温馨提示:本平台仅供研究软件风险、安全评估,禁止用于非法用途。由于展示的数据过于全面,请耐心等待加载完成。如有疑问或建议, 可加入我们的微信群讨论

APP评分

病毒检测 文件安全

安全评分

文件信息

文件名称 br.com.cervantes.linkgarcom v3.2.3.apk
文件大小 3.7MB
MD5 3633f2981b9f2bdad9e5c7d41858cd19
SHA1 61bfd23821f25f2c833a51bd9e458da0804d424a
SHA256 9480f357171723d60565b46b09274ad2d79c4e0e94f8a930f2f13411ccc434bb

应用信息

应用名称 Link Garçom
包名 br.com.cervantes.linkgarcom
主活动 br.com.cervantes.linkgarcom.MainActivity
目标SDK 31     最小SDK 21
版本号 3.2.3     子版本号 83
加固信息 未加壳

GooglePlay应用信息

标题 Link Garçom
评分 4.3076925
安装 10,000+   次下载
价格 0
Android版本支持
分类 餐饮美食
Play 商店链接 br.com.cervantes.linkgarcom
开发者 Cervantes Tecnologia
开发者 ID 6898889713010750021
开发者 地址 None
开发者 主页 http://www.cervantestecnologia.com.br
开发者 Email desenvolvimento@cervantestecnologia.com.br
发布日期 None
隐私政策 Privacy link

关于此应用
此应用程序只能与 Cervantes Tecnologia 开发的商业自动化系统 Link 结合使用。

该应用程序允许服务员控制订单、添加产品、管理餐桌和订单以及许多其他功能。
链接服务员特点:

 - 控制表和客户账户;
 - 控制命令;
 - 按描述、代码或组搜索产品;
 - 在表/命令之间传输项目;
 - 与您的产品创建组合;
 - 组装多种口味的产品;
 - 为产品添加补充;
 - 轻松找到客户账户;
 - 将订单发送到打印点(例如厨房)。
 - 打印所需桌子或客户帐户的会议。

要了解有关 Link 自动化系统的更多信息,请访问 https://cervantestecnologia.com.br/Link_Pro

注意:要使用该应用程序的 1.28 版本,Link 系统必须更新至 1.0.0.499 或更高版本。

组件导出信息

扫描选项

重新扫描 管理规则 动态分析

反编译代码

Manifest文件 查看
APK文件 下载
Java源代码 查看 -- 下载

证书信息

二进制文件已签名
v1 签名: True
v2 签名: True
v3 签名: True
v4 签名: False
主题: C=US, ST=California, L=Mountain View, O=Google Inc., OU=Android, CN=Android
签名算法: rsassa_pkcs1v15
有效期自: 2019-05-06 12:24:25+00:00
有效期至: 2049-05-06 12:24:25+00:00
发行人: C=US, ST=California, L=Mountain View, O=Google Inc., OU=Android, CN=Android
序列号: 0x821a7a91a526ed9c1577b99102d7612c98a00c9c
哈希算法: sha256
证书MD5: 3dfde18c5298ee0e9868237937a4c37d
证书SHA1: 81485ce2cb731cae0114ea8e58988bdc3d7f2e8a
证书SHA256: 2b86dc1d76cd522a03a5e64851d956feae1b8d440fafd4421199e6356bae40e8
证书SHA512: c722c8fe8895c9b3496af79dca76723368ec54af89f6c685e605e238bcc07a805de653b1313f397ff5c0d8aca17aafdd37abc343fbf76f94bafb176c84b8c0c8
公钥算法: rsa
密钥长度: 4096
指纹: 7c40c12bbac86b1fcaa84528d426d3c7f6f9f5c545b65096096dfa6deb3def31
找到 1 个唯一证书

应用程序权限

权限名称 安全等级 权限内容 权限描述 关联代码
android.permission.INTERNET 危险 完全互联网访问 允许应用程序创建网络套接字。
android.permission.BLUETOOTH 危险 创建蓝牙连接 允许应用程序查看或创建蓝牙连接。
android.permission.BLUETOOTH_ADMIN 危险 管理蓝牙 允许程序发现和配对新的蓝牙设备。
android.permission.SYSTEM_ALERT_WINDOW 危险 弹窗 允许应用程序弹窗。 恶意程序可以接管手机的整个屏幕。
android.permission.WRITE_EXTERNAL_STORAGE 危险 读取/修改/删除外部存储内容 允许应用程序写入外部存储。
android.permission.READ_EXTERNAL_STORAGE 危险 读取SD卡内容 允许应用程序从SD卡读取信息。
android.permission.ACCESS_NETWORK_STATE 普通 获取网络状态 允许应用程序查看所有网络的状态。
android.permission.GET_ACCOUNTS 普通 探索已知账号 允许应用程序访问帐户服务中的帐户列表。
android.permission.REBOOT 签名(系统) 强行重新启动手机 允许应用程序强行重新启动手机。
android.permission.WRITE_APN_SETTINGS 危险 写入访问点名称设置 允许应用程序写入访问点名称设置。
titan.extperm.SETTING_GET 未知 未知权限 来自 android 引用的未知权限。
titan.extperm.SETTING_SET 未知 未知权限 来自 android 引用的未知权限。
android.permission.READ_USER_DICTIONARY 危险 读取用户定义的词典 允许应用程序读取用户在用户词典中存储的任意私有字词、名称和短语。
br.com.uol.pagseguro.permission.MANAGE_PAYMENTS 未知 未知权限 来自 android 引用的未知权限。
android.permission.CHANGE_WIFI_STATE 危险 改变Wi-Fi状态 允许应用程序改变Wi-Fi状态。

证书分析

高危
0
警告
1
信息
1
标题 严重程度 描述信息
已签名应用 信息 应用程序已使用代码签名证书进行签名

MANIFEST分析

高危
0
警告
3
信息
0
屏蔽
0
序号 问题 严重程度 描述信息 操作
1 应用程序可以安装在有漏洞的已更新 Android 版本上
Android 5.0-5.0.2, [minSdk=21]
信息 该应用程序可以安装在具有多个未修复漏洞的旧版本 Android 上。这些设备不会从 Google 接收合理的安全更新。支持 Android 版本 => 10、API 29 以接收合理的安全更新。
2 应用程序数据可以被备份
[android:allowBackup=true]
警告 这个标志允许任何人通过adb备份你的应用程序数据。它允许已经启用了USB调试的用户从设备上复制应用程序数据。
3 Content Provider (br.com.stone.posandroid.datacontainer.data.contentprovider.DataContainerProvider) 未被保护。
[android:exported=true]
警告 发现 Content Provider与设备上的其他应用程序共享,因此可被设备上的任何其他应用程序访问。
4 Broadcast Receiver (br.com.uol.pagseguro.plugpagservice.wrapper.receivers.PlugPagPrintActionReceiver) 未被保护。
[android:exported=true]
警告 发现 Broadcast Receiver与设备上的其他应用程序共享,因此可被设备上的任何其他应用程序访问。

可浏览的ACTIVITIES

ACTIVITY INTENT
br.com.cervantes.linkgarcom.MainActivity Schemes: linkgarcom://,
Hosts: pay-response,

