Rules Engine 1.3.4版本 | 静态分析 _南明离火移动安全分析平台

安全声明：本平台专为移动应用安全风险研究与合规评估设计，严禁用于任何非法用途。如有疑问或建议，欢迎加入微信群交流。

应用图标

应用评分

文件基本信息

文件名称

Android_Rules_Engine_v1.3.4_r-Spectrio.apk

文件大小

15.29MB

MD5

ae1658ff18be3a5f1b7068dbf7b14951

SHA1

e17cb69331ff5183b6fe536067f49bf46d992173

SHA256

2ba1b162b9df1e449fcaa0d46e3bddaeaeb5d615f50a7c71e509489beffa9ee0

病毒检测

⚠️ 2 个厂商报毒⚠️

应用基础信息

应用名称

Rules Engine

包名

com.inreality.android_rules_engine

主活动

com.inreality.android_rules_engine.LauncherActivity

目标SDK

29

最小SDK

24

版本号

1.3.4

子版本号

1030402

加固信息

未加壳

组件导出状态统计

查看 Activity 组件

查看 Service 组件

查看 Receiver 组件

查看 Provider 组件

扫描与分析选项

重新扫描管理规则动态分析

反编译与源码导出

Manifest文件查看

APK文件成为会员，解锁下载

Java源代码查看 -- 下载

文件结构与资源列表

应用签名证书信息

二进制文件已签名
v1 签名: False
v2 签名: True
v3 签名: False
v4 签名: False
主题: C=US, ST=California, L=Mountain View, O=Android, OU=Android, CN=Android, E=android@android.com
签名算法: rsassa_pkcs1v15
有效期自: 2008-04-15 22:40:50+00:00
有效期至: 2035-09-01 22:40:50+00:00
发行人: C=US, ST=California, L=Mountain View, O=Android, OU=Android, CN=Android, E=android@android.com
序列号: 0xb3998086d056cffa
哈希算法: md5
证书MD5: 8ddb342f2da5408402d7568af21e29f9
证书SHA1: 27196e386b875e76adf700e7ea84e4c6eee33dfa
证书SHA256: c8a2e9bccf597c2fb6dc66bee293fc13f2fc47ec77bc6b2b0d52c11f51192ab8
证书SHA512: 5d802f24d6ac76c708a8e7afe28fd97e038f888cef6665fb9b4a92234c311d6ff42127ccb2eb5a898f4e7e4e553f6ef602d43d1a2ebae9f002a6598e72fd2d83
公钥算法: rsa
密钥长度: 2048
指纹: 65ba0830722d5767f8779e37d0d9c67562f03ec63a2889af655ee9c59effb434
找到 1 个唯一证书

权限声明与风险分级

权限名称	安全等级	权限内容	权限描述	关联代码
android.permission.INTERNET	危险	完全互联网访问	允许应用程序创建网络套接字。	显示文件 com/acg/android/utils/http/AnySSLClient.java com/acg/android/utils/media/VimeoUtil.java com/acg/android/utils/network/HttpUtil.java com/acg/android/utils/network/NetworkUtil.java com/acg/android/utils/remoting/image/RemoteImageLoader.java com/acg/android/utils/rss/RssReader.java com/acg/android/utils/system/SystemUtil.java com/inreality/android/notification/IRNotificationUtils.java com/inreality/android/pipedream/PipeDreamUtils.java com/inreality/android_rules_engine/ruler/Ruler.java com/inreality/android_rules_engine/trigger/Trigger.java com/inreality/androidutils/auth/AuthUtils.java com/inreality/androidutils/ui/webview/IRCachedWebViewClient.java com/rabbitmq/client/impl/Frame.java com/rabbitmq/client/impl/SocketFrameHandler.java com/rabbitmq/client/impl/SocketFrameHandlerFactory.java com/rabbitmq/client/impl/nio/SocketChannelFrameHandlerFactory.java com/splunk/mint/NetSender.java com/splunk/mint/Utils.java com/splunk/mint/network/NetLogManager.java com/splunk/mint/network/http/HTTPSURLStreamHandler.java com/splunk/mint/network/http/HTTPURLStreamHandler.java com/splunk/mint/network/http/MonitorableHttpURLConnection.java com/splunk/mint/network/http/MonitorableHttpsURLConnection.java com/splunk/mint/network/http/URLStreamHandlerBase.java com/splunk/mint/network/socket/MonitoringSocketImpl.java com/thoughtworks/qdox/JavaDocBuilder.java com/thoughtworks/qdox/junit/APITestCase.java io/sentry/transport/HttpConnection.java org/acra/util/HttpRequest.java org/dom4j/io/XPP3Reader.java org/dom4j/io/XPPReader.java org/h2/engine/SessionRemote.java org/h2/jdbc/JdbcResultSet.java org/h2/security/CipherFactory.java org/h2/server/TcpServer.java org/h2/server/pg/PgServerThread.java org/h2/server/web/WebServer.java org/h2/server/web/WebServlet.java org/h2/server/web/WebThread.java org/h2/store/fs/FilePathDisk.java org/h2/util/NetUtils.java org/h2/value/Transfer.java org/jsoup/Connection.java org/jsoup/Jsoup.java org/jsoup/helper/HttpConnection.java org/nanohttpd/protocols/http/ClientHandler.java org/nanohttpd/protocols/http/HTTPSession.java org/nanohttpd/protocols/http/NanoHTTPD.java org/nanohttpd/protocols/http/ServerRunnable.java org/nanohttpd/protocols/http/response/Response.java org/nanohttpd/webserver/SimpleWebServer.java org/relaxng/datatype/helpers/DatatypeLibraryLoader.java sun/misc/Service.java
android.permission.CHANGE_WIFI_STATE	危险	改变Wi-Fi状态	允许应用程序改变Wi-Fi状态。	显示文件 com/acg/android/utils/network/WifiUtil.java
android.permission.ACCESS_WIFI_STATE	普通	查看Wi-Fi状态	允许应用程序查看有关Wi-Fi状态的信息。	显示文件 com/acg/android/utils/network/NetworkUtil.java com/acg/android/utils/network/WifiUtil.java com/splunk/mint/AutoFlushManager.java com/splunk/mint/Utils.java io/sentry/android/core/NetworkBreadcrumbsIntegration.java io/sentry/android/core/internal/util/ConnectivityChecker.java
android.permission.READ_EXTERNAL_STORAGE	危险	读取SD卡内容	允许应用程序从SD卡读取信息。	显示文件 com/Ostermiller/util/Base64.java com/Ostermiller/util/CGILexer.java com/Ostermiller/util/CSVLexer.java com/Ostermiller/util/ExcelCSVLexer.java com/Ostermiller/util/FileHelper.java com/Ostermiller/util/LineEnds.java com/Ostermiller/util/MD5.java com/Ostermiller/util/PropertiesLexer.java com/Ostermiller/util/Tabs.java com/Ostermiller/util/UberProperties.java com/acg/android/utils/file/FileUtil.java com/acg/android/utils/image/ImageUtil.java com/acg/android/utils/network/Base64.java com/acg/android/utils/network/NetworkUtil.java com/acg/android/utils/system/SystemUtil.java com/acg/android/utils/usb/UsbUtil.java com/inreality/android/license/LicenseManagerIR.java com/inreality/android_rules_engine/webserver/WebServer.java com/inreality/androidutils/ui/webview/IRCachedWebViewClient.java com/splunk/mint/Utils.java com/stericson/RootTools/execution/Shell.java com/stericson/RootTools/internal/Installer.java com/thoughtworks/qdox/JavaDocBuilder.java io/sentry/EnvelopeSender.java io/sentry/OutboxSender.java io/sentry/PreviousSessionFinalizer.java io/sentry/SentryEnvelopeItem.java io/sentry/android/core/AnrV2Integration.java io/sentry/android/core/internal/util/RootChecker.java io/sentry/cache/CacheStrategy.java io/sentry/cache/CacheUtils.java io/sentry/cache/EnvelopeCache.java io/sentry/config/FilesystemPropertiesLoader.java io/sentry/instrumentation/file/SentryFileInputStream.java net/sf/sojo/interchange/object/ObjectSerializer.java org/acra/ACRA.java org/acra/collector/LogFileCollector.java org/acra/file/CrashReportPersister.java org/acra/legacy/ReportConverter.java org/acra/security/FileKeyStoreFactory.java org/acra/util/IOUtils.java org/dom4j/io/SAXReader.java org/dom4j/jaxb/JAXBModifier.java org/dom4j/jaxb/JAXBReader.java org/h2/server/web/WebServer.java org/h2/store/fs/FilePathDisk.java org/h2/util/SourceCompiler.java org/jsoup/helper/DataUtil.java org/nanohttpd/router/RouterNanoHTTPD.java org/nanohttpd/webserver/SimpleWebServer.java
android.permission.WRITE_EXTERNAL_STORAGE	危险	读取/修改/删除外部存储内容	允许应用程序写入外部存储。	显示文件 com/Ostermiller/util/Base64.java com/Ostermiller/util/FileHelper.java com/Ostermiller/util/LineEnds.java com/Ostermiller/util/Tabs.java com/Ostermiller/util/UberProperties.java com/acg/android/utils/file/FileUtil.java com/acg/android/utils/http/AnySSLClient.java com/acg/android/utils/image/ImageUtil.java com/acg/android/utils/network/Base64.java com/acg/android/utils/sharedpreferences/SharedPreferencesUtil.java com/acg/android/utils/system/Sudo.java com/acg/android/utils/system/SystemUtil.java com/inreality/android/license/LicenseManagerIR.java com/inreality/android_rules_engine/logger/Logger.java com/stericson/RootTools/internal/Installer.java com/thoughtworks/qdox/JavaDocBuilder.java io/sentry/android/core/Installation.java io/sentry/android/core/cache/AndroidEnvelopeCache.java io/sentry/cache/CacheStrategy.java io/sentry/cache/CacheUtils.java io/sentry/cache/EnvelopeCache.java io/sentry/instrumentation/file/SentryFileOutputStream.java net/sf/sojo/interchange/object/ObjectSerializer.java org/acra/file/CrashReportPersister.java org/acra/util/Installation.java org/dom4j/jaxb/JAXBModifier.java org/dom4j/jaxb/JAXBWriter.java org/h2/server/web/WebThread.java org/h2/store/fs/FilePathDisk.java org/nanohttpd/protocols/http/HTTPSession.java org/nanohttpd/protocols/http/tempfiles/DefaultTempFile.java
android.permission.WAKE_LOCK	危险	防止手机休眠	允许应用程序防止手机休眠，在手机屏幕关闭后后台进程仍然运行。	显示文件 com/acg/android/utils/network/NetworkUtil.java com/acg/android/utils/system/SystemUtil.java com/acg/android/utils/ui/UIUtil.java com/splunk/mint/Utils.java
android.permission.FOREGROUND_SERVICE	普通	创建前台Service	Android 9.0以上允许常规应用程序使用 Service.startForeground，用于podcast播放（推送悬浮播放，锁屏播放）	显示文件 com/acg/android/utils/system/SystemUtil.java
android.permission.RECEIVE_BOOT_COMPLETED	普通	开机自启	允许应用程序在系统完成启动后即自行启动。这样会延长手机的启动时间，而且如果应用程序一直运行，会降低手机的整体速度。	显示文件 com/acg/android/utils/system/SystemUtil.java com/inreality/android_rules_engine/ConnectivityStatusReceiver.java com/inreality/android_rules_engine/RunOnStartup.java com/inreality/androidutils/internal/InternalMessageReceiver.java com/splunk/mint/AutoFlushManager.java io/sentry/android/core/SystemEventsBreadcrumbsIntegration.java
android.permission.KILL_BACKGROUND_PROCESSES	普通	结束进程	允许应用程序结束其他应用程序的后台进程。	显示文件 com/acg/android/utils/system/SystemUtil.java com/inreality/android_rules_engine/RulesEngineService.java
android.permission.ACCESS_NETWORK_STATE	普通	获取网络状态	允许应用程序查看所有网络的状态。	显示文件 com/acg/android/utils/account/AccountUtil.java com/acg/android/utils/network/NetworkUtil.java com/acg/android/utils/network/WifiUtil.java com/acg/android/utils/phone/TelephonyManagerUtil.java com/inreality/android_rules_engine/ConnectivityStatusReceiver.java com/splunk/mint/AutoFlushManager.java com/splunk/mint/Utils.java io/sentry/android/core/NetworkBreadcrumbsIntegration.java io/sentry/android/core/PhoneStateBreadcrumbsIntegration.java io/sentry/android/core/internal/util/ConnectivityChecker.java org/acra/collector/DeviceIdCollector.java
android.permission.MANAGE_EXTERNAL_STORAGE	危险	文件列表访问权限	Android11新增权限，读取本地文件，如简历，聊天图片。
android.permission.REORDER_TASKS	危险	对正在运行的应用程序重新排序	允许应用程序将任务移至前端和后台。恶意应用程序可借此强行进入前端，而不受您的控制。	显示文件 com/acg/android/utils/system/ProcessUtil.java
com.google.android.gms.permission.AD_ID	普通	应用程序显示广告	此应用程序使用 Google 广告 ID，并且可能会投放广告。

