3f1774ee4cb75ff7c9f3dee78f5df0bc70f422f762db25b74bad3dae3d477e70fde148af5b6feb65f7cbed573cae74f44deb3bd1efd37ffa6ac0d573d7f8d72e5d9f79bdefc6ec1bb76e26dd1cb825baf5f876f6ed17770aee4cdc5d7a8f78affcbedafdea07fa0fea7fb4feb165c06de0f860c060cfc3590fef0e09879efe94ffd387e1d247cc47d52346238d8f9d1f1f1b0d1abdf264ce93e1a7b2a713cfca7e56ff79eb73abe7dffde2fb4bcf58fcd8f00bf98bcfbfae79a9f372efaba9af3ac723c71fbcce793df1a6fcadcedb7defb8efbadfc7bd1f9928fc40fe50f3d1fa63c7a7d04ff73ee77cfefc2ff784f3fb25d29f33000000206348524d00007a25000080830000f9ff000080e9000075300000ea6000003a980000176f925fc546000002744944415478dabcd9c96b145110c7f1d734b6c9b8ef8a0b2e410cfe77826741100441c48324a006040f8a08828a8a102689c11d238a3b8a0b060feaf7e8e979e9816178f57a7b5587390df47c86ee7e55f52b0738c3cf3ae01af00f580226bdf7ce1af010f0439fbe25622db03802f0c02f2bc41a602100f0c094056215302f00ee0063da881ed01700f78071c069227ac0ac00b85f7eef3411bdf2874280d9618016621cb82b00faa3000dc4caf2610b01e6cb87d469220ae0b60058285f53a78928809b0260b13c299d26a2006e0880475580148802b82e009ed4017445ac28ab6108f014585ff75a6d11397055003c073636b95e1b440e5c11002f804d4dff5453440e5c16004bc09636b7b60922072e0980576d014d10393023005e035bbbbce6751019704100bc01b6753decaa1019705e00bc0576a438f263880c981200ef819da90a9f84c8807302e003b02b65f90f2132e0ac00f804ec4edd0485106704c067608f462b388a382d00be007bb51ae261c42901f015d8a739160c104705c037e080f6703440fc0900be03131623e200f137342302872d114784dbb10c4c5a211c704c80fc040e59211c705c80fc000e5a211c704280a83da852ed3869f9cac6aa68ecf0da6f85303bc6eb7456ea05ad6e7ba75adaeb36bab126e763d726a749cb9f01d31aed5ed3e127d6f8be6bdbf8b6190333e0626404d86e81483e0c758906928d855d4392d880fcb22e24455c5415156cb640740e4d524688b1f8e819b0c102d13a48d388956391e2e310442b602f805b75c355cd55432c667e50aea3d4110e18ab08dc575b20aa560f7340cf6a11175bc24c5bae24a575d4b2f57236b4989bb3460c569433c0ef1234e1bd77ff070038285c304da61b3c0000000049454e44ae426082 315fdfa6abc4b17d8c139605de b1ff56cef0e21c87260c63ce3ca868bf5974c14 3634385a3078310b300906035504061302383631 258EAFA5-E914-47DA-95CA-C5AB0DC85B11
信息 应用程序记录日志信息,不得记录敏感信息
应用程序记录日志信息,不得记录敏感信息 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x05d-Testing-Data-Storage.md#logs Files: cn/smssdk/net/b.java, line(s) 335 cn/smssdk/utils/SMSLog.java, line(s) 11 co/senab/photoview/PhotoViewAttacher.java, line(s) 57 co/senab/photoview/log/LoggerDefault.java, line(s) 18,23,48,53,28,33,8,13,38,43 com/apicloud/a/d/g.java, line(s) 57,90 com/apicloud/a/i/a/ah/a/d.java, line(s) 415 com/apicloud/a/i/a/ah/a/j.java, line(s) 145,250,258 com/apicloud/a/i/a/d/a/c.java, line(s) 134,156,173,177,190,348,695,709 com/apicloud/a/i/a/r/s.java, line(s) 28,34,40,46,58 com/apicloud/a/i/a/v/g.java, line(s) 35,66 com/apicloud/a/i/a/y/a/a/f.java, line(s) 32 com/apicloud/c/a/a/g.java, line(s) 71 com/apicloud/c/a/a/j.java, line(s) 922,1003,2511,2538,3046,3817,4224,4547,4611,4925,5498,5720,5829,5889,4385,5910 com/apicloud/c/b/d.java, line(s) 24,44,30,36,33 com/apicloud/devlop/FNImageClip/ClipView.java, line(s) 289 com/apicloud/devlop/FNImageClip/ImgClipOpen.java, line(s) 47 