网络安全配置

序号 范围 严重级别 描述

API调用分析

API功能 源码文件
一般功能-> 文件操作
a5/b.java
a5/h.java
a5/l.java
a5/m.java
ab/j.java
b5/e.java
b5/f.java
bb/a.java
br/com/stone/payment/domain/factory/Parser.java
br/com/stone/payment/domain/factory/ParserFactory.java
br/com/stone/payment/domain/factory/XStreamXmlParser.java
br/com/stone/payment/domain/mapping/BrandInfo.java
br/com/stone/payment/domain/utils/Utils.java
br/com/stone/posandroid/datacontainer/api/util/ExtBitmapKt.java
br/com/stone/posandroid/datacontainer/data/receipt/ReceiptDataSourceImpl.java
br/com/stone/posandroid/datacontainer/data/system/config/SystemConfigDao.java
br/com/stone/posandroid/emv/tlv/BytesUtil.java
br/com/stone/posandroid/emv/tlv/TLVData.java
br/com/stone/posandroid/hal/api/settings/util/ExtCpuTemperatureKt.java
br/com/stone/posandroid/pal/hal/adapter/DeviceProviderAdapter.java
br/com/stone/posandroid/phc/client/utils/PHCAdapterOkHttp.java
br/com/stone/posandroid/providers/PosReprintReceiptProvider.java
br/com/stone/posandroid/providers/PosTransactionProvider.java
br/com/stone/sdk/android/auth/cancel/data/parser/authorization/CancelParser.java
br/com/stone/sdk/android/auth/cancel/domain/model/events/CancellationConnectionEvent.java
br/com/stone/sdk/android/auth/cancel/domain/model/events/CancellationSendEvent.java
br/com/stone/sdk/android/auth/capture/data/parser/authorization/CaptureParser.java
br/com/stone/sdk/android/auth/capture/domain/model/events/CaptureConnectionEvent.java
br/com/stone/sdk/android/auth/capture/domain/model/events/CaptureSendEvent.java
br/com/stone/sdk/android/auth/payment/data/parser/authorization/PaymentParser.java
br/com/stone/sdk/android/auth/payment/domain/model/events/PaymentConnectionEvent.java
br/com/stone/sdk/android/auth/payment/domain/model/events/PaymentSendEvent.java
br/com/stone/sdk/android/infrastructure/http/request/impl/RealRequest.java
br/com/stone/sdk/android/infrastructure/http/request/impl/RequestBody.java
br/com/stone/sdk/android/infrastructure/http/response/impl/RealResponse.java
br/com/stone/sdk/android/infrastructure/xml/loader/XmlLoader$directories$2.java
br/com/stone/sdk/android/infrastructure/xml/loader/XmlLoader.java
br/com/stone/sdk/android/transport/TransportConfigProperties.java
cb/a.java
cb/d.java
cb/e.java
cb/f.java
cb/g.java
cb/h.java
cb/i.java
cb/j.java
cb/k.java
cb/n.java
com/thoughtworks/xstream/XStream.java
com/thoughtworks/xstream/XStreamer.java
com/thoughtworks/xstream/converters/extended/FileConverter.java
com/thoughtworks/xstream/converters/reflection/ExternalizableConverter.java
com/thoughtworks/xstream/converters/reflection/PureJavaReflectionProvider.java
com/thoughtworks/xstream/converters/reflection/SerializableConverter.java
com/thoughtworks/xstream/converters/reflection/SerializationMethodInvoker.java
com/thoughtworks/xstream/core/JVM.java
com/thoughtworks/xstream/core/util/Base64Encoder.java
com/thoughtworks/xstream/core/util/CustomObjectInputStream.java
com/thoughtworks/xstream/core/util/CustomObjectOutputStream.java
com/thoughtworks/xstream/core/util/QuickWriter.java
com/thoughtworks/xstream/core/util/XmlHeaderAwareReader.java
com/thoughtworks/xstream/io/AbstractDriver.java
com/thoughtworks/xstream/io/HierarchicalStreamDriver.java
com/thoughtworks/xstream/io/StatefulWriter.java
com/thoughtworks/xstream/io/binary/BinaryStreamDriver.java
com/thoughtworks/xstream/io/binary/BinaryStreamReader.java
com/thoughtworks/xstream/io/binary/BinaryStreamWriter.java
com/thoughtworks/xstream/io/binary/Token.java
com/thoughtworks/xstream/io/json/AbstractJsonWriter.java
com/thoughtworks/xstream/io/json/JettisonMappedXmlDriver.java
com/thoughtworks/xstream/io/json/JsonHierarchicalStreamDriver.java
com/thoughtworks/xstream/io/json/JsonHierarchicalStreamWriter.java
com/thoughtworks/xstream/io/json/JsonWriter.java
com/thoughtworks/xstream/io/xml/AbstractXppDomDriver.java
com/thoughtworks/xstream/io/xml/AbstractXppDriver.java
com/thoughtworks/xstream/io/xml/CompactWriter.java
com/thoughtworks/xstream/io/xml/Dom4JDriver.java
com/thoughtworks/xstream/io/xml/Dom4JXmlWriter.java
com/thoughtworks/xstream/io/xml/DomDriver.java
com/thoughtworks/xstream/io/xml/JDom2Driver.java
com/thoughtworks/xstream/io/xml/JDomDriver.java
com/thoughtworks/xstream/io/xml/PrettyPrintWriter.java
com/thoughtworks/xstream/io/xml/StaxDriver.java
com/thoughtworks/xstream/io/xml/XomDriver.java
com/thoughtworks/xstream/io/xml/XppReader.java
com/thoughtworks/xstream/io/xml/xppdom/Xpp3DomBuilder.java
com/thoughtworks/xstream/io/xml/xppdom/XppDom.java
com/thoughtworks/xstream/io/xml/xppdom/XppFactory.java
com/thoughtworks/xstream/mapper/AnnotationMapper.java
com/thoughtworks/xstream/mapper/PackageAliasingMapper.java
com/thoughtworks/xstream/persistence/AbstractFilePersistenceStrategy.java
com/thoughtworks/xstream/persistence/FilePersistenceStrategy.java
com/thoughtworks/xstream/persistence/FileStreamStrategy.java
d3/PlugPagAbortResult.java
d3/PlugPagAppIdentification.java
d3/PlugPagPaymentData.java
d3/PlugPagVoidData.java
d7/c.java
db/a.java
db/b.java
e5/a.java
e5/c.java
e5/d.java
e9/b.java
e9/c.java
e9/d.java
e9/e.java
e9/f.java
e9/g.java
e9/h.java
e9/i.java
e9/l.java
e9/m.java
e9/n.java
e9/o.java
e9/p.java
e9/q.java
e9/r.java
e9/s.java
e9/t.java
e9/u.java
e9/v.java
e9/w.java
eb/a.java
f9/a.java
fc/g.java
fc/n.java
fc/p.java
g/g.java
gb/a.java
h9/a.java
hb/a.java
hb/b.java
hb/c.java
hb/e.java
hb/f.java
hb/j.java
hb/k.java
hb/l.java
hb/o.java
hb/s.java
hb/t.java
hb/u.java
hc/b.java
i6/r.java
i7/c0.java
i7/d.java
i7/p.java
i7/q.java
i7/t.java
i7/u.java
i7/v.java
i9/g.java
j7/c0.java
j7/d0.java
j7/e0.java
j8/h.java
j8/i.java
k5/c.java
k7/b.java
k7/d.java
l6/i.java
l9/a.java
l9/b.java
l9/d.java
l9/e.java
l9/f.java
l9/i.java
l9/j.java
l9/k.java
l9/m.java
l9/p.java
l9/s.java
l9/u.java
la/e.java
m1/a.java
m5/a.java
m5/c.java
m5/g.java
m5/j.java
m5/l.java
n/g.java
n5/b.java
n6/b.java
n7/c.java
n7/h.java
na/j.java
o5/c.java
o6/a.java
o6/d.java
org/sqlite/database/DatabaseUtils.java
org/sqlite/database/DefaultDatabaseErrorHandler.java
org/sqlite/database/sqlite/SQLiteClosable.java
org/sqlite/database/sqlite/SQLiteConnectionPool.java
org/sqlite/database/sqlite/SQLiteDatabase.java
org/sqlite/database/sqlite/SQLiteOpenHelper.java
p0/a.java
p0/b.java
p0/c.java
p3/c.java
p5/a.java
p5/c.java
p8/g.java
pa/j1.java
q0/b.java
q0/c.java
q0/d.java
q3/e.java
q3/g.java
s/f.java
s7/a.java
s7/b.java
s7/c.java
s7/d.java
s7/e.java
s7/f.java
s7/k.java
s7/l.java
s7/m.java
s7/n.java
s8/e.java