证书安全合规分析

高危

0

警告

0

信息

1

标题	严重程度	描述信息
已签名应用	信息	应用程序已使用代码签名证书进行签名

Manifest 配置安全分析

高危

0

警告

4

信息

0

屏蔽

0

序号	问题	严重程度	描述信息	操作
1	应用程序可以安装在有漏洞的已更新 Android 版本上 Android 7.0, [minSdk=24]	信息	该应用程序可以安装在具有多个未修复漏洞的旧版本 Android 上。这些设备不会从 Google 接收合理的安全更新。支持 Android 版本 => 10、API 29 以接收合理的安全更新。	对应用 com.inreality.android_rules_engine 屏蔽 vulnerable_os_version 规则
2	应用程序数据可以被备份 [android:allowBackup=true]	警告	这个标志允许任何人通过adb备份你的应用程序数据。它允许已经启用了USB调试的用户从设备上复制应用程序数据。	对应用 com.inreality.android_rules_engine 屏蔽 app_allowbackup 规则
3	Service (com.inreality.android_rules_engine.RulesEngineService) 未被保护。 [android:exported=true]	警告	发现 Service与设备上的其他应用程序共享，因此可被设备上的任何其他应用程序访问。	对应用 com.inreality.android_rules_engine 屏蔽 service_explicitly_exported 规则
4	Broadcast Receiver (com.inreality.android_rules_engine.RunOnStartup) 未被保护。存在一个intent-filter。	警告	发现 Broadcast Receiver与设备上的其他应用程序共享，因此让它可以被设备上的任何其他应用程序访问。intent-filter的存在表明这个Broadcast Receiver是显式导出的。	对应用 com.inreality.android_rules_engine 屏蔽 receiver_exported_intent_filter_exists 规则
5	Broadcast Receiver (com.inreality.androidutils.internal.InternalMessageReceiver) 未被保护。 [android:exported=true]	警告	发现 Broadcast Receiver与设备上的其他应用程序共享，因此可被设备上的任何其他应用程序访问。	对应用 com.inreality.android_rules_engine 屏蔽 receiver_explicitly_exported 规则

