温馨提示:本平台仅供研究软件风险、安全评估,禁止用于非法用途。由于展示的数据过于全面,请耐心等待加载完成。如有疑问或建议, 可加入我们的微信群讨论

APP评分

病毒检测 16 个厂商报毒

安全评分

文件信息

文件名称 4239.apk
文件大小 18.61MB
MD5 4ec425c45203b74c25e3cf985575bcf5
SHA1 94a323507262701c815d33a7fd5e7503556c107e
SHA256 0f1da5b47efe786af702ccbaa954e568fb47069ecc1ec96ac2144d35e1a02412

应用信息

应用名称 了凡录
包名 com.jzxyswc.yueyou
主活动 com.supersdk.application.MySplashActivity
目标SDK 23     最小SDK 19
版本号 1.0     子版本号 1
加固信息 未加壳

组件导出信息

扫描选项

重新扫描 管理规则 动态分析

反编译代码

Manifest文件 查看
APK文件 下载
Java源代码 查看 -- 下载

证书信息

二进制文件已签名
v1 签名: True
v2 签名: False
v3 签名: False
v4 签名: False
主题: C=x, ST=x, L=x, O=x, OU=x, CN=x
签名算法: rsassa_pkcs1v15
有效期自: 2018-12-15 05:25:53+00:00
有效期至: 2043-12-09 05:25:53+00:00
发行人: C=x, ST=x, L=x, O=x, OU=x, CN=x
序列号: 0x5eba007c
哈希算法: sha256
证书MD5: becb01ffcc1734e9977ea8245be258b6
证书SHA1: 553833f1c996e4a22a350698225eaf84b7d1df17
证书SHA256: 2a22927eb969bbf8a0b4e009f9e1f6274029d903b65aa56d4c21e6e4cf426d38
证书SHA512: 41ff8aeeca44c9238c13083579bce09716013568229a557b12c3cc11cfe80f1fe842ceaa9da94d210decebbf3e83bb31b34b8117f9a60656b0e14c83628fd13f
找到 1 个唯一证书

应用程序权限

权限名称 安全等级 权限内容 权限描述 关联代码
android.permission.WRITE_EXTERNAL_STORAGE 危险 读取/修改/删除外部存储内容 允许应用程序写入外部存储。
android.permission.ACCESS_NETWORK_STATE 普通 获取网络状态 允许应用程序查看所有网络的状态。
android.permission.ACCESS_WIFI_STATE 普通 查看Wi-Fi状态 允许应用程序查看有关Wi-Fi状态的信息。
android.permission.INTERNET 危险 完全互联网访问 允许应用程序创建网络套接字。
android.permission.READ_PHONE_STATE 危险 读取手机状态和标识 允许应用程序访问设备的手机功能。有此权限的应用程序可确定此手机的号码和序列号,是否正在通话,以及对方的号码等。
android.permission.READ_EXTERNAL_STORAGE 危险 读取SD卡内容 允许应用程序从SD卡读取信息。
android.permission.CHANGE_NETWORK_STATE 危险 改变网络连通性 允许应用程序改变网络连通性。
org.simalliance.openmobileapi.SMARTCARD 未知 未知权限 来自 android 引用的未知权限。
android.permission.NFC 危险 控制nfc功能 允许应用程序与支持nfc的物体交互。
android.permission.RECORD_AUDIO 危险 获取录音权限 允许应用程序获取录音权限。
android.permission.SEND_SMS 危险 发送短信 允许应用程序发送短信。恶意应用程序可能会不经您的确认就发送信息,给您带来费用。
android.permission.VIBRATE 普通 控制振动器 允许应用程序控制振动器,用于消息通知振动功能。
android.webkit.permission.PLUGIN 未知 未知权限 来自 android 引用的未知权限。
android.permission.CHANGE_WIFI_STATE 危险 改变Wi-Fi状态 允许应用程序改变Wi-Fi状态。
android.permission.WAKE_LOCK 危险 防止手机休眠 允许应用程序防止手机休眠,在手机屏幕关闭后后台进程仍然运行。
android.permission.CALL_PHONE 危险 直接拨打电话 允许应用程序直接拨打电话。恶意程序会在用户未知的情况下拨打电话造成损失。但不被允许拨打紧急电话。
android.permission.SYSTEM_ALERT_WINDOW 危险 弹窗 允许应用程序弹窗。 恶意程序可以接管手机的整个屏幕。
android.permission.GET_TASKS 危险 检索当前运行的应用程序 允许应用程序检索有关当前和最近运行的任务的信息。恶意应用程序可借此发现有关其他应用程序的保密信息。
android.permission.ACCESS_FINE_LOCATION 危险 获取精确位置 通过GPS芯片接收卫星的定位信息,定位精度达10米以内。恶意程序可以用它来确定您所在的位置。
android.permission.ACCESS_COARSE_LOCATION 危险 获取粗略位置 通过WiFi或移动基站的方式获取用户错略的经纬度信息,定位精度大概误差在30~1500米。恶意程序可以用它来确定您的大概位置。

证书分析

高危
1
警告
0
信息
1
标题 严重程度 描述信息
已签名应用 信息 应用程序已使用代码签名证书进行签名
应用程序存在Janus漏洞 高危 应用程序使用了v1签名方案进行签名,如果只使用v1签名方案,那么它就容易受到安卓5.0-8.0上的Janus漏洞的攻击。在安卓5.0-7.0上运行的使用了v1签名方案的应用程序,以及同时使用了v2/v3签名方案的应用程序也同样存在漏洞。

MANIFEST分析

高危
0
警告
3
信息
0
屏蔽
0
序号 问题 严重程度 描述信息 操作
1 应用程序可以安装在有漏洞的已更新 Android 版本上
Android 4.4-4.4.4, [minSdk=19]
信息 该应用程序可以安装在具有多个未修复漏洞的旧版本 Android 上。这些设备不会从 Google 接收合理的安全更新。支持 Android 版本 => 10、API 29 以接收合理的安全更新。
2 应用程序已启用明文网络流量
[android:usesCleartextTraffic=true]
警告 应用程序打算使用明文网络流量,例如明文HTTP,FTP协议,DownloadManager和MediaPlayer。针对API级别27或更低的应用程序,默认值为“true”。针对API级别28或更高的应用程序,默认值为“false”。避免使用明文流量的主要原因是缺乏机密性,真实性和防篡改保护;网络攻击者可以窃听传输的数据,并且可以在不被检测到的情况下修改它。
3 应用程序数据可以被备份
[android:allowBackup=true]
警告 这个标志允许任何人通过adb备份你的应用程序数据。它允许已经启用了USB调试的用户从设备上复制应用程序数据。
4 Activity (com.supersdk.game.GameActivity) 未被保护。
存在一个intent-filter。
警告 发现 Activity与设备上的其他应用程序共享,因此让它可以被设备上的任何其他应用程序访问。intent-filter的存在表明这个Activity是显式导出的。