stone/cache/ApplicationCache.java
stone/connections/bluetooth/BluetoothConnectionController.java
stone/connections/bluetooth/BluetoothConnectionUseCase.java
stone/controllers/CommandController.java
stone/database/transaction/InternalTransactionDAO.java
stone/exception/ConnectionNotFoundException.java
stone/exception/IncompatibleDeviceException.java
stone/providers/BaseTransactionProvider.java
stone/providers/BluetoothConnectionProvider.java
stone/providers/SendEmailTransactionProvider.java
stone/providers/commands/CommandReader.java
stone/providers/commands/CommandWriter.java
stone/utils/CacheHelper.java
stone/utils/ConnectionValidator.java
stone/utils/HashCalculator.java
stone/utils/PinpadObject.java
stone/utils/datacontainermapper/TransactionMapperKt.java
stone/utils/encryption/KeyStoreWrapper.java
t/e.java
t/g.java
t/i.java
t/j.java
t/k.java
t6/a.java
wa/d0.java
wa/e0.java
wa/g.java
wa/h0.java
wa/i0.java
wa/u.java
wa/w.java
x0/c.java
x1/a.java
x9/t.java
xa/e.java
y4/f.java
y4/l.java
y4/v.java
y5/a.java
y5/d.java
y7/c.java
y9/b.java
y9/c.java
y9/d.java
ya/a.java
z3/PaymentError.java
z3/a.java
z9/h.java
za/b.java
za/c.java
za/d.java
za/e.java
za/g.java
za/i.java
za/k.java
一般功能-> 获取系统服务(getSystemService)
设备指纹-> getAllCellInfo br/com/stone/sdk/android/infrastructure/connectivity/Connectivity.java
设备指纹-> getSimOperator br/com/stone/payment/domain/network/NetworkUtils.java
br/com/stone/sdk/android/infrastructure/connectivity/Connectivity.java
设备指纹-> 查看运营商信息 br/com/stone/sdk/android/infrastructure/connectivity/Connectivity.java
一般功能-> 获取活动网路信息
调用java反射机制
a5/d.java
a5/m.java
b0/c0.java
b0/f.java
b0/u.java
b0/v.java
b5/i.java
bc/d.java
br/com/stone/pay/core/resolver/PaymentDependencyResolver.java
br/com/stone/payment/domain/resolver/ClassResolver.java
br/com/stone/posandroid/hal/api/provider/AutoProvider.java
br/com/stone/posandroid/phc/client/contract/PHCBinderContract_Proxy.java
br/com/stone/posandroid/phc/client/contract/PHCBinderContract_Stub.java
br/com/stone/sdk/android/infrastructure/helpers/MobileResetManager.java
com/thoughtworks/xstream/XStream.java
com/thoughtworks/xstream/annotations/AnnotationProvider.java
com/thoughtworks/xstream/annotations/AnnotationReflectionConverter.java
com/thoughtworks/xstream/converters/collections/PropertiesConverter.java
com/thoughtworks/xstream/converters/collections/TreeMapConverter.java
com/thoughtworks/xstream/converters/collections/TreeSetConverter.java
com/thoughtworks/xstream/converters/enums/EnumMapConverter.java
com/thoughtworks/xstream/converters/enums/EnumSetConverter.java
com/thoughtworks/xstream/converters/extended/DynamicProxyConverter.java
com/thoughtworks/xstream/converters/extended/JavaFieldConverter.java
com/thoughtworks/xstream/converters/extended/JavaMethodConverter.java
com/thoughtworks/xstream/converters/extended/StackTraceElementFactory.java
com/thoughtworks/xstream/converters/extended/ToAttributedValueConverter.java
com/thoughtworks/xstream/converters/extended/UseAttributeForEnumMapper.java
com/thoughtworks/xstream/converters/javabean/BeanProperty.java
com/thoughtworks/xstream/converters/javabean/BeanProvider.java
com/thoughtworks/xstream/converters/reflection/AbstractAttributedCharacterIteratorAttributeConverter.java
com/thoughtworks/xstream/converters/reflection/AbstractReflectionConverter.java
com/thoughtworks/xstream/converters/reflection/CGLIBEnhancedConverter.java
com/thoughtworks/xstream/converters/reflection/FieldDictionary.java
com/thoughtworks/xstream/converters/reflection/PureJavaReflectionProvider.java
com/thoughtworks/xstream/converters/reflection/ReflectionProvider.java
com/thoughtworks/xstream/converters/reflection/ReflectionProviderWrapper.java
com/thoughtworks/xstream/converters/reflection/SerializableConverter.java
com/thoughtworks/xstream/converters/reflection/SerializationMethodInvoker.java
com/thoughtworks/xstream/converters/reflection/SunLimitedUnsafeReflectionProvider.java
com/thoughtworks/xstream/converters/reflection/SunUnsafeReflectionProvider.java
com/thoughtworks/xstream/core/JVM.java
com/thoughtworks/xstream/core/util/CompositeClassLoader.java
com/thoughtworks/xstream/core/util/CustomObjectInputStream.java
com/thoughtworks/xstream/core/util/Fields.java
com/thoughtworks/xstream/io/xml/SjsxpDriver.java
com/thoughtworks/xstream/io/xml/XppReader.java
com/thoughtworks/xstream/mapper/AnnotationMapper.java
com/thoughtworks/xstream/mapper/AttributeMapper.java
com/thoughtworks/xstream/mapper/DefaultMapper.java
com/thoughtworks/xstream/mapper/ImplicitCollectionMapper.java
d5/c.java
db/a.java
db/b.java
db/c.java
db/d.java
db/e.java
db/f.java
e8/d.java
e8/e.java
e8/f0.java
e8/g0.java
e8/h.java
e8/i.java
e8/j.java
e8/v.java
e8/w.java
f8/a.java
f8/b.java
f8/e.java
f8/g.java
f8/h.java
f8/i.java
fc/k.java
fc/l.java
fc/m.java
fc/p.java
fc/q.java
fc/s.java
fc/u.java
fc/v.java
fc/y.java
g/g.java
h/c.java
j8/i.java
jc/a.java
jc/c.java
jc/d.java
l9/i.java
lc/c.java
m5/h.java
m5/n.java
m9/g.java
o6/d.java
p7/b.java
p7/c.java
p8/c.java
p8/e.java
p8/m.java
pa/y.java
q7/a.java
q8/a.java
q8/b.java
q8/c.java
q8/e.java
q8/l.java
q8/r.java
q8/u.java
q8/y.java
r/b.java
r/f.java
r7/a.java
s/f.java
s0/a.java
t/e.java
t/f.java
t/g.java
t/h.java
t0/a0.java
t0/b0.java
t0/c0.java
t0/w.java
t0/z.java
u/a.java
u/e.java
u9/d.java
x/d.java
xa/e.java
y4/c.java
y4/d.java
y4/e.java
网络通信-> TCP套接字
加密解密-> Base64 解密
一般功能-> IPC通信
一般功能-> 加载so文件 p5/c.java
stone/utils/HashCalculator.java
stone/utils/keys/KeyUtil.java
组件-> 启动 Service
网络通信-> SSL证书处理
加密解密-> Base64 加密
命令执行-> getRuntime.exec() br/com/stone/posandroid/hal/api/settings/util/ExtCpuTemperatureKt.java
stone/utils/ConnectionValidator.java
组件-> ContentProvider
隐私数据-> 获取已安装的应用程序 m4/p.java
u5/a.java
网络通信-> 蓝牙连接
加密解密-> 信息摘要算法
设备指纹-> 查看本机SIM卡序列号 br/com/stone/posandroid/hal/api/network/NetworkInfoManager.java
进程操作-> 获取进程pid br/com/stone/posandroid/hal/api/network/NetworkInfoManager.java
m5/e.java
t/k.java
组件-> 启动 Activity
加密解密-> Crypto加解密组件
进程操作-> 杀死进程 m5/e.java
网络通信-> HTTP请求、连接和会话 br/com/stone/sdk/android/infrastructure/http/client/impl/AsyncHttpClientExecutor.java
一般功能-> 查询数据库(短信、联系人、通话记录、浏览器历史等) br/com/stone/payment/domain/network/NetworkAdapter.java
网络通信-> URLConnection
一般功能-> 获取网络接口信息 o6/d.java
组件-> 发送广播 m6/b.java
网络通信-> HTTP建立连接 n5/b.java
网络通信-> HTTPS建立连接 br/com/stone/sdk/android/infrastructure/http/connection/impl/RealConnection.java
n5/b.java
DEX-> 动态加载
辅助功能accessibility相关 b0/a.java
c0/d.java
一般功能-> PowerManager操作 br/com/stone/posandroid/hal/api/settings/Settings.java

