安全分析报告:
安全分数
安全分数 43/100
风险评级
等级
- A
- B
- C
- F
严重性分布 (%)
隐私风险
13
用户/设备跟踪器
调研结果
高危
9
中危
39
信息
4
安全
2
关注
3
高危 应用程序存在Janus漏洞
应用程序使用了v1签名方案进行签名,如果只使用v1签名方案,那么它就容易受到安卓5.0-8.0上的Janus漏洞的攻击。在安卓5.0-7.0上运行的使用了v1签名方案的应用程序,以及同时使用了v2/v3签名方案的应用程序也同样存在漏洞。
高危 如果一个应用程序使用WebView.loadDataWithBaseURL方法来加载一个网页到WebView,那么这个应用程序可能会遭受跨站脚本攻击
如果一个应用程序使用WebView.loadDataWithBaseURL方法来加载一个网页到WebView,那么这个应用程序可能会遭受跨站脚本攻击 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x05h-Testing-Platform-Interaction.md#static-analysis-7 Files: com/applovin/impl/adview/b.java, line(s) 426,14 com/applovin/impl/sdk/e/s.java, line(s) 94,4 com/fyber/inneractive/sdk/activities/InneractiveInternalBrowserActivity.java, line(s) 213,12 com/fyber/inneractive/sdk/config/r.java, line(s) 32,4 net/pubnative/lite/sdk/mraid/MRAIDView.java, line(s) 599,1189,44,45 net/pubnative/lite/sdk/vpaid/VideoAdControllerVpaid.java, line(s) 340,11,12
高危 使用弱加密算法
使用弱加密算法 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x04g-Testing-Cryptography.md#identifying-insecure-andor-deprecated-cryptographic-algorithms-mstg-crypto-4 Files: sn/m.java, line(s) 1213,203,206,1019,1040
高危 该文件是World Writable。任何应用程序都可以写入文件
该文件是World Writable。任何应用程序都可以写入文件 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x05d-Testing-Data-Storage.md#testing-local-storage-for-sensitive-data-mstg-storage-1-and-mstg-storage-2 Files: mediation/ad/AdSharedPrefImpl.java, line(s) 94,75 xe/a0.java, line(s) 31
高危 WebView域控制不严格漏洞
WebView域控制不严格漏洞 Files: ij/b.java, line(s) 96,89,137
高危 应用程序使用带PKCS5/PKCS7填充的加密模式CBC。此配置容易受到填充oracle攻击。
应用程序使用带PKCS5/PKCS7填充的加密模式CBC。此配置容易受到填充oracle攻击。 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x04g-Testing-Cryptography.md#identifying-insecure-andor-deprecated-cryptographic-algorithms-mstg-crypto-4 Files: com/fyber/inneractive/sdk/player/exoplayer2/extractor/hls/a.java, line(s) 43 t9/a.java, line(s) 44
高危 已启用远程WebView调试
已启用远程WebView调试 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x04c-Tampering-and-Reverse-Engineering.md#debugging-and-tracing Files: com/applovin/impl/adview/d.java, line(s) 166,9 com/fyber/inneractive/sdk/web/d.java, line(s) 392,7 net/pubnative/lite/sdk/views/PNWebView.java, line(s) 73,8
高危 该文件是World Readable。任何应用程序都可以读取文件
该文件是World Readable。任何应用程序都可以读取文件 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x05d-Testing-Data-Storage.md#testing-local-storage-for-sensitive-data-mstg-storage-1-and-mstg-storage-2 Files: com/fyber/fairbid/oi.java, line(s) 69
高危 应用程序包含隐私跟踪程序
此应用程序有多个13隐私跟踪程序。跟踪器可以跟踪设备或用户,是终端用户的隐私问题。
中危 应用程序可以安装在有漏洞的已更新 Android 版本上
Android 5.0-5.0.2, [minSdk=21] 该应用程序可以安装在具有多个未修复漏洞的旧版本 Android 上。这些设备不会从 Google 接收合理的安全更新。支持 Android 版本 => 10、API 29 以接收合理的安全更新。
中危 应用程序已启用明文网络流量
[android:usesCleartextTraffic=true] 应用程序打算使用明文网络流量,例如明文HTTP,FTP协议,DownloadManager和MediaPlayer。针对API级别27或更低的应用程序,默认值为“true”。针对API级别28或更高的应用程序,默认值为“false”。避免使用明文流量的主要原因是缺乏机密性,真实性和防篡改保护;网络攻击者可以窃听传输的数据,并且可以在不被检测到的情况下修改它。
中危 应用程序数据可以被备份
[android:allowBackup=true] 这个标志允许任何人通过adb备份你的应用程序数据。它允许已经启用了USB调试的用户从设备上复制应用程序数据。
中危 Activity设置了TaskAffinity属性
(com.myviocerecorder.voicerecorder.cancelsub.SettingSubsActivity) 如果设置了 taskAffinity,其他应用程序可能会读取发送到属于另一个任务的 Activity 的 Intent。为了防止其他应用程序读取发送或接收的 Intent 中的敏感信息,请始终使用默认设置,将 affinity 保持为包名
中危 Activity设置了TaskAffinity属性
(com.myviocerecorder.voicerecorder.cancelsub.SettingSubsFeedbackActivity) 如果设置了 taskAffinity,其他应用程序可能会读取发送到属于另一个任务的 Activity 的 Intent。为了防止其他应用程序读取发送或接收的 Intent 中的敏感信息,请始终使用默认设置,将 affinity 保持为包名
中危 Activity设置了TaskAffinity属性
(com.myviocerecorder.voicerecorder.cancelsub.SettingSubsFinalActivity) 如果设置了 taskAffinity,其他应用程序可能会读取发送到属于另一个任务的 Activity 的 Intent。为了防止其他应用程序读取发送或接收的 Intent 中的敏感信息,请始终使用默认设置,将 affinity 保持为包名
中危 Activity (com.myviocerecorder.voicerecorder.ui.activities.MainActivity) 未被保护。
[android:exported=true] 发现 Activity与设备上的其他应用程序共享,因此使其对设备上的任何其他应用程序都可访问。
中危 Activity (com.myviocerecorder.voicerecorder.ui.activities.PlayerActivity) 未被保护。
[android:exported=true] 发现 Activity与设备上的其他应用程序共享,因此使其对设备上的任何其他应用程序都可访问。
中危 Activity (com.myviocerecorder.voicerecorder.ui.activities.TrimActivity) 未被保护。
[android:exported=true] 发现 Activity与设备上的其他应用程序共享,因此使其对设备上的任何其他应用程序都可访问。
中危 Activity (com.myviocerecorder.voicerecorder.ui.activities.CropActivity) 未被保护。
[android:exported=true] 发现 Activity与设备上的其他应用程序共享,因此使其对设备上的任何其他应用程序都可访问。
中危 Activity设置了TaskAffinity属性
(com.myviocerecorder.voicerecorder.crop.EditSelectPicActivity) 如果设置了 taskAffinity,其他应用程序可能会读取发送到属于另一个任务的 Activity 的 Intent。为了防止其他应用程序读取发送或接收的 Intent 中的敏感信息,请始终使用默认设置,将 affinity 保持为包名
中危 Activity设置了TaskAffinity属性
(com.myviocerecorder.voicerecorder.selectPhoto.SelectPhotoActivity) 如果设置了 taskAffinity,其他应用程序可能会读取发送到属于另一个任务的 Activity 的 Intent。为了防止其他应用程序读取发送或接收的 Intent 中的敏感信息,请始终使用默认设置,将 affinity 保持为包名
中危 Activity (com.myviocerecorder.voicerecorder.purchase.VipBillingActivityForFiveDay2022) 未被保护。
[android:exported=true] 发现 Activity与设备上的其他应用程序共享,因此使其对设备上的任何其他应用程序都可访问。
中危 Activity (com.myviocerecorder.voicerecorder.purchase.VipBillingActivityForFiveDayOto2022) 未被保护。
[android:exported=true] 发现 Activity与设备上的其他应用程序共享,因此使其对设备上的任何其他应用程序都可访问。
中危 Activity (com.myviocerecorder.voicerecorder.purchase.VipBillingActivityForThanks2022) 未被保护。
[android:exported=true] 发现 Activity与设备上的其他应用程序共享,因此使其对设备上的任何其他应用程序都可访问。
中危 Activity (com.myviocerecorder.voicerecorder.purchase.VipBillingActivityForThanksOto2022) 未被保护。
[android:exported=true] 发现 Activity与设备上的其他应用程序共享,因此使其对设备上的任何其他应用程序都可访问。
中危 Activity (com.myviocerecorder.voicerecorder.purchase.VipBillingActivityForChristmas2022) 未被保护。
[android:exported=true] 发现 Activity与设备上的其他应用程序共享,因此使其对设备上的任何其他应用程序都可访问。
中危 Activity (com.myviocerecorder.voicerecorder.purchase.VipBillingActivityForChristmasOto2022) 未被保护。