可浏览的ACTIVITIES

ACTIVITY INTENT

网络安全配置

序号 范围 严重级别 描述

API调用分析

API功能 源码文件
一般功能-> 文件操作
com/c3733/sdk/GameSDK.java
com/c3733/sdk/params/PayParams.java
com/c3733/sdk/utils/DexLoader.java
com/c3733/sdk/utils/PreferenceHelper.java
com/c3733/sdk/utils/SDKUtil.java
com/c3733/sdk/utils/c.java
com/c3733/sdk/utils/e.java
com/ipaynow/plugin/b/d/a.java
com/ipaynow/plugin/core/a/a.java
com/ipaynow/plugin/core/a/c.java
com/ipaynow/plugin/core/task/dto/TaskMessage.java
com/ipaynow/plugin/manager/route/dto/RequestParams.java
com/ipaynow/plugin/utils/MerchantTools.java
com/ipaynow/plugin/utils/StringUtils.java
com/ipaynow/plugin/utils/b.java
com/ipaynow/plugin/utils/g.java
com/ipaynow/plugin/utils/h.java
com/ipaynow/plugin/utils/j.java
com/ipaynow/plugin/utils/k.java
com/ipaynow/plugin/view/a/e.java
com/ipaynow/wechatpay/plugin/d/a/b.java
com/ipaynow/wechatpay/plugin/d/c/a/a.java
com/ipaynow/wechatpay/plugin/g/d/a.java
com/ipaynow/wechatpay/plugin/manager/c/a.java
com/ipaynow/wechatpay/plugin/utils/MerchantTools.java
com/ipaynow/wechatpay/plugin/utils/PluginTools.java
com/ipaynow/wechatpay/plugin/utils/b.java
com/ipaynow/wechatpay/plugin/utils/c.java
com/ipaynow/wechatpay/plugin/utils/h.java
com/ipaynow/wechatpay/plugin/view/h.java
com/lidroid/xutils/BitmapUtils.java
com/lidroid/xutils/DbUtils.java
com/lidroid/xutils/HttpUtils.java
com/lidroid/xutils/bitmap/BitmapCommonUtils.java
com/lidroid/xutils/bitmap/core/BitmapCache.java
com/lidroid/xutils/bitmap/core/BitmapDecoder.java
com/lidroid/xutils/bitmap/download/DefaultDownloader.java
com/lidroid/xutils/bitmap/download/Downloader.java
com/lidroid/xutils/http/HttpHandler.java
com/lidroid/xutils/http/RequestParams.java
com/lidroid/xutils/http/ResponseStream.java
com/lidroid/xutils/http/SyncHttpHandler.java
com/lidroid/xutils/http/callback/FileDownloadHandler.java
com/lidroid/xutils/http/callback/StringDownloadHandler.java
com/lidroid/xutils/http/client/DefaultSSLSocketFactory.java
com/lidroid/xutils/http/client/RetryHandler.java
com/lidroid/xutils/http/client/entity/BodyParamsEntity.java
com/lidroid/xutils/http/client/entity/DecompressingEntity.java
com/lidroid/xutils/http/client/entity/FileUploadEntity.java
com/lidroid/xutils/http/client/entity/GZipDecompressingEntity.java
com/lidroid/xutils/http/client/entity/InputStreamUploadEntity.java
com/lidroid/xutils/http/client/multipart/HttpMultipart.java
com/lidroid/xutils/http/client/multipart/MultipartEntity.java
com/lidroid/xutils/http/client/multipart/content/ByteArrayBody.java
com/lidroid/xutils/http/client/multipart/content/ContentBody.java
com/lidroid/xutils/http/client/multipart/content/FileBody.java
com/lidroid/xutils/http/client/multipart/content/InputStreamBody.java
com/lidroid/xutils/http/client/multipart/content/StringBody.java
com/lidroid/xutils/http/client/util/URLEncodedUtils.java
com/lidroid/xutils/util/CookieUtils.java
com/lidroid/xutils/util/IOUtils.java
com/lidroid/xutils/util/OtherUtils.java
com/lidroid/xutils/util/core/LruDiskCache.java
com/lidroid/xutils/util/core/compatible/ArrayDeque.java
com/qipa/base/BaseObj.java
com/qipa/base/FileUtils.java
com/qipa/base/HttpFactory.java
com/qipa/base/ImageFactory.java
com/qipa/base/LoggingInterceptor.java
com/qipa/base/ZipUtil.java
com/qipa/glide/BitmapRequestBuilder.java
com/qipa/glide/BitmapTypeRequest.java
com/qipa/glide/DownloadOptions.java
com/qipa/glide/DrawableRequestBuilder.java
com/qipa/glide/DrawableTypeRequest.java
com/qipa/glide/GenericRequestBuilder.java
com/qipa/glide/GenericTranscodeRequest.java
com/qipa/glide/GifRequestBuilder.java
com/qipa/glide/GifTypeRequest.java
com/qipa/glide/Glide.java
com/qipa/glide/RequestManager.java
com/qipa/glide/disklrucache/DiskLruCache.java
com/qipa/glide/disklrucache/StrictLineReader.java
com/qipa/glide/disklrucache/Util.java
com/qipa/glide/gifdecoder/GifDecoder.java
com/qipa/glide/gifencoder/AnimatedGifEncoder.java
com/qipa/glide/gifencoder/LZWEncoder.java
com/qipa/glide/load/Encoder.java
com/qipa/glide/load/Key.java
com/qipa/glide/load/ResourceDecoder.java
com/qipa/glide/load/data/AssetPathFetcher.java
com/qipa/glide/load/data/ByteArrayFetcher.java
com/qipa/glide/load/data/ExifOrientationStream.java
com/qipa/glide/load/data/FileDescriptorAssetPathFetcher.java
com/qipa/glide/load/data/FileDescriptorLocalUriFetcher.java
com/qipa/glide/load/data/HttpUrlFetcher.java
com/qipa/glide/load/data/LocalUriFetcher.java
com/qipa/glide/load/data/MediaStoreThumbFetcher.java
com/qipa/glide/load/data/StreamAssetPathFetcher.java
com/qipa/glide/load/data/StreamLocalUriFetcher.java
com/qipa/glide/load/engine/CacheLoader.java
com/qipa/glide/load/engine/DecodeJob.java
com/qipa/glide/load/engine/EngineKey.java
com/qipa/glide/load/engine/OriginalKey.java
com/qipa/glide/load/engine/cache/DiskCache.java
com/qipa/glide/load/engine/cache/DiskCacheAdapter.java
com/qipa/glide/load/engine/cache/DiskLruCacheFactory.java
com/qipa/glide/load/engine/cache/DiskLruCacheWrapper.java
com/qipa/glide/load/engine/cache/ExternalCacheDiskCacheFactory.java
com/qipa/glide/load/engine/cache/InternalCacheDiskCacheFactory.java
com/qipa/glide/load/engine/cache/SafeKeyGenerator.java
com/qipa/glide/load/engine/prefill/BitmapPreFillRunner.java
com/qipa/glide/load/model/FileLoader.java
com/qipa/glide/load/model/ImageVideoModelLoader.java
com/qipa/glide/load/model/ImageVideoWrapper.java
com/qipa/glide/load/model/ImageVideoWrapperEncoder.java
com/qipa/glide/load/model/StreamEncoder.java
com/qipa/glide/load/model/StringLoader.java
com/qipa/glide/load/model/file_descriptor/FileDescriptorFileLoader.java
com/qipa/glide/load/model/stream/BaseGlideUrlLoader.java
com/qipa/glide/load/model/stream/HttpUrlGlideUrlLoader.java
com/qipa/glide/load/model/stream/MediaStoreStreamLoader.java
com/qipa/glide/load/model/stream/StreamByteArrayLoader.java
com/qipa/glide/load/model/stream/StreamFileLoader.java
com/qipa/glide/load/model/stream/StreamModelLoader.java
com/qipa/glide/load/model/stream/StreamResourceLoader.java
com/qipa/glide/load/model/stream/StreamStringLoader.java
com/qipa/glide/load/model/stream/StreamUriLoader.java
com/qipa/glide/load/model/stream/StreamUrlLoader.java
com/qipa/glide/load/resource/NullEncoder.java
com/qipa/glide/load/resource/NullResourceEncoder.java
com/qipa/glide/load/resource/bitmap/BitmapEncoder.java
com/qipa/glide/load/resource/bitmap/Downsampler.java
com/qipa/glide/load/resource/bitmap/FileDescriptorBitmapDataLoadProvider.java
com/qipa/glide/load/resource/bitmap/FileDescriptorBitmapDecoder.java
com/qipa/glide/load/resource/bitmap/ImageHeaderParser.java
com/qipa/glide/load/resource/bitmap/ImageVideoBitmapDecoder.java
com/qipa/glide/load/resource/bitmap/ImageVideoDataLoadProvider.java
com/qipa/glide/load/resource/bitmap/RecyclableBufferedInputStream.java
com/qipa/glide/load/resource/bitmap/StreamBitmapDataLoadProvider.java
com/qipa/glide/load/resource/bitmap/StreamBitmapDecoder.java
com/qipa/glide/load/resource/bitmap/VideoBitmapDecoder.java
com/qipa/glide/load/resource/file/FileDecoder.java
com/qipa/glide/load/resource/file/FileResource.java
com/qipa/glide/load/resource/file/FileToStreamDecoder.java
com/qipa/glide/load/resource/file/StreamFileDataLoadProvider.java
com/qipa/glide/load/resource/gif/GifDrawableLoadProvider.java
com/qipa/glide/load/resource/gif/GifFrameLoader.java
com/qipa/glide/load/resource/gif/GifResourceDecoder.java
com/qipa/glide/load/resource/gif/GifResourceEncoder.java
com/qipa/glide/load/resource/gifbitmap/GifBitmapWrapperResourceDecoder.java
com/qipa/glide/load/resource/gifbitmap/GifBitmapWrapperResourceEncoder.java
com/qipa/glide/load/resource/gifbitmap/GifBitmapWrapperStreamResourceDecoder.java
com/qipa/glide/load/resource/gifbitmap/ImageVideoGifDrawableLoadProvider.java
com/qipa/glide/load/resource/transcode/BitmapBytesTranscoder.java
com/qipa/glide/provider/ChildLoadProvider.java
com/qipa/glide/provider/DataLoadProvider.java
com/qipa/glide/provider/EmptyDataLoadProvider.java
com/qipa/glide/provider/FixedLoadProvider.java
com/qipa/glide/signature/EmptySignature.java
com/qipa/glide/signature/MediaStoreSignature.java
com/qipa/glide/signature/StringSignature.java
com/qipa/glide/util/ContentLengthInputStream.java
com/qipa/glide/util/ExceptionCatchingInputStream.java
com/qipa/glide/util/MarkEnforcingInputStream.java
com/qipa/gmsupersdk/base/GMHelper.java
com/qipa/gmsupersdk/util/BreakpointDownloader.java