源代码分析

高危
1
警告
7
信息
2
安全
1
屏蔽
0
序号 问题 等级 参考标准 文件位置 操作
1 应用程序记录日志信息,不得记录敏感信息 信息 CWE: CWE-532: 通过日志文件的信息暴露
OWASP MASVS: MSTG-STORAGE-3
b0/b.java
b0/c0.java
b0/i.java
b0/u.java
b0/v.java
b0/x.java
b1/d.java
b4/a.java
br/com/stone/posandroid/phc/client/contract/PHCBinderContract_Stub.java
c0/d.java
com/thoughtworks/xstream/core/JVM.java
d/a.java
g/g.java
g0/a.java
h/c.java
h4/a.java
jc/a.java
jc/c.java
jc/d.java
l6/i.java
lc/a.java
lc/b.java
lc/c.java
m4/a.java
m4/n.java
m4/o.java
m4/p.java
m6/a.java
m6/b.java
m6/c.java
n5/c.java
o4/h.java
o6/d.java
org/sqlite/database/DatabaseUtils.java
org/sqlite/database/DefaultDatabaseErrorHandler.java
org/sqlite/database/sqlite/CloseGuard.java
org/sqlite/database/sqlite/SQLiteConnection.java
org/sqlite/database/sqlite/SQLiteConnectionPool.java
org/sqlite/database/sqlite/SQLiteCursor.java
org/sqlite/database/sqlite/SQLiteDatabase.java
org/sqlite/database/sqlite/SQLiteDebug.java
org/sqlite/database/sqlite/SQLiteOpenHelper.java
org/sqlite/database/sqlite/SQLiteQuery.java
org/sqlite/database/sqlite/SQLiteQueryBuilder.java
p5/c.java
p5/d.java
q0/c.java
r/b.java
r/e.java
r/h.java
s/a.java
s/b.java
s/f.java
s0/a.java
stone/application/StoneStart.java
stone/cache/ApplicationCache.java
stone/connections/bluetooth/BluetoothConnectionUseCase.java
stone/database/pinpad/PinpadDAO.java
stone/database/transaction/InternalTransactionDAO.java
stone/providers/BluetoothConnectionProvider.java
stone/providers/CaptureTransactionProvider.java
stone/providers/LoadTablesProvider.java
stone/providers/commands/lfc/LfcResponseCommand.java
stone/repository/merchant/MerchantRepositoryImpl.java
stone/utils/ConnectionValidator.java
stone/utils/GlobalInformations.java
stone/utils/LogUtils.java
stone/utils/RequestAsyncTaskAbstract.java
t/c.java
t/e.java
t/f.java
t/g.java
t/k.java
t0/a0.java
t0/b0.java
t0/c0.java
t0/w.java
t0/z.java
u/a.java
u/e.java
v0/a.java
v0/b.java
v5/b.java
x/d.java
x0/g.java
x0/l.java
x2/a.java
2 应用程序可以读取/写入外部存储器,任何应用程序都可以读取写入外部存储器的数据 警告 CWE: CWE-276: 默认权限不正确
OWASP Top 10: M2: Insecure Data Storage
OWASP MASVS: MSTG-STORAGE-2
3 文件可能包含硬编码的敏感信息,如用户名、密码、密钥等 警告 CWE: CWE-312: 明文存储敏感信息
OWASP Top 10: M9: Reverse Engineering
OWASP MASVS: MSTG-STORAGE-14
br/com/stone/payment/domain/datamodel/ApnInfo.java
br/com/stone/payment/domain/datamodel/TerminalInfo.java
br/com/stone/payment/domain/mapping/BrandInfo.java
br/com/stone/posandroid/datacontainer/api/merchant/MerchantCommand.java
br/com/stone/posandroid/datacontainer/api/merchant/MerchantContract.java
br/com/stone/posandroid/datacontainer/api/merchant/MerchantQuery.java
br/com/stone/posandroid/datacontainer/api/system/config/SystemConfigContract.java
br/com/stone/posandroid/datacontainer/data/merchant/MerchantEntity.java
br/com/stone/posandroid/hal/api/Properties.java
br/com/stone/posandroid/hal/api/network/ApnInfo.java
br/com/stone/posandroid/settings/client/domain/model/TerminalSettingsConfig.java
br/com/stone/sdk/android/activation/domain/model/api/response/Merchant.java
br/com/stone/sdk/android/auth/payment/domain/model/response/PaymentData.java
br/com/stone/sdk/android/owl/data/model/template/ReportDynamicTemplateData.java
br/com/stone/sdk/android/owl/domain/model/report/ReportData.java
br/com/stone/sdk/android/transport/domain/connection/ProxyConnectionManager.java
r2/SecurityKeys.java
stone/database/transaction/InternalTransactionDAO.java
stone/database/transaction/TransactionObject.java
stone/database/transaction/TransactionSQLiteHelper.java
stone/providers/model/auth/cancel/TransactionInfo.java
stone/providers/model/auth/capture/TransactionInfo.java
stone/providers/model/auth/payment/EncryptionData.java
stone/providers/model/auth/revert/TransactionInfo.java
stone/user/UserModel.java
stone/utils/GlobalInformations.java
stone/utils/encryption/EncryptionUtil.java
w1/Merchant.java
4 应用程序使用不安全的随机数生成器 警告 CWE: CWE-330: 使用不充分的随机数
OWASP Top 10: M5: Insufficient Cryptography
OWASP MASVS: MSTG-CRYPTO-6
5 应用程序可以写入应用程序目录。敏感信息应加密 信息 CWE: CWE-276: 默认权限不正确
OWASP MASVS: MSTG-STORAGE-14
stone/utils/CacheHelper.java
6 应用程序使用SQLite数据库并执行原始SQL查询。原始SQL查询中不受信任的用户输入可能会导致SQL注入。敏感信息也应加密并写入数据库 警告 CWE: CWE-89: SQL命令中使用的特殊元素转义处理不恰当('SQL 注入')
OWASP Top 10: M7: Client Code Quality
7 IP地址泄露 警告 CWE: CWE-200: 信息泄露
OWASP MASVS: MSTG-CODE-2
br/com/stone/posandroid/phc/client/hosts/ProductionHost.java
br/com/stone/posandroid/phc/client/hosts/StagingHost.java
8 使用弱加密算法 高危 CWE: CWE-327: 使用已被攻破或存在风险的密码学算法
OWASP Top 10: M5: Insufficient Cryptography
OWASP MASVS: MSTG-CRYPTO-4
stone/application/Encryption.java
9 SHA-1是已知存在哈希冲突的弱哈希 警告 CWE: CWE-327: 使用已被攻破或存在风险的密码学算法
OWASP Top 10: M5: Insufficient Cryptography
OWASP MASVS: MSTG-CRYPTO-4
stone/application/Encryption.java
u5/a.java
10 MD5是已知存在哈希冲突的弱哈希 警告 CWE: CWE-327: 使用已被攻破或存在风险的密码学算法
OWASP Top 10: M5: Insufficient Cryptography
OWASP MASVS: MSTG-CRYPTO-4
stone/utils/HashCalculator.java
11 此应用程序使用SSL Pinning 来检测或防止安全通信通道中的MITM攻击 安全
OWASP MASVS: MSTG-NETWORK-4
br/com/stone/sdk/android/infrastructure/http/connection/impl/RealConnection.java
xa/e.java

动态库分析

No Shared Objects found.
序号 动态库 NX(堆栈禁止执行) STACK CANARY(栈保护) RELRO RPATH(指定SO搜索路径) RUNPATH(指定SO搜索路径) FORTIFY(常用函数加强检查) SYMBOLS STRIPPED(裁剪符号表)

文件分析

序号 问题 文件

VIRUSTOTAL扫描

  检出率: 0 / 68       完整报告

滥用权限

恶意软件常用权限 2/30
android.permission.SYSTEM_ALERT_WINDOW
android.permission.GET_ACCOUNTS
其它常用权限 7/46
android.permission.INTERNET
android.permission.BLUETOOTH
android.permission.BLUETOOTH_ADMIN
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.READ_EXTERNAL_STORAGE
android.permission.ACCESS_NETWORK_STATE
android.permission.CHANGE_WIFI_STATE

恶意软件常用权限 是被已知恶意软件广泛滥用的权限。
其它常用权限 是已知恶意软件经常滥用的权限。

IP地图

域名检测

域名 状态 中国境内 位置信息 解析
labcert.stone.com.br 安全
没有可用的地理位置信息。




poiactivation.stone.com.br 安全
IP地址: 192.86.4.138
国家: 美利坚合众国
地区: 得克萨斯州
城市: 达拉斯
查看: Google 地图





tms.stone.com.br 安全
IP地址: 192.86.4.138
国家: 美利坚合众国
地区: 得克萨斯州
城市: 达拉斯
查看: Google 地图





sandbox-auth-integration.stone.com.br 安全
IP地址: 199.250.254.156
国家: 美利坚合众国
地区: 得克萨斯州
城市: 达拉斯
查看: Google 地图





pos.stone.com.br 安全
IP地址: 162.159.140.41
国家: 美利坚合众国
地区: 加利福尼亚
城市: 旧金山
查看: Google 地图





www.stone.com.br 安全
IP地址: 162.159.140.41
国家: 美利坚合众国
地区: 加利福尼亚
城市: 旧金山
查看: Google 地图





tms-internal-homolog.stone.com.br 安全
没有可用的地理位置信息。




tms-itg.stone.com.br 安全
IP地址: 192.86.4.138
国家: 美利坚合众国
地区: 得克萨斯州
城市: 达拉斯
查看: Google 地图





com.thoughtworks.xstream 安全
没有可用的地理位置信息。




tms-stg.stone.com.br 安全
IP地址: 172.66.0.41
国家: 美利坚合众国
地区: 加利福尼亚
城市: 旧金山
查看: Google 地图





poi-internal-homolog.stone.com.br 安全
IP地址: 172.66.0.41
国家: 美利坚合众国
地区: 加利福尼亚
城市: 旧金山
查看: Google 地图





poistaging.stone.com.br 安全
IP地址: 199.250.254.154
国家: 美利坚合众国
地区: 得克萨斯州
城市: 达拉斯
查看: Google 地图





api.mixpanel.com 安全
IP地址: 130.211.34.183
国家: 美利坚合众国
地区: 密苏里州
城市: 堪萨斯城
查看: Google 地图





api.cielo.com.br 安全
IP地址: 23.206.188.164
国家: 美利坚合众国
地区: 加利福尼亚
城市: 洛杉矶
查看: Google 地图