com/apicloud/devlop/FNImageClip/ImgClipSave.java, line(s) 41 com/apicloud/devlop/FNImageClip/SaveUtil.java, line(s) 93 com/apicloud/devlop/FNImageClip/TounchListener.java, line(s) 140,64,65,66,67,163,176,177,207,214,215 com/apicloud/fileBrowser/Utils/LogUtil.java, line(s) 28,36,20,24,40,47,32 com/apicloud/fileBrowser/Utils/ViewUtil.java, line(s) 118 com/apicloud/fileBrowser/fileexplorer/FileIconLoader.java, line(s) 193 com/apicloud/fileBrowser/fileexplorer/FileOperationHelper.java, line(s) 143,159,183,189,216,234,30,181,229,246 com/apicloud/fileBrowser/fileexplorer/FileViewActivity.java, line(s) 240,245,262 com/apicloud/fileBrowser/fileexplorer/FileViewInteractionHub.java, line(s) 482,434,443,264,268 com/apicloud/fileBrowser/fileexplorer/Util.java, line(s) 147,251,280,400,315 com/apicloud/fileBrowser/pop/OptionMenuView.java, line(s) 281 com/apicloud/glide/Glide.java, line(s) 321,108,107,318 com/apicloud/glide/disklrucache/DiskLruCache.java, line(s) 99 com/apicloud/glide/gifdecoder/GifDecoder.java, line(s) 130,143,157,129,142,156,177,186,556 com/apicloud/glide/gifdecoder/GifHeaderParser.java, line(s) 206,240,205,239 com/apicloud/glide/gifencoder/AnimatedGifEncoder.java, line(s) 282,281 com/apicloud/glide/load/data/AssetPathFetcher.java, line(s) 43,44 com/apicloud/glide/load/data/HttpUrlFetcher.java, line(s) 90,89 com/apicloud/glide/load/data/LocalUriFetcher.java, line(s) 44,45 com/apicloud/glide/load/data/MediaStoreThumbFetcher.java, line(s) 70,160,69,159 com/apicloud/glide/load/engine/CacheLoader.java, line(s) 28,33,27,32 com/apicloud/glide/load/engine/DecodeJob.java, line(s) 229,64,69,81,99,105,117,126,144,154,159,228,199 com/apicloud/glide/load/engine/Engine.java, line(s) 73,81,89,99,106 com/apicloud/glide/load/engine/EngineRunnable.java, line(s) 98,47,52,97,48,53 com/apicloud/glide/load/engine/bitmap_recycle/LruBitmapPool.java, line(s) 103,124,132,157,70,77,102,114,123,131,145,156,164,71,78,115,170,146 com/apicloud/glide/load/engine/cache/DiskLruCacheWrapper.java, line(s) 57,84,98,110,60,85,99,111 com/apicloud/glide/load/engine/cache/MemorySizeCalculator.java, line(s) 60,46 com/apicloud/glide/load/engine/executor/FifoPriorityThreadPoolExecutor.java, line(s) 26,25 com/apicloud/glide/load/engine/prefill/BitmapPreFillRunner.java, line(s) 64,63 com/apicloud/glide/load/model/ImageVideoModelLoader.java, line(s) 53,65,54,66 com/apicloud/glide/load/model/ResourceLoader.java, line(s) 29,30 com/apicloud/glide/load/model/StreamEncoder.java, line(s) 31,30 com/apicloud/glide/load/resource/bitmap/BitmapEncoder.java, line(s) 37,40 com/apicloud/glide/load/resource/bitmap/Downsampler.java, line(s) 275,96,104,110,186,195,202,209,236,243,274,97,105,111,187,196,203,212,237,244 com/apicloud/glide/load/resource/bitmap/ImageHeaderParser.java, line(s) 126,136,151,157,171,185,191,195,200,206,210,125,135,150,156,170,184,190,194,199,205,209 com/apicloud/glide/load/resource/bitmap/ImageVideoBitmapDecoder.java, line(s) 36,37 com/apicloud/glide/load/resource/bitmap/RecyclableBufferedInputStream.java, line(s) 70,69 