可浏览 Activity 组件分析

ACTIVITY	INTENT

网络通信安全风险分析

序号	范围	严重级别	描述

API调用分析

API功能	源码文件
一般功能-> 文件操作	显示文件 com/Ostermiller/util/ArrayHelper.java com/Ostermiller/util/Base64.java com/Ostermiller/util/Base64DecodingException.java com/Ostermiller/util/BinaryDataException.java com/Ostermiller/util/Browser.java com/Ostermiller/util/BrowserCommandLexer.java com/Ostermiller/util/BufferOverflowException.java com/Ostermiller/util/CGILexer.java com/Ostermiller/util/CGIParser.java com/Ostermiller/util/CSVLexer.java com/Ostermiller/util/CSVParse.java com/Ostermiller/util/CSVParser.java com/Ostermiller/util/CSVPrint.java com/Ostermiller/util/CSVPrinter.java com/Ostermiller/util/CircularByteBuffer.java com/Ostermiller/util/CircularCharBuffer.java com/Ostermiller/util/CmdLn.java com/Ostermiller/util/ConcatInputStream.java com/Ostermiller/util/ConcatReader.java com/Ostermiller/util/ExcelCSVLexer.java com/Ostermiller/util/ExcelCSVParser.java com/Ostermiller/util/ExcelCSVPrinter.java com/Ostermiller/util/ExecHelper.java com/Ostermiller/util/FileHelper.java com/Ostermiller/util/LabeledCSVParser.java com/Ostermiller/util/LineEnds.java com/Ostermiller/util/MD5.java com/Ostermiller/util/MD5InputStream.java com/Ostermiller/util/MD5OutputStream.java com/Ostermiller/util/NameValuePair.java com/Ostermiller/util/NoCloseInputStream.java com/Ostermiller/util/NoCloseOutputStream.java com/Ostermiller/util/NoCloseReader.java com/Ostermiller/util/NoCloseStream.java com/Ostermiller/util/NoCloseWriter.java com/Ostermiller/util/PropertiesLexer.java com/Ostermiller/util/RandPass.java com/Ostermiller/util/SizeLimitInputStream.java com/Ostermiller/util/StraightStreamReader.java com/Ostermiller/util/Tabs.java com/Ostermiller/util/UberProperties.java com/acg/android/utils/apk/ApkUtil.java com/acg/android/utils/camera/CameraUtil.java com/acg/android/utils/crash/CrashLogger.java com/acg/android/utils/crash/CrashManager.java com/acg/android/utils/crash/MyUncaughtExceptionHandler.java com/acg/android/utils/db/dao/DaoUtil.java com/acg/android/utils/file/FileUtil.java com/acg/android/utils/http/AnySSLClient.java com/acg/android/utils/http/AnySSLSocketFactory.java com/acg/android/utils/http/entity/CountingMultipartEntity.java com/acg/android/utils/image/ImageUtil.java com/acg/android/utils/media/VimeoUtil.java com/acg/android/utils/media/YoutubeUtil.java com/acg/android/utils/network/Base64.java com/acg/android/utils/network/HttpUtil.java com/acg/android/utils/network/NetworkUtil.java com/acg/android/utils/network/WifiUtil.java com/acg/android/utils/nfc/data/MifareData.java com/acg/android/utils/nfc/io/MifareFormatter.java com/acg/android/utils/orm/DatabaseManager.java com/acg/android/utils/pref/PrefUtil.java com/acg/android/utils/remoting/image/ImageDownloader.java com/acg/android/utils/remoting/image/RemoteImageLoader.java com/acg/android/utils/remoting/json/Utf8JsonParser.java com/acg/android/utils/rss/RssReader.java com/acg/android/utils/sharedpreferences/SharedPreferencesUtil.java com/acg/android/utils/system/CpuStat.java com/acg/android/utils/system/Sudo.java com/acg/android/utils/system/SystemMonitor.java com/acg/android/utils/system/SystemUtil.java com/acg/android/utils/system/update/UpdateAppSharedPref.java com/acg/android/utils/system/update/UpdateAppUtil.java com/acg/android/utils/usb/UsbUtil.java com/cronutils/mapper/WeekDay.java com/cronutils/model/Cron.java com/cronutils/model/definition/CronConstraint.java com/cronutils/model/definition/CronDefinition.java com/cronutils/model/field/CronField.java com/cronutils/model/field/constraint/FieldConstraints.java com/cronutils/model/field/definition/FieldDefinition.java com/cronutils/model/field/expression/FieldExpression.java com/cronutils/model/field/value/FieldValue.java com/github/anrwatchdog/ANRError$$.java com/inreality/android/license/LicenseManagerIR.java com/inreality/android_rules_engine/RulesEngineService.java com/inreality/android_rules_engine/api/Api.java com/inreality/android_rules_engine/logger/Logger.java com/inreality/android_rules_engine/ruler/Ruler.java com/inreality/android_rules_engine/status/Status.java com/inreality/android_rules_engine/trigger/Trigger.java com/inreality/android_rules_engine/utils/StorageUtils.java com/inreality/android_rules_engine/webserver/WebServer.java com/inreality/androidutils/auth/AuthUtils.java com/inreality/androidutils/keys/PemUtils.java com/inreality/androidutils/license/IRLicenseController.java com/inreality/androidutils/logger/Logger.java com/inreality/androidutils/logger/StorageUtils.java com/inreality/androidutils/mq/client/MQClient.java com/inreality/androidutils/mqtt/client/MQTTClient.java com/inreality/androidutils/mqtt/client/SocketFactory.java com/inreality/androidutils/ui/webview/IRCachedWebViewClient.java com/inreality/androidutils/url/URLUtil.java com/inreality/log/pv3/base/mq/MQClient.java com/inreality/log/pv3/base/util/ConfigUtils.java com/inreality/log/pv3/base/util/LinuxAVAUtils.java com/inreality/log/pv3/base/util/NativeFileUtils.java com/inreality/log/pv3/base/util/ResourceUtils.java com/inreality/log/pv3/base/util/SSOUtils.java com/rabbitmq/client/AMQP.java com/rabbitmq/client/AddressResolver.java com/rabbitmq/client/BlockedListener.java com/rabbitmq/client/Channel.java com/rabbitmq/client/ChannelContinuationTimeoutException.java com/rabbitmq/client/ConfirmListener.java com/rabbitmq/client/Connection.java com/rabbitmq/client/ConnectionFactory.java com/rabbitmq/client/ConnectionFactoryConfigurator.java com/rabbitmq/client/Consumer.java com/rabbitmq/client/DefaultConsumer.java com/rabbitmq/client/DefaultSocketChannelConfigurator.java com/rabbitmq/client/DefaultSocketConfigurator.java com/rabbitmq/client/DnsSrvRecordAddressResolver.java com/rabbitmq/client/FlowListener.java com/rabbitmq/client/JDKSaslConfig.java com/rabbitmq/client/LongString.java com/rabbitmq/client/MalformedFrameException.java com/rabbitmq/client/MapRpcServer.java com/rabbitmq/client/PossibleAuthenticationFailureException.java com/rabbitmq/client/QueueingConsumer.java com/rabbitmq/client/ReturnListener.java com/rabbitmq/client/RpcClient.java com/rabbitmq/client/RpcServer.java com/rabbitmq/client/SocketChannelConfigurator.java com/rabbitmq/client/SocketConfigurator.java com/rabbitmq/client/SslEngineConfigurator.java com/rabbitmq/client/StringRpcServer.java com/rabbitmq/client/UnknownClassOrMethodId.java com/rabbitmq/client/impl/AMQBasicProperties.java com/rabbitmq/client/impl/AMQChannel.java com/rabbitmq/client/impl/AMQCommand.java com/rabbitmq/client/impl/AMQConnection.java com/rabbitmq/client/impl/AMQContentHeader.java com/rabbitmq/client/impl/AMQImpl.java com/rabbitmq/client/impl/ChannelManager.java com/rabbitmq/client/impl/ChannelN.java com/rabbitmq/client/impl/ClientVersion.java com/rabbitmq/client/impl/CommandAssembler.java com/rabbitmq/client/impl/ConsumerDispatcher.java com/rabbitmq/client/impl/ContentHeaderPropertyReader.java com/rabbitmq/client/impl/ContentHeaderPropertyWriter.java com/rabbitmq/client/impl/ForgivingExceptionHandler.java com/rabbitmq/client/impl/Frame.java com/rabbitmq/client/impl/FrameHandler.java com/rabbitmq/client/impl/FrameHandlerFactory.java com/rabbitmq/client/impl/HeartbeatSender.java com/rabbitmq/client/impl/LongStringHelper.java com/rabbitmq/client/impl/Method.java com/rabbitmq/client/impl/MethodArgumentReader.java com/rabbitmq/client/impl/MethodArgumentWriter.java com/rabbitmq/client/impl/SocketFrameHandler.java com/rabbitmq/client/impl/SocketFrameHandlerFactory.java com/rabbitmq/client/impl/StrictExceptionHandler.java com/rabbitmq/client/impl/TruncatedInputStream.java com/rabbitmq/client/impl/ValueReader.java com/rabbitmq/client/impl/ValueWriter.java com/rabbitmq/client/impl/VariableLinkedBlockingQueue.java