api.sendgrid.com 安全
IP地址: 54.248.129.79
国家: 日本
地区: 东京
城市: 东京
查看: Google 地图





手机号码

网址

网址信息 源码文件
http://www.stone.com.br/docs/img/logo-recibo.png
stone/utils/GlobalInformations.java
https://github.com/mixpanel/mixpanel-android/issues/567
m5/a.java
https://tms.stone.com.br
stone/environment/tms/TmsProductionEnvironment.java
https://labcert.stone.com.br
stone/environment/tms/TmsInternalCertificationEnvironment.java
https://tms-internal-homolog.stone.com.br
stone/environment/tms/TmsInternalHomologEnvironment.java
https://tms-itg.stone.com.br
stone/environment/tms/TmsSandboxEnvironment.java
https://tms-stg.stone.com.br
stone/environment/tms/TmsStagingEnvironment.java
https://poiactivation.stone.com.br/v1/datetime
stone/environment/interfaces/TmsEnvironment.java
https://api.mixpanel.com
m5/f.java
199.250.254.133
199.250.254.138
192.86.4.133
34.73.16.14
34.74.165.40
192.86.4.138
52.186.34.81
br/com/stone/posandroid/phc/client/hosts/ProductionHost.java
8.8.8.8
br/com/stone/posandroid/phc/client/hosts/StagingHost.java
https://api.cielo.com.br/order-management-sdk/v1/
b4/a.java
http://com.thoughtworks.xstream/sax/property/configured-xstream
http://com.thoughtworks.xstream/sax/property/source-object-list
com/thoughtworks/xstream/io/xml/SaxWriter.java
http://com.thoughtworks.xstream/xstreamsource/feature
com/thoughtworks/xstream/io/xml/TraxSource.java
https://api.sendgrid.com/
br/com/stone/sdk/android/owl/data/repository/sendgrid/SendGridApi.java
https://api.sendgrid.com/
br/com/stone/sdk/android/owl/data/repository/sendgrid/SendGridApiHelper.java
https://poistaging.stone.com.br
stone/environment/authorize/AuthorizeStagingEnvironment.java
https://poi-internal-homolog.stone.com.br
stone/environment/authorize/AuthorizeInternalHomologEnvironment.java
https://sandbox-auth-integration.stone.com.br
stone/environment/authorize/AuthorizeSandboxEnvironment.java
https://labcert.stone.com.br
stone/environment/authorize/AuthorizeInternalCertificationEnvironment.java
https://pos.stone.com.br
stone/environment/authorize/AuthorizeProductionEnvironment.java
https://sandbox-auth-integration.stone.com.br
https://labcert.stone.com.br
https://tms.stone.com.br
34.74.165.40
https://api.cielo.com.br/order-management-sdk/v1/
199.250.254.133
8.8.8.8
http://com.thoughtworks.xstream/xstreamsource/feature
http://com.thoughtworks.xstream/sax/property/source-object-list
34.73.16.14
https://poi-internal-homolog.stone.com.br
52.186.34.81
https://api.sendgrid.com/
199.250.254.138
https://api.mixpanel.com
192.86.4.133
https://github.com/mixpanel/mixpanel-android/issues/567
https://tms-stg.stone.com.br
https://tms-itg.stone.com.br
https://tms-internal-homolog.stone.com.br
https://poistaging.stone.com.br
https://poiactivation.stone.com.br/v1/datetime
http://www.stone.com.br/docs/img/logo-recibo.png
www.stone.com.br
https://pos.stone.com.br
http://com.thoughtworks.xstream/sax/property/configured-xstream
192.86.4.138
自研引擎-S

FIREBASE实例

邮箱

EMAIL 源码文件
this@abstracttypeconstructor.builtins
this@abstracttypeconstructor.paramete
ba/g.java
this@createcapturedifneeded.type
o9/d.java
noreply@stone.com.br
stone/providers/SendEmailTransactionProvider.java
null@null.xml
com/thoughtworks/xstream/persistence/FilePersistenceStrategy.java
useruseruser@stone.com.br
this@createcapturedifneeded.type
this@abstracttypeconstructor.builtins
null@null.xml
noreply@stone.com.br
this@abstracttypeconstructor.paramete
自研引擎-S

追踪器

名称 类别 网址

密钥凭证

已显示 23 个secrets
1、 "key_0" : "0"
2、 "key_1" : "1"
3、 "key_2" : "2"
4、 "key_3" : "3"
5、 "key_4" : "4"
6、 "key_5" : "5"
7、 "key_6" : "6"
8、 "key_7" : "7"
9、 "key_8" : "8"
10、 "key_9" : "9"
11、 85053bf24bba75239b16a601d9387e17
12、 7cc490f4dc6e158b4bb59e32a9cd5454
13、 BE55F1282F360550EAB76747F965C686
14、 DDA572FF90CA5CA33C65334414129F3A
15、 d-0925111d0db34d2ea6dba5372b4ea3bf
16、 C4CAC0067EAE98C18D40520BF79124CA03DB0026903587FCDF37C9F7202DA336
17、 446298dec3fc7e1d038cae9a6b054a0f
18、 d-3ef37ef037574f5eac9943b19839aad6
19、 2HQ3ydC9FqezON14OCzE8puTB4qOyrRnwltrHy3HpHOvaHPlSo
20、 d-46c4c5151ec24078929aae671fffc7b8
21、 OPdHe02ZnJocuScmK8uOSyGNq0aKsJ91ndnvC019ReuN68jeRZ
22、 008A537A32814CC4A18F0C93DC2DEAF1
23、 5F2A82959A9C9F029F109F1A9F269F339F369F379F279F349F6E

字符串列表

建议导出为TXT,方便查看。

活动列表

已显示 3 个activities
1、 br.com.cervantes.linkgarcom.MainActivity
2、 io.flutter.plugins.urllauncher.WebViewActivity
3、 br.com.stone.posandroid.pal.hal.adapter.pinpad.processor.StonePedActivity

服务列表

已显示 1 个services
1、 androidx.room.MultiInstanceInvalidationService

广播接收者列表

已显示 1 个receivers
1、 br.com.uol.pagseguro.plugpagservice.wrapper.receivers.PlugPagPrintActionReceiver

内容提供者列表

已显示 1 个providers
1、 br.com.stone.posandroid.datacontainer.data.contentprovider.DataContainerProvider

第三方SDK

SDK名称 开发者 描述信息
Jetpack Room Google Room 持久性库在 SQLite 的基础上提供了一个抽象层,让用户能够在充分利用 SQLite 的强大功能的同时,获享更强健的数据库访问机制。