com/apicloud/glide/load/resource/bitmap/TransformationUtils.java, line(s) 116,139,67,76,87,115,136,68,77,88,89,90,94 com/apicloud/glide/load/resource/gif/GifResourceDecoder.java, line(s) 91 com/apicloud/glide/load/resource/gif/GifResourceEncoder.java, line(s) 80,68,79,69 com/apicloud/glide/manager/RequestManagerFragment.java, line(s) 92,93 com/apicloud/glide/manager/RequestManagerRetriever.java, line(s) 180,181,189 com/apicloud/glide/manager/SupportRequestManagerFragment.java, line(s) 91,92 com/apicloud/glide/request/GenericRequest.java, line(s) 381,168,276,291,297,364,380,391 com/apicloud/glide/request/target/ViewTarget.java, line(s) 199,200 com/apicloud/glide/util/ByteArrayPool.java, line(s) 35,34 com/apicloud/glide/util/ContentLengthInputStream.java, line(s) 29,28 com/apicloud/wxphotopicker/Utils/ImageUtil.java, line(s) 149,63 com/apicloud/wxphotopicker/Utils/LogUtil.java, line(s) 28,36,20,24,40,47,32 com/apicloud/wxphotopicker/Utils/ViewUtil.java, line(s) 118 com/apicloud/wxphotopicker/WXPhotoPickerModule.java, line(s) 69,90,95,100,183,190,211 com/apicloud/wxphotopicker/loader/ImageModel.java, line(s) 248 com/apicloud/wxphotopicker/widgetUtil/GroupView.java, line(s) 149,165 com/apicloud/zhaofei/xprinterplus/BluetoothDeviceList.java, line(s) 86,48,68 com/apicloud/zhaofei/xprinterplus/ConnMoreDevicesActivity.java, line(s) 97 com/apicloud/zhaofei/xprinterplus/DeviceConnFactoryManager.java, line(s) 214,509,511,273,297,315 com/apicloud/zhaofei/xprinterplus/ListViewAdapter.java, line(s) 92 com/apicloud/zhaofei/xprinterplus/ThreadPool.java, line(s) 45 com/apicloud/zhaofei/xprinterplus/UsbDeviceList.java, line(s) 59,66 com/apicloud/zhaofei/xprinterplus/WifiParameterConfigDialog.java, line(s) 38 com/apicloud/zhaofei/xprinterplus/XPrinterPlusModule.java, line(s) 114,156,228,232 com/deepe/b/a/a.java, line(s) 38 com/deepe/b/e.java, line(s) 79 com/deepe/b/f.java, line(s) 45 com/deepe/c/b/c/e.java, line(s) 498,662,676,695 com/deepe/c/b/d/b.java, line(s) 1516,1308 com/deepe/c/b/j.java, line(s) 716 com/deepe/c/f/d.java, line(s) 209,213 com/deepe/c/j/e/b.java, line(s) 49,50 com/deepe/c/j/q.java, line(s) 51,73 com/deepe/d/a.java, line(s) 81,118,89,131,93,86,122,135 com/deepe/f/a/d.java, line(s) 76 com/deepe/f/a/e.java, line(s) 38 com/deepe/f/a/f.java, line(s) 45 com/eclipsesource/v8/debug/V8DebugServer.java, line(s) 306,248,350,397,411,432 com/gprinter/command/EscCommand.java, line(s) 359,363,380,384,688,696,713,718,727,728,738,769 com/gprinter/command/LabelCommand.java, line(s) 596,603,611,618,626,652,660,675,695 com/gprinter/io/BluetoothPort.java, line(s) 34,37,51,72,90,102,106,118 com/gprinter/io/EthernetPort.java, line(s) 57,61,67,95,104,108,119 com/gprinter/io/SerialPort.java, line(s) 53,71,101 com/gprinter/io/UsbPort.java, line(s) 51,111,116,124,129 com/gprinter/utils/SerialPortControl.java, line(s) 34,40 com/gprinter/utils/SerialPortFinder.java, line(s) 34,59 com/lidroid/xutils/util/LogUtils.java, line(s) 65,77,89,101,113,125,137,149,161,173,185,197,209,221 com/unionpay/b/d.java, line(s) 25 com/unionpay/b/g.java, line(s) 25 