[android:exported=true] 发现 Activity与设备上的其他应用程序共享,因此使其对设备上的任何其他应用程序都可访问。
中危 Activity (com.myviocerecorder.voicerecorder.purchase.VipBillingActivityForNewyear2022) 未被保护。
[android:exported=true] 发现 Activity与设备上的其他应用程序共享,因此使其对设备上的任何其他应用程序都可访问。
中危 Activity (com.myviocerecorder.voicerecorder.purchase.VipBillingActivityForNewyearOto2022) 未被保护。
[android:exported=true] 发现 Activity与设备上的其他应用程序共享,因此使其对设备上的任何其他应用程序都可访问。
中危 Activity (com.myviocerecorder.voicerecorder.purchase.VipBillingActivityForHalfYear2023) 未被保护。
[android:exported=true] 发现 Activity与设备上的其他应用程序共享,因此使其对设备上的任何其他应用程序都可访问。
中危 Activity (com.myviocerecorder.voicerecorder.purchase.VipBillingActivityForHalfYearOto2023) 未被保护。
[android:exported=true] 发现 Activity与设备上的其他应用程序共享,因此使其对设备上的任何其他应用程序都可访问。
中危 Service (com.myviocerecorder.voicerecorder.services.QsRecordService) 受权限保护, 但是应该检查权限的保护级别。
Permission: android.permission.BIND_QUICK_SETTINGS_TILE [android:exported=true] 发现一个 Service被共享给了设备上的其他应用程序,因此让它可以被设备上的任何其他应用程序访问。它受到一个在分析的应用程序中没有定义的权限的保护。因此,应该在定义它的地方检查权限的保护级别。如果它被设置为普通或危险,一个恶意应用程序可以请求并获得这个权限,并与该组件交互。如果它被设置为签名,只有使用相同证书签名的应用程序才能获得这个权限。
中危 Activity (com.facebook.CustomTabActivity) 未被保护。
[android:exported=true] 发现 Activity与设备上的其他应用程序共享,因此使其对设备上的任何其他应用程序都可访问。
中危 Broadcast Receiver (com.google.firebase.iid.FirebaseInstanceIdReceiver) 受权限保护, 但是应该检查权限的保护级别。
Permission: com.google.android.c2dm.permission.SEND [android:exported=true] 发现一个 Broadcast Receiver被共享给了设备上的其他应用程序,因此让它可以被设备上的任何其他应用程序访问。它受到一个在分析的应用程序中没有定义的权限的保护。因此,应该在定义它的地方检查权限的保护级别。如果它被设置为普通或危险,一个恶意应用程序可以请求并获得这个权限,并与该组件交互。如果它被设置为签名,只有使用相同证书签名的应用程序才能获得这个权限。
中危 Service (androidx.work.impl.background.systemjob.SystemJobService) 受权限保护, 但是应该检查权限的保护级别。
Permission: android.permission.BIND_JOB_SERVICE [android:exported=true] 发现一个 Service被共享给了设备上的其他应用程序,因此让它可以被设备上的任何其他应用程序访问。它受到一个在分析的应用程序中没有定义的权限的保护。因此,应该在定义它的地方检查权限的保护级别。如果它被设置为普通或危险,一个恶意应用程序可以请求并获得这个权限,并与该组件交互。如果它被设置为签名,只有使用相同证书签名的应用程序才能获得这个权限。
中危 Broadcast Receiver (androidx.work.impl.diagnostics.DiagnosticsReceiver) 受权限保护, 但是应该检查权限的保护级别。
Permission: android.permission.DUMP [android:exported=true] 发现一个 Broadcast Receiver被共享给了设备上的其他应用程序,因此让它可以被设备上的任何其他应用程序访问。它受到一个在分析的应用程序中没有定义的权限的保护。因此,应该在定义它的地方检查权限的保护级别。如果它被设置为普通或危险,一个恶意应用程序可以请求并获得这个权限,并与该组件交互。如果它被设置为签名,只有使用相同证书签名的应用程序才能获得这个权限。
中危 Service (com.google.android.gms.auth.api.signin.RevocationBoundService) 受权限保护, 但是应该检查权限的保护级别。
Permission: com.google.android.gms.auth.api.signin.permission.REVOCATION_NOTIFICATION [android:exported=true] 发现一个 Service被共享给了设备上的其他应用程序,因此让它可以被设备上的任何其他应用程序访问。它受到一个在分析的应用程序中没有定义的权限的保护。因此,应该在定义它的地方检查权限的保护级别。如果它被设置为普通或危险,一个恶意应用程序可以请求并获得这个权限,并与该组件交互。如果它被设置为签名,只有使用相同证书签名的应用程序才能获得这个权限。
中危 Broadcast Receiver (net.pubnative.lite.sdk.receiver.VolumeChangedActionReceiver) 未被保护。
[android:exported=true] 发现 Broadcast Receiver与设备上的其他应用程序共享,因此使其对设备上的任何其他应用程序都可访问。
中危 文件可能包含硬编码的敏感信息,如用户名、密码、密钥等
文件可能包含硬编码的敏感信息,如用户名、密码、密钥等 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x05d-Testing-Data-Storage.md#checking-memory-for-sensitive-data-mstg-storage-10 Files: c3/d.java, line(s) 48 com/applovin/impl/mediation/c/a/a.java, line(s) 35 com/applovin/impl/sdk/n.java, line(s) 1627 com/applovin/mediation/AppLovinUtils.java, line(s) 19 com/applovin/mediation/ads/MaxAdView.java, line(s) 176,166 com/applovin/mediation/ads/MaxAppOpenAd.java, line(s) 68,58 com/applovin/mediation/ads/MaxInterstitialAd.java, line(s) 93,83 com/applovin/mediation/ads/MaxRewardedAd.java, line(s) 120,110 com/applovin/mediation/ads/MaxRewardedInterstitialAd.java, line(s) 88,78 com/applovin/mediation/nativeAds/MaxNativeAdLoader.java, line(s) 96,91 com/applovin/sdk/AppLovinSdk.java, line(s) 246 com/applovin/sdk/AppLovinSdkSettings.java, line(s) 166 com/applovin/sdk/AppLovinWebViewActivity.java, line(s) 26 com/bykv/vk/openvk/component/video/a/b/i.java, line(s) 128 com/fyber/fairbid/internal/Constants.java, line(s) 9,18,10,11,12,13,14,15 com/fyber/fairbid/mediation/config/MediateEndpointRequester.java, line(s) 40,42 com/fyber/fairbid/sdk/placements/Placement.java, line(s) 46 com/smaato/sdk/core/mvvm/model/imagead/Extension.java, line(s) 11,14,15,12,13 com/smaato/sdk/core/mvvm/model/imagead/ImageAdResponseParser.java, line(s) 19,21,20,22,27,23,26,28,24,25 com/smaato/sdk/core/violationreporter/b.java, line(s) 435 gj/a.java, line(s) 16 net/pubnative/lite/sdk/models/Ad.java, line(s) 24,25,26,27 net/pubnative/lite/sdk/mraid/nativefeature/MRAIDNativeFeatureProvider.java, line(s) 33 net/pubnative/lite/sdk/prefs/SessionImpressionPrefs.java, line(s) 20 nl/c1.java, line(s) 55 r/c.java, line(s) 11 v4/g.java, line(s) 76 x4/d.java, line(s) 37 x4/p.java, line(s) 95 x4/x.java, line(s) 84 xi/j.java, line(s) 236
中危 应用程序使用SQLite数据库并执行原始SQL查询。原始SQL查询中不受信任的用户输入可能会导致SQL注入。敏感信息也应加密并写入数据库
应用程序使用SQLite数据库并执行原始SQL查询。原始SQL查询中不受信任的用户输入可能会导致SQL注入。敏感信息也应加密并写入数据库 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x04h-Testing-Code-Quality.md#injection-flaws-mstg-arch-2-and-mstg-platform-2 Files: com/apm/insight/e/b/a.java, line(s) 4,40 com/apm/insight/e/b/b.java, line(s) 5,41 com/bykv/vk/openvk/component/video/a/b/b/d.java, line(s) 4,5,14 com/bykv/vk/openvk/preload/geckox/a/b.java, line(s) 6,7,125 com/fyber/fairbid/sdk/placements/database/ImpressionsStoreDbHelper.java, line(s) 4,5,14 com/myviocerecorder/voicerecorder/bean/RecordAudioBeanDao.java, line(s) 4,35 com/smaato/sdk/core/kpi/KpiDBHelper.java, line(s) 6,7,90 g2/o.java, line(s) 7,528 k2/c.java, line(s) 6,7,8,9,10,139 la/b.java, line(s) 6,48 la/f.java, line(s) 7,8,104 net/pubnative/lite/sdk/db/DatabaseHelper.java, line(s) 4,5,25 org/greenrobot/greendao/AbstractDao.java, line(s) 6,7,424 org/greenrobot/greendao/DbUtils.java, line(s) 6,44 org/greenrobot/greendao/database/StandardDatabase.java, line(s) 5,69
中危 应用程序使用不安全的随机数生成器