文件列表

AndroidManifest.xml
DebugProbesKt.bin
META-INF/android.support.design_material.version
META-INF/androidx.activity_activity-ktx.version
META-INF/androidx.activity_activity.version
META-INF/androidx.annotation_annotation-experimental.version
META-INF/androidx.appcompat_appcompat-resources.version
META-INF/androidx.appcompat_appcompat.version
META-INF/androidx.arch.core_core-runtime.version
META-INF/androidx.asynclayoutinflater_asynclayoutinflater.version
META-INF/androidx.cardview_cardview.version
META-INF/androidx.coordinatorlayout_coordinatorlayout.version
META-INF/androidx.core_core-ktx.version
META-INF/androidx.core_core.version
META-INF/androidx.cursoradapter_cursoradapter.version
META-INF/androidx.customview_customview.version
META-INF/androidx.documentfile_documentfile.version
META-INF/androidx.drawerlayout_drawerlayout.version
META-INF/androidx.fragment_fragment-ktx.version
META-INF/androidx.fragment_fragment.version
META-INF/androidx.interpolator_interpolator.version
META-INF/androidx.legacy_legacy-support-core-ui.version
META-INF/androidx.legacy_legacy-support-core-utils.version
META-INF/androidx.lifecycle_lifecycle-extensions.version
META-INF/androidx.lifecycle_lifecycle-livedata-core-ktx.version
META-INF/androidx.lifecycle_lifecycle-livedata-core.version
META-INF/androidx.lifecycle_lifecycle-livedata.version
META-INF/androidx.lifecycle_lifecycle-runtime-ktx.version
META-INF/androidx.lifecycle_lifecycle-runtime.version
META-INF/androidx.lifecycle_lifecycle-viewmodel-ktx.version
META-INF/androidx.lifecycle_lifecycle-viewmodel-savedstate.version
META-INF/androidx.lifecycle_lifecycle-viewmodel.version
META-INF/androidx.loader_loader.version
META-INF/androidx.localbroadcastmanager_localbroadcastmanager.version
META-INF/androidx.print_print.version
META-INF/androidx.recyclerview_recyclerview.version
META-INF/androidx.room_room-ktx.version
META-INF/androidx.room_room-runtime.version
META-INF/androidx.savedstate_savedstate-ktx.version
META-INF/androidx.savedstate_savedstate.version
META-INF/androidx.slidingpanelayout_slidingpanelayout.version
META-INF/androidx.sqlite_sqlite-framework.version
META-INF/androidx.sqlite_sqlite.version
META-INF/androidx.swiperefreshlayout_swiperefreshlayout.version
META-INF/androidx.tracing_tracing.version
META-INF/androidx.transition_transition.version
META-INF/androidx.vectordrawable_vectordrawable-animated.version
META-INF/androidx.vectordrawable_vectordrawable.version
META-INF/androidx.versionedparcelable_versionedparcelable.version
META-INF/androidx.viewpager_viewpager.version
META-INF/androidx.window_window-java.version
META-INF/androidx.window_window.version
META-INF/com/android/build/gradle/app-metadata.properties
META-INF/com.google.android.material_material.version
META-INF/rxkotlin.properties
META-INF/services/h8.a
META-INF/services/kotlinx.coroutines.CoroutineExceptionHandler
META-INF/services/kotlinx.coroutines.internal.MainDispatcherFactory
META-INF/services/n9.e
SciBrandCfg.xml
aids.json
aids_certification.json
assets/flutter_assets/AssetManifest.json
assets/flutter_assets/FontManifest.json
assets/flutter_assets/NOTICES.Z
assets/flutter_assets/assets/images/svg/logo_cervantes_cinza.svg
assets/flutter_assets/assets/images/svg/logo_link_garcom.svg
assets/flutter_assets/assets/images/svg/server.svg
assets/flutter_assets/fonts/MaterialIcons-Regular.otf
assets/flutter_assets/packages/mixpanel_flutter/assets/mixpanel.js
assets/flutter_assets/shaders/ink_sparkle.frag
capks.json
capks_certification.json
classes.dex
kotlin/annotation/annotation.kotlin_builtins
kotlin/collections/collections.kotlin_builtins
kotlin/coroutines/coroutines.kotlin_builtins
kotlin/internal/internal.kotlin_builtins
kotlin/kotlin.kotlin_builtins
kotlin/ranges/ranges.kotlin_builtins
kotlin/reflect/reflect.kotlin_builtins
kotlin-tooling-metadata.json
okhttp3/internal/publicsuffix/NOTICE
okhttp3/internal/publicsuffix/publicsuffixes.gz
org/apache/commons/codec/language/bm/ash_approx_any.txt
org/apache/commons/codec/language/bm/ash_approx_common.txt
org/apache/commons/codec/language/bm/ash_approx_cyrillic.txt
org/apache/commons/codec/language/bm/ash_approx_english.txt
org/apache/commons/codec/language/bm/ash_approx_french.txt
org/apache/commons/codec/language/bm/ash_approx_german.txt
org/apache/commons/codec/language/bm/ash_approx_hebrew.txt
org/apache/commons/codec/language/bm/ash_approx_hungarian.txt
org/apache/commons/codec/language/bm/ash_approx_polish.txt
org/apache/commons/codec/language/bm/ash_approx_romanian.txt
org/apache/commons/codec/language/bm/ash_approx_russian.txt
org/apache/commons/codec/language/bm/ash_approx_spanish.txt
org/apache/commons/codec/language/bm/ash_exact_any.txt
org/apache/commons/codec/language/bm/ash_exact_approx_common.txt
org/apache/commons/codec/language/bm/ash_exact_common.txt
org/apache/commons/codec/language/bm/ash_exact_cyrillic.txt
org/apache/commons/codec/language/bm/ash_exact_english.txt
org/apache/commons/codec/language/bm/ash_exact_french.txt
org/apache/commons/codec/language/bm/ash_exact_german.txt
org/apache/commons/codec/language/bm/ash_exact_hebrew.txt
org/apache/commons/codec/language/bm/ash_exact_hungarian.txt
org/apache/commons/codec/language/bm/ash_exact_polish.txt
org/apache/commons/codec/language/bm/ash_exact_romanian.txt
org/apache/commons/codec/language/bm/ash_exact_russian.txt
org/apache/commons/codec/language/bm/ash_exact_spanish.txt
org/apache/commons/codec/language/bm/ash_hebrew_common.txt
org/apache/commons/codec/language/bm/ash_lang.txt
org/apache/commons/codec/language/bm/ash_languages.txt
org/apache/commons/codec/language/bm/ash_rules_any.txt
org/apache/commons/codec/language/bm/ash_rules_cyrillic.txt
org/apache/commons/codec/language/bm/ash_rules_english.txt
org/apache/commons/codec/language/bm/ash_rules_french.txt
org/apache/commons/codec/language/bm/ash_rules_german.txt
org/apache/commons/codec/language/bm/ash_rules_hebrew.txt
org/apache/commons/codec/language/bm/ash_rules_hungarian.txt
org/apache/commons/codec/language/bm/ash_rules_polish.txt
org/apache/commons/codec/language/bm/ash_rules_romanian.txt
org/apache/commons/codec/language/bm/ash_rules_russian.txt
org/apache/commons/codec/language/bm/ash_rules_spanish.txt
org/apache/commons/codec/language/bm/gen_approx_any.txt
org/apache/commons/codec/language/bm/gen_approx_arabic.txt
org/apache/commons/codec/language/bm/gen_approx_common.txt
org/apache/commons/codec/language/bm/gen_approx_cyrillic.txt
org/apache/commons/codec/language/bm/gen_approx_czech.txt
org/apache/commons/codec/language/bm/gen_approx_dutch.txt
org/apache/commons/codec/language/bm/gen_approx_english.txt
org/apache/commons/codec/language/bm/gen_approx_french.txt
org/apache/commons/codec/language/bm/gen_approx_german.txt
org/apache/commons/codec/language/bm/gen_approx_greek.txt
org/apache/commons/codec/language/bm/gen_approx_greeklatin.txt
org/apache/commons/codec/language/bm/gen_approx_hebrew.txt
org/apache/commons/codec/language/bm/gen_approx_hungarian.txt
org/apache/commons/codec/language/bm/gen_approx_italian.txt
org/apache/commons/codec/language/bm/gen_approx_polish.txt
org/apache/commons/codec/language/bm/gen_approx_portuguese.txt
org/apache/commons/codec/language/bm/gen_approx_romanian.txt
org/apache/commons/codec/language/bm/gen_approx_russian.txt
org/apache/commons/codec/language/bm/gen_approx_spanish.txt
org/apache/commons/codec/language/bm/gen_approx_turkish.txt
org/apache/commons/codec/language/bm/gen_exact_any.txt
org/apache/commons/codec/language/bm/gen_exact_approx_common.txt
org/apache/commons/codec/language/bm/gen_exact_arabic.txt
org/apache/commons/codec/language/bm/gen_exact_common.txt
org/apache/commons/codec/language/bm/gen_exact_cyrillic.txt
org/apache/commons/codec/language/bm/gen_exact_czech.txt
org/apache/commons/codec/language/bm/gen_exact_dutch.txt
org/apache/commons/codec/language/bm/gen_exact_english.txt
org/apache/commons/codec/language/bm/gen_exact_french.txt
org/apache/commons/codec/language/bm/gen_exact_german.txt
org/apache/commons/codec/language/bm/gen_exact_greek.txt
org/apache/commons/codec/language/bm/gen_exact_greeklatin.txt
org/apache/commons/codec/language/bm/gen_exact_hebrew.txt
org/apache/commons/codec/language/bm/gen_exact_hungarian.txt
org/apache/commons/codec/language/bm/gen_exact_italian.txt
org/apache/commons/codec/language/bm/gen_exact_polish.txt
org/apache/commons/codec/language/bm/gen_exact_portuguese.txt
org/apache/commons/codec/language/bm/gen_exact_romanian.txt
org/apache/commons/codec/language/bm/gen_exact_russian.txt
org/apache/commons/codec/language/bm/gen_exact_spanish.txt
org/apache/commons/codec/language/bm/gen_exact_turkish.txt