com/unionpay/utils/j.java, line(s) 19,25,21,17,23 com/uzmap/pkg/uzcore/UZCoreUtil.java, line(s) 135 com/uzmap/pkg/uzcore/b/a.java, line(s) 174 com/uzmap/pkg/uzcore/i/b/a.java, line(s) 203 com/uzmap/pkg/uzkit/request/Request.java, line(s) 11,39 com/uzmap/pkg/uzmodules/UICalendar/CalendarView.java, line(s) 133,167 com/uzmap/pkg/uzmodules/photoBrowser/BitmapToolkit.java, line(s) 32 com/uzmap/pkg/uzmodules/photoBrowser/ImageBrowserAdapter.java, line(s) 85,90,195 com/uzmap/pkg/uzmodules/photoBrowser/ImageLoader.java, line(s) 53,314,382 com/uzmap/pkg/uzmodules/photoBrowser/ViewUtil.java, line(s) 118 com/uzmap/pkg/uzmodules/photoBrowser/view/largeImage/BlockImageLoader.java, line(s) 104,115,235,375,386,395,401,452,576,601,602,606,613,637,658,729,952,972,988,996,1041,1057,1083,1106,1127,1179,1215,1236 com/uzmap/pkg/uzmodules/photoBrowser/view/largeImage/LargeImageView.java, line(s) 477,505 com/uzmap/pkg/uzmodules/uzFNScanner/UzFNScanner.java, line(s) 538 com/uzmap/pkg/uzmodules/uzFNScanner/Zxing/CaptureActivity.java, line(s) 246,247 com/uzmap/pkg/uzmodules/uzFNScanner/Zxing/camera/AutoFocusCallback.java, line(s) 26 com/uzmap/pkg/uzmodules/uzFNScanner/Zxing/camera/CameraConfigurationManager.java, line(s) 37,39,57,62,109,129,146,196,207,40,64 com/uzmap/pkg/uzmodules/uzFNScanner/Zxing/camera/CameraManager.java, line(s) 184,200,136 com/uzmap/pkg/uzmodules/uzFNScanner/Zxing/camera/FlashlightManager.java, line(s) 18,20,52,63,72,75,78 com/uzmap/pkg/uzmodules/uzFNScanner/Zxing/camera/PreviewCallback.java, line(s) 36 com/uzmap/pkg/uzmodules/uzFNScanner/Zxing/decoding/CaptureActivityHandler.java, line(s) 64,69,88,92 com/uzmap/pkg/uzmodules/uzFNScanner/Zxing/decoding/CaptureActivityHandlerView.java, line(s) 63,68,78,80 com/uzmap/pkg/uzmodules/uzFNScanner/Zxing/decoding/DecodeHandler.java, line(s) 94 com/uzmap/pkg/uzmodules/uzFNScanner/Zxing/decoding/DecodeHandlerView.java, line(s) 80 com/uzmap/pkg/uzmodules/uzFNScanner/utlis/ScanUtil.java, line(s) 243 com/uzmap/pkg/uzmodules/uzTabBarMenu/UzTabBarMenu.java, line(s) 329 com/uzmap/pkg/uzmodules/uzUnionPay/TransActivity.java, line(s) 19 com/uzmap/pkg/uzmodules/uzimageBrowser/ImageLoader.java, line(s) 43 com/uzmap/pkg/uzmodules/uzimageBrowser/PhotoViewAttacher.java, line(s) 44,256,388 com/uzmap/pkg/uzmodules/uzimageBrowser/activity/BaseActivity.java, line(s) 67,125 com/uzmap/pkg/uzmodules/uzimageBrowser/activity/GalleryActivity.java, line(s) 61 com/uzmap/pkg/uzmodules/uzimageBrowser/activity/ImageActivity.java, line(s) 214,222,329,366 com/uzmap/pkg/uzmodules/uzimageBrowser/activity/SeekArc.java, line(s) 117,161,176,177 com/uzmap/pkg/uzmodules/uzimageBrowser/gestures/CupcakeGestureDetector.java, line(s) 54 com/uzmap/pkg/uzmodules/uzimageBrowser/log/LoggerDefault.java, line(s) 18,23,48,53,28,33,8,13,38,43 com/uzmap/pkg/uzmodules/uzimageBrowser/view/largeimage/BlockImageLoader.java, line(s) 100,111,230,359,370,379,385,440,669,702,703,706,713,737,755,823,1043,1063,1079,1087,1132,1148,1174,1197,1217,1273,1309,1329 com/uzmap/pkg/uzmodules/uzimageFilter/blur/EasyBlur.java, line(s) 