应用程序使用不安全的随机数生成器 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x04g-Testing-Cryptography.md#weak-random-number-generators Files: com/apm/insight/i.java, line(s) 9 com/applovin/exoplayer2/h/z.java, line(s) 4 com/applovin/impl/b/m.java, line(s) 18 com/fyber/inneractive/sdk/config/global/s.java, line(s) 13 com/fyber/inneractive/sdk/player/exoplayer2/upstream/cache/i.java, line(s) 21 com/smaato/sdk/core/errorreport/Report.java, line(s) 13 com/smaato/sdk/video/utils/RandomUtils.java, line(s) 3 ib/w.java, line(s) 8 net/pubnative/lite/sdk/interstitial/HyBidInterstitialBroadcastReceiver.java, line(s) 9 net/pubnative/lite/sdk/rewarded/HyBidRewardedBroadcastReceiver.java, line(s) 9 net/pubnative/lite/sdk/views/CloseableContainer.java, line(s) 11 net/pubnative/lite/sdk/vpaid/macros/GenericMacros.java, line(s) 7 org/greenrobot/greendao/test/DbTest.java, line(s) 7 rk/a.java, line(s) 3 rk/b.java, line(s) 3 sk/a.java, line(s) 3 sn/m.java, line(s) 13
中危 应用程序可以读取/写入外部存储器,任何应用程序都可以读取写入外部存储器的数据
应用程序可以读取/写入外部存储器,任何应用程序都可以读取写入外部存储器的数据 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x05d-Testing-Data-Storage.md#external-storage Files: cj/c.java, line(s) 177 com/apm/insight/entity/d.java, line(s) 20 com/apm/insight/l/w.java, line(s) 33,79,90 com/apm/insight/nativecrash/c.java, line(s) 729 com/fyber/fairbid/http/requests/UrlParametersProvider.java, line(s) 138 com/fyber/inneractive/sdk/network/l0.java, line(s) 32 com/fyber/inneractive/sdk/util/p.java, line(s) 205 com/fyber/inneractive/sdk/web/i.java, line(s) 618 com/pgl/ssdk/ces/e.java, line(s) 171 de/a.java, line(s) 63,64,65,66,67 ge/j.java, line(s) 64 me/a.java, line(s) 101 net/pubnative/lite/sdk/mraid/nativefeature/MRAIDNativeFeatureProvider.java, line(s) 67,71 net/pubnative/lite/sdk/vpaid/utils/FileUtils.java, line(s) 68 vl/c.java, line(s) 24 vl/d.java, line(s) 14 xe/b0.java, line(s) 50 xe/x.java, line(s) 100
中危 MD5是已知存在哈希冲突的弱哈希
MD5是已知存在哈希冲突的弱哈希 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x04g-Testing-Cryptography.md#identifying-insecure-andor-deprecated-cryptographic-algorithms-mstg-crypto-4 Files: com/apm/insight/l/v.java, line(s) 128 com/bykv/vk/openvk/component/video/api/f/b.java, line(s) 49 com/bykv/vk/openvk/preload/geckox/utils/g.java, line(s) 36 com/fyber/fairbid/d0.java, line(s) 84 com/fyber/inneractive/sdk/player/cache/h.java, line(s) 499 mediation/ad/f.java, line(s) 22 net/pubnative/lite/sdk/utils/PNCrypto.java, line(s) 67 sn/m.java, line(s) 981 vl/d.java, line(s) 24
中危 IP地址泄露
IP地址泄露 Files: com/applovin/mediation/BuildConfig.java, line(s) 4 com/applovin/mediation/adapters/ByteDanceMediationAdapter.java, line(s) 789 com/applovin/mediation/adapters/GoogleAdManagerMediationAdapter.java, line(s) 821 com/applovin/mediation/adapters/GoogleMediationAdapter.java, line(s) 857 com/applovin/mediation/adapters/NimbusMediationAdapter.java, line(s) 30 com/applovin/mediation/adapters/bytedance/BuildConfig.java, line(s) 10 com/applovin/mediation/adapters/facebook/BuildConfig.java, line(s) 10 com/applovin/mediation/adapters/google/BuildConfig.java, line(s) 10 com/applovin/mediation/adapters/googleadmanager/BuildConfig.java, line(s) 10 com/applovin/mediation/adapters/smaato/BuildConfig.java, line(s) 10 com/applovin/mediation/adapters/verve/BuildConfig.java, line(s) 10 com/applovin/mediation/adapters/vungle/BuildConfig.java, line(s) 10 com/fyber/fairbid/c2.java, line(s) 96 com/fyber/fairbid/sdk/mediation/adapter/meta/MetaAdapter.java, line(s) 227 com/fyber/fairbid/sdk/mediation/adapter/pangle/PangleAdapter.java, line(s) 226 com/smaato/sdk/core/dns/DiDns.java, line(s) 17 com/smaato/sdk/core/locationaware/DnsLookupImpl.java, line(s) 23 jn/d.java, line(s) 15 net/pubnative/lite/sdk/models/OpenRTBAdRequestFactory.java, line(s) 308 sn/i.java, line(s) 33 sn/q.java, line(s) 33
中危 SHA-1是已知存在哈希冲突的弱哈希
SHA-1是已知存在哈希冲突的弱哈希 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x04g-Testing-Cryptography.md#identifying-insecure-andor-deprecated-cryptographic-algorithms-mstg-crypto-4 Files: com/applovin/impl/sdk/utils/StringUtils.java, line(s) 75 com/applovin/impl/sdk/utils/p.java, line(s) 96 com/fyber/fairbid/el.java, line(s) 130 com/fyber/fairbid/fl.java, line(s) 20 com/fyber/fairbid/internal/Utils.java, line(s) 169 com/fyber/fairbid/rj.java, line(s) 210 com/fyber/inneractive/sdk/player/cache/h.java, line(s) 486 com/pgl/ssdk/ces/e.java, line(s) 306 jc/a0.java, line(s) 83 net/pubnative/lite/sdk/utils/PNCrypto.java, line(s) 91 sn/m.java, line(s) 927
中危 不安全的Web视图实现。可能存在WebView任意代码执行漏洞
不安全的Web视图实现。可能存在WebView任意代码执行漏洞 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x05h-Testing-Platform-Interaction.md#testing-javascript-execution-in-webviews-mstg-platform-5 Files: com/fyber/inneractive/sdk/web/r.java, line(s) 535,527 net/pubnative/lite/sdk/vpaid/VideoAdControllerVpaid.java, line(s) 108,84
中危 应用程序创建临时文件。敏感信息永远不应该被写进临时文件
应用程序创建临时文件。敏感信息永远不应该被写进临时文件 Files: g2/o0.java, line(s) 64 ip/d.java, line(s) 1044 to/e.java, line(s) 34,246,256 y1/b.java, line(s) 110
中危 此应用可能包含硬编码机密信息