com/qipa/gmsupersdk/util/FileUtils.java
com/qipa/gmsupersdk/util/GmStoreSpUtil.java
com/qipa/gmsupersdk/util/ImageFactory.java
com/qipa/gmsupersdk/util/MResource.java
com/qipa/gmsupersdk/util/SuperUtil.java
com/qipa/gson/DefaultDateTypeAdapter.java
com/qipa/gson/Gson.java
com/qipa/gson/JsonElement.java
com/qipa/gson/JsonParser.java
com/qipa/gson/JsonStreamParser.java
com/qipa/gson/TypeAdapter.java
com/qipa/gson/internal/C$Gson$Types.java
com/qipa/gson/internal/Excluder.java
com/qipa/gson/internal/JsonReaderInternalAccess.java
com/qipa/gson/internal/LazilyParsedNumber.java
com/qipa/gson/internal/LinkedHashTreeMap.java
com/qipa/gson/internal/LinkedTreeMap.java
com/qipa/gson/internal/Streams.java
com/qipa/gson/internal/UnsafeAllocator.java
com/qipa/gson/internal/bind/ArrayTypeAdapter.java
com/qipa/gson/internal/bind/CollectionTypeAdapterFactory.java
com/qipa/gson/internal/bind/DateTypeAdapter.java
com/qipa/gson/internal/bind/JsonTreeReader.java
com/qipa/gson/internal/bind/JsonTreeWriter.java
com/qipa/gson/internal/bind/MapTypeAdapterFactory.java
com/qipa/gson/internal/bind/ObjectTypeAdapter.java
com/qipa/gson/internal/bind/ReflectiveTypeAdapterFactory.java
com/qipa/gson/internal/bind/SqlDateTypeAdapter.java
com/qipa/gson/internal/bind/TimeTypeAdapter.java
com/qipa/gson/internal/bind/TreeTypeAdapter.java
com/qipa/gson/internal/bind/TypeAdapterRuntimeTypeWrapper.java
com/qipa/gson/internal/bind/TypeAdapters.java
com/qipa/gson/stream/JsonReader.java
com/qipa/gson/stream/JsonWriter.java
com/qipa/gson/stream/MalformedJsonException.java
com/qipa/ta/utdid2/a/a/b.java
com/qipa/ta/utdid2/b/a/a.java
com/qipa/ta/utdid2/b/a/c.java
com/qipa/ta/utdid2/b/a/d.java
com/qipa/ta/utdid2/b/a/e.java
com/qipa/ta/utdid2/device/c.java
com/qipa/utils/SpUtil.java
com/supersdk/common/bean/CheckMasterBean.java
com/supersdk/http/Http.java
com/supersdk/http/HttpGetStringAsyn.java
com/supersdk/http/HttpPostStringAysn.java
com/supersdk/http/LoadListenStream.java
com/supersdk/http/StreamManage.java
com/supersdk/presenter/DoHandle.java
com/supersdk/superutil/PlatformUtil.java
com/supersdk/superutil/SPUtil.java
com/supersdk/superutil/SuperUtil.java
com/supersdk/superutil/Util.java
调用java反射机制
com/alipay/a/a/g.java
com/ipaynow/plugin/core/b/a.java
com/ipaynow/plugin/log/a/b.java
com/ipaynow/plugin/manager/route/MerchantRouteManager.java
com/ipaynow/plugin/utils/PreSignMessageUtil.java
com/ipaynow/plugin/utils/a.java
com/ipaynow/plugin/utils/d.java
com/ipaynow/plugin/utils/e.java
com/ipaynow/plugin/utils/k.java
com/ipaynow/wechatpay/plugin/e/a/b.java
com/ipaynow/wechatpay/plugin/manager/route/a.java
com/ipaynow/wechatpay/plugin/utils/PreSignMessageUtil.java
com/ipaynow/wechatpay/plugin/utils/a.java
com/ipaynow/wechatpay/plugin/utils/e.java
com/ipaynow/wechatpay/plugin/utils/f.java
com/lidroid/xutils/ViewUtils.java
com/lidroid/xutils/bitmap/BitmapCommonUtils.java
com/lidroid/xutils/bitmap/callback/DefaultBitmapLoadCallBack.java
com/lidroid/xutils/db/table/Column.java
com/lidroid/xutils/db/table/ColumnUtils.java
com/lidroid/xutils/db/table/Finder.java
com/lidroid/xutils/db/table/Foreign.java
com/lidroid/xutils/db/table/Id.java
com/lidroid/xutils/db/table/TableUtils.java
com/lidroid/xutils/view/EventListenerManager.java
com/qipa/adaptation/UIUtils.java
com/qipa/glide/module/ManifestParser.java
com/qipa/gmsupersdk/util/GmStoreSpUtil.java
com/qipa/gmsupersdk/util/MResource.java
com/qipa/gmsupersdk/util/SuperUtil.java
com/qipa/gmsupersdk/util/adaptation/UIUtils.java
com/qipa/gson/FieldAttributes.java
com/qipa/gson/FieldNamingPolicy.java
com/qipa/gson/FieldNamingStrategy.java
com/qipa/gson/internal/Excluder.java
com/qipa/gson/internal/UnsafeAllocator.java
com/qipa/gson/internal/bind/ReflectiveTypeAdapterFactory.java
com/qipa/gson/internal/reflect/UnsafeReflectionAccessor.java
com/qipa/ta/utdid2/a/a/d.java
com/qipa/ta/utdid2/a/a/g.java
com/qipa/utils/SpUtil.java
com/supersdk/annotation/AnnotationPars.java
com/supersdk/common/bean/DeviceId.java
com/supersdk/superutil/MResource.java
com/supersdk/superutil/SuperUtil.java
组件-> 启动 Activity
一般功能-> IPC通信
com/alipay/android/app/IAlixPay.java
com/alipay/android/app/IRemoteServiceCallback.java
com/c3733/sdk/GameSDK.java
com/c3733/sdk/ProxyActivity.java
com/c3733/sdk/SDKActivity.java
com/c3733/sdk/a.java
com/c3733/sdk/utils/LightBroadcastManager.java
com/c3733/sdk/utils/SDKActivityUtil.java
com/c3733/sdk/utils/SDKUtil.java
com/c3733/sdk/utils/d.java
com/ipaynow/plugin/api/a.java
com/ipaynow/plugin/inner_plugin/wechatwp/activity/WeChatNotifyActivity.java
com/ipaynow/plugin/manager/route/MerchantRouteManager.java
com/ipaynow/plugin/presenter/PayMethodActivity.java
com/ipaynow/plugin/presenter/j.java
com/ipaynow/plugin/presenter/k.java
com/ipaynow/wechatpay/plugin/api/a.java
com/ipaynow/wechatpay/plugin/inner_plugin/wechat_plugin/activity/WeChatNotifyActivity.java
com/ipaynow/wechatpay/plugin/manager/route/a.java
com/qipa/glide/manager/DefaultConnectivityMonitor.java
com/qipa/gmsupersdk/broadcast/GMSDKBroadcast.java
com/qipa/gmsupersdk/dialog/VideoAdDialog.java
com/qipa/gmsupersdk/util/SuperUtil.java
com/supersdk/application/CheckMasterActivity.java
com/supersdk/application/MySplashActivity.java
com/supersdk/common/ActivityManage.java
com/supersdk/common/bean/CheckMasterBean.java
com/supersdk/common/broadcast/SDKBroadcast.java
com/supersdk/dialog/NoticeDialog.java
com/supersdk/game/GameActivity.java
com/supersdk/http/SuperWebJs.java
com/supersdk/presenter/ChannelDo.java
com/supersdk/presenter/DemoDo.java
com/supersdk/presenter/SQSSDo.java
com/supersdk/presenter/SuperHelper.java
com/supersdk/presenter/TestDo.java
com/supersdk/superutil/SuperUtil.java
com/supersdk/superutil/Util.java
一般功能-> 获取系统服务(getSystemService)
一般功能-> 加载so文件
进程操作-> 获取运行的进程\服务
进程操作-> 杀死进程
加密解密-> Crypto加解密组件
加密解密-> Base64 加密 com/ipaynow/plugin/core/a/c.java
com/ipaynow/plugin/utils/StringUtils.java
com/ipaynow/wechatpay/plugin/d/a/b.java
加密解密-> Base64 解密
加密解密-> 信息摘要算法
网络通信-> HTTP建立连接
网络通信-> TCP套接字
网络通信-> SSL证书处理 com/lidroid/xutils/HttpUtils.java
com/lidroid/xutils/http/client/DefaultSSLSocketFactory.java
com/lidroid/xutils/util/OtherUtils.java
隐私数据-> 获取已安装的应用程序
一般功能-> 获取活动网路信息
设备指纹-> 查看本机IMSI com/qipa/ta/utdid2/a/a/d.java
com/supersdk/common/bean/DeviceId.java
设备指纹-> 查看本机SIM卡序列号 com/supersdk/common/bean/DeviceId.java
com/supersdk/superutil/SuperUtil.java
一般功能-> 获取网络接口信息 com/ipaynow/plugin/b/d/a.java
com/ipaynow/wechatpay/plugin/g/d/a.java
com/supersdk/common/bean/DeviceId.java
一般功能-> 查看\修改Android系统属性 com/qipa/ta/utdid2/a/a/g.java
com/supersdk/common/bean/DeviceId.java
JavaScript 接口方法 com/qipa/gmsupersdk/dialog/SuperGMWebJs.java
com/supersdk/game/GameApi.java
com/supersdk/http/SuperWebJs.java
设备指纹-> getSimOperator com/ipaynow/plugin/b/d/a.java
com/ipaynow/wechatpay/plugin/g/d/a.java
一般功能-> 获取WiFi相关信息 com/ipaynow/plugin/b/d/a.java
com/ipaynow/wechatpay/plugin/g/d/a.java
网络通信-> HTTPS建立连接 com/ipaynow/plugin/utils/b.java
com/ipaynow/wechatpay/plugin/utils/c.java
com/lidroid/xutils/util/OtherUtils.java
网络通信-> HTTP请求、连接和会话 com/lidroid/xutils/HttpUtils.java
com/lidroid/xutils/http/HttpHandler.java
com/lidroid/xutils/http/SyncHttpHandler.java
网络通信-> DefaultHttpClient Connection com/lidroid/xutils/HttpUtils.java
网络通信-> WebView JavaScript接口 com/ipaynow/plugin/inner_plugin/wechatwp/activity/WeChatNotifyActivity.java
com/ipaynow/wechatpay/plugin/inner_plugin/wechat_plugin/activity/WeChatNotifyActivity.java
com/supersdk/dialog/NoticeDialog.java
网络通信-> WebView 相关 com/ipaynow/plugin/inner_plugin/wechatwp/activity/WeChatNotifyActivity.java
com/ipaynow/wechatpay/plugin/inner_plugin/wechat_plugin/activity/WeChatNotifyActivity.java
com/supersdk/dialog/NoticeDialog.java
网络通信-> WebView使用File协议 com/supersdk/game/GameActivity.java
一般功能-> Android通知 com/qipa/glide/request/target/NotificationTarget.java
DEX-> 动态加载 com/c3733/sdk/utils/DexLoader.java
com/c3733/sdk/utils/f.java
组件-> 发送广播 com/c3733/sdk/utils/LightBroadcastManager.java
com/c3733/sdk/utils/SDKUtil.java
com/supersdk/superutil/SuperUtil.java
网络通信-> URLConnection com/lidroid/xutils/bitmap/download/DefaultDownloader.java
com/qipa/base/HttpFactory.java
网络通信-> OkHttpClient Connection com/qipa/base/HttpFactory.java
组件-> 启动 Service com/supersdk/superutil/SuperUtil.java
进程操作-> 获取进程pid com/c3733/sdk/GameSDK.java
com/c3733/sdk/utils/a.java
网络通信-> TCP服务器套接字 com/ipaynow/plugin/utils/h.java