com/rabbitmq/client/impl/nio/ByteBufferOutputStream.java com/rabbitmq/client/impl/nio/FrameBuilder.java com/rabbitmq/client/impl/nio/FrameWriteRequest.java com/rabbitmq/client/impl/nio/HeaderWriteRequest.java com/rabbitmq/client/impl/nio/NioHelper.java com/rabbitmq/client/impl/nio/NioLoop.java com/rabbitmq/client/impl/nio/NioLoopContext.java com/rabbitmq/client/impl/nio/NioParams.java com/rabbitmq/client/impl/nio/SocketChannelFrameHandler.java com/rabbitmq/client/impl/nio/SocketChannelFrameHandlerFactory.java com/rabbitmq/client/impl/nio/SocketChannelFrameHandlerState.java com/rabbitmq/client/impl/nio/SslEngineByteBufferOutputStream.java com/rabbitmq/client/impl/nio/SslEngineFrameBuilder.java com/rabbitmq/client/impl/nio/SslEngineHelper.java com/rabbitmq/client/impl/nio/WriteRequest.java com/rabbitmq/client/impl/recovery/AutorecoveringChannel.java com/rabbitmq/client/impl/recovery/AutorecoveringConnection.java com/rabbitmq/client/impl/recovery/RecordedBinding.java com/rabbitmq/client/impl/recovery/RecordedConsumer.java com/rabbitmq/client/impl/recovery/RecordedExchange.java com/rabbitmq/client/impl/recovery/RecordedExchangeBinding.java com/rabbitmq/client/impl/recovery/RecordedQueue.java com/rabbitmq/client/impl/recovery/RecordedQueueBinding.java com/rabbitmq/client/impl/recovery/RecoveryAwareAMQConnectionFactory.java com/rabbitmq/client/impl/recovery/RecoveryAwareChannelN.java com/rabbitmq/tools/jsonrpc/JsonRpcClient.java com/rabbitmq/tools/jsonrpc/JsonRpcServer.java com/rabbitmq/utility/Utility.java com/splunk/mint/CrashInfo.java com/splunk/mint/DataSaver.java com/splunk/mint/ExceptionHandler.java com/splunk/mint/ForegroundHandler.java com/splunk/mint/LastPing.java com/splunk/mint/Mint.java com/splunk/mint/MintJavascript.java com/splunk/mint/NetSender.java com/splunk/mint/RemoteSettings.java com/splunk/mint/SplunkFileFilter.java com/splunk/mint/UidManager.java com/splunk/mint/Utils.java com/splunk/mint/network/Metric.java com/splunk/mint/network/NetLogManager.java com/splunk/mint/network/http/HTTPSURLStreamHandler.java com/splunk/mint/network/http/HTTPURLStreamHandler.java com/splunk/mint/network/http/MonitorableHttpURLConnection.java com/splunk/mint/network/http/MonitorableHttpsURLConnection.java com/splunk/mint/network/http/URLStreamHandlerBase.java com/splunk/mint/network/io/InputStreamMonitor.java com/splunk/mint/network/io/InputStreamMonitorKitKat.java com/splunk/mint/network/io/OutputStreamMonitor.java com/splunk/mint/network/socket/MonitoringSocketImpl.java com/stericson/RootTools/RootTools.java com/stericson/RootTools/containers/Mount.java com/stericson/RootTools/containers/RootClass.java com/stericson/RootTools/containers/Symlink.java com/stericson/RootTools/execution/Command.java com/stericson/RootTools/execution/EnplugShell.java com/stericson/RootTools/execution/Shell.java com/stericson/RootTools/internal/Installer.java com/stericson/RootTools/internal/Remounter.java com/stericson/RootTools/internal/RootToolsInternalMethods.java com/stericson/RootTools/internal/Runner.java com/stericson/RootToolsTests/NativeJavaClass.java com/stericson/RootToolsTests/SanityCheckRootTools.java com/sun/el/MethodExpressionImpl.java com/sun/el/MethodExpressionLiteral.java com/sun/el/ValueExpressionImpl.java com/sun/el/ValueExpressionLiteral.java com/sun/el/lang/ExpressionBuilder.java com/sun/el/lang/FunctionMapperImpl.java com/sun/el/lang/VariableMapperImpl.java com/sun/el/parser/ELParser.java com/sun/el/parser/ELParserTokenManager.java com/sun/el/parser/SimpleCharStream.java com/sun/el/parser/Token.java com/sun/msv/datatype/regexp/RangeToken.java com/sun/msv/datatype/regexp/RegularExpression.java com/sun/msv/datatype/regexp/Token.java com/sun/msv/datatype/xsd/BinaryValueType.java com/sun/msv/datatype/xsd/BuiltinAtomicType.java com/sun/msv/datatype/xsd/IntegerValueType.java com/sun/msv/datatype/xsd/ListValueType.java com/sun/msv/datatype/xsd/PatternFacet.java com/sun/msv/datatype/xsd/QnameValueType.java com/sun/msv/datatype/xsd/TypeIncubator.java com/sun/msv/datatype/xsd/WhiteSpaceProcessor.java com/sun/msv/datatype/xsd/XSDatatype.java com/sun/msv/datatype/xsd/datetime/BigTimeDurationValueType.java com/sun/msv/datatype/xsd/datetime/IDateTimeValueType.java com/sun/msv/datatype/xsd/datetime/ITimeDurationValueType.java com/sun/msv/datatype/xsd/datetime/TimeZone.java com/sun/script/javascript/RhinoScriptEngine.java com/thoughtworks/qdox/JavaDocBuilder.java com/thoughtworks/qdox/ant/AbstractQdoxTask.java com/thoughtworks/qdox/directorywalker/DirectoryScanner.java com/thoughtworks/qdox/directorywalker/FileVisitor.java com/thoughtworks/qdox/directorywalker/Filter.java com/thoughtworks/qdox/directorywalker/SuffixFilter.java com/thoughtworks/qdox/junit/APITestCase.java com/thoughtworks/qdox/model/AbstractJavaEntity.java com/thoughtworks/qdox/model/ClassLibrary.java com/thoughtworks/qdox/model/DocletTag.java com/thoughtworks/qdox/model/DocletTagFactory.java com/thoughtworks/qdox/model/JavaParameter.java com/thoughtworks/qdox/model/JavaSource.java com/thoughtworks/qdox/model/Type.java com/thoughtworks/qdox/model/util/TagParser.java com/thoughtworks/qdox/parser/Lexer.java com/thoughtworks/qdox/parser/impl/JFlexLexer.java com/thoughtworks/qdox/parser/impl/Parser.java io/jsonwebtoken/impl/compression/AbstractCompressionCodec.java io/jsonwebtoken/impl/compression/DeflateCompressionCodec.java io/jsonwebtoken/impl/compression/GzipCompressionCodec.java io/jsonwebtoken/lang/Classes.java io/jsonwebtoken/lang/Objects.java io/sentry/Attachment.java io/sentry/Baggage.java io/sentry/Breadcrumb.java io/sentry/CircularFifoQueue.java io/sentry/DirectoryProcessor.java io/sentry/EnvelopeReader.java io/sentry/EnvelopeSender.java io/sentry/Hub.java io/sentry/IEnvelopeReader.java io/sentry/ISerializer.java io/sentry/JsonObjectDeserializer.java io/sentry/JsonObjectReader.java io/sentry/JsonObjectSerializer.java io/sentry/JsonObjectWriter.java io/sentry/JsonSerializable.java io/sentry/JsonSerializer.java io/sentry/MainEventProcessor.java io/sentry/NoOpEnvelopeReader.java io/sentry/NoOpSerializer.java io/sentry/ObjectWriter.java io/sentry/OutboxSender.java io/sentry/PreviousSessionFinalizer.java io/sentry/ProfilingTraceData.java io/sentry/ProfilingTransactionData.java io/sentry/SendCachedEnvelopeFireAndForgetIntegration.java io/sentry/Sentry.java io/sentry/SentryBaseEvent.java io/sentry/SentryClient.java io/sentry/SentryCrashLastRunState.java io/sentry/SentryEnvelope.java io/sentry/SentryEnvelopeHeader.java io/sentry/SentryEnvelopeItem.java io/sentry/SentryEnvelopeItemHeader.java io/sentry/SentryEvent.java io/sentry/SentryItemType.java io/sentry/SentryLevel.java io/sentry/SentryLockReason.java io/sentry/SentryOptions.java io/sentry/Session.java io/sentry/ShutdownHookIntegration.java io/sentry/SpanContext.java io/sentry/SpanId.java io/sentry/SpanStatus.java io/sentry/SynchronizedCollection.java io/sentry/SystemOutLogger.java io/sentry/TraceContext.java io/sentry/UncaughtExceptionHandlerIntegration.java io/sentry/UserFeedback.java io/sentry/android/core/ActivityLifecycleIntegration.java io/sentry/android/core/AndroidCpuCollector.java io/sentry/android/core/AndroidOptionsInitializer.java io/sentry/android/core/AndroidTransactionProfiler.java io/sentry/android/core/AnrIntegration.java io/sentry/android/core/AnrV2Integration.java io/sentry/android/core/AppComponentsBreadcrumbsIntegration.java io/sentry/android/core/AppLifecycleIntegration.java io/sentry/android/core/ContextUtils.java io/sentry/android/core/CurrentActivityIntegration.java io/sentry/android/core/DeviceInfoUtil.java io/sentry/android/core/EnvelopeFileObserver.java io/sentry/android/core/EnvelopeFileObserverIntegration.java io/sentry/android/core/Installation.java io/sentry/android/core/InternalSentrySdk.java