从应用程序中识别出以下机密确保这些不是机密或私人信息 AdMob广告平台的=> "com.google.android.gms.ads.APPLICATION_ID" : "ca-app-pub-4902626407763154~2676521265" AppLovin广告SDK的=> "applovin.sdk.key" : "wQ8t6g3eOdL2Z0lKFfrEA10HeJ8VGsN8tftHkoLveJy8_daTAHBa4h8wwLMVTxZm3JRKTHuDGBENMqnuSleGvQ" "com.google.firebase.crashlytics.mapping_file_id" : "2d2b0c42110649a693c70571a9ba139b" "private_privacy" : "Privacidad" "facebook_client_token" : "195a66e662165480efac707cd7a7cfac" "google_api_key" : "AIzaSyDsHOLWsK8vE5fq4ye3IA9qltrA7OO1gX0" "google_crash_reporting_api_key" : "AIzaSyDsHOLWsK8vE5fq4ye3IA9qltrA7OO1gX0" "private_privacy" : "Datenschutz" WXMAAAsTAAALEwEAmpwYAAAAB3RJTUUH3goHFBQe/AkWfQAADBBJREFUeNrtXUFIW1kUPT9VqyKM wB8AioZhnKMlnoN+h4hiRJQi/yVlPcudFjJyQe8noqdEtEPqyo71jP0txMSA3kFEU0T0jvSTd9az eyJhbGciOiJSUzI1NiIsIng1YyI6WyJNSUlDNlRDQ0FkRUNBU293RFFZSktvWklodmNOQVFFTEJRQXdEekVOTUFzR0ExVUVBd3dFVW05dmREQWVGdzB4TkRFeE1UZ3hOalUwTUROYUZ3MHpOREV4TVRNeE5qVTBNRE5hTUdZeEN6QUpCZ05WQkFZVEFsVlRNUk13RVFZRFZRUUlEQXBEWVd4cFptOXlibWxoTVJZd0ZBWURWUVFIREExTmIzVnVkR0ZwYmlCV2FXVjNNUlF3RWdZRFZRUUtEQXRIYjI5bmJHVWdTVzVqTGpFVU1CSUdBMVVFQXd3TFptOXZMbUpoY2k1amIyMHdnZ0VpTUEwR0NTcUdTSWIzRFFFQkFRVUFBNElCRHdBd2dnRUtBb0lCQVFDekZWS0pPa3FUbXl5ak1IV0JPckxkcFltYzBFY3ZHM01vaGFWK1VKclZySTJTRHlrWThZV1NrVEt6OUJLbUY4SFAvR2pQUERzMzE4NENlajliMVdleXZWQjhSajNndUgzb0wrc0pUM3U5VjJ5NHp5bzV4TzZGV01CWUVRNlg4RGtHbFl0VHA1dGhlWWJSclhORUx1bDRsRitMdEhUQ2FBQU5STWtPbDBORW9MYTZCUmhPRzY4Z0ZmSUF4eDVsVDhSRUU5dXR2UHV5K3JDYUJIbmZIT1BmOHBuMExTdmNlQmlqU0lGb1MzWTVjcmpQVmp5aVBBWlVIV25IVEZBaWxmSG5wTEJsR3hwQ3lsZVBRaE1LclBjZ3ZEb0Q5bmQwTEE2eFlMRjdEUFhYU2E4RkxPK2ZQVjhDTkpDQXNGdXE5UmxmMlR0M1NqTHRXUll1aDVMdWN0UDdBZ01CQUFFd0RRWUpLb1pJaHZjTkFRRUxCUUFEZ2dFQkFFc01BQlpsKzhSbGswaHFCa3RzRHVycmk0bkYvMDdDblNCZS96VWJUaVloTXByN1ZSSURsSExvZTVsc2xMaWxmWHp2YXltY01GZUgxdUJ4TndoZjdJTzdXdkl3UWVVSFNWK3JIeU55Z1RUaWVPMEpuOEh3KzRTQ29oSEFkTXZENXVXRXduM0x2K1c0eTdPaGFTYnpsaFZDVkNuRkxWS2ljQmF5VVhIdGRKWEpJQ29rUjQraC9XTk03ZzBpS1RoYWtaT3lmYjhoMXBoeTdUTVRWbFBGS3JjVkRvNW05K0dodFBDNFBOakdMb2s2ci9qeDlDSU9DYXBJcWk4ZlhKRU94S3ZpbFllQVlxZmpXdmh4MDBqdUVVQkhycENROHdUNFRBK0xsSTAyY1J6NXJ4VzRGUUF6MU5kb0c5SFpEWldhK05ORlRaZEFtdFdQSk1MZCs4TDhzbDQ9IiwiTUlJQzhUQ0NBZG1nQXdJQkFnSUpBTU5JMTVIckd5bGtNQTBHQ1NxR1NJYjNEUUVCQ3dVQU1BOHhEVEFMQmdOVkJBTU1CRkp2YjNRd0hoY05NVFF4TVRFNE1UWTFOREF6V2hjTk16UXhNVEV6TVRZMU5EQXpXakFQTVEwd0N3WURWUVFEREFSU2IyOTBNSUlCSWpBTkJna3Foa2lHOXcwQkFRRUZBQU9DQVE4QU1JSUJDZ0tDQVFFQXplVU5jNGJTV0hoT1RVKzVNUS9sT21talFXcGZCaStGSnV4dm9lT21Rd2k2ZnJQS0tzYUtLWUdmQ1RQbEtFMGRtckVQOTVibmkvcUw1eEFwUDE3b3JqVWU2S1J0SkF3Rk5JNUVaYWRJZmpiaC9xKzg1QzFDcDJCUzJZbXVaUXpYWkhQNjN5eUJwMDVZY2JNS3dDQkhYYUFnWWJtVFRrKzQrMXBqTnBIUDZZaUYyZ0NQdlNmem9rR3loYnZCcW5QYm5UZEk5dzZmak5CWUFici91Qk9UVTB2SzRrdHpsV2s1bHZzbTUxZTh2c0xTcVdob0hBRHEwQXJpQWVsVTRTSHNTQUNrUlVRU3hXVjBLNWh6VHY0ZWN2Q2JHOWRza2lEQ3dXZyt1VFJTb0FGZVpPaE9OTDAwMHE3VmV5M0RaVGNMbDgvTzROUVZhWlI1aUFnVldsV2Nzd0lEQVFBQm8xQXdUakFkQmdOVkhRNEVGZ1FVc2ltbElSRGNKUjBvZlI3b004S3dIRk9IK3NJd0h3WURWUjBqQkJnd0ZvQVVzaW1sSVJEY0pSMG9mUjdvTThLd0hGT0grc0l3REFZRFZSMFRCQVV3QXdFQi96QU5CZ2txaGtpRzl3MEJBUXNGQUFPQ0FRRUFXUWw4U21iUW9CVjN0ak9KOHpNbGNOMHhPUHBTU05ieDBnN0VML2RRZ0pwZXQwTWNXNjJSSGxnUUFPS2JTM1BSZW8ybnNSQi9aUnlZRHU0aTEzWkhaOGJNc0dPRVM0QlFwejEzbXRtWGc5UmhzWHFMMGVEWWZCY2pqdGxydVVieGhuQUxwNFZOMXpWZHlXQVBDajBldTNNeHBnTVdjeW41MFFtaUpTai9FcXUvbExodmUvd0t2akc1V2huVjh1UktSdUZiRmN0MERIQUhNblpxRkhjR1M1U28wY1luU2ZLNWZiQlJOZWxHZmxocGJiUHAwVjBhWGlxaW5xRDBZZTNPYVpkRnErMnJQMW9DL2E1L091NExzcFkzYjVvRDlyRU5keTdicTBLZXdQRnRnUHZVa0pySjNUemJpd3ZwZ2haN3pHMjZibko1STd1YzR5MVZ1anFhT0E9PSJdfQ 3KRZ38wacMqmcieM1sxnBr9cLmvt3cvYLZTLZV4StKu05qd4PPyenp4W8A3a09PDu1NIKeET8Dh8 470fa2b4ae81cd56ecbcda9735803434cec591fa VxeHDh2iqamJ2SR+v5+SkhIWLlxopNsR4GkrD6ZEWQh+XNDeF8j2qa2tnTWzXksb3HfffUa6lAf9 HsiRFRCFECnAHjtMwwzJi8BfJ6dnmyOAHBHiAAXYD/zKZaBXMZaTR7Vq527WEWAKP+EJxu4p3uvQ bJDZSHpaUZQyVVV/llUbsvKuXoNAIEBZWVlIL23btm1kZ2cDsG7dOgoLC41umjhCoqKiKCwsZN26 d79bfac645e9a792d4d5f17bb1ce637e wDKbvu4H4AhQDpwHWoQQw3MECD/oKcAWYFcQ8JmUI8D7wBkhxI9zBLAP9FTgCeBl4F6HPuY14HXg 0dvb64jFoqysLB588EG9Zi8KIf5PRgMA/FVvtIKCAukHTEpKYvPmzRGRhDEcjuGzzz5rSBNIYjEl a2n41TCMLzdx1k+Jmk6VSoUKhQIlk0kyTZPa2toIgFBta2sj0zQpmUxSoVCgSqUi0iJM3TRzv+F2 y6mUcqA9oFIeJbWUqjg0YLoTLBpbg5HeopMMkwYSE+ZexfnLa7y65Bpn5p8ZNJeaeCcxPpLxcpEM df6b721c8b4d3b6eb44c861d4415007e5a35fc95 vRDiL64ggBDCA7xlZFFndHSUuro6Dh8+PCtWgYqLi8nKyiIqytDrPwg8J4QYcSwBggcxPsLAFm1X tgLRb4bjuZVA8xvQ9uHNs8UtpBIOiUcagzvtKyyfCofk5U5sNb54GgVVYxa6p4A1ObdJv1jjlUOnzR8keX5LsAM4Ia7xeqiFh0GER4l0ulVChy yJLAjM2HsRU/ScfvUSFEg16jaJmRVFX9VlGUjYBmCY9Vq1ZRVVUlU7pMmgRuA1+GBGbBj4uLo7S0 GATwDYBO61++ADgB8DeAzwAKAD4C2LE+FwEcG4bxX9DGyggA2LcsoL8D8D2AHwAMSfq5vwCsAfgd CdyqJ8Bws7+sVCqex9q99gmCAn5NGfoYDjOv/24zfVXfHchc87PZLBmG4fnYMRwQxZiPfv1u5CBj G0Sw+AGyW8SoWKKt63LgtEWMb02iVG3OoKNj6LhJlEUCz9vEyQRfVOq2TpbAcZs4iwCeNorUpS2L FHw3kiAqKoqSkpI7wJ9MjuTkZGpra02N39rayuLFi1myZIle098oivInVVWHQjUBz+s16OrqCmlX dde3c298b47648459f8ada4a982fa92d TqBTA2qvtKenh2efT9aYq9Hqly66jGyyPnm5XFbiLkJV1DRN1ghfTTap1t1DFbGSSTd53sLvG0lV Aggh2oAqrd6ShYxdq/bd7BhKYFMVxHhaDQCgmVYiMTExpDUBt6h9tzmGOTk5Mhtad2A7FQFUvVHy zcXq1NRUvF4vDQ0NhkjQ0tLC9evXHZ+i1gwJurq6DKfd2759u+zVvBFgi6qqAVsJoKpqQFGUj4B/ j7f9irgTrmjbma4mXMksH3vsMe666y5N+y+E+GiyBgB4X6tHenp6xKn96cTuW8l2awIJrCawnkyA 2PliGKuiPa2YzWgxk+bg4YcfDqVah6vVvkHsvB7+WUJ92tnlFgkEAjQ1NcmcjjUl165dcw34ktjF JysSWO36hQkIplz/m1YPVVVpbW0lHNLS0kJvb6+l0UFqaiqJiYma5sBNDp+M5tP6b0VRXldVdXRc Vq/BwUFb07JM1gRWihlN4MaZPy6XL1+WuXizZSoTsEurR3Nzs+0xdiAQoKqqihMnrM2HYCREdHKo 8uVLfPr0qQU+P3b3QER/NlskdGjj6odjqJrDd135mI38aRsEGh4e1qYs2yvHUEWH7yodHh62DwYR xEqlEqXTaTJNUzjYrGqaJqXTaSqVSiJIsBH47aMVMHEsZ2dnlMlkKBaL+Qb6dRqLxSiTydDZ2Zlb yHTAZeApn5rh6Uzfx06Gv6eHdM34YL zptUU4nH45FZCOrwBGvP/aDVKtSUbk51+Orr6zl27BinT592bH4CsyKB2Q9CiMD4XsARrZarV6+O e3tpYWGBTk5OAgO+LBKcnJzQwsIC9fb2+ndtnEUAoRdHDg4OCiWBSlW6okhQA39wcND/iyNZrQBP ykqpBw9FEzg9OYNZTfDVV19x8uRJQ9+1Z88evWqh457/SdMEAFAU5Rt0agnNmzdP2hSYJYFbMnMY W1zcp5YuPDw8mIQDVCH2uQY7qs2ejdZj5LIgIz4CbQ0wg53rlwE7DDQM6MNUgZLnzNmMSMfFrpE7 sogoEqhYou2WBE7Al3p1LGtgiPfyaLckULk+3w0JfvnlF/Uuj2bdEfBeH++UBDo0Z3BCAl7w4dX1 Gi5cuDAjJM7JyWHDhg2kp6cTFxcX6nAngNJwm4WoMIO/Hfi72f7Dw8M0NTVRWVnJ5cuXHWXUMzMz NNWwE8Afdww9Hg+bN282mlxpVoE/7rgHAgG9tDPJMXoRgJOuZY07hoAjSTDu8M2EzZ8OO52UM2ke +fN8+eWXlmuCkpISW30C2TjfLPgVFRXcuHHDVH9JTBQZE6C55NvT0xPyaV67SGDn3oFVDp8d4ANc Qdls9qt3WV9fdx0sYowYbogGnymB0214txF8XUlQP/Mbxa0lME3T20RTIur04mDnOvB1I8FVM79R GE32CYxGB7NRdu/eLevwwdhGzyuhfJ8VqWKfQ+d6+bgsX76cffv2yVxcmHUSFxfHvn37ZJd4Cb7z VFRIHy5xm+Tl5ZGfny9zkGOqUO8vdjyTrRfVhRCFQb/AkHR0dFBeXh4x6wZZWVkUFBToVfGcToqE