源代码分析

高危
3
警告
9
信息
1
安全
1
屏蔽
0
序号 问题 等级 参考标准 文件位置 操作
1 应用程序可以读取/写入外部存储器,任何应用程序都可以读取写入外部存储器的数据 警告 CWE: CWE-276: 默认权限不正确
OWASP Top 10: M2: Insecure Data Storage
OWASP MASVS: MSTG-STORAGE-2
2 应用程序记录日志信息,不得记录敏感信息 信息 CWE: CWE-532: 通过日志文件的信息暴露
OWASP MASVS: MSTG-STORAGE-3
com/alipay/test/a.java
com/c3733/sdk/a.java
com/c3733/sdk/entity/Version.java
com/c3733/sdk/utils/a.java
com/ipaynow/plugin/api/IpaynowPlugin.java
com/ipaynow/plugin/api/a.java
com/ipaynow/plugin/conf/e.java
com/ipaynow/plugin/log/b.java
com/ipaynow/plugin/manager/route/MerchantRouteManager.java
com/ipaynow/plugin/presenter/f.java
com/ipaynow/plugin/presenter/k.java
com/ipaynow/plugin/utils/b.java
com/ipaynow/plugin/utils/h.java
com/ipaynow/plugin/utils/k.java
com/ipaynow/wechatpay/plugin/api/a.java
com/ipaynow/wechatpay/plugin/c/e.java
com/ipaynow/wechatpay/plugin/c/g.java
com/ipaynow/wechatpay/plugin/d/c/a.java
com/ipaynow/wechatpay/plugin/d/c/b.java
com/ipaynow/wechatpay/plugin/e/c.java
com/ipaynow/wechatpay/plugin/manager/route/a.java
com/ipaynow/wechatpay/plugin/utils/c.java
com/lidroid/xutils/util/LogUtils.java
com/qipa/base/FileUtils.java
com/qipa/base/LoggingInterceptor.java
com/qipa/base/OnLineTimeUtil.java
com/qipa/base/TimeThread.java
com/qipa/base/ZipUtil.java
com/qipa/glide/Glide.java
com/qipa/glide/disklrucache/DiskLruCache.java
com/qipa/glide/gifdecoder/GifDecoder.java
com/qipa/glide/gifdecoder/GifHeaderParser.java
com/qipa/glide/gifencoder/AnimatedGifEncoder.java
com/qipa/glide/load/data/AssetPathFetcher.java
com/qipa/glide/load/data/HttpUrlFetcher.java
com/qipa/glide/load/data/LocalUriFetcher.java
com/qipa/glide/load/data/MediaStoreThumbFetcher.java
com/qipa/glide/load/engine/CacheLoader.java
com/qipa/glide/load/engine/DecodeJob.java
com/qipa/glide/load/engine/Engine.java
com/qipa/glide/load/engine/EngineRunnable.java
com/qipa/glide/load/engine/bitmap_recycle/LruBitmapPool.java
com/qipa/glide/load/engine/cache/DiskLruCacheWrapper.java
com/qipa/glide/load/engine/cache/MemorySizeCalculator.java
com/qipa/glide/load/engine/executor/FifoPriorityThreadPoolExecutor.java
com/qipa/glide/load/engine/prefill/BitmapPreFillRunner.java
com/qipa/glide/load/model/ImageVideoModelLoader.java
com/qipa/glide/load/model/ResourceLoader.java
com/qipa/glide/load/model/StreamEncoder.java
com/qipa/glide/load/resource/bitmap/BitmapEncoder.java
com/qipa/glide/load/resource/bitmap/Downsampler.java
com/qipa/glide/load/resource/bitmap/ImageHeaderParser.java
com/qipa/glide/load/resource/bitmap/ImageVideoBitmapDecoder.java
com/qipa/glide/load/resource/bitmap/RecyclableBufferedInputStream.java
com/qipa/glide/load/resource/bitmap/TransformationUtils.java
com/qipa/glide/load/resource/gif/GifResourceDecoder.java
com/qipa/glide/load/resource/gif/GifResourceEncoder.java
com/qipa/glide/manager/RequestManagerFragment.java
com/qipa/glide/manager/RequestManagerRetriever.java
com/qipa/glide/manager/SupportRequestManagerFragment.java
com/qipa/glide/request/GenericRequest.java
com/qipa/glide/request/target/ViewTarget.java
com/qipa/glide/util/ByteArrayPool.java
com/qipa/glide/util/ContentLengthInputStream.java
com/qipa/gmsupersdk/Controller/BaseController.java
com/qipa/gmsupersdk/Controller/BaseZYGController.java
com/qipa/gmsupersdk/Controller/TTLFL128Controller.java
com/qipa/gmsupersdk/adapter/XGLBAdapter.java
com/qipa/gmsupersdk/adapter/XSLBAdapter.java
com/qipa/gmsupersdk/base/GMHelper.java
com/qipa/gmsupersdk/broadcast/GMSDKBroadcast.java
com/qipa/gmsupersdk/dialog/GameExchangeDialog.java
com/qipa/gmsupersdk/dialog/List128Dialog.java
com/qipa/gmsupersdk/dialog/StoreHnitDialog.java
com/qipa/gmsupersdk/dialog/SuperGMWebJs.java
com/qipa/gmsupersdk/dialog/VideoAdDialog.java
com/qipa/gmsupersdk/http/HnitThread.java
com/qipa/gmsupersdk/util/BreakpointDownloader.java
com/qipa/gmsupersdk/util/FileUtils.java
com/qipa/gmsupersdk/util/LogUtil.java
com/qipa/gmsupersdk/util/MResource.java
com/qipa/gmsupersdk/util/PayUtils.java
com/qipa/gmsupersdk/util/SuperUtil.java
com/qipa/gmsupersdk/util/adaptation/ViewAttr.java
com/supersdk/common/bean/DeviceId.java
com/supersdk/common/broadcast/SDKBroadcast.java
com/supersdk/dialog/NoticeDialog.java
com/supersdk/game/GameActivity.java
com/supersdk/game/GameApi.java
com/supersdk/game/GameWebChromeClient.java
com/supersdk/http/Http.java
com/supersdk/http/SuperWebJs.java
com/supersdk/presenter/DoHandle.java
com/supersdk/presenter/LoginDailog.java
com/supersdk/presenter/PayCheckDialog.java
com/supersdk/presenter/SQSSDo.java
com/supersdk/presenter/SpecialDoHandle.java
com/supersdk/presenter/TestDo.java
com/supersdk/superutil/LogUtil.java
com/supersdk/superutil/MD5.java
com/supersdk/superutil/NoDublueUtil.java
com/supersdk/superutil/SuperDateUtil.java
com/supersdk/superutil/Util.java
com/supersdk/superutil/XHLog.java
3 文件可能包含硬编码的敏感信息,如用户名、密码、密钥等 警告 CWE: CWE-312: 明文存储敏感信息
OWASP Top 10: M9: Reverse Engineering
OWASP MASVS: MSTG-STORAGE-14
4 应用程序使用带PKCS5/PKCS7填充的加密模式CBC。此配置容易受到填充oracle攻击。 高危 CWE: CWE-649: 依赖于混淆或加密安全相关输入而不进行完整性检查
OWASP Top 10: M5: Insufficient Cryptography
OWASP MASVS: MSTG-CRYPTO-3
com/qipa/ta/utdid2/a/a/a.java
5 SHA-1是已知存在哈希冲突的弱哈希 警告 CWE: CWE-327: 使用已被攻破或存在风险的密码学算法
OWASP Top 10: M5: Insufficient Cryptography
OWASP MASVS: MSTG-CRYPTO-4
6 SSL的不安全实现。信任所有证书或接受自签名证书是一个关键的安全漏洞。此应用程序易受MITM攻击 高危 CWE: CWE-295: 证书验证不恰当
OWASP Top 10: M3: Insecure Communication
OWASP MASVS: MSTG-NETWORK-3
com/lidroid/xutils/http/client/DefaultSSLSocketFactory.java
com/lidroid/xutils/util/OtherUtils.java
7 MD5是已知存在哈希冲突的弱哈希 警告 CWE: CWE-327: 使用已被攻破或存在风险的密码学算法
OWASP Top 10: M5: Insufficient Cryptography
OWASP MASVS: MSTG-CRYPTO-4
8 IP地址泄露 警告 CWE: CWE-200: 信息泄露
OWASP MASVS: MSTG-CODE-2
com/ipaynow/plugin/b/d/a.java
com/ipaynow/wechatpay/plugin/g/d/a.java
9 此应用程序使用SSL Pinning 来检测或防止安全通信通道中的MITM攻击 安全
OWASP MASVS: MSTG-NETWORK-4
com/ipaynow/plugin/utils/b.java
com/ipaynow/wechatpay/plugin/utils/c.java
10 应用程序使用不安全的随机数生成器 警告 CWE: CWE-330: 使用不充分的随机数
OWASP Top 10: M5: Insufficient Cryptography
OWASP MASVS: MSTG-CRYPTO-6
com/lidroid/xutils/http/client/multipart/MultipartEntity.java
com/qipa/ta/utdid2/a/a/d.java
com/qipa/ta/utdid2/device/c.java
11 不安全的Web视图实现。可能存在WebView任意代码执行漏洞 警告 CWE: CWE-749: 暴露危险方法或函数
OWASP Top 10: M1: Improper Platform Usage
OWASP MASVS: MSTG-PLATFORM-7
com/supersdk/dialog/NoticeDialog.java
com/supersdk/game/GameActivity.java
12 可能存在跨域漏洞。在 WebView 中启用从 URL 访问文件可能会泄漏文件系统中的敏感信息 警告 CWE: CWE-200: 信息泄露
OWASP Top 10: M1: Improper Platform Usage
OWASP MASVS: MSTG-PLATFORM-7
com/supersdk/game/GameActivity.java
13 应用程序使用SQLite数据库并执行原始SQL查询。原始SQL查询中不受信任的用户输入可能会导致SQL注入。敏感信息也应加密并写入数据库 警告 CWE: CWE-89: SQL命令中使用的特殊元素转义处理不恰当('SQL 注入')
OWASP Top 10: M7: Client Code Quality
com/lidroid/xutils/DbUtils.java
14 启用了调试配置。生产版本不能是可调试的 高危 CWE: CWE-919: 移动应用程序中的弱点
OWASP Top 10: M1: Improper Platform Usage
OWASP MASVS: MSTG-RESILIENCE-2
com/qipa/gmsupersdk/BuildConfig.java