io/sentry/android/core/NdkIntegration.java io/sentry/android/core/NetworkBreadcrumbsIntegration.java io/sentry/android/core/PhoneStateBreadcrumbsIntegration.java io/sentry/android/core/SendCachedEnvelopeIntegration.java io/sentry/android/core/SystemEventsBreadcrumbsIntegration.java io/sentry/android/core/TempSensorBreadcrumbsIntegration.java io/sentry/android/core/UserInteractionIntegration.java io/sentry/android/core/cache/AndroidEnvelopeCache.java io/sentry/android/core/internal/debugmeta/AssetsDebugMetaLoader.java io/sentry/android/core/internal/modules/AssetsModulesLoader.java io/sentry/android/core/internal/threaddump/Lines.java io/sentry/android/core/internal/util/CpuInfoUtils.java io/sentry/android/core/internal/util/RootChecker.java io/sentry/android/core/internal/util/ScreenshotUtils.java io/sentry/android/fragment/FragmentLifecycleIntegration.java io/sentry/android/okhttp/SentryOkHttpEventListener.java io/sentry/android/okhttp/SentryOkHttpInterceptor.java io/sentry/android/timber/SentryTimberIntegration.java io/sentry/cache/CacheStrategy.java io/sentry/cache/CacheUtils.java io/sentry/cache/EnvelopeCache.java io/sentry/clientreport/ClientReport.java io/sentry/clientreport/DiscardedEvent.java io/sentry/config/ClasspathPropertiesLoader.java io/sentry/config/FilesystemPropertiesLoader.java io/sentry/instrumentation/file/FileIOSpanManager.java io/sentry/instrumentation/file/FileInputStreamInitData.java io/sentry/instrumentation/file/FileOutputStreamInitData.java io/sentry/instrumentation/file/SentryFileInputStream.java io/sentry/instrumentation/file/SentryFileOutputStream.java io/sentry/instrumentation/file/SentryFileReader.java io/sentry/instrumentation/file/SentryFileWriter.java io/sentry/internal/debugmeta/ResourcesDebugMetaLoader.java io/sentry/internal/modules/ModulesLoader.java io/sentry/internal/modules/ResourcesModulesLoader.java io/sentry/profilemeasurements/ProfileMeasurement.java io/sentry/profilemeasurements/ProfileMeasurementValue.java io/sentry/protocol/App.java io/sentry/protocol/Browser.java io/sentry/protocol/Contexts.java io/sentry/protocol/DebugImage.java io/sentry/protocol/DebugMeta.java io/sentry/protocol/Device.java io/sentry/protocol/Geo.java io/sentry/protocol/Gpu.java io/sentry/protocol/MeasurementValue.java io/sentry/protocol/Mechanism.java io/sentry/protocol/Message.java io/sentry/protocol/OperatingSystem.java io/sentry/protocol/Request.java io/sentry/protocol/Response.java io/sentry/protocol/SdkInfo.java io/sentry/protocol/SdkVersion.java io/sentry/protocol/SentryException.java io/sentry/protocol/SentryId.java io/sentry/protocol/SentryPackage.java io/sentry/protocol/SentryRuntime.java io/sentry/protocol/SentrySpan.java io/sentry/protocol/SentryStackFrame.java io/sentry/protocol/SentryStackTrace.java io/sentry/protocol/SentryThread.java io/sentry/protocol/SentryTransaction.java io/sentry/protocol/TransactionInfo.java io/sentry/protocol/User.java io/sentry/protocol/ViewHierarchy.java io/sentry/protocol/ViewHierarchyNode.java io/sentry/transport/AsyncHttpTransport.java io/sentry/transport/HttpConnection.java io/sentry/transport/ITransport.java io/sentry/transport/NoOpTransport.java io/sentry/transport/StdoutTransport.java io/sentry/util/FileUtils.java io/sentry/util/JsonSerializationUtils.java io/sentry/util/MapObjectWriter.java io/sentry/vendor/Base64.java io/sentry/vendor/gson/stream/JsonReader.java io/sentry/vendor/gson/stream/JsonWriter.java io/sentry/vendor/gson/stream/MalformedJsonException.java j$/time/Clock.java j$/time/Duration.java j$/time/Instant.java j$/time/LocalDate.java j$/time/LocalDateTime.java j$/time/LocalTime.java j$/time/MonthDay.java j$/time/OffsetDateTime.java j$/time/OffsetTime.java j$/time/Period.java j$/time/Ser.java j$/time/Year.java j$/time/YearMonth.java j$/time/ZoneId.java j$/time/ZoneOffset.java j$/time/ZoneRegion.java j$/time/ZonedDateTime.java j$/time/chrono/AbstractChronology$$ExternalSyntheticLambda0.java j$/time/chrono/AbstractChronology$$ExternalSyntheticLambda1.java j$/time/chrono/AbstractChronology$$ExternalSyntheticLambda2.java j$/time/chrono/ChronoLocalDateImpl.java j$/time/chrono/ChronoLocalDateTimeImpl.java j$/time/chrono/ChronoPeriodImpl.java j$/time/chrono/ChronoZonedDateTimeImpl.java j$/time/chrono/HijrahChronology.java j$/time/chrono/HijrahDate.java j$/time/chrono/IsoChronology.java j$/time/chrono/JapaneseChronology.java j$/time/chrono/JapaneseDate.java j$/time/chrono/JapaneseEra.java j$/time/chrono/MinguoChronology.java j$/time/chrono/MinguoDate.java j$/time/chrono/Ser.java j$/time/chrono/ThaiBuddhistChronology.java j$/time/chrono/ThaiBuddhistDate.java j$/time/format/DateTimeFormatter.java j$/time/temporal/ValueRange.java j$/time/zone/Ser.java j$/time/zone/ZoneOffsetTransition.java j$/time/zone/ZoneOffsetTransitionRule.java j$/time/zone/ZoneRules.java net/sf/sojo/core/conversion/interceptor/SimpleKeyMapperInterceptor.java net/sf/sojo/interchange/csv/generate/CsvParserGenerate.java net/sf/sojo/interchange/csv/generate/CsvParserGenerateTokenManager.java net/sf/sojo/interchange/csv/generate/SimpleCharStream.java net/sf/sojo/interchange/csv/generate/Token.java net/sf/sojo/interchange/json/JsonParser.java net/sf/sojo/interchange/json/generate/JsonParserGenerate.java net/sf/sojo/interchange/json/generate/JsonParserGenerateTokenManager.java net/sf/sojo/interchange/json/generate/SimpleCharStream.java net/sf/sojo/interchange/json/generate/Token.java net/sf/sojo/interchange/object/ObjectSerializer.java net/sf/sojo/interchange/xmlrpc/XmlRpcParser.java net/sf/sojo/util/StackTraceElementWrapper.java net/sf/sojo/util/ThrowableWrapper.java net/sf/sojo/util/Util.java org/acra/ACRA.java org/acra/builder/ReportExecutor.java org/acra/collections/ImmutableList.java org/acra/collections/ImmutableMap.java org/acra/collections/ImmutableSet.java org/acra/collector/LogCatCollector.java org/acra/collector/LogFileCollector.java org/acra/collector/MemoryInfoCollector.java org/acra/collector/SharedPreferencesCollector.java org/acra/collector/SimpleValuesCollector.java org/acra/collector/StacktraceCollector.java org/acra/config/ACRAConfiguration.java org/acra/dialog/BaseCrashReportDialog.java org/acra/dialog/CrashReportDialog.java org/acra/file/BulkReportDeleter.java org/acra/file/CrashReportPersister.java org/acra/file/LastModifiedComparator.java org/acra/file/ReportLocator.java org/acra/legacy/ReportConverter.java org/acra/legacy/ReportMigrator.java org/acra/prefs/PrefUtils.java org/acra/prefs/SharedPreferencesFactory.java org/acra/security/AssetKeyStoreFactory.java org/acra/security/BaseKeyStoreFactory.java org/acra/security/FileKeyStoreFactory.java org/acra/security/ResourceKeyStoreFactory.java org/acra/sender/HttpSender.java org/acra/sender/ReportDistributor.java org/acra/sender/SenderService.java org/acra/util/ApplicationStartupProcessor.java org/acra/util/HttpRequest.java org/acra/util/IOUtils.java org/acra/util/Installation.java org/acra/util/NonBlockingBufferedReader.java org/dom4j/DocumentFactory.java org/dom4j/DocumentHelper.java org/dom4j/Node.java org/dom4j/QName.java org/dom4j/io/DocumentInputSource.java org/dom4j/io/HTMLWriter.java org/dom4j/io/SAXEventRecorder.java org/dom4j/io/SAXModifier.java org/dom4j/io/SAXModifyContentHandler.java org/dom4j/io/SAXReader.java org/dom4j/io/SAXValidator.java org/dom4j/io/SAXWriter.java org/dom4j/io/STAXEventReader.java org/dom4j/io/STAXEventWriter.java org/dom4j/io/XMLResult.java org/dom4j/io/XMLWriter.java org/dom4j/io/XPP3Reader.java org/dom4j/io/XPPReader.java org/dom4j/jaxb/JAXBModifier.java org/dom4j/jaxb/JAXBReader.java org/dom4j/jaxb/JAXBSupport.java org/dom4j/jaxb/JAXBWriter.java org/dom4j/swing/XMLTableColumnDefinition.java org/dom4j/swing/XMLTableDefinition.java org/dom4j/tree/AbstractAttribute.java