OIdvfFevubnZthtIM0kCCcyOwD9vBmnmGfP7/TMy88N1S9fOa2gzRQIJzMonE+C8VstwH7Waibt6 y+WyMrl3snyCoIFfU4Yikn4Q0YSKDqCOJPDL4XPhCE7Y7gBkxf+DthyoNPM5zgViIVxcqnit5PN5 IYRomSPAnfb91QgGfioivOYEPyFqhoGPB563Q9UHAgF6e3vp7Oykvb194qezs5Pu7m76+voIBMbC ypWGeV2rFzQS8JaGKVUc6metnqwyNK8PkHiLQ5UpD/e7Slf3PoaM6z9RfXm4RQLfG0SoUqKtOwm4 e74483c4b5e6dc78e088d9fb0243ae66 q1e5ePEiIyMjlj6vx+MhOzub1atX4/f7WbhwIR6Px6rhHxVCnJwVBAiq+3eBwlDGGRwcpLm5mZqa fXV1daZI0NHRwZkzZ1wP/mQStLa20tLSQkNDg+EM7Dt37iQjI0Om6XtCiD8ZGTva6B+jKMpJ4N8B uHCBnp4evWb7NU1AcOHnTa0RqqqqLNmmHRkZobm5maGhIdasWWPZy7QjRLTa4bMa/HFJSEjg7rvv IcHAwABVVVVUVlbKVPn4hepfvny5TNMnVFUdCokAqqoOKYpSCfxGq92SJUv46aefpI9CGyGBm9Ky dh0qmal1AgnMzk8mQIueQ5GTkxMRM1/vJI8dt5LDncwyJycHj0d3p78FgvkBVFUdVRRlPTDtlIuP Fvj9rPt8Ny86Pj5Oq6url1YkEoloDX5t9q6urromAUecoF8GATZYInxugzzr6+tffWc2m9XSEhiG xmrpTSudnZ2Oesl2OYZudvhCwO4eD2NFFaeV9vZ2R6ras2fPWr5i6Ha1bwK7lR7GKmq6jgBOIYFT eWzIsJF4PExQap9HK6Vlz8DGlgGwoiLCtyOEK0Bfu d7R8AAcmHsCPAF4HhMuzAH4zDOOf1rRuDnyYiBYpuLJIROEW0lev70EG/ioiKOEnGD4D3wngJxmm 7roDYTsCK7nTtmLH6eB1dXVpTQKRZv+qJW1iYsLRczFWIHWwEMA26uc24ieLBLJ9Apkz3w34HBHC d98374d3-3b69-4a4b-a2c1-9dcb4c588849 c56fb7d591ba6704df047fd98f535372fea00211 7c22942b749fe6a6e361b675e96b3ee9 cc2751449a350f668590264ed76692694a80308a G5mmSclkkgqFAksfPh6Z8gsHw2cSdAL4CcBr0d99enqKw8ND7O7uIp/PX+re3h6KxSKOjo5QLpcB NADA6+EMB+22+VYd3XaTYyiB0S8wvp0AmlWeo6Oj2bp1a8Q4fEY0gV0Jrq0kwdatW4mO1i0Ed2xa CeZkbOYbAL9ICPG1me+JNvuAqqpeVRSlC3hURhMY9Qlms+zcudPIjezfCyHeN/td0aE8qKqqX+tt K2a+LQQIksADvAX8TrbP6OgodXV1s0YbFBcXk5WVZfQI+EHgOSGEpdm6bLunLIR4AfizkT79/f1U wZfELiNGzwQ4mQAz7Rg6GXxJ7O6JYayWrmt8AKc4hk5z+Exil+5hrJDytNLd3e34uDvcjqETHT6T 3FoCjgOkThEE+JnlSFcm+LqQoNnMF20JGI+Sf5bu+FWrVVfn+azgq04CHvBFkCAajbImlfS7IcCi B7qAX1OG/gRPmxGgaRPGTCYjZW1VdTnQwew3aiaTsfvpHcd7f5mdOVSzBLrNfNR1KnEUE7BL9yqV iaibbFrL1SSRSHC/bG9vLw0NDQUKfDeaSCRYwT8nom5PGg8Q0TjrUy0tLbWAdKhLS0s8YZJxT7tP EULEAslAGnAPsBLICH5OB3yAF4gPdukHOoFWoBm4DnwLfBf83AJ0CCECkfauoiIA7Ogg0PcDBcBT V2gD8FE3AqgAfj0J+vv78fjxY1SrVd0I8FG742C/1nwdfQKW42CtEkJUBV9VErAmhGiREqY6+CqS M1o94uLiLEvy7DS1H25zYOeycWZmJnFxcXrNztxBACHEj4BmBsi8vDxXqf1QkzO40TGUwOhaEOs7 +PDhWQ1+cXGxzIme28EvEkJYEipZei0lqAk+QqcS6WTp6uri0KFDM1aedqbE7/dTUlJiNPfCEeBp 2438bce1ddb7bd026d5ff89f598b3b5e5bb824b3 ds0e4LpWC5M17yLC5rudBBLYXfcA37qNAE4AfzIJnOoYSmD3rQf4zk0ECKfD53bHUAK773RNgJN8 8OcD3TL+Q3V1NUePHp1DMwTZvn07ubm5Mk1HgCSjG0hmnMAymX719fVz4FsgR48epb6+XhbLMltN HSrCHRtOan6wp2kwOIGJC1RDtuSrF2mWVbio2aBcMHX9KF3iTJ1lLSzCKP1ZSo5yNolPNw1kCTtWpxELFF4ah1 02u7bNkyEhMTuXLlivT4Q0NDhkKiSJaioiIeeOAB2eaZQgjDKjPazIOpqvqjoijngF/rtU1LSzOs VGbD54QQ4j9lxjSSIqZUr0FsbCx79+419KK0HEO3gq/lGJoFH2Dv3r2yGVtKZceMlm0YdAhrgKe1 9zxfARL0s6SX2UmpVKJ0Ou3rEmGaJqXTaZaePExpXNIyeRQlwhQJkkqlQoVCgZLJJJmmKaW3cVtb Xl4efr9f5sSOljwphDgarucOe45zIUQq8C5QGMo4g4ODNDc3U1NTM2MmIicnhw0bNpCenm7F6uYJ gDUlTPmkUJlBnu3tbeFnByqQgDkp1IoGKpsWLrtiZ3JyUst2NXbKnBZuEUDJwhCvqnR17VkEgYUh mBCibY4AoYMeByjAfuBXLptcVcArgCqEGJwjgHEVvwf4Y4T4Wi8Cf3WiiYhyGPBpwEvA74hMOQi8 ycvLw+/3Ex0dHcpQTwohjkYUAYQQ84Ey4Ldm+vf09FBdXc2pU6dc4eFt3bqV3NxcEhMTzQ7xHrBX 50L9XkvOIwdLz51ApwDl5AWS48ePh70crVMlJyeHoqIiI2l5y4HCYHKPmSdAkARxwHFZEgDU1tZy nmqWQNiFERYJhF8ZE7Q+fCr5BEKvjGGNCfAcEA0NDdHKykpgwJdNgu3tbS5rJvzSKJYjYiL2a+N6 0qqYQS2tuIwwCwOl0NW46SI44PJvymxaaIesxqXdSGVWA0JdTMCFSDaxCK4cswiB0NWM3XSVStQ2 x7zGWB6+Y06w7xFFgClMxBZgFwa2nm2SI4zl3j3jRBUfkQS4jQzRQBpwP2OHUZ4Cltn0dT8EAS9n pIMDOCiE+HhKbDQ6vWGVL9Df309lZSXnzp1jYGAgIsC3QxMMDAxw7tw5Kisr6e/vt9L2T4vltEGj WXMAAAsTAAALEwEAmpwYAAAAB3RJTUUH3goHFBQxV9grJAAAEwRJREFUeNrtnXtsVVW+xz89fdBC uVyuBbaN5nI5LsdQm63e2tpaC2BGXVtbU3+LyBPkSSQSLWA5NZFIqBssssK7TLK0tNQC1KEuLS3x smVSh5sfVRTlnKqqV8NGgODyrtRqzblz5zh27NgcqgaloaGBxMRE0tLSZJr/WlGUv6mqavjIWZQJ 8a3c4b262d721acd49a4bf97d5213199c86fa2b9 AN3d3ejr60M4HMbIyAjGxsYudXR0FAMDA+jq6pIxBLMAfjUM4wtusljLwiLdHFm8UeaegwjhgBNh 96e380195959b8e7e05d6c6029154dc99e7fe954 94628ee5-fe99-436d-94b5-f3270ad06529 CPGz6wkghFgD1AOGDWZ7ezsVFRUzpuKtMBH5+fksWrTIlGsDrBNCXHEtAYQQhcBxo/06OjooLy+n KB9++KHsA5kC3w2aYNzhk1DPE+1DcQwbGxvJzc3VmxCP6DmEehrgVZkQxcxhjpSUFHbs2CENvpM1 dmFyIGVsZW1lbnRUb1NjYWxlRm91bmQgPSBmYWxzZTsKICAgICAgICB2YXIgZWxlbWVudFRvU2NhbGUgPSBudWxsOwoKICAgICAgICBjb25zdCBjcmVhdGl2ZVJlc2l6ZSA9IGZ1bmN0aW9uIChwYXJlbnRfd2lkdGgsIHBhcmVudF9oZWlnaHQsIGVsZW1lbnQpIHsKICAgICAgICAgICAgbGV0IGNoaWxkX2RpdiA9IGVsZW1lbnQ7CgogICAgICAgICAgICBsZXQgY2hpbGRfaGVpZ2h0ID0gcGFyZW50X2hlaWdodDsKICAgICAgICAgICAgbGV0IGNoaWxkX3dpZHRoID0gcGFyZW50X3dpZHRoOwoKICAgICAgICAgICAgLy8gRFNQcyBjb3VsZCBiZSBhdHRhY2hpbmcgYmVhY29ucyhpbWcgMVgxKSBpbiBjaGlsZCBkaXYsIGRvIG5vdCBjb25zaWRlciBpdCBhcyBjcmVhdGl2ZSBmb3IgcmVzaXplCiAgICAgICAgICAgIGlmIChjaGlsZF9kaXYub2Zmc2V0SGVpZ2h0ID4gMSAmJiBjaGlsZF9kaXYub2Zmc2V0V2lkdGggPiAxKSB7CiAgICAgICAgICAgICAgICBjaGlsZF9oZWlnaHQgPSBjaGlsZF9kaXYub2Zmc2V0SGVpZ2h0OwogICAgICAgICAgICAgICAgY2hpbGRfd2lkdGggPSBjaGlsZF9kaXYub2Zmc2V0V2lkdGg7CiAgICAgICAgICAgIH0KCiAgICAgICAgICAgIGxldCBhc3BlY3Rfd2lkdGggPSBjaGlsZF93aWR0aDsKICAgICAgICAgICAgbGV0IGFzcGVjdF9oZWlnaHQgPSBjaGlsZF9oZWlnaHQ7CiAgICAgICAgICAgIGlmIChjaGlsZF9oZWlnaHQgPCBwYXJlbnRfaGVpZ2h0IHx8IGNoaWxkX3dpZHRoIDwgcGFyZW50X3dpZHRoKSB7CiAgICAgICAgICAgICAgICBsZXQgcGFyZW50X2FzcGVjdCA9IHBhcmVudF93aWR0aCAvIHBhcmVudF9oZWlnaHQ7CiAgICAgICAgICAgICAgICBsZXQgY2hpbGRfYXNwZWN0ID0gY2hpbGRfd2lkdGggLyBjaGlsZF9oZWlnaHQ7CiAgICAgICAgICAgICAgICBsZXQgc2NhbGVfZmFjdG9yID0gMTsKICAgICAgICAgICAgICAgIGxldCBzY2FsZV9mYWN0b3JfeSA9IDE7CgogICAgICAgICAgICAgICAgaWYgKHBhcmVudF9hc3BlY3QgPiBjaGlsZF9hc3BlY3QpIHsKICAgICAgICAgICAgICAgICAgICBzY2FsZV9mYWN0b3IgPSAocGFyZW50X2hlaWdodCAvIGNoaWxkX2hlaWdodCk7CiAgICAgICAgICAgICAgICAgICAgYXNwZWN0X3dpZHRoID0gY2hpbGRfd2lkdGggKiBzY2FsZV9mYWN0b3I7CiAgICAgICAgICAgICAgICAgICAgYXNwZWN0X2hlaWdodCA9IHBhcmVudF9oZWlnaHQ7CiAgICAgICAgICAgICAgICB9IGVsc2UgewogICAgICAgICAgICAgICAgICAgIHNjYWxlX2ZhY3RvciA9IChwYXJlbnRfd2lkdGggLyBjaGlsZF93aWR0aCk7CiAgICAgICAgICAgICAgICAgICAgc2NhbGVfZmFjdG9yX3kgPSAocGFyZW50X2hlaWdodCAvIGNoaWxkX2hlaWdodCk7CiAgICAgICAgICAgICAgICAgICAgYXNwZWN0X3dpZHRoID0gcGFyZW50X3dpZHRoOwogICAgICAgICAgICAgICAgICAgIGFzcGVjdF9oZWlnaHQgPSBjaGlsZF9oZWlnaHQgKiAoc2NhbGVfZmFjdG9yKTsKICAgICAgICAgICAgICAgIH0KCiAgICAgICAgICAgICAgICBpZiAoYXNwZWN0X3dpZHRoIDwgcGFyZW50X3dpZHRoKSB7CiAgICAgICAgICAgICAgICAgICAgY2hpbGRfZGl2LnN0eWxlLm1hcmdpbkxlZnQgPSAocGFyZW50X3dpZHRoIC0gYXNwZWN0X3dpZHRoKSAvIDIgKyAicHgiOwogICAgICAgICAgICAgICAgfQoKICAgICAgICAgICAgICAgIGlmIChhc3BlY3RfaGVpZ2h0IDwgcGFyZW50X2hlaWdodCkgewogICAgICAgICAgICAgICAgICAgIGxldCB0cmFuc2xhdGlvblBpeGVscyA9IChwYXJlbnRfaGVpZ2h0IC0gY2hpbGRfaGVpZ2h0KSAvIDIgKyAicHgiOwogICAgICAgICAgICAgICAgICAgIGNoaWxkX2Rpdi5zdHlsZS50cmFuc2Zvcm0gKz0gInRyYW5zbGF0ZSgwcHgsIiArIHRyYW5zbGF0aW9uUGl4ZWxzICsgIikiOwogICAgICAgICAgICAgICAgfQoKICAgICAgICAgICAgICAgIGNoaWxkX2Rpdi5zdHlsZS50cmFuc2Zvcm0gKz0gInNjYWxlKCIgKyBzY2FsZV9mYWN0b3IgKyAiLCIgKyBzY2FsZV9mYWN0b3JfeSArICIpIjsKICAgICAgICAgICAgfQogICAgICAgIH07CgogICAgICAgIGNvbnN0IGZpbmRFbGVtZW50QnlTaXplID0gZnVuY3Rpb24gKGN1cnJlbnRFbGVtZW50LCB3aWR0aCwgaGVpZ2h0KSB7CiAgICAgICAgICAgIGlmIChjdXJyZW50RWxlbWVudC5vZmZzZXRIZWlnaHQgPT09IGhlaWdodCAmJiBjdXJyZW50RWxlbWVudC5vZmZzZXRXaWR0aCA9PT0gd2lkdGgpIHsKICAgICAgICAgICAgICAgIGVsZW1lbnRUb1NjYWxlID0gY3VycmVudEVsZW1lbnQ7CiAgICAgICAgICAgICAgICBlbGVtZW50VG9TY2FsZUZvdW5kID0gdHJ1ZTsKICAgICAgICAgICAgfQogICAgICAgICAgICBpZiAoY3VycmVudEVsZW1lbnQuY2hpbGRyZW4ubGVuZ3RoICE9PSAwKSB7CiAgICAgICAgICAgICAgICBmb3IgKHZhciBpID0gMDsgaSA8IGN1cnJlbnRFbGVtZW50LmNoaWxkcmVuLmxlbmd0aCAmJiAhZWxlbWVudFRvU2NhbGVGb3VuZDsgaSsrKSB7CiAgICAgICAgICAgICAgICAgICAgZmluZEVsZW1lbnRCeVNpemUoY3VycmVudEVsZW1lbnQuY2hpbGRyZW5baV0sIHdpZHRoLCBoZWlnaHQpOwogICAgICAgICAgICAgICAgfQogICAgICAgICAgICB9CiAgICAgICAgfQoKICAgICAgICBjb25zdCB1cGRhdGVDcmVhdGl2ZVNpemUgPSBmdW5jdGlvbiAod2lkdGgsIGhlaWdodCkgewogICAgICAgICAgICBlbGVtZW50VG9TY2FsZSA9IG51bGw7CiAgICAgICAgICAgIGVsZW1lbnRUb1NjYWxlRm91bmQgPSBmYWxzZTsKICAgICAgICAgICAgbGV0IHBhcmVudF9oZWlnaHQgPSBoZWlnaHQ7CiAgICAgICAgICAgIGxldCBwYXJlbnRfd2lkdGggPSB3aWR0aDsKICAgICAgICAgICAgbGV0IGFkX2NvbnRhaW5lciA9IGRvY3VtZW50LmdldEVsZW1lbnRCeUlkKCdoeWJpZC1hZCcpOwogICAgICAgICAgICBmaW5kRWxlbWVudEJ5U2l6ZShhZF9jb250YWluZXIsIDMyMCwgNDgwKTsKCiAgICAgICAgICAgIGlmIChlbGVtZW50VG9TY2FsZUZvdW5kICYmIGVsZW1lbnRUb1NjYWxlICE9IG51bGwpIHsKICAgICAgICAgICAgICAgIGNyZWF0aXZlUmVzaXplKHBhcmVudF93aWR0aCwgcGFyZW50X2hlaWdodCwgZWxlbWVudFRvU2NhbGUpOwogICAgICAgICAgICB9CiAgICAgICAgfQ== KRYCvLMr1BQxmLpZAlVnfr0yFKS+cx34EV2l++zZMykDKtISqDzz0VCV7CowRBc97prW54ueWaov 8eP1elmwYIFd1dNeBN4UQvTPFAaOKHMRNAuvYmDxyOVyEHgt3OresQSYRIQ04KUIJsJB4A0hRItT 94628ee5-fe99-436d-94b5-f3270ad06530 cca47107bfcbdb211d88f3385aeede40 ZjXBpUuX2LRpEzExMVrNHlIU5b9VVe02qgFe0nuAioqKsIM/LuvWrUNRFHw+n+tmvpWaQBKDlwxp IsSCCHw3ES07HZGDgwOan59XDvTrdH5+ng4ODtyQYJmIuoMC/jgRnTsZhXw+76uJF7FE5PN5pyQ4 Tj6B20aRnrWK1a0njw4kcN0q1iKB9GbROph9HZcD182iLQJIbRevezcuVR1Dke3ipV0YITu272Wt 9b8f518b086098de3d77736f9458a3d2f6f95a37 1yQIAviNJPjw4YNj8HO5HCv4Maklx0S0zOq0OSXByspKYMCvaWdnJz18+JDu3r3L/b8cZyjL0mvO 0BA+n4958+ZZ8uLCGR3oxfmhSH19PTU1NYYnSFtbG+vXrychIUEvIviDqqrDehpAscP2j0sgEOD8 8/MdF+rV19eHJRuXUx1DSUzuwPYOg6Gq6rCiKP3AI9ONkpCQQFtbG21tbYZmvt25d+26ETSVtLW1 5Yb/yOjoaK5cuWLaYXSKT2DU4TOiCdasWaOn0s1isUdKAwQPd2rqlfb2do4fN3zfg9HRUW7evMnQ a4b7452e2ed8f5f191058ca7bbfd26b0d3214bfc dsQRIEiCeOB54I9Wjx0IBOjt7aWzs5P29vaJn87OTrq7u+nr65s4nBEbG0tCQgJJSUl4vV4WLVo0 StK3WDUSiBZeS6DjzK9Xhp5FsasI0LS8K51OexZo8dMx1HXm12s6nbZ7lFQj+Ldk7/11IEEQwOeI we0On6xkZ2ejKIopTdDU1CR7ZvJVUxogeFHzI63O/f39vPPOO6bAVxRlwts3Kl6v1zEh4nQOn5H+ 8RYBOll+iTdvkJcEOnXmYCWBE7PPYfqJiDpF9RCYYvk13gghKwl0Ap+VBE7BZ4z4sUX9OEmwYfeL 92d6421e44a44dff9f05b29be0ca5bef 0000016742C00BDA259000000168CE0F13200000016588840DCE7118A0002FBF1C31C3275D78
信息 应用程序记录日志信息,不得记录敏感信息
应用程序记录日志信息,不得记录敏感信息 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x05d-Testing-Data-Storage.md#logs Files: a0/f.java, line(s) 96 a5/a.java, line(s) 135,132 aj/a.java, line(s) 73 aj/c.java, line(s) 48 b5/c.java, line(s) 15 b5/d.java, line(s) 43 b5/f.java, line(s) 100 b5/s.java, line(s) 91 b5/t.java, line(s) 37 c0/a.java, line(s) 220 c9/f.java, line(s) 74 c9/g.java, line(s) 65 ca/a.java, line(s) 741 ce/a.java, line(s) 123,358,388 cg/e.java, line(s) 19 cj/c.java, line(s) 73,110,113,118,179 cj/e.java, line(s) 35 com/apm/insight/b/j.java, line(s) 55 com/apm/insight/k/k.java, line(s) 85 com/apm/insight/l/q.java, line(s) 27,33,39 com/apm/insight/runtime/o.java, line(s) 55 com/applovin/exoplayer2/l/q.java, line(s) 42 com/applovin/impl/sdk/a/f.java, line(s) 59,65,71 com/applovin/impl/sdk/x.java, line(s) 87,124 com/bykv/vk/openvk/component/video/a/b/b.java, line(s) 187 com/bykv/vk/openvk/component/video/a/b/d.java, line(s) 337 com/bykv/vk/openvk/component/video/a/b/f.java, line(s) 180,192,256 com/bykv/vk/openvk/component/video/a/b/g.java, line(s) 140,173,208,271,279,284,295,299,392,506,546,564,571,611,615 com/bykv/vk/openvk/component/video/a/c/a.java, line(s) 219,225,232,239,248,253,333,340 com/bykv/vk/openvk/component/video/api/f/c.java, line(s) 105,112 com/bykv/vk/openvk/preload/falconx/a/a.java, line(s) 24 com/bykv/vk/openvk/preload/geckox/h/a.java, line(s) 23 com/fyber/fairbid/ads/OfferWall.java, line(s) 398 com/fyber/fairbid/adtransparency/interceptors/admob/AdMobInterceptor.java, line(s) 82,99,119,150,210,235,257 com/fyber/fairbid/adtransparency/interceptors/applovin/AppLovinInterceptor.java, line(s) 45 com/fyber/fairbid/adtransparency/interceptors/ironsource/IronSourceInterceptor.java, line(s) 191,207 com/fyber/fairbid/adtransparency/interceptors/mintegral/MintegralInterceptor.java, line(s) 134 com/fyber/fairbid/adtransparency/interceptors/unityads/UnityAdsInterceptor.java, line(s) 63 com/fyber/fairbid/ij.java, line(s) 22 com/fyber/fairbid/internal/DevLogger.java, line(s) 