动态库分析

No Shared Objects found.
序号 动态库 NX(堆栈禁止执行) STACK CANARY(栈保护) RELRO RPATH(指定SO搜索路径) RUNPATH(指定SO搜索路径) FORTIFY(常用函数加强检查) SYMBOLS STRIPPED(裁剪符号表)

文件分析

序号 问题 文件

VIRUSTOTAL扫描

  检出率: 16 / 57       完整报告

反病毒引擎 检出结果
AhnLab-V3 PUP/Android.Malct.1016648
Antiy-AVL Trojan/Generic.ASMalwAD.5EC
Avast-Mobile Android:Evo-gen [Trj]
BitDefenderFalx Android.Riskware.MobilePay.SV
CAT-QuickHeal Android.SMSreg.GEN48025 (PUP)
ClamAV Java.Malware.Agent-1830546
DrWeb Android.Xiny.122.origin
ESET-NOD32 a variant of Android/SMSreg.NK potentially unsafe
Fortinet Riskware/SMSreg.NK!Android
Google Detected
Ikarus PUA.AndroidOS.SMSreg
Jiangmin RiskTool.AndroidOS.ebwe
K7GW Trojan ( 0055a94e1 )
NANO-Antivirus Riskware.Android.Xiny.jvbrex
Sophos Android Riskware SmsReg (PUA)
ZoneAlarm not-a-virus:HEUR:RiskTool.AndroidOS.SMSreg.iw

滥用权限

恶意软件常用权限 10/30
android.permission.READ_PHONE_STATE
android.permission.RECORD_AUDIO
android.permission.SEND_SMS
android.permission.VIBRATE
android.permission.WAKE_LOCK
android.permission.CALL_PHONE
android.permission.SYSTEM_ALERT_WINDOW
android.permission.GET_TASKS
android.permission.ACCESS_FINE_LOCATION
android.permission.ACCESS_COARSE_LOCATION
其它常用权限 7/46
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.INTERNET
android.permission.READ_EXTERNAL_STORAGE
android.permission.CHANGE_NETWORK_STATE
android.permission.CHANGE_WIFI_STATE

恶意软件常用权限 是被已知恶意软件广泛滥用的权限。
其它常用权限 是已知恶意软件经常滥用的权限。

IP地图

域名检测

域名 状态 中国境内 位置信息 解析
mobilegw-1-64.test.alipay.net 安全
没有可用的地理位置信息。




act.shiwan8.cn 安全
没有可用的地理位置信息。




game-server.wan73.com 安全
IP地址: 119.28.148.199
国家: 大韩民国
地区: 首尔teukbyeolsi
城市: 首尔
查看: Google 地图





pay.ipaynow.cn 安全
IP地址: 58.222.46.210
国家: 中国
地区: 浙江
城市: 杭州
查看: 高德地图





doc.7pa.com 安全
IP地址: 139.199.16.210
国家: 中国
地区: 北京
城市: 北京
查看: 高德地图





dby.ipaynow.cn 安全
IP地址: 211.154.166.182
国家: 中国
地区: 北京
城市: 北京
查看: 高德地图





mobilegw.alipaydev.com 安全
IP地址: 110.75.132.131
国家: 中国
地区: 浙江
城市: 杭州
查看: 高德地图





h5.m.taobao.com 安全
IP地址: 58.222.46.210
国家: 中国
地区: 江苏
城市: 台州
查看: 高德地图





sdk-server.shiwan8.cn 安全
没有可用的地理位置信息。




mobilegw.stable.alipay.net 安全
没有可用的地理位置信息。




supersdk.wan73.com 安全
IP地址: 150.109.249.120
国家: 大韩民国
地区: 首尔teukbyeolsi
城市: 首尔
查看: Google 地图





mobilegw.aaa.alipay.net 安全
没有可用的地理位置信息。




paygate-yf.meituan.com 安全
IP地址: 103.37.152.89
国家: 中国
地区: 北京
城市: 北京
查看: 高德地图





p.ipaynow.cn 安全
没有可用的地理位置信息。




supersdk.7pa.com 安全
IP地址: 58.222.46.210
国家: 中国
地区: 北京
城市: 北京
查看: 高德地图





game-server.7pa.com 安全
IP地址: 58.222.46.210
国家: 中国
地区: 北京
城市: 北京
查看: 高德地图





手机号码

网址

网址信息 源码文件
https://jiuzhou-res.dybh5.szdiyibo.com/bt_game_diyibo2/index.html?jzsj_channel=tdbt3
自研引擎-M
https://supersdk.7pa.com/checkorder/index?order_id=
com/supersdk/common/broadcast/SDKBroadcast.java
192.168.1.1
com/ipaynow/plugin/b/d/a.java
https://supersdk.7pa.com/order/index
com/supersdk/presenter/TestDo.java
https://supersdk.7pa.com/order/special
https://supersdk.7pa.com/login/special
com/supersdk/presenter/SpecialDoHandle.java
https://pay.ipaynow.cn/api_release/sdk/syncexception
https://pay.ipaynow.cn/sdk/syncexception
https://p.ipaynow.cn/api/payment/sdk/syncexception
com/ipaynow/plugin/conf/e.java
https://supersdk.7pa.com/checkorder/index?order_id=
com/supersdk/presenter/PayCheckDialog.java
https://supersdk.7pa.com/login/index
https://supersdk.7pa.com/login/enter
https://supersdk.7pa.com/init
https://supersdk.7pa.com/role/index
https://supersdk.7pa.com/order/index
https://supersdk.7pa.com/
https://supersdk.7pa.com/testlogin/index
https://supersdk.7pa.com/login/checkuserinfo
com/supersdk/presenter/DoHandle.java
https://game-server.7pa.com/
http://act.shiwan8.cn/128voucher/searchgame.html
https://game-server.wan73.com/
http://doc.7pa.com/sdk/resources/resource/
http://sdk-server.shiwan8.cn//serv/game/getgamelist?current=1&size=8&isconvertvoucher=1&status=1&orderbyfield=a.listorder&isasc=false&isrecomvoucher=1
com/qipa/gmsupersdk/constant/Api.java
http://sdk-server.shiwan8.cn/serv/imgverifycode/getverificodebase64
https://game-server.7pa.com/
http://sdk-server.shiwan8.cn/serv/game/getgamelist?current=1&size=8&isconvertvoucher=1&status=1&orderbyfield=a.listorder&isasc=false&isrecomvoucher=1
https://game-server.wan73.com/
http://sdk-server.shiwan8.cn/serv/superrole/getlist
https://supersdk.7pa.com
http://sdk-server.shiwan8.cn/serv/gameshiftvoucher/push
http://sdk-server.shiwan8.cn/serv/game/getlist
https://supersdk.wan73.com
http://sdk-server.shiwan8.cn/serv/gameshiftvoucher/getlistby
com/qipa/gmsupersdk/constant/NewApi.java
https://pay.ipaynow.cn/api_release/sdk/syncexception
https://dby.ipaynow.cn/api/payment/sdk/syncexception
https://pay.ipaynow.cn/sdk/syncexception
com/ipaynow/wechatpay/plugin/c/g.java
https://pay.ipaynow.cn
com/ipaynow/wechatpay/plugin/inner_plugin/wechat_plugin/activity/k.java
https://paygate-yf.meituan.com/paygate/notify/alipay/paynotify/simple
com/alipay/test/a.java
https://pay.ipaynow.cn
com/ipaynow/plugin/inner_plugin/wechatwp/activity/WeChatNotifyActivity.java
192.168.1.1
com/ipaynow/wechatpay/plugin/g/d/a.java
http://cfg.imtt.qq.com/tbs?v=2&mk=
http://act.shiwan8.cn/128voucher/searchgame.html
https://supersdk.7pa.com/
http://mobilegw.stable.alipay.net/mgw.htm
https://pay.ipaynow.cn/api_release/sdk/syncexception
127.0.0.1
http://sdk-server.shiwan8.cn/serv/game/getlist
https://supersdk.7pa.com/login/checkuserinfo
https://p.ipaynow.cn/api/payment/sdk/syncexception
https://supersdk.7pa.com/login/index
https://paygate-yf.meituan.com/paygate/notify/alipay/paynotify/simple
https://game-server.7pa.com/
http://sdk-server.shiwan8.cn/serv/imgverifycode/getverificodebase64
https://game-server.wan73.com/
http://sdk-server.shiwan8.cn/serv/game/getgamelist?current=1&size=8&isconvertvoucher=1&status=1&orderbyfield=a.listorder&isasc=false&isrecomvoucher=1
http://debugtbs.qq.com
https://mcgw.alipay.com/sdklog.do
http://sdk-server.shiwan8.cn/serv/gameshiftvoucher/push
http://debugtbs.qq.com?10000
https://pay.ipaynow.cn
https://supersdk.7pa.com/order/special
http://doc.7pa.com/sdk/resources/resource/
http://sdk-server.shiwan8.cn//serv/game/getgamelist?current=1&size=8&isconvertvoucher=1&status=1&orderbyfield=a.listorder&isasc=false&isrecomvoucher=1
https://mclient.alipay.com/home/exterfaceassign.htm?
file:unexpect
https://wappaygw.alipay.com/home/exterfaceassign.htm?
http://h5.m.taobao.com/trade/paysuccess.html?bizorderid=$orderid$&
https://supersdk.7pa.com/role/index
http://sdk-server.shiwan8.cn/serv/superrole/getlist
http://mdc.html5.qq.com/d/directdown.jsp?channel_id=11047
192.168.1.1
https://supersdk.7pa.com/checkorder/index?order_id=
https://supersdk.7pa.com
http://mobilegw.aaa.alipay.net/mgw.htm
http://mdc.html5.qq.com/mh?channel_id=50079&u=
https://pay.ipaynow.cn/sdk/syncexception
http://debugx5.qq.com
http://m.alipay.com/?action=h5quit
https://mobilegw.alipay.com/mgw.htm
https://supersdk.7pa.com/order/index
https://supersdk.7pa.com/testlogin/index
http://mobilegw-1-64.test.alipay.net/mgw.htm
https://dby.ipaynow.cn/api/payment/sdk/syncexception
www.qq.com
https://supersdk.7pa.com/init
http://mdc.html5.qq.com/d/directdown.jsp?channel_id=11041
https://supersdk.7pa.com/login/enter
http://pms.mb.qq.com/rsp204
https://supersdk.7pa.com/login/special
http://mqqad.html5.qq.com/adjs
http://soft.tbs.imtt.qq.com/17421/tbs_res_imtt_tbs_debugplugin_debugplugin.tbs
http://wup.imtt.qq.com:8080
https://supersdk.wan73.com
http://sdk-server.shiwan8.cn/serv/gameshiftvoucher/getlistby
https://mobilegw.alipaydev.com/mgw.htm
自研引擎-S