org/dom4j/tree/AbstractCDATA.java org/dom4j/tree/AbstractComment.java org/dom4j/tree/AbstractDocument.java org/dom4j/tree/AbstractDocumentType.java org/dom4j/tree/AbstractElement.java org/dom4j/tree/AbstractEntity.java org/dom4j/tree/AbstractNode.java org/dom4j/tree/AbstractProcessingInstruction.java org/dom4j/tree/AbstractText.java org/dom4j/xpath/DefaultNamespaceContext.java org/dom4j/xpath/DefaultXPath.java org/gjt/xpp/XmlPullNode.java org/gjt/xpp/XmlPullParser.java org/gjt/xpp/XmlPullParserFactory.java org/gjt/xpp/XmlRecorder.java org/gjt/xpp/XmlWritable.java org/gjt/xpp/impl/format/Formatter.java org/gjt/xpp/impl/format/Recorder.java org/gjt/xpp/impl/pullnode/PullNode.java org/gjt/xpp/impl/pullnode/PullNodeEnumerator.java org/gjt/xpp/impl/pullparser/PullParser.java org/gjt/xpp/impl/tokenizer/Tokenizer.java org/h2/bnf/Bnf.java org/h2/command/CommandRemote.java org/h2/command/dml/BackupCommand.java org/h2/command/dml/RunScriptCommand.java org/h2/command/dml/ScriptBase.java org/h2/command/dml/ScriptCommand.java org/h2/compress/LZFInputStream.java org/h2/compress/LZFOutputStream.java org/h2/engine/ConnectionInfo.java org/h2/engine/Database.java org/h2/engine/SessionInterface.java org/h2/engine/SessionRemote.java org/h2/expression/Function.java org/h2/expression/ParameterRemote.java org/h2/fulltext/FullText.java org/h2/fulltext/FullTextLucene.java org/h2/jdbc/JdbcBatchUpdateException.java org/h2/jdbc/JdbcBlob.java org/h2/jdbc/JdbcCallableStatement.java org/h2/jdbc/JdbcClob.java org/h2/jdbc/JdbcConnection.java org/h2/jdbc/JdbcPreparedStatement.java org/h2/jdbc/JdbcResultSet.java org/h2/jdbc/JdbcSQLException.java org/h2/jdbcx/JdbcConnectionPool.java org/h2/jdbcx/JdbcDataSource.java org/h2/jmx/DocumentedMBean.java org/h2/message/DbException.java org/h2/message/TraceSystem.java org/h2/result/ResultColumn.java org/h2/result/ResultDiskBuffer.java org/h2/result/ResultRemote.java org/h2/security/CipherFactory.java org/h2/server/TcpServer.java org/h2/server/TcpServerThread.java org/h2/server/pg/PgServer.java org/h2/server/pg/PgServerThread.java org/h2/server/web/WebApp.java org/h2/server/web/WebServer.java org/h2/server/web/WebServlet.java org/h2/server/web/WebThread.java org/h2/store/Data.java org/h2/store/DataReader.java org/h2/store/FileLock.java org/h2/store/FileStore.java org/h2/store/FileStoreInputStream.java org/h2/store/FileStoreOutputStream.java org/h2/store/LobStorage.java org/h2/store/PageInputStream.java org/h2/store/PageLog.java org/h2/store/PageStore.java org/h2/store/RecoverTester.java org/h2/store/fs/FileBase.java org/h2/store/fs/FileChannelInputStream.java org/h2/store/fs/FileChannelOutputStream.java org/h2/store/fs/FileDisk.java org/h2/store/fs/FileMem.java org/h2/store/fs/FileMemData.java org/h2/store/fs/FileNio.java org/h2/store/fs/FileNioMapped.java org/h2/store/fs/FilePath.java org/h2/store/fs/FilePathDisk.java org/h2/store/fs/FilePathMem.java org/h2/store/fs/FilePathNio.java org/h2/store/fs/FilePathNioMapped.java org/h2/store/fs/FilePathRec.java org/h2/store/fs/FilePathSplit.java org/h2/store/fs/FilePathWrapper.java org/h2/store/fs/FilePathZip.java org/h2/store/fs/FileRec.java org/h2/store/fs/FileSplit.java org/h2/store/fs/FileUtils.java org/h2/store/fs/FileZip.java org/h2/table/MetaTable.java org/h2/tools/Backup.java org/h2/tools/CompressTool.java org/h2/tools/Console.java org/h2/tools/ConvertTraceFile.java org/h2/tools/CreateCluster.java org/h2/tools/Csv.java org/h2/tools/Recover.java org/h2/tools/Restore.java org/h2/tools/RunScript.java org/h2/tools/Script.java org/h2/tools/Shell.java org/h2/tools/SimpleResultSet.java org/h2/upgrade/DbUpgrade.java org/h2/util/AutoCloseInputStream.java org/h2/util/CloseWatcher.java org/h2/util/IOUtils.java org/h2/util/MathUtils.java org/h2/util/NetUtils.java org/h2/util/ScriptReader.java org/h2/util/SortedProperties.java org/h2/util/SourceCompiler.java org/h2/util/Tool.java org/h2/util/Utils.java org/h2/value/DataType.java org/h2/value/Transfer.java org/h2/value/Value.java org/h2/value/ValueLob.java org/h2/value/ValueLobDb.java org/h2/value/ValueNull.java org/jaxen/BaseXPath.java org/jaxen/Context.java org/jaxen/ContextSupport.java org/jaxen/JaxenRuntimeException.java org/jaxen/Navigator.java org/jaxen/QualifiedName.java org/jaxen/SimpleNamespaceContext.java org/jaxen/SimpleVariableContext.java org/jaxen/dom/DocumentNavigator.java org/jaxen/expr/Expr.java org/jaxen/expr/Predicate.java org/jaxen/expr/PredicateSet.java org/jaxen/expr/Predicated.java org/jaxen/expr/XPathExpr.java org/jaxen/expr/iter/IterableAxis.java org/jaxen/saxpath/SAXPathException.java org/jsoup/Connection.java org/jsoup/HttpStatusException.java org/jsoup/Jsoup.java org/jsoup/UncheckedIOException.java org/jsoup/UnsupportedMimeTypeException.java org/jsoup/helper/CookieUtil.java org/jsoup/helper/DataUtil.java org/jsoup/helper/HttpConnection.java org/jsoup/helper/W3CDom.java org/jsoup/internal/ConstrainableInputStream.java org/jsoup/nodes/Attribute.java org/jsoup/nodes/Attributes.java org/jsoup/nodes/CDataNode.java org/jsoup/nodes/Comment.java org/jsoup/nodes/DataNode.java org/jsoup/nodes/DocumentType.java org/jsoup/nodes/Element.java org/jsoup/nodes/Entities.java org/jsoup/nodes/Node.java org/jsoup/nodes/TextNode.java org/jsoup/nodes/XmlDeclaration.java org/jsoup/parser/CharacterReader.java org/jsoup/parser/HtmlTreeBuilder.java org/jsoup/parser/Parser.java org/jsoup/parser/TreeBuilder.java org/jsoup/parser/XmlTreeBuilder.java org/mozilla/classfile/ClassFileWriter.java org/nanohttpd/fileupload/NanoFileUpload.java org/nanohttpd/markdown/MarkdownWebServerPlugin.java org/nanohttpd/protocols/http/ClientHandler.java org/nanohttpd/protocols/http/HTTPSession.java org/nanohttpd/protocols/http/IHTTPSession.java org/nanohttpd/protocols/http/NanoHTTPD.java org/nanohttpd/protocols/http/ServerRunnable.java org/nanohttpd/protocols/http/response/ChunkedOutputStream.java org/nanohttpd/protocols/http/response/Response.java org/nanohttpd/protocols/http/sockets/DefaultServerSocketFactory.java org/nanohttpd/protocols/http/sockets/SecureServerSocketFactory.java org/nanohttpd/protocols/http/tempfiles/DefaultTempFile.java org/nanohttpd/protocols/http/tempfiles/DefaultTempFileManager.java org/nanohttpd/protocols/http/tempfiles/ITempFile.java org/nanohttpd/protocols/websockets/WebSocket.java org/nanohttpd/protocols/websockets/WebSocketException.java org/nanohttpd/protocols/websockets/WebSocketFrame.java org/nanohttpd/router/RouterNanoHTTPD.java org/nanohttpd/samples/tempfiles/TempFilesServer.java org/nanohttpd/samples/websockets/DebugWebSocketServer.java org/nanohttpd/samples/websockets/EchoSocketSample.java org/nanohttpd/util/ServerRunner.java org/nanohttpd/webserver/InternalRewrite.java org/nanohttpd/webserver/SimpleWebServer.java org/nanohttpd/webserver/WebServerPlugin.java org/pegdown/LinkRenderer.java org/relaxng/datatype/helpers/DatatypeLibraryLoader.java sun/misc/Service.java timber/log/Timber.java
加密解密-> 信息摘要算法	显示文件 com/acg/android/utils/system/SystemUtil.java com/splunk/mint/StacktraceHash.java com/splunk/mint/UidManager.java com/stericson/RootTools/internal/Installer.java io/jsonwebtoken/impl/crypto/MacValidator.java io/jsonwebtoken/impl/crypto/RsaSignatureValidator.java io/sentry/util/StringUtils.java org/nanohttpd/protocols/websockets/NanoWSD.java