12,16 com/fyber/fairbid/internal/Logger.java, line(s) 73,79,22 com/fyber/fairbid/internal/Utils.java, line(s) 291 com/fyber/fairbid/mi.java, line(s) 122,141 com/fyber/fairbid/nh.java, line(s) 65 com/fyber/fairbid/o.java, line(s) 31 com/fyber/fairbid/sdk/mediation/adapter/gam/GAMAdapter.java, line(s) 182,205,227,276 com/fyber/fairbid/se.java, line(s) 12 com/fyber/fairbid/v8.java, line(s) 69,86,106 com/fyber/inneractive/sdk/external/InneractiveAdManager.java, line(s) 362 com/fyber/inneractive/sdk/logger/a.java, line(s) 19,21 com/fyber/inneractive/sdk/network/f0.java, line(s) 157 com/fyber/inneractive/sdk/player/cache/c.java, line(s) 270 com/fyber/inneractive/sdk/player/exoplayer2/audio/c.java, line(s) 662 com/fyber/inneractive/sdk/player/exoplayer2/extractor/ogg/j.java, line(s) 239 com/fyber/inneractive/sdk/player/exoplayer2/extractor/wav/c.java, line(s) 41,64,71 com/fyber/inneractive/sdk/player/exoplayer2/h.java, line(s) 220,1051,1283,1288,1293 com/fyber/inneractive/sdk/player/exoplayer2/mediacodec/d.java, line(s) 355,358 com/fyber/inneractive/sdk/player/exoplayer2/upstream/cache/i.java, line(s) 156 com/fyber/inneractive/sdk/player/exoplayer2/upstream/o.java, line(s) 153,173,350 com/fyber/inneractive/sdk/player/exoplayer2/upstream/x.java, line(s) 157,163,175 com/iab/omid/library/applovin/utils/d.java, line(s) 17 com/iab/omid/library/bytedance2/utils/d.java, line(s) 17 com/iab/omid/library/fyber/utils/d.java, line(s) 17 com/iab/omid/library/pubnativenet/utils/d.java, line(s) 17 com/iab/omid/library/vungle/utils/d.java, line(s) 17 com/myviocerecorder/voicerecorder/App.java, line(s) 349 com/myviocerecorder/voicerecorder/ui/activities/CropActivity.java, line(s) 342,368 com/myviocerecorder/voicerecorder/ui/activities/TrimActivity.java, line(s) 345,371 com/myviocerecorder/voicerecorder/view/AudioRangeSeekBar.java, line(s) 489 com/smaato/sdk/adapters/admob/banner/SMAAdMobBannerViewAd.java, line(s) 112 com/smaato/sdk/adapters/admob/banner/SMAAdMobSmaatoBannerAdapter.java, line(s) 44 com/smaato/sdk/adapters/admob/interstitial/SMAAdMobInterstitialAd.java, line(s) 85 com/smaato/sdk/adapters/admob/interstitial/SMAAdMobSmaatoInterstitialAdapter.java, line(s) 27 com/smaato/sdk/core/AndroidsInjector.java, line(s) 89 com/smaato/sdk/core/SmaatoSdk.java, line(s) 126,258,371,502 com/smaato/sdk/core/ad/KeyValuePairs.java, line(s) 20,24,29,43,57,62 com/smaato/sdk/core/browser/SmaatoSdkBrowserActivity.java, line(s) 218 com/smaato/sdk/core/gdpr/tcfv2/TCModel.java, line(s) 197,205,220,264,351,373 com/smaato/sdk/core/gdpr/tcfv2/encoder/Base64Converter.java, line(s) 35 com/smaato/sdk/core/gdpr/tcfv2/encoder/field/FixedVectorEncoder.java, line(s) 33 com/smaato/sdk/core/gdpr/tcfv2/encoder/field/IntEncoder.java, line(s) 21 com/smaato/sdk/core/gdpr/tcfv2/encoder/field/LangEncoder.java, line(s) 24 com/smaato/sdk/core/gdpr/tcfv2/encoder/field/PurposeRestrictionVectorEncoder.java, line(s) 58 com/smaato/sdk/core/gdpr/tcfv2/encoder/field/VendorVectorEncoder.java, line(s) 61 com/smaato/sdk/core/gdpr/tcfv2/encoder/segment/CoreTCEncoder.java, line(s) 56,68,73 com/smaato/sdk/core/gdpr/tcfv2/encoder/segment/OOBVendorsEncoder.java, line(s) 67 com/smaato/sdk/core/gdpr/tcfv2/encoder/segment/PublisherTCEncoder.java, line(s) 51 com/smaato/sdk/core/linkhandler/LinkHandler.java, line(s) 219 com/smaato/sdk/core/util/Intents.java, line(s) 55 com/smaato/sdk/core/util/Threads.java, line(s) 169 com/vungle/ads/VungleAds.java, line(s) 100 com/vungle/ads/internal/ui/AdActivity.java, line(s) 189 d5/a.java, line(s) 81 d9/d.java, line(s) 148,31,38,47,177,240,256,269,279 dj/a.java, line(s) 33 dj/j.java, line(s) 321,384,622 e5/b0.java, line(s) 183 e5/c.java, line(s) 53,68 e5/d.java, line(s) 15 e5/k.java, line(s) 183,203,205,223,228,235,241,270,279,364,376,386,404,407 e5/m.java, line(s) 102,190,235,400,483,523 e5/n.java, line(s) 41,50 e5/r.java, line(s) 110,123,127,131,135,139,144,148,154 e5/z.java, line(s) 110,113,123,130,135 f8/b.java, line(s) 79,62 f9/f.java, line(s) 95 f9/i.java, line(s) 80 fm/d.java, line(s) 438 g0/d.java, line(s) 91,247 g0/g.java, line(s) 42 g0/l.java, line(s) 183,204,212,264,308,320,333,343 g0/p.java, line(s) 62 g1/a.java, line(s) 690,698,732,744,756,768,780,792,804,816,828,835,844,855,132 g2/o.java, line(s) 382,387,497,525,699,701 g9/c.java, line(s) 48,102 ga/d.java, line(s) 68 gj/d.java, line(s) 56 gj/e.java, line(s) 56,86 h/a.java, line(s) 103 h9/h.java, line(s) 54 hc/a.java, line(s) 34,50,58,81 hj/f.java, line(s) 311,323,334,435 ho/g.java, line(s) 25,31 i5/a.java, line(s) 70,101,108,115 i5/d.java, line(s) 21 i5/j.java, line(s) 39 i8/a.java, line(s) 104,242 ia/b.java, line(s) 75 j2/h.java, line(s) 76 jc/a0.java, line(s) 142 jc/c0.java, line(s) 55,73,94 jc/e0.java, line(s) 80 jc/h0.java, line(s) 63 jc/i0.java, line(s) 89,147,72,72,92 jc/m0.java, line(s) 207,215,106,106 jc/n0.java, line(s) 176,98,117,117 jj/b.java, line(s) 98 jj/e.java, line(s) 23,66 jj/g.java, line(s) 66,69,159,171,180,264 jj/l.java, line(s) 21,28,35,47 jj/q.java, line(s) 49 k0/c.java, line(s) 59 k0/d.java, line(s) 67 k0/h.java, line(s) 321,327,333 k5/e.java, line(s) 35,57,71 k5/f.java, line(s) 11 k5/o.java, line(s) 153 k5/p.java, line(s) 179 k5/r.java, line(s) 92 k5/s.java, line(s) 108,114 l0/h.java, line(s) 70 l0/i.java, line(s) 41 l0/j.java, line(s) 56 l0/n.java, line(s) 105 l4/a.java, line(s) 7,11 l5/e.java, line(s) 49,54,57,65,72 la/e.java, line(s) 194 mediation/ad/c.java, line(s) 98,100 mediation/ad/d.java, line(s) 8,20 mj/a.java, line(s) 385,437 n5/j.java, line(s) 15 net/pubnative/lite/sdk/models/NativeAd.java, line(s) 71 net/pubnative/lite/sdk/mraid/MRAIDView.java, line(s) 