org/apache/commons/codec/language/bm/gen_hebrew_common.txt
org/apache/commons/codec/language/bm/gen_lang.txt
org/apache/commons/codec/language/bm/gen_languages.txt
org/apache/commons/codec/language/bm/gen_rules_any.txt
org/apache/commons/codec/language/bm/gen_rules_arabic.txt
org/apache/commons/codec/language/bm/gen_rules_cyrillic.txt
org/apache/commons/codec/language/bm/gen_rules_czech.txt
org/apache/commons/codec/language/bm/gen_rules_dutch.txt
org/apache/commons/codec/language/bm/gen_rules_english.txt
org/apache/commons/codec/language/bm/gen_rules_french.txt
org/apache/commons/codec/language/bm/gen_rules_german.txt
org/apache/commons/codec/language/bm/gen_rules_greek.txt
org/apache/commons/codec/language/bm/gen_rules_greeklatin.txt
org/apache/commons/codec/language/bm/gen_rules_hebrew.txt
org/apache/commons/codec/language/bm/gen_rules_hungarian.txt
org/apache/commons/codec/language/bm/gen_rules_italian.txt
org/apache/commons/codec/language/bm/gen_rules_polish.txt
org/apache/commons/codec/language/bm/gen_rules_portuguese.txt
org/apache/commons/codec/language/bm/gen_rules_romanian.txt
org/apache/commons/codec/language/bm/gen_rules_russian.txt
org/apache/commons/codec/language/bm/gen_rules_spanish.txt
org/apache/commons/codec/language/bm/gen_rules_turkish.txt
org/apache/commons/codec/language/bm/lang.txt
org/apache/commons/codec/language/bm/sep_approx_any.txt
org/apache/commons/codec/language/bm/sep_approx_common.txt
org/apache/commons/codec/language/bm/sep_approx_french.txt
org/apache/commons/codec/language/bm/sep_approx_hebrew.txt
org/apache/commons/codec/language/bm/sep_approx_italian.txt
org/apache/commons/codec/language/bm/sep_approx_portuguese.txt
org/apache/commons/codec/language/bm/sep_approx_spanish.txt
org/apache/commons/codec/language/bm/sep_exact_any.txt
org/apache/commons/codec/language/bm/sep_exact_approx_common.txt
org/apache/commons/codec/language/bm/sep_exact_common.txt
org/apache/commons/codec/language/bm/sep_exact_french.txt
org/apache/commons/codec/language/bm/sep_exact_hebrew.txt
org/apache/commons/codec/language/bm/sep_exact_italian.txt
org/apache/commons/codec/language/bm/sep_exact_portuguese.txt
org/apache/commons/codec/language/bm/sep_exact_spanish.txt
org/apache/commons/codec/language/bm/sep_hebrew_common.txt
org/apache/commons/codec/language/bm/sep_lang.txt
org/apache/commons/codec/language/bm/sep_languages.txt
org/apache/commons/codec/language/bm/sep_rules_any.txt
org/apache/commons/codec/language/bm/sep_rules_french.txt
org/apache/commons/codec/language/bm/sep_rules_hebrew.txt
org/apache/commons/codec/language/bm/sep_rules_italian.txt
org/apache/commons/codec/language/bm/sep_rules_portuguese.txt
org/apache/commons/codec/language/bm/sep_rules_spanish.txt
org/apache/commons/codec/language/dmrules.txt
res/anim/abc_fade_in.xml
res/anim/abc_fade_out.xml
res/anim/abc_grow_fade_in_from_bottom.xml
res/anim/abc_popup_enter.xml
res/anim/abc_popup_exit.xml
res/anim/abc_shrink_fade_out_from_bottom.xml
res/anim/abc_slide_in_bottom.xml
res/anim/abc_slide_in_top.xml
res/anim/abc_slide_out_bottom.xml
res/anim/abc_slide_out_top.xml
res/anim/abc_tooltip_enter.xml
res/anim/abc_tooltip_exit.xml
res/anim/btn_checkbox_to_checked_box_inner_merged_animation.xml
res/anim/btn_checkbox_to_checked_box_outer_merged_animation.xml
res/anim/btn_checkbox_to_checked_icon_null_animation.xml
res/anim/btn_checkbox_to_unchecked_box_inner_merged_animation.xml
res/anim/btn_checkbox_to_unchecked_check_path_merged_animation.xml
res/anim/btn_checkbox_to_unchecked_icon_null_animation.xml
res/anim/btn_radio_to_off_mtrl_dot_group_animation.xml
res/anim/btn_radio_to_off_mtrl_ring_outer_animation.xml
res/anim/btn_radio_to_off_mtrl_ring_outer_path_animation.xml
res/anim/btn_radio_to_on_mtrl_dot_group_animation.xml
res/anim/btn_radio_to_on_mtrl_ring_outer_animation.xml
res/anim/btn_radio_to_on_mtrl_ring_outer_path_animation.xml
res/anim/design_snackbar_in.xml
res/anim/design_snackbar_out.xml
res/anim-v21/design_bottom_sheet_slide_in.xml
res/anim-v21/design_bottom_sheet_slide_out.xml
res/anim-v21/fragment_fast_out_extra_slow_in.xml
res/animator/design_fab_hide_motion_spec.xml
res/animator/design_fab_show_motion_spec.xml
res/animator/enter_key_selector.xml
res/animator/fragment_close_enter.xml
res/animator/fragment_close_exit.xml
res/animator/fragment_fade_enter.xml
res/animator/fragment_fade_exit.xml
res/animator/fragment_open_enter.xml
res/animator/fragment_open_exit.xml
res/animator/mtrl_btn_state_list_anim.xml
res/animator/mtrl_btn_unelevated_state_list_anim.xml
res/animator/mtrl_chip_state_list_anim.xml
res/animator/mtrl_fab_hide_motion_spec.xml
res/animator/mtrl_fab_show_motion_spec.xml
res/animator/mtrl_fab_transformation_sheet_collapse_spec.xml
res/animator/mtrl_fab_transformation_sheet_expand_spec.xml
res/animator-v21/design_appbar_state_list_animator.xml
res/color/abc_background_cache_hint_selector_material_dark.xml
res/color/abc_background_cache_hint_selector_material_light.xml
res/color/abc_btn_colored_text_material.xml
res/color/abc_hint_foreground_material_dark.xml
res/color/abc_hint_foreground_material_light.xml
res/color/abc_primary_text_disable_only_material_dark.xml
res/color/abc_primary_text_disable_only_material_light.xml
res/color/abc_primary_text_material_dark.xml
res/color/abc_primary_text_material_light.xml
res/color/abc_search_url_text.xml
res/color/abc_secondary_text_material_dark.xml
res/color/abc_secondary_text_material_light.xml
res/color/abc_tint_btn_checkable.xml
res/color/abc_tint_default.xml
res/color/abc_tint_edittext.xml
res/color/abc_tint_seek_thumb.xml
res/color/abc_tint_spinner.xml
res/color/abc_tint_switch_track.xml
res/color/design_error.xml
res/color/design_tint_password_toggle.xml
res/color/mtrl_bottom_nav_colored_item_tint.xml
res/color/mtrl_bottom_nav_item_tint.xml
res/color/mtrl_btn_bg_color_selector.xml
res/color/mtrl_btn_ripple_color.xml
res/color/mtrl_btn_stroke_color_selector.xml
res/color/mtrl_btn_text_btn_ripple_color.xml
res/color/mtrl_btn_text_color_selector.xml
res/color/mtrl_chip_background_color.xml
res/color/mtrl_chip_close_icon_tint.xml
res/color/mtrl_chip_ripple_color.xml
res/color/mtrl_chip_text_color.xml
res/color/mtrl_fab_ripple_color.xml
res/color/mtrl_tabs_colored_ripple_color.xml
res/color/mtrl_tabs_icon_color_selector.xml
res/color/mtrl_tabs_icon_color_selector_colored.xml
res/color/mtrl_tabs_legacy_text_color_selector.xml
res/color/mtrl_tabs_ripple_color.xml
res/color/mtrl_text_btn_text_color_selector.xml
res/color/switch_thumb_material_dark.xml
res/color/switch_thumb_material_light.xml
res/color-v21/abc_btn_colored_borderless_text_material.xml
res/color-v23/abc_btn_colored_borderless_text_material.xml
res/color-v23/abc_btn_colored_text_material.xml
res/color-v23/abc_color_highlight_material.xml
res/color-v23/abc_tint_btn_checkable.xml
res/color-v23/abc_tint_default.xml
res/color-v23/abc_tint_edittext.xml
res/color-v23/abc_tint_seek_thumb.xml
res/color-v23/abc_tint_spinner.xml
res/color-v23/abc_tint_switch_track.xml
res/color-v23/design_tint_password_toggle.xml
res/drawable/abc_btn_borderless_material.xml
res/drawable/abc_btn_check_material.xml
res/drawable/abc_btn_check_material_anim.xml
res/drawable/abc_btn_default_mtrl_shape.xml
res/drawable/abc_btn_radio_material.xml
res/drawable/abc_btn_radio_material_anim.xml
res/drawable/abc_cab_background_internal_bg.xml
res/drawable/abc_cab_background_top_material.xml
res/drawable/abc_ic_ab_back_material.xml
res/drawable/abc_ic_arrow_drop_right_black_24dp.xml
res/drawable/abc_ic_clear_material.xml
res/drawable/abc_ic_go_search_api_material.xml
res/drawable/abc_ic_menu_copy_mtrl_am_alpha.xml
res/drawable/abc_ic_menu_cut_mtrl_alpha.xml
res/drawable/abc_ic_menu_overflow_material.xml
res/drawable/abc_ic_menu_paste_mtrl_am_alpha.xml
res/drawable/abc_ic_menu_selectall_mtrl_alpha.xml
res/drawable/abc_ic_menu_share_mtrl_alpha.xml
res/drawable/abc_ic_search_api_material.xml
res/drawable/abc_ic_voice_search_api_material.xml
res/drawable/abc_item_background_holo_dark.xml
res/drawable/abc_item_background_holo_light.xml
res/drawable/abc_list_selector_background_transition_holo_dark.xml
res/drawable/abc_list_selector_background_transition_holo_light.xml
res/drawable/abc_list_selector_holo_dark.xml
res/drawable/abc_list_selector_holo_light.xml
res/drawable/abc_ratingbar_indicator_material.xml
res/drawable/abc_ratingbar_material.xml
res/drawable/abc_ratingbar_small_material.xml
res/drawable/abc_seekbar_thumb_material.xml
res/drawable/abc_seekbar_tick_mark_material.xml
res/drawable/abc_seekbar_track_material.xml
res/drawable/abc_spinner_textfield_background_material.xml
res/drawable/abc_star_black_48dp.xml