FIREBASE实例

邮箱

追踪器

名称 类别 网址

密钥凭证

已显示 9 个secrets
1、 凭证信息=> "HS_CLIENTKEY" : "dbd21972f3c1d23170b0f83a15bb126f"
2、 凭证信息=> "HS_APPID" : "66992"
3、 892984b23632e3c09b83f37025951013
4、 2FsPONw4QOqEQkzYvoiuVATWxbyQmsCJ
5、 QrMgt8GGYI6T52ZY5AnhtxkLzb8egpFn3j5JELI8H6wtACbUnZ5cc3aYTsTRbmkAkRJeYbtx92LPBWm7nBO9UIl7y5i5MQNmUZNf5QENurR5tGyo7yJ2G0MBjWvy6iAtlAbacKP0SwOUeUWx5dsBdyhxa7Id1APtybSdDgicBDuNjI0mlZFUzZSS9dmN8lBD0WTVOMz0pRZbR3cysomRXOO1ghqjJdTcyDIxzpNAEszN8RMGjrzyU7Hjbmwi6YNK
6、 2FDgvkGVlKtvyo6NX8HbSycCiDHWR2gaqJRI3JrAqT9lGxZAxTnmUE8MNnhRWfoNZJHX2
7、 39280363481451541647
8、 -39280363481451541647
9、 a09ec3eb33f204b2ae7b511e760877cc

字符串列表

建议导出为TXT,方便查看。

活动列表

已显示 13 个activities
1、 com.supersdk.application.MySplashActivity
2、 com.supersdk.game.GameActivity
3、 com.supersdk.application.CheckMasterActivity
4、 com.c3733.sdk.SDKActivity
5、 com.ipaynow.plugin.activity.PayMethodActivity
6、 com.ipaynow.plugin.inner_plugin.prepay_plugin.activity.PrePayActivity
7、 com.ipaynow.plugin.inner_plugin.prepay_plugin.activity.NotifyActivity
8、 com.ipaynow.plugin.inner_plugin.wechatwp.activity.WeChatNotifyActivity
9、 com.ipaynow.plugin.presenter.PayMethodActivity
10、 com.ipaynow.plugin.inner_plugin.wechatpg.activity.WXPayActivity
11、 com.alipay.sdk.app.H5PayActivity
12、 com.alipay.sdk.auth.AuthActivity
13、 com.switfpass.pay.activity.QQWapPayWebView

服务列表

广播接收者列表

内容提供者列表

第三方SDK

SDK名称 开发者 描述信息
支付宝 SDK Alipay 支付宝开放平台基于支付宝海量用户,将强大的支付、营销、数据能力,通过接口等形式开放给第三方合作伙伴,帮助第三方合作伙伴创建更具竞争力的应用。
File Provider Android FileProvider 是 ContentProvider 的特殊子类,它通过创建 content://Uri 代替 file:///Uri 以促进安全分享与应用程序关联的文件。