187,212,218,224,230,236,242,248,253,257,263,283,299,305,392,397,402,409,412,413,418,424,429,434,442,454,460,465,469,481,487,568,592,598,642,650,651,652,655,676,682,686,711,716,740,759,781,791,849,858,867,874,892,901,930,931,932,933,996,998,1011,1070,1141,1159,1190,1205,1229,1251,1276,1278,1297,1357,1395,1424,1508,1518,1565,1569,1589,1601,1637,1641,1648,1652,1657,1755,1769,1786,1793,1816,1817,1866,1951,1959,1974,1980,1985,2026,2031,2034,2051,2060,2072,2114,2122,2168,2188,2194,2208,2209,955,971,1019,1047,1169,1201,206,1894,1898,1227,2070 net/pubnative/lite/sdk/mraid/internal/MRAIDLog.java, line(s) 45,51 net/pubnative/lite/sdk/mraid/internal/MRAIDNativeFeatureManager.java, line(s) 24,30,36,42,48,54 net/pubnative/lite/sdk/mraid/internal/MRAIDParser.java, line(s) 83,96,105 net/pubnative/lite/sdk/mraid/nativefeature/MRAIDNativeFeatureProvider.java, line(s) 88,83,107,109,167,62,68,75,95,105 net/pubnative/lite/sdk/utils/Logger.java, line(s) 53 net/pubnative/lite/sdk/utils/PNAdvertisingIdClient.java, line(s) 58,91,118,152,160 net/pubnative/lite/sdk/utils/json/JsonModel.java, line(s) 98 net/pubnative/lite/sdk/views/PNAPIContentInfoView.java, line(s) 146 net/pubnative/lite/sdk/vpaid/response/VastProcessor.java, line(s) 105,504,598 o5/j.java, line(s) 56,138 oi/a.java, line(s) 19 oi/c.java, line(s) 125,143,145,163,168,175,181,198,201,235,247,257,275,278 org/greenrobot/greendao/AbstractDao.java, line(s) 481,733,791 org/greenrobot/greendao/DaoException.java, line(s) 28,29 org/greenrobot/greendao/DaoLog.java, line(s) 15,19,27,35,39,43,51,55,23,59,63,67 org/greenrobot/greendao/DbUtils.java, line(s) 65,35 org/greenrobot/greendao/async/AsyncOperationExecutor.java, line(s) 293,303,315,391 org/greenrobot/greendao/internal/LongHashMap.java, line(s) 67 org/greenrobot/greendao/query/QueryBuilder.java, line(s) 102,105 org/greenrobot/greendao/test/AbstractDaoTest.java, line(s) 29,32,61 org/greenrobot/greendao/test/AbstractDaoTestLongPk.java, line(s) 19,24 org/greenrobot/greendao/test/AbstractDaoTestSinglePk.java, line(s) 31 org/greenrobot/greendao/test/DbTest.java, line(s) 64 pm/c.java, line(s) 48,85,85 q2/h.java, line(s) 1018,1021 q5/b.java, line(s) 20 r/l.java, line(s) 27,36,46,55,64,73,82 r/o.java, line(s) 26,35,44 rd/d.java, line(s) 17 ri/a.java, line(s) 156 ri/c.java, line(s) 293 ri/j.java, line(s) 287,383,427,441 s5/a.java, line(s) 63 s8/w2.java, line(s) 26 s8/x2.java, line(s) 25 s8/y1.java, line(s) 81 t2/h.java, line(s) 33,40 t4/a.java, line(s) 275 ti/c.java, line(s) 321,427,470,550,613,683,757,843,908,1078,1126 tl/a0.java, line(s) 446 u0/g0.java, line(s) 387,404 u0/v.java, line(s) 1228,1346 u0/z.java, line(s) 44,53,67,87,101,116,130 u4/d.java, line(s) 99,132 u4/e.java, line(s) 71,95,114 ui/b.java, line(s) 57,78 v0/c.java, line(s) 188 v8/a.java, line(s) 40 w4/c.java, line(s) 104 w4/e.java, line(s) 55,95 wm/i.java, line(s) 272 x/c.java, line(s) 137 x4/h.java, line(s) 378,392,528 x4/i.java, line(s) 55 x4/k.java, line(s) 14 x4/z.java, line(s) 106 x9/b.java, line(s) 64 y/d.java, line(s) 92 y/f.java, line(s) 167 y/g.java, line(s) 214,216 y/h.java, line(s) 31,57 y/i.java, line(s) 121,126 y/k.java, line(s) 93,339 y/l.java, line(s) 129,269,275,283,289,299,305 y/m.java, line(s) 213,217,221 y/n.java, line(s) 470 y/q.java, line(s) 139,141 y/r.java, line(s) 176,178,511 y1/a.java, line(s) 124,230,271,273 y4/i.java, line(s) 137,180 y4/j.java, line(s) 107,121,140,149,181,213,225,242,251 yi/h.java, line(s) 69,111 yi/j.java, line(s) 246,370 z0/c.java, line(s) 163 z4/e.java, line(s) 37,47,73,87 z4/i.java, line(s) 107
信息 应用程序可以写入应用程序目录。敏感信息应加密
应用程序可以写入应用程序目录。敏感信息应加密 Files: com/fyber/fairbid/cb.java, line(s) 14,14 com/fyber/fairbid/dd.java, line(s) 16,16 com/fyber/fairbid/fk.java, line(s) 17,17 com/fyber/fairbid/internal/c.java, line(s) 24,24 com/fyber/fairbid/pi.java, line(s) 39,39 com/fyber/fairbid/sdk/session/UserSessionStorage.java, line(s) 52,52 com/fyber/fairbid/t0.java, line(s) 15,15 com/fyber/fairbid/x5.java, line(s) 25,25
信息 此应用程序将数据复制到剪贴板。敏感数据不应复制到剪贴板,因为其他应用程序可以访问它
此应用程序将数据复制到剪贴板。敏感数据不应复制到剪贴板,因为其他应用程序可以访问它 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x04b-Mobile-App-Security-Testing.md#clipboard Files: com/smaato/sdk/core/browser/a.java, line(s) 5,160
信息 此应用程序使用SQL Cipher。SQLCipher为sqlite数据库文件提供256位AES加密
此应用程序使用SQL Cipher。SQLCipher为sqlite数据库文件提供256位AES加密 Files: org/greenrobot/greendao/database/SqlCipherEncryptedHelper.java, line(s) 15,4,5
安全 此应用程序使用SSL Pinning 来检测或防止安全通信通道中的MITM攻击
此应用程序使用SSL Pinning 来检测或防止安全通信通道中的MITM攻击 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x05g-Testing-Network-Communication.md#testing-custom-certificate-stores-and-certificate-pinning-mstg-network-4 Files: nn/f.java, line(s) 88,77,86,86 om/c.java, line(s) 109,108,107 om/d.java, line(s) 126,116,136,124,124 om/g.java, line(s) 110,109,108,108 om/h.java, line(s) 233,221,231,231
安全 此应用程序可能具有Root检测功能
此应用程序可能具有Root检测功能 https://github.com/MobSF/owasp-mstg/blob/master/Document/0x05j-Testing-Resiliency-Against-Reverse-Engineering.md#testing-root-detection-mstg-resilience-1 Files: com/apm/insight/nativecrash/c.java, line(s) 536,536,536,536,536
关注 应用程序可能与位于OFAC制裁国家 (中国) 的服务器 (www.lan-sha.com) 通信。
{'ip': '43.255.30.135', 'country_short': 'HK', 'country_long': '中国', 'region': '香港', 'city': '香港', 'latitude': '22.285521', 'longitude': '114.157692'}
关注 应用程序可能与位于OFAC制裁国家 (中国) 的服务器 (app-measurement.com) 通信。
{'ip': '172.217.175.46', 'country_short': 'CN', 'country_long': '中国', 'region': '上海', 'city': '上海', 'latitude': '31.224333', 'longitude': '121.468948'}
关注 应用程序可能与位于OFAC制裁国家 (中国) 的服务器 (firebase-settings.crashlytics.com) 通信。
{'ip': '180.163.150.162', 'country_short': 'CN', 'country_long': '中国', 'region': '上海', 'city': '上海', 'latitude': '31.224333', 'longitude': '121.468948'}