res/drawable/abc_star_half_black_48dp.xml
res/drawable/abc_switch_thumb_material.xml
res/drawable/abc_tab_indicator_material.xml
res/drawable/abc_text_cursor_material.xml
res/drawable/abc_textfield_search_material.xml
res/drawable/abc_vector_test.xml
res/drawable/btn_checkbox_checked_mtrl.xml
res/drawable/btn_checkbox_checked_to_unchecked_mtrl_animation.xml
res/drawable/btn_checkbox_unchecked_mtrl.xml
res/drawable/btn_checkbox_unchecked_to_checked_mtrl_animation.xml
res/drawable/btn_radio_off_mtrl.xml
res/drawable/btn_radio_off_to_on_mtrl_animation.xml
res/drawable/btn_radio_on_mtrl.xml
res/drawable/btn_radio_on_to_off_mtrl_animation.xml
res/drawable/cancel_key.xml
res/drawable/cielo_title.png
res/drawable/delete_key.xml
res/drawable/design_fab_background.xml
res/drawable/design_snackbar_background.xml
res/drawable/enter_key.xml
res/drawable/ic_cancel.xml
res/drawable/ic_delete.xml
res/drawable/ic_mtrl_chip_checked_black.xml
res/drawable/ic_mtrl_chip_checked_circle.xml
res/drawable/ic_mtrl_chip_close_circle.xml
res/drawable/ic_stone_logo.xml
res/drawable/mtrl_snackbar_background.xml
res/drawable/mtrl_tabs_default_indicator.xml
res/drawable/navigation_empty_icon.xml
res/drawable/notification_bg.xml
res/drawable/notification_bg_low.xml
res/drawable/notification_icon_background.xml
res/drawable/notification_tile_bg.xml
res/drawable/number_key.xml
res/drawable/receipt_manager_background_line.xml
res/drawable/receipt_manager_background_square.xml
res/drawable/receipt_manager_last_errors_borders.xml
res/drawable/tooltip_frame_dark.xml
res/drawable/tooltip_frame_light.xml
res/drawable-v21/$avd_hide_password__0.xml
res/drawable-v21/$avd_hide_password__1.xml
res/drawable-v21/$avd_hide_password__2.xml
res/drawable-v21/$avd_show_password__0.xml
res/drawable-v21/$avd_show_password__1.xml
res/drawable-v21/$avd_show_password__2.xml
res/drawable-v21/abc_action_bar_item_background_material.xml
res/drawable-v21/abc_btn_colored_material.xml
res/drawable-v21/abc_dialog_material_background.xml
res/drawable-v21/abc_edit_text_material.xml
res/drawable-v21/abc_list_divider_material.xml
res/drawable-v21/avd_hide_password.xml
res/drawable-v21/avd_show_password.xml
res/drawable-v21/design_bottom_navigation_item_background.xml
res/drawable-v21/design_password_eye.xml
res/drawable-v21/launch_background.xml
res/drawable-v21/notification_action_background.xml
res/drawable-v23/abc_control_background_material.xml
res/drawable-watch-v20/abc_dialog_material_background.xml
res/drawable-xxhdpi-v4/reprint_background.xml
res/drawable-xxhdpi-v4/reprint_watermark.png
res/font/sharon_sans_black.otf
res/font/sharon_sans_black_family.xml
res/font/sharon_sans_black_italic.otf
res/font/sharon_sans_bold.otf
res/font/sharon_sans_bold_family.xml
res/font/sharon_sans_bold_italic.otf
res/font/sharon_sans_family.xml
res/font/sharon_sans_light.xml
res/font/sharon_sans_light_family.otf
res/font/sharon_sans_light_italic.otf
res/font/sharon_sans_medium.xml
res/font/sharon_sans_medium_family.otf
res/font/sharon_sans_medium_italic.otf
res/font/sharon_sans_regular.otf
res/font/sharon_sans_regular_italic.otf
res/font/sharon_sans_thin.xml
res/font/sharon_sans_thin_family.otf
res/font/sharon_sans_thin_italic.otf
res/font-v22/sharon_sans_black_family.xml
res/font-v22/sharon_sans_bold_family.xml
res/font-v22/sharon_sans_family.xml
res/font-v22/sharon_sans_light.xml
res/font-v22/sharon_sans_medium.xml
res/font-v22/sharon_sans_thin.xml
res/interpolator/btn_checkbox_checked_mtrl_animation_interpolator_0.xml
res/interpolator/btn_checkbox_checked_mtrl_animation_interpolator_1.xml
res/interpolator/btn_checkbox_unchecked_mtrl_animation_interpolator_0.xml
res/interpolator/btn_checkbox_unchecked_mtrl_animation_interpolator_1.xml
res/interpolator/btn_radio_to_off_mtrl_animation_interpolator_0.xml
res/interpolator/btn_radio_to_on_mtrl_animation_interpolator_0.xml
res/interpolator/fast_out_slow_in.xml
res/interpolator/mtrl_linear.xml
res/interpolator-v21/mtrl_fast_out_linear_in.xml
res/interpolator-v21/mtrl_fast_out_slow_in.xml
res/interpolator-v21/mtrl_linear_out_slow_in.xml
res/layout/abc_action_bar_title_item.xml
res/layout/abc_action_bar_up_container.xml
res/layout/abc_action_menu_item_layout.xml
res/layout/abc_action_menu_layout.xml
res/layout/abc_action_mode_bar.xml
res/layout/abc_action_mode_close_item_material.xml
res/layout/abc_activity_chooser_view.xml
res/layout/abc_activity_chooser_view_list_item.xml
res/layout/abc_alert_dialog_button_bar_material.xml
res/layout/abc_alert_dialog_material.xml
res/layout/abc_alert_dialog_title_material.xml
res/layout/abc_cascading_menu_item_layout.xml
res/layout/abc_dialog_title_material.xml
res/layout/abc_expanded_menu_layout.xml
res/layout/abc_list_menu_item_checkbox.xml
res/layout/abc_list_menu_item_icon.xml
res/layout/abc_list_menu_item_layout.xml
res/layout/abc_list_menu_item_radio.xml
res/layout/abc_popup_menu_header_item_layout.xml
res/layout/abc_popup_menu_item_layout.xml
res/layout/abc_screen_content_include.xml
res/layout/abc_screen_simple.xml
res/layout/abc_screen_simple_overlay_action_mode.xml
res/layout/abc_screen_toolbar.xml
res/layout/abc_search_dropdown_item_icons_2line.xml
res/layout/abc_search_view.xml
res/layout/abc_select_dialog_material.xml
res/layout/abc_tooltip.xml
res/layout/activity_cancelation_return.xml
res/layout/custom_dialog.xml
res/layout/design_bottom_navigation_item.xml
res/layout/design_bottom_sheet_dialog.xml
res/layout/design_layout_snackbar.xml
res/layout/design_layout_snackbar_include.xml
res/layout/design_layout_tab_icon.xml
res/layout/design_layout_tab_text.xml
res/layout/design_menu_item_action_area.xml
res/layout/design_navigation_item.xml
res/layout/design_navigation_item_header.xml
res/layout/design_navigation_item_separator.xml
res/layout/design_navigation_item_subheader.xml
res/layout/design_navigation_menu.xml
res/layout/design_navigation_menu_item.xml
res/layout/design_text_input_password_icon.xml
res/layout/header_rav.xml
res/layout/mtrl_layout_snackbar.xml
res/layout/mtrl_layout_snackbar_include.xml
res/layout/nokeyboard.xml
res/layout/notification_template_part_chronometer.xml
res/layout/notification_template_part_time.xml
res/layout/receipt_manager_activation.xml
res/layout/receipt_manager_cancel_establishment_and_client.xml
res/layout/receipt_manager_payment_establishment_and_client.xml
res/layout/receipt_manager_payment_establishment_and_client_enlarged.xml
res/layout/receipt_manager_rav_automatic.xml
res/layout/receipt_manager_rav_spot.xml
res/layout/receipt_manager_register_pix_account.xml
res/layout/receipt_manager_report_consolidated.xml
res/layout/receipt_manager_report_detailed.xml
res/layout/receipt_manager_report_empty.xml
res/layout/receipt_manager_report_footer.xml
res/layout/receipt_manager_support_last_errors_bottom.xml
res/layout/receipt_manager_support_last_errors_header.xml
res/layout/receipt_manager_support_last_errors_item.xml
res/layout/regularkeyboard.xml
res/layout/select_dialog_item_material.xml
res/layout/select_dialog_multichoice_material.xml
res/layout/select_dialog_singlechoice_material.xml
res/layout/support_simple_spinner_dropdown_item.xml
res/layout-sw600dp-v13/design_layout_snackbar.xml
res/layout-sw600dp-v13/mtrl_layout_snackbar.xml
res/layout-v21/notification_action.xml
res/layout-v21/notification_action_tombstone.xml
res/layout-v21/notification_template_custom_big.xml
res/layout-v21/notification_template_icon_group.xml
res/layout-v22/abc_alert_dialog_button_bar_material.xml
res/layout-v22/receipt_manager_cancel_establishment_and_client.xml
res/layout-v22/receipt_manager_support_last_errors_bottom.xml
res/layout-v22/receipt_manager_support_last_errors_item.xml
res/layout-v26/abc_screen_toolbar.xml
res/layout-watch-v20/abc_alert_dialog_button_bar_material.xml
res/layout-watch-v20/abc_alert_dialog_title_material.xml
res/mipmap-anydpi-v26/ic_launcher.xml
res/mipmap-hdpi-v4/ic_launcher.png
res/mipmap-mdpi-v4/ic_launcher.png
res/mipmap-xhdpi-v4/ic_launcher.png
res/mipmap-xxhdpi-v4/ic_launcher.png
res/mipmap-xxxhdpi-v4/ic_launcher.png
res/raw/beeping_sound.wav
res/raw/receipt_email_template.html
res/xml/splits0.xml
resources.arsc
transport-config.properties
stamp-cert-sha256
META-INF/BNDLTOOL.SF
META-INF/BNDLTOOL.RSA
META-INF/MANIFEST.MF

污点分析

当apk较大时,代码量会很大,造成数据流图(ICFG)呈现爆炸式增长,所以该功能比较耗时,请先喝杯咖啡,耐心等待……
规则名称 描述信息 操作
病毒分析 使用安卓恶意软件常用的API进行污点分析 开始分析  
漏洞挖掘 漏洞挖掘场景下的污点分析 开始分析  
隐私合规 隐私合规场景下的污点分析:组件内污点传播、组件间污点传播、组件与库函数之间的污点传播 开始分析  
密码分析 分析加密算法是否使用常量密钥、静态初始化的向量(IV)、加密模式是否使用ECB等 开始分析  
Callback 因为Android中系统级的Callback并不会出现显式地进行回调方法的调用,所以如果需要分析Callback方法需要在声明文件中将其声明,这里提供一份AndroidCallbacks.txt文件,里面是一些常见的原生回调接口或类,如果有特殊接口需求,可以联系管理员 开始分析