调用java反射机制	显示文件 com/Ostermiller/util/Browser.java com/Ostermiller/util/RandPass.java com/acg/android/utils/db/DbUtils.java com/acg/android/utils/db/dao/DaoUtil.java com/acg/android/utils/network/Base64.java com/acg/android/utils/orm/DatabaseManager.java com/acg/android/utils/orm/DbField.java com/acg/android/utils/orm/DbTable.java com/acg/android/utils/system/SystemUtil.java com/acg/android/utils/ui/UiResize.java com/rabbitmq/tools/json/JSONUtil.java com/rabbitmq/tools/json/JSONWriter.java com/rabbitmq/tools/jsonrpc/JsonRpcClient.java com/rabbitmq/tools/jsonrpc/JsonRpcServer.java com/rabbitmq/tools/jsonrpc/ProcedureDescription.java com/rabbitmq/tools/jsonrpc/ServiceDescription.java com/splunk/mint/InstrumentationEnvironmentUtils.java com/splunk/mint/network/NetLogManager.java com/splunk/mint/network/util/Delegator.java com/splunk/mint/network/util/ReflectionUtil.java com/stericson/RootTools/containers/RootClass.java com/stericson/RootTools/execution/Shell.java com/sun/el/ExpressionFactoryImpl.java com/sun/el/lang/ExpressionBuilder.java com/sun/el/lang/FunctionMapperFactory.java com/sun/el/lang/FunctionMapperImpl.java com/sun/el/parser/AstFunction.java com/sun/el/parser/AstValue.java com/sun/el/util/ReflectionUtil.java com/sun/msv/datatype/xsd/regex/JDKImpl.java com/sun/msv/datatype/xsd/regex/XercesImpl.java com/sun/script/javascript/RhinoScriptEngine.java com/sun/script/util/InterfaceImplementor.java com/thoughtworks/qdox/JavaDocBuilder.java io/jsonwebtoken/lang/Classes.java io/sentry/ExternalOptions.java io/sentry/JsonReflectionObjectSerializer.java io/sentry/android/core/AppLifecycleIntegration.java io/sentry/android/core/LoadClass.java io/sentry/android/core/internal/util/SentryFrameMetricsCollector.java j$/time/zone/ZoneRulesProvider.java net/sf/sojo/core/reflect/Property.java net/sf/sojo/core/reflect/ReflectionFieldHelper.java net/sf/sojo/core/reflect/ReflectionHelper.java net/sf/sojo/core/reflect/ReflectionMethodHelper.java net/sf/sojo/optional/filter/attributes/ClassPropertyFilterHanlderForAttributes.java net/sf/sojo/util/StackTraceElementWrapper.java org/acra/collector/ConfigurationCollector.java org/acra/collector/DisplayManagerCollector.java org/acra/collector/MediaCodecListCollector.java org/acra/collector/ReflectionCollector.java org/acra/collector/SettingsCollector.java org/dom4j/DocumentFactory.java org/dom4j/QName.java org/dom4j/bean/BeanDocumentFactory.java org/dom4j/bean/BeanElement.java org/dom4j/bean/BeanMetaData.java org/dom4j/dom/DOMDocumentFactory.java org/dom4j/io/DOMWriter.java org/dom4j/util/PerThreadSingleton.java org/dom4j/util/SimpleSingleton.java org/gjt/xpp/XmlPullParserFactory.java org/h2/engine/FunctionAlias.java org/h2/engine/SessionRemote.java org/h2/message/TraceSystem.java org/h2/server/web/WebApp.java org/h2/store/fs/FileNioMapped.java org/h2/store/fs/FilePath.java org/h2/tools/ConvertTraceFile.java org/h2/tools/Server.java org/h2/util/MathUtils.java org/h2/util/SourceCompiler.java org/h2/util/Utils.java org/h2/value/CompareMode.java org/h2/value/CompareModeIcu4J.java org/jaxen/dom/NamespaceNode.java org/jaxen/javabean/DocumentNavigator.java org/jaxen/pattern/PatternParser.java org/jaxen/saxpath/helpers/XPathReaderFactory.java org/mozilla/classfile/TypeInfo.java org/relaxng/datatype/helpers/DatatypeLibraryLoader.java sun/misc/Service.java sun/reflect/Reflection.java sun/security/util/SecurityConstants.java
一般功能-> 获取系统服务(getSystemService)	显示文件 com/acg/android/utils/account/AccountUtil.java com/acg/android/utils/alert/AlertUtil.java com/acg/android/utils/crash/CrashManager.java com/acg/android/utils/image/ImageUtil.java com/acg/android/utils/location/LocationUtil.java com/acg/android/utils/network/NetworkUtil.java com/acg/android/utils/network/WifiUtil.java com/acg/android/utils/notification/NotificationUtil.java com/acg/android/utils/phone/TelephonyManagerUtil.java com/acg/android/utils/schedule/ScheduleUtil.java com/acg/android/utils/system/ProcessUtil.java com/acg/android/utils/system/SystemUtil.java com/acg/android/utils/system/VolumeUtil.java com/acg/android/utils/ui/UIUtil.java com/acg/android/utils/ui/UiResize.java com/acg/android/utils/ui/builder/UIBuilder.java com/inreality/android/device/DeviceModel.java com/inreality/android_rules_engine/ConnectivityStatusReceiver.java com/inreality/android_rules_engine/RulesEngineService.java com/inreality/androidutils/kiosk/IRKiosk.java com/splunk/mint/AutoFlushManager.java com/splunk/mint/Utils.java io/sentry/android/core/ANRWatchDog.java io/sentry/android/core/AndroidTransactionProfiler.java io/sentry/android/core/AnrV2Integration.java io/sentry/android/core/ContextUtils.java io/sentry/android/core/PhoneStateBreadcrumbsIntegration.java io/sentry/android/core/TempSensorBreadcrumbsIntegration.java io/sentry/android/core/internal/util/ConnectivityChecker.java org/acra/builder/ReportExecutor.java org/acra/collector/DeviceIdCollector.java org/acra/collector/DropBoxCollector.java org/acra/util/ProcessFinisher.java
一般功能-> IPC通信	显示文件 com/acg/android/utils/apk/ApkUtil.java com/acg/android/utils/crash/CrashManager.java com/acg/android/utils/crash/CrashManagerService.java com/acg/android/utils/notification/NotificationUtil.java com/acg/android/utils/schedule/ScheduleUtil.java com/acg/android/utils/system/SystemUtil.java com/acg/android/utils/system/update/UpdateAppUtil.java com/inreality/android_rules_engine/ConnectivityStatusReceiver.java com/inreality/android_rules_engine/LauncherActivity.java com/inreality/android_rules_engine/MainActivity.java com/inreality/android_rules_engine/RulesEngineService.java com/inreality/android_rules_engine/RunOnStartup.java com/inreality/androidutils/internal/InternalMessage.java com/inreality/androidutils/internal/InternalMessageReceiver.java com/inreality/androidutils/internal/InternalMessageUtils.java com/inreality/androidutils/kiosk/IRKiosk.java com/inreality/androidutils/service/MediaProjectionService.java com/inreality/androidutils/watchdog/AppWatchDog.java com/splunk/mint/AutoFlushManager.java com/splunk/mint/Utils.java com/stericson/RootTools/RootTools.java com/stericson/RootTools/internal/RootToolsInternalMethods.java io/sentry/Breadcrumb.java io/sentry/android/core/DeviceInfoUtil.java io/sentry/android/core/SystemEventsBreadcrumbsIntegration.java org/acra/builder/ReportExecutor.java org/acra/dialog/BaseCrashReportDialog.java org/acra/sender/DefaultReportSenderFactory.java org/acra/sender/EmailIntentSender.java org/acra/sender/EmailIntentSenderFactory.java org/acra/sender/SenderService.java org/acra/sender/SenderServiceStarter.java org/acra/util/ProcessFinisher.java org/h2/server/web/WebApp.java
一般功能-> Android通知	com/acg/android/utils/notification/NotificationUtil.java com/acg/android/utils/system/SystemUtil.java org/acra/builder/ReportExecutor.java
一般功能-> 加载so文件	显示文件 com/acg/android/utils/crash/CrashManager.java com/enplug/commandexecutor/RootShell.java com/inreality/android/license/LicenseManagerIR.java com/inreality/log/pv3/base/internal/InternalMessageUtils.java com/inreality/log/pv3/base/mq/MQClient.java io/sentry/android/ndk/SentryNdk.java
网络通信-> TCP套接字	显示文件 com/acg/android/utils/http/AnySSLClient.java com/acg/android/utils/http/AnySSLClientCallback.java com/acg/android/utils/http/AnySSLClientCallbackAdapter.java com/acg/android/utils/http/AnySSLSocketFactory.java com/acg/android/utils/network/NetworkUtil.java com/acg/android/utils/remoting/RemoteCallback.java com/acg/android/utils/remoting/RemoteCallbackAdapter.java com/acg/android/utils/system/update/UpdateAppUtil.java com/inreality/androidutils/mqtt/client/SocketFactory.java com/rabbitmq/client/ConnectionFactory.java com/rabbitmq/client/DefaultSocketConfigurator.java com/rabbitmq/client/MissedHeartbeatException.java com/rabbitmq/client/SocketConfigurator.java com/rabbitmq/client/impl/AMQConnection.java com/rabbitmq/client/impl/Frame.java com/rabbitmq/client/impl/FrameHandler.java com/rabbitmq/client/impl/SocketFrameHandler.java com/rabbitmq/client/impl/SocketFrameHandlerFactory.java com/rabbitmq/client/impl/nio/SocketChannelFrameHandler.java com/splunk/mint/Mint.java com/splunk/mint/network/socket/MonitoringSocketFactory.java com/splunk/mint/network/socket/MonitoringSocketImpl.java org/acra/collector/SimpleValuesCollector.java org/h2/engine/SessionRemote.java org/h2/security/CipherFactory.java org/h2/server/TcpServer.java org/h2/server/TcpServerThread.java org/h2/server/pg/PgServer.java org/h2/server/pg/PgServerThread.java org/h2/server/web/WebThread.java org/h2/store/FileLock.java org/h2/util/NetUtils.java org/h2/util/Profiler.java org/h2/value/Transfer.java org/jsoup/internal/ConstrainableInputStream.java org/nanohttpd/protocols/http/ClientHandler.java org/nanohttpd/protocols/http/HTTPSession.java org/nanohttpd/protocols/http/NanoHTTPD.java org/nanohttpd/protocols/http/ServerRunnable.java sun/security/util/SecurityConstants.java