62,65,68,121,335,93,96 com/uzmap/pkg/uzmodules/uzimageFilter/imageFilter/BlackWhiteFilter.java, line(s) 14,18 com/uzmap/pkg/uzmodules/uzimageFilter/imageFilter/Main/FilterFactory.java, line(s) 17 com/uzmap/pkg/uzmodules/uzimageFilter/imageFilter/Main/ProcessImageTask.java, line(s) 75,45,83 com/uzmap/pkg/uzmodules/uzimageFilter/uzimageFilter.java, line(s) 353,221,286 com/uzmap/pkg/uzmodules/uzinputField/UzInputField.java, line(s) 246 com/uzmap/pkg/uzmodules/uztimeSelector/NumberPicker.java, line(s) 872 com/uzmap/pkg/uzmodules/uztimeSelector/TimePicker.java, line(s) 111,149 net/apicloud/selector/data/MediaManager.java, line(s) 135,137,156,157,158,159,250,291 net/apicloud/selector/uis/SelectorActivity.java, line(s) 97,148,256,309,216,320,324,332,437,440 net/apicloud/selector/utils/MediaScanner.java, line(s) 37 org/simple/eventbus/SubsciberMethodHunter.java, line(s) 56 top/zibin/luban/Checker.java, line(s) 61,81,87,112,120 top/zibin/luban/Luban.java, line(s) 95,94 top/zibin/luban/LubanUtils.java, line(s) 65 top/zibin/luban/io/LruArrayPool.java, line(s) 86,124,87,125
信息 此应用侦听剪贴板更改。一些恶意软件也会监听剪贴板更改
此应用侦听剪贴板更改。一些恶意软件也会监听剪贴板更改 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x04b-Mobile-App-Security-Testing.md#clipboard Files: com/uzmap/pkg/uzmodules/uzclipboard/UzClipBoard.java, line(s) 18,82,82,82,83,84,93,93,94,3
安全 此应用程序可能具有Root检测功能
此应用程序可能具有Root检测功能 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x05j-Testing-Resiliency-Against-Reverse-Engineering.md#testing-root-detection-mstg-resilience-1 Files: com/deepe/c/a/c.java, line(s) 9,9,9,9,9,9 com/gprinter/utils/SerialPortControl.java, line(s) 28 com/unionpay/UPPayAssistEx.java, line(s) 242
安全 此应用程序使用SSL Pinning 来检测或防止安全通信通道中的MITM攻击
此应用程序使用SSL Pinning 来检测或防止安全通信通道中的MITM攻击 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x05g-Testing-Network-Communication.md#testing-custom-certificate-stores-and-certificate-pinning-mstg-network-4 Files: com/deepe/c/j/c/d.java, line(s) 18,17,16 com/unionpay/a/b.java, line(s) 29,28,27,27
关注 应用程序可能与位于OFAC制裁国家 (中国) 的服务器 (download.sdk.mob.com) 通信。
{'ip': '45.113.201.237', 'country_short': 'CN', 'country_long': '中国', 'region': '江苏', 'city': '扬州', 'latitude': '32.397221', 'longitude': '119.435600'}
关注 应用程序可能与位于OFAC制裁国家 (中国) 的服务器 (identify.verify.mob.com) 通信。
{'ip': '59.110.247.93', 'country_short': 'CN', 'country_long': '中国', 'region': '北京', 'city': '北京', 'latitude': '39.907501', 'longitude': '116.397102'}
关注 应用程序可能与位于OFAC制裁国家 (中国) 的服务器 (init.sms.mob.com) 通信。
{'ip': '59.110.247.93', 'country_short': 'CN', 'country_long': '中国', 'region': '北京', 'city': '北京', 'latitude': '39.907501', 'longitude': '116.397102'}
关注 应用程序可能与位于OFAC制裁国家 (中国) 的服务器 (www.mob.com) 通信。
{'ip': '45.113.201.237', 'country_short': 'CN', 'country_long': '中国', 'region': '江苏', 'city': '扬州', 'latitude': '32.397221', 'longitude': '119.435600'}
关注 应用程序可能与位于OFAC制裁国家 (中国) 的服务器 (iuap-yonbuilder-mamservice.yyuap.com) 通信。
{'ip': '59.110.247.93', 'country_short': 'CN', 'country_long': '中国', 'region': '北京', 'city': '北京', 'latitude': '39.907501', 'longitude': '116.397102'}