文件列表

META-INF/MANIFEST.MF
META-INF/TOWEL.SF
META-INF/TOWEL.RSA
AndroidManifest.xml
classes.dex
classes2.dex
res/drawable/gm_fragment_text_bg.xml
res/drawable/gm_progressbar_bg.xml
res/drawable/gm_red_point.png
res/drawable/gm_resource_item_button_bg_selector.xml
res/drawable/gm_resource_progress_bg.xml
res/drawable/gm_resource_text_bg_selector.xml
res/drawable/gm_shape_luck_item_bg.xml
res/drawable/gm_shape_luck_item_bg_.xml
res/drawable/gm_shape_luck_toptitle_bg.xml
res/drawable/gm_shape_text_bg.xml
res/drawable/gm_shape_white.xml
res/drawable/gm_store_128_128.xml
res/drawable/gm_store_128_packet_bg.xml
res/drawable/gm_store_dialog_contentbg.png
res/drawable/gm_store_dialog_content_btn.png
res/drawable/gm_store_dialog_content_itembg.png
res/drawable/gm_store_dialog_content_titlebg.png
res/drawable/gm_store_lchl_tablayout_bg.xml
res/drawable/gm_store_level_btn_bg.xml
res/drawable/gm_store_level_item_bg.png
res/drawable/gm_store_level_xglb.png
res/drawable/gm_store_popup_list_item_bg.xml
res/drawable/gm_store_progress_background.png
res/drawable/gm_store_progress_bg.xml
res/drawable/gm_store_progress_foreground.png
res/drawable/gm_store_xslb_item_bg.xml
res/drawable/gm_super_discount_popup_list_item_bg.xml
res/drawable/gm_time_dialog.png
res/drawable/gm_videoad_close.png
res/drawable/gm_videoad_start.png
res/drawable/icon.jpeg
res/drawable/port_gm_resource_item_button_bg_selector.xml
res/drawable/shape_dialog_bg.xml
res/drawable/shape_edit.xml
res/drawable/shape_edit_yes.xml
res/drawable/shape_game_list_white.xml
res/drawable/shape_gray.xml
res/drawable/shape_item_level_gray.xml
res/drawable/shape_item_level_white.xml
res/drawable/shape_left_background.xml
res/drawable/shape_main.xml
res/drawable/shape_main_no.xml
res/drawable/shape_main_white.xml
res/drawable/shape_pay_hint.xml
res/drawable/shape_white.xml
res/drawable/toast_style.xml
res/drawable/warn_style.xml
res/drawable-hdpi/bg.png
res/drawable-hdpi/ic_launcher.png
res/drawable-hdpi/login_close.png
res/drawable-hdpi/qp_background_loading.png
res/drawable-hdpi/toast_warn.png
res/drawable-nodpi/gm_resource_100_lottery.png
res/drawable-nodpi/gm_resource_bg.png
res/drawable-nodpi/gm_resource_bg2.png
res/drawable-nodpi/gm_resource_bg_bug.png
res/drawable-nodpi/gm_resource_bg_tqzzk.png
res/drawable-nodpi/gm_resource_bottom_bg.png
res/drawable-nodpi/gm_resource_bug.png
res/drawable-nodpi/gm_resource_bug_center_button.png
res/drawable-nodpi/gm_resource_bug_lottery_bg.png
res/drawable-nodpi/gm_resource_bug_point.png
res/drawable-nodpi/gm_resource_bug_right_bg.png
res/drawable-nodpi/gm_resource_bug_text_bg.png
res/drawable-nodpi/gm_resource_bug_tips_window_bg.png
res/drawable-nodpi/gm_resource_button_bg.png
res/drawable-nodpi/gm_resource_button_bg_normal.png
res/drawable-nodpi/gm_resource_button_bg_selector.xml
res/drawable-nodpi/gm_resource_button_selected.png
res/drawable-nodpi/gm_resource_button_unselected.png
res/drawable-nodpi/gm_resource_chose_bg.png
res/drawable-nodpi/gm_resource_cjsc.png
res/drawable-nodpi/gm_resource_cjzp_bg.png
res/drawable-nodpi/gm_resource_cjzp_button.png
res/drawable-nodpi/gm_resource_cjzp_progress.png
res/drawable-nodpi/gm_resource_cjzp_progress_normal.png
res/drawable-nodpi/gm_resource_close_button.png
res/drawable-nodpi/gm_resource_flzp_title_img.png
res/drawable-nodpi/gm_resource_item_bg.png
res/drawable-nodpi/gm_resource_key.png
res/drawable-nodpi/gm_resource_key_bg.png
res/drawable-nodpi/gm_resource_logo.png
res/drawable-nodpi/gm_resource_logo_tx.png
res/drawable-nodpi/gm_resource_lottery_bg.png
res/drawable-nodpi/gm_resource_lottery_bg2.png
res/drawable-nodpi/gm_resource_lottery_center_bg.png
res/drawable-nodpi/gm_resource_lottery_center_bg2.png
res/drawable-nodpi/gm_resource_lottery_center_bg3.png
res/drawable-nodpi/gm_resource_lottery_item_bg.png
res/drawable-nodpi/gm_resource_lottery_item_spc_bg.png
res/drawable-nodpi/gm_resource_page_button_selected.png
res/drawable-nodpi/gm_resource_page_button_unselected.png
res/drawable-nodpi/gm_resource_pointer.png
res/drawable-nodpi/gm_resource_red_point.png
res/drawable-nodpi/gm_resource_reward_bg.png
res/drawable-nodpi/gm_resource_reward_close.png
res/drawable-nodpi/gm_resource_reward_item.png
res/drawable-nodpi/gm_resource_show_bg.png
res/drawable-nodpi/gm_resource_super_lottery_bg.png
res/drawable-nodpi/gm_resource_title_button.png
res/drawable-nodpi/gm_resource_tqzzk.png
res/drawable-nodpi/gm_resource_zztq_item.png
res/drawable-nodpi/gm_resource__lottery_center_button.png
res/drawable-nodpi/gm_store_128_128_selected.png
res/drawable-nodpi/gm_store_128_128_unselected.png
res/drawable-nodpi/gm_store_128_bg.png
res/drawable-nodpi/gm_store_128_edittext.png
res/drawable-nodpi/gm_store_128_game_bg.png
res/drawable-nodpi/gm_store_128_game_icon_bg.png
res/drawable-nodpi/gm_store_128_item_bg.png
res/drawable-nodpi/gm_store_128_red_packet.png
res/drawable-nodpi/gm_store_128_red_packet_unselected.png
res/drawable-nodpi/gm_store_128_title.png
res/drawable-nodpi/gm_store_128_title_bg.png
res/drawable-nodpi/gm_store_128_title_bz.png
res/drawable-nodpi/gm_store_128_title_zs.png
res/drawable-nodpi/gm_store_128_tx.png
res/drawable-nodpi/gm_store_add.png
res/drawable-nodpi/gm_store_bg.png
res/drawable-nodpi/gm_store_blue_luck.png
res/drawable-nodpi/gm_store_box.png
res/drawable-nodpi/gm_store_box1.png
res/drawable-nodpi/gm_store_box3.png
res/drawable-nodpi/gm_store_button.png
res/drawable-nodpi/gm_store_button_enable.png
res/drawable-nodpi/gm_store_chose_porp.png
res/drawable-nodpi/gm_store_chose_porp_.png
res/drawable-nodpi/gm_store_chose_porp_mfhl.png
res/drawable-nodpi/gm_store_close.png
res/drawable-nodpi/gm_store_code_bg.png
res/drawable-nodpi/gm_store_common_button_checked.png
res/drawable-nodpi/gm_store_common_button_unchecked.png
res/drawable-nodpi/gm_store_desc_tips_bg.png
res/drawable-nodpi/gm_store_down_arrow_checked.png
res/drawable-nodpi/gm_store_down_arrow_unchecked.png
res/drawable-nodpi/gm_store_dropdown.png
res/drawable-nodpi/gm_store_dropdown_bg.png
res/drawable-nodpi/gm_store_dropdown_chose.png
res/drawable-nodpi/gm_store_dropdown_normal.png
res/drawable-nodpi/gm_store_edittext_bg.png
res/drawable-nodpi/gm_store_hnit_bg.png
res/drawable-nodpi/gm_store_hnit_desc1.png
res/drawable-nodpi/gm_store_hnit_desc2.png
res/drawable-nodpi/gm_store_hnit_icon_bg.png
res/drawable-nodpi/gm_store_hnit_top_title.png
res/drawable-nodpi/gm_store_jrfl_bg.png
res/drawable-nodpi/gm_store_jrfl_box.png
res/drawable-nodpi/gm_store_jrfl_gold.png
res/drawable-nodpi/gm_store_jrfl_icon.png
res/drawable-nodpi/gm_store_jrfl_item_bg.png
res/drawable-nodpi/gm_store_jrfl_item_title_bg.png
res/drawable-nodpi/gm_store_jrhd.png
res/drawable-nodpi/gm_store_jrhd_button.png
res/drawable-nodpi/gm_store_lchl_item_bg.png
res/drawable-nodpi/gm_store_lchl_selected.png
res/drawable-nodpi/gm_store_lchl_unselected.png
res/drawable-nodpi/gm_store_left_button_bg.xml
res/drawable-nodpi/gm_store_line.png
res/drawable-nodpi/gm_store_luck.png
res/drawable-nodpi/gm_store_normal_button_bg.png
res/drawable-nodpi/gm_store_pay_button_bg.xml
res/drawable-nodpi/gm_store_por_line.png
res/drawable-nodpi/gm_store_prop_bg.png
res/drawable-nodpi/gm_store_prop_normal_bg.png
res/drawable-nodpi/gm_store_rect_bg.png
res/drawable-nodpi/gm_store_rect_bg2.png
res/drawable-nodpi/gm_store_red_point.png
res/drawable-nodpi/gm_store_serach_bg.png
res/drawable-nodpi/gm_store_ttlfl_video_packet_bg.png
res/drawable-nodpi/gm_store_ttlfl_video_packet_item_bg.png
res/drawable-nodpi/gm_store_ttlfl_video_packet_item_title_bg.png
res/drawable-nodpi/gm_store_up_arrow_checked.png
res/drawable-nodpi/gm_store_up_arrow_unchecked.png
res/drawable-nodpi/gm_store_vip_center_bg.png
res/drawable-nodpi/gm_store_vip_item_bg.png
res/drawable-nodpi/gm_store_xglb_bg.png
res/drawable-nodpi/gm_store_xglb_desc_bg.png
res/drawable-nodpi/gm_store_xglb_item_bg.png
res/drawable-nodpi/gm_store_xglb_tea.png
res/drawable-nodpi/gm_store_xglb_title.png
res/drawable-nodpi/gm_store_xslb_button.png
res/drawable-nodpi/gm_store_ygm_button_bg.png
res/drawable-nodpi/gm_store_zxfl_porp_n_bg.png
res/drawable-nodpi/gm_super_discount_bg.png
res/drawable-nodpi/gm_super_discount_common_button_checked.png
res/drawable-nodpi/gm_super_discount_common_button_unchecked.png
res/drawable-nodpi/gm_super_discount_dropdown_chose.png
res/drawable-nodpi/gm_super_discount_dropdown_normal.png
res/drawable-nodpi/gm_super_discount_left_button_bg.xml
res/drawable-nodpi/port_gm_resource_back.png
res/drawable-nodpi/port_gm_resource_bg.png
res/drawable-nodpi/port_gm_resource_button_selected.png
res/drawable-nodpi/port_gm_resource_button_unselected.png
res/drawable-nodpi/port_gm_resource_cjzp_progress.png
res/drawable-nodpi/port_gm_resource_cjzp_progress_normal.png
res/drawable-nodpi/port_gm_resource_title_button.png
res/drawable-nodpi/port_gm_resource_top_button_bg.xml
res/drawable-nodpi/port_gm_resource_top_button_selected.png
res/drawable-nodpi/port_gm_resource_top_button_selected_.png
res/drawable-nodpi/port_gm_resource_top_button_unselected.png
res/drawable-nodpi/port_gm_resource_zyg_bg.png
res/drawable-nodpi/port_gm_resource_zyg_item_bg.png
res/drawable-nodpi/port_gm_resource_zyg_left_bg.png
res/drawable-nodpi/port_gm_resource_zyg_right_bg.png
res/drawable-nodpi/port_gm_resource_zztq_item_bg.png
res/drawable-nodpi/port_gm_resource_zztq_item_line.png
res/drawable-nodpi/port_gm_resource_zztq_item_porp.png
res/drawable-nodpi/port_gm_store_bg.png
res/drawable-nodpi/port_gm_store_bg2.png
res/drawable-nodpi/port_gm_store_botton_normal.png
res/drawable-nodpi/port_gm_store_button.png
res/drawable-nodpi/port_gm_store_button_bg.xml
res/drawable-nodpi/port_gm_store_close.png
res/drawable-nodpi/port_gm_store_common_button_checked.png
res/drawable-nodpi/port_gm_store_common_button_unchecked.png
res/drawable-nodpi/port_gm_store_jrfl_bg.png
res/drawable-nodpi/port_gm_store_lchl_item_bg.png
res/drawable-nodpi/port_gm_store_left_item_bg.xml
res/drawable-nodpi/port_gm_store_left_item_checked.png
res/drawable-nodpi/port_gm_store_left_item_unchecked.png
res/drawable-nodpi/port_gm_store_small_bg.png
res/drawable-nodpi/port_gm_store_top_button_bg.xml
res/drawable-nodpi/port_gm_store_xglb_item_bg.png
res/drawable-nodpi/port_gm_store_xslb_item_bg.png
res/drawable-nodpi/port_gm_super_discount_common_button_checked.png
res/drawable-nodpi/port_gm_super_discount_common_button_unchecked.png
res/drawable-nodpi/port_gm_super_discount_top_button_bg.xml
res/drawable-nodpi/test1.png
res/drawable-nodpi/test2.png
res/drawable-xhdpi/super_float_dark.png
res/drawable-xhdpi/super_float_dark_left.png
res/drawable-xhdpi/super_float_dark_right.png
res/drawable-xhdpi/super_float_light.png
res/drawable-xhdpi/super_menu_check.png
res/drawable-xhdpi/super_menu_exit.png
res/drawable-xhdpi/super_menu_logout.png
res/drawable-xhdpi/super_menu_role.png
res/layout/activity_main.xml
res/layout/gm_item_xglb_tip_porp.xml
res/layout/gm_luck_dialog.xml
res/layout/gm_prop_dialog_new.xml
res/layout/gm_resourcesdialog_popupwindow_tips.xml
res/layout/gm_resources_video_tips.xml
res/layout/gm_resource_item.xml
res/layout/gm_resource_porp.xml
res/layout/gm_resource_reward.xml
res/layout/gm_resource_zyg_porp.xml
res/layout/gm_store_jrfl_porp.xml
res/layout/gm_store_lchl_top_item.xml
res/layout/gm_store_popup_list_item.xml
res/layout/gm_store_popup_role_list_item.xml
res/layout/gm_store_xslb_porp.xml
res/layout/gm_super_discount_left_common_button.xml
res/layout/super_float_dialog.xml
res/layout/super_float_left.xml
res/layout/super_float_right.xml
res/layout/super_login.xml
res/layout/super_menu_check.xml
res/layout/super_menu_logout.xml
res/layout/super_menu_role.xml
res/layout/super_menu_share.xml
res/layout/super_notice_dialog.xml
res/layout/super_toast.xml
res/layout/super_warn_dialog.xml
res/layout-sw300dp-land/gm_128_tips_dialog.xml
res/layout-sw300dp-land/gm_fragment_video_ad.xml
res/layout-sw300dp-land/gm_item_128.xml
res/layout-sw300dp-land/gm_item_128_day.xml
res/layout-sw300dp-land/gm_item_128_day_128.xml
res/layout-sw300dp-land/gm_item_128_game.xml
res/layout-sw300dp-land/gm_item_128_game2.xml
res/layout-sw300dp-land/gm_item_128_serach.xml
res/layout-sw300dp-land/gm_item_bug.xml
res/layout-sw300dp-land/gm_item_jrfl.xml
res/layout-sw300dp-land/gm_item_lchl.xml
res/layout-sw300dp-land/gm_item_qrtq.xml
res/layout-sw300dp-land/gm_item_video.xml
res/layout-sw300dp-land/gm_item_video_porp.xml
res/layout-sw300dp-land/gm_item_xglb.xml
res/layout-sw300dp-land/gm_item_xslb.xml
res/layout-sw300dp-land/gm_item_zxfl.xml
res/layout-sw300dp-land/gm_item_zxfl_porp.xml
res/layout-sw300dp-land/gm_item_zxfl_text.xml
res/layout-sw300dp-land/gm_item_zxfl_text_one.xml
res/layout-sw300dp-land/gm_luck_dialog.xml
res/layout-sw300dp-land/gm_main_gmstore.xml
res/layout-sw300dp-land/gm_main_super_discount.xml
res/layout-sw300dp-land/gm_prop_dialog_new.xml
res/layout-sw300dp-land/gm_resources_pavilion_new.xml
res/layout-sw300dp-land/gm_resource_reward_bug_tips_dialog.xml
res/layout-sw300dp-land/gm_resource_reward_tips_dialog.xml
res/layout-sw300dp-land/gm_resource_tips_dialog.xml
res/layout-sw300dp-land/gm_resource_zztq_item.xml
res/layout-sw300dp-land/gm_store_128_list_dialog.xml
res/layout-sw300dp-land/gm_store_128_serach_list_dialog.xml
res/layout-sw300dp-land/gm_store_bug.xml
res/layout-sw300dp-land/gm_store_exchange_dialog.xml
res/layout-sw300dp-land/gm_store_jrfl.xml
res/layout-sw300dp-land/gm_store_lchl.xml
res/layout-sw300dp-land/gm_store_left_common_button.xml
res/layout-sw300dp-land/gm_store_new_hnit_dialog.xml
res/layout-sw300dp-land/gm_store_qrhl.xml
res/layout-sw300dp-land/gm_store_qrtq.xml
res/layout-sw300dp-land/gm_store_ttlfl_128.xml
res/layout-sw300dp-land/gm_store_ttlfl_video.xml
res/layout-sw300dp-land/gm_store_xglb.xml
res/layout-sw300dp-land/gm_store_xglb_dialog.xml
res/layout-sw300dp-land/gm_store_xslb.xml
res/layout-sw300dp-land/gm_store_zxfl.xml
res/layout-sw300dp-land/gm_store_zzlb.xml
res/layout-sw300dp-land/gm_super_discount_left_common_button.xml
res/layout-sw300dp-land/gm_videoad_dialog.xml
res/layout-sw300dp-port/gm_fragment_video_ad.xml
res/layout-sw300dp-port/gm_item_128.xml
res/layout-sw300dp-port/gm_item_128_day.xml
res/layout-sw300dp-port/gm_item_128_day_128.xml
res/layout-sw300dp-port/gm_item_128_game.xml
res/layout-sw300dp-port/gm_item_128_game2.xml
res/layout-sw300dp-port/gm_item_128_serach.xml
res/layout-sw300dp-port/gm_item_bug.xml
res/layout-sw300dp-port/gm_item_jrfl.xml
res/layout-sw300dp-port/gm_item_lchl.xml
res/layout-sw300dp-port/gm_item_qrtq.xml
res/layout-sw300dp-port/gm_item_xglb.xml
res/layout-sw300dp-port/gm_item_xslb.xml
res/layout-sw300dp-port/gm_item_zxfl.xml
res/layout-sw300dp-port/gm_item_zxfl_porp.xml
res/layout-sw300dp-port/gm_item_zxfl_text.xml
res/layout-sw300dp-port/gm_item_zxfl_text_one.xml
res/layout-sw300dp-port/gm_luck_dialog.xml
res/layout-sw300dp-port/gm_main_gmstore.xml
res/layout-sw300dp-port/gm_prop_dialog_new.xml
res/layout-sw300dp-port/gm_resources_pavilion_new.xml
res/layout-sw300dp-port/gm_resource_reward_bug_tips_dialog.xml
res/layout-sw300dp-port/gm_resource_reward_tips_dialog.xml
res/layout-sw300dp-port/gm_resource_tips_dialog.xml
res/layout-sw300dp-port/gm_resource_zztq_item.xml
res/layout-sw300dp-port/gm_store_128_list_dialog.xml
res/layout-sw300dp-port/gm_store_128_serach_list_dialog.xml
res/layout-sw300dp-port/gm_store_jrfl.xml
res/layout-sw300dp-port/gm_store_lchl.xml
res/layout-sw300dp-port/gm_store_lchl_top_item.xml
res/layout-sw300dp-port/gm_store_left_common_button.xml
res/layout-sw300dp-port/gm_store_left_item_button.xml
res/layout-sw300dp-port/gm_store_new_hnit_dialog.xml
res/layout-sw300dp-port/gm_store_qrhl.xml
res/layout-sw300dp-port/gm_store_qrtq.xml
res/layout-sw300dp-port/gm_store_ttlfl_128.xml
res/layout-sw300dp-port/gm_store_xglb.xml
res/layout-sw300dp-port/gm_store_xglb_dialog.xml
res/layout-sw300dp-port/gm_store_xslb.xml
res/layout-sw300dp-port/gm_store_xslb_porp.xml
res/layout-sw300dp-port/gm_store_zxfl.xml
res/layout-sw300dp-port/gm_store_zzlb.xml
res/layout-sw300dp-port/gm_super_discount_left_common_button.xml
res/layout-sw300dp-port/gm_videoad_dialog.xml
resources.arsc
assets/c3733/sdk/resource/jars/core.jar
assets/c3733/sdk/resource/jars/update.jar
assets/cn_ipaynow_wechatpay_plugin.png
assets/debug.txt
assets/fonts/font1.TTF
assets/fonts/font2.TTF
assets/fonts/font3.TTF
assets/fonts/font4.TTF
assets/gm_res/luck/img_btn.png
assets/gm_res/luck/img_luck.png
assets/kprogresshud_spinner.png
assets/Sonnenblume/res.bin

污点分析

当apk较大时,代码量会很大,造成数据流图(ICFG)呈现爆炸式增长,所以该功能比较耗时,请先喝杯咖啡,耐心等待……
规则名称 描述信息 操作
病毒分析 使用安卓恶意软件常用的API进行污点分析 开始分析  
漏洞挖掘 漏洞挖掘场景下的污点分析 开始分析  
隐私合规 隐私合规场景下的污点分析:组件内污点传播、组件间污点传播、组件与库函数之间的污点传播 开始分析  
密码分析 分析加密算法是否使用常量密钥、静态初始化的向量(IV)、加密模式是否使用ECB等 开始分析  
Callback 因为Android中系统级的Callback并不会出现显式地进行回调方法的调用,所以如果需要分析Callback方法需要在声明文件中将其声明,这里提供一份AndroidCallbacks.txt文件,里面是一些常见的原生回调接口或类,如果有特殊接口需求,可以联系管理员 开始分析