网络通信-> HTTP建立连接	显示文件 com/acg/android/utils/http/AnySSLClientCallback.java com/acg/android/utils/http/AnySSLClientCallbackAdapter.java com/acg/android/utils/media/VimeoUtil.java com/acg/android/utils/network/HttpUtil.java com/acg/android/utils/remoting/RemoteCallback.java com/acg/android/utils/remoting/RemoteCallbackAdapter.java com/acg/android/utils/system/update/UpdateAppUtil.java com/inreality/androidutils/ui/webview/IRCachedWebViewClient.java com/splunk/mint/NetSender.java com/splunk/mint/network/NetLogManager.java com/splunk/mint/network/http/HTTPURLStreamHandler.java com/splunk/mint/network/http/MonitorableHttpURLConnection.java com/splunk/mint/network/http/MonitorableHttpsURLConnection.java com/splunk/mint/network/socket/MonitoringSocketImpl.java io/sentry/transport/HttpConnection.java org/acra/util/HttpRequest.java org/h2/server/TcpServerThread.java org/h2/server/pg/PgServerThread.java org/h2/server/web/WebServer.java org/h2/server/web/WebThread.java org/jsoup/helper/HttpConnection.java org/nanohttpd/protocols/http/response/Response.java
网络通信-> URLConnection	显示文件 com/acg/android/utils/media/VimeoUtil.java com/acg/android/utils/remoting/image/RemoteImageLoader.java com/splunk/mint/network/NetLogManager.java com/splunk/mint/network/http/HTTPSURLStreamHandler.java com/splunk/mint/network/http/HTTPURLStreamHandler.java com/splunk/mint/network/http/MonitorableHttpURLConnection.java com/splunk/mint/network/http/MonitorableHttpsURLConnection.java com/splunk/mint/network/http/URLStreamHandlerBase.java io/sentry/transport/HttpConnection.java org/jsoup/helper/HttpConnection.java
网络通信-> HTTPS建立连接	显示文件 com/inreality/androidutils/mqtt/client/SocketFactory.java com/splunk/mint/NetSender.java com/splunk/mint/network/NetLogManager.java com/splunk/mint/network/http/MonitorableHttpsURLConnection.java io/sentry/transport/HttpConnection.java org/acra/util/HttpRequest.java org/jsoup/helper/HttpConnection.java
组件-> ContentProvider	io/sentry/android/core/EmptySecureContentProvider.java io/sentry/android/core/internal/util/ContentProviderSecurityChecker.java
网络通信-> WebView 相关	com/inreality/androidutils/ui/webview/IRCachedWebView.java com/splunk/mint/MintWebView.java com/splunk/mint/MintWebViewClient.java
进程操作-> 杀死进程	显示文件 com/Ostermiller/util/Base64.java com/Ostermiller/util/Browser.java com/Ostermiller/util/LineEnds.java com/Ostermiller/util/RandPass.java com/Ostermiller/util/Tabs.java com/acg/android/utils/crash/CrashManager.java com/acg/android/utils/system/SystemUtil.java com/inreality/android_rules_engine/RulesEngineService.java com/sun/msv/datatype/regexp/REUtil.java net/sf/sojo/interchange/csv/generate/CsvParserGenerate.java net/sf/sojo/interchange/json/generate/JsonParserGenerate.java org/acra/util/ProcessFinisher.java org/nanohttpd/util/ServerRunner.java
组件-> 启动 Activity	显示文件 com/acg/android/utils/system/SystemUtil.java com/acg/android/utils/system/update/UpdateAppUtil.java com/inreality/android_rules_engine/LauncherActivity.java com/inreality/android_rules_engine/RunOnStartup.java com/inreality/androidutils/watchdog/AppWatchDog.java com/stericson/RootTools/internal/RootToolsInternalMethods.java org/acra/builder/ReportExecutor.java org/acra/sender/EmailIntentSender.java
加密解密-> Crypto加解密组件	显示文件 com/acg/android/utils/encryption/Blowfish.java io/jsonwebtoken/SignatureAlgorithm.java io/jsonwebtoken/SigningKeyResolverAdapter.java io/jsonwebtoken/impl/DefaultJwtBuilder.java io/jsonwebtoken/impl/DefaultJwtParser.java io/jsonwebtoken/impl/crypto/MacProvider.java io/jsonwebtoken/impl/crypto/MacSigner.java io/jsonwebtoken/impl/crypto/SignatureProvider.java io/jsonwebtoken/security/Keys.java
命令执行-> getRuntime.exec()	显示文件 com/Ostermiller/util/Browser.java com/Ostermiller/util/ExecHelper.java com/acg/android/utils/network/NetworkUtil.java com/acg/android/utils/system/Sudo.java com/acg/android/utils/system/SystemUtil.java com/splunk/mint/Utils.java io/sentry/android/core/internal/util/RootChecker.java org/acra/collector/MemoryInfoCollector.java org/h2/tools/Server.java org/h2/util/SourceCompiler.java
网络通信-> SSL证书处理	显示文件 com/acg/android/utils/http/AnySSLClient.java com/acg/android/utils/http/AnySSLSocketFactory.java com/inreality/androidutils/mqtt/client/SocketFactory.java com/rabbitmq/client/ConnectionFactory.java io/sentry/SentryOptions.java io/sentry/transport/HttpConnection.java org/acra/util/HttpRequest.java org/h2/security/CipherFactory.java org/jsoup/Connection.java org/jsoup/helper/HttpConnection.java org/nanohttpd/protocols/http/NanoHTTPD.java
网络通信-> OkHttpClient Connection	显示文件 com/inreality/android/notification/IRNotificationUtils.java com/inreality/android/pipedream/PipeDreamUtils.java com/inreality/android_rules_engine/ruler/Ruler.java com/inreality/android_rules_engine/trigger/Trigger.java com/inreality/android_rules_engine/utils/OkHttpUtils.java com/inreality/androidutils/auth/AuthUtils.java
进程操作-> 获取运行的进程\服务	显示文件 com/acg/android/utils/crash/CrashManager.java com/acg/android/utils/system/ProcessUtil.java io/sentry/android/core/ContextUtils.java org/acra/util/ProcessFinisher.java
进程操作-> 获取进程pid	显示文件 com/acg/android/utils/crash/CrashManager.java com/acg/android/utils/system/SystemUtil.java io/sentry/android/core/ContextUtils.java io/sentry/android/core/internal/util/Permissions.java org/acra/collector/LogCatCollector.java org/acra/collector/MemoryInfoCollector.java org/acra/util/ProcessFinisher.java
敏感行为-> 检测了是否被jdb调试	com/github/anrwatchdog/ANRWatchDog.java io/sentry/android/core/ANRWatchDog.java org/acra/builder/ReportExecutor.java
DEX-> 动态加载	显示文件 com/Ostermiller/util/Browser.java com/sun/msv/datatype/xsd/regex/JDKImpl.java com/sun/msv/datatype/xsd/regex/RegExpFactory.java com/sun/msv/datatype/xsd/regex/XercesImpl.java com/thoughtworks/qdox/model/ClassLibrary.java io/jsonwebtoken/lang/Classes.java io/sentry/android/core/AndroidOptionsInitializer.java org/dom4j/util/PerThreadSingleton.java org/dom4j/util/SimpleSingleton.java org/h2/util/SourceCompiler.java org/relaxng/datatype/helpers/DatatypeLibraryLoader.java
网络通信-> TCP服务器套接字	显示文件 org/h2/security/CipherFactory.java org/h2/server/TcpServer.java org/h2/server/pg/PgServer.java org/h2/server/web/WebServer.java org/h2/store/FileLock.java org/h2/util/NetUtils.java org/nanohttpd/protocols/http/NanoHTTPD.java org/nanohttpd/protocols/http/sockets/DefaultServerSocketFactory.java org/nanohttpd/protocols/http/sockets/SecureServerSocketFactory.java
JavaScript 接口方法	com/splunk/mint/MintJavascript.java
组件-> 发送广播	com/inreality/androidutils/internal/InternalMessage.java
一般功能-> 传感器相关操作	io/sentry/android/core/TempSensorBreadcrumbsIntegration.java
隐私数据-> 获取已安装的应用程序	com/inreality/android/device/DeviceModel.java io/sentry/android/core/ContextUtils.java
一般功能-> 获取活动网路信息	显示文件 com/inreality/android_rules_engine/ConnectivityStatusReceiver.java com/splunk/mint/AutoFlushManager.java com/splunk/mint/Utils.java io/sentry/android/core/internal/util/ConnectivityChecker.java
设备指纹-> getSimOperator	com/splunk/mint/Utils.java
设备指纹-> 查看运营商信息	com/splunk/mint/Utils.java
一般功能-> 获取WiFi相关信息	com/acg/android/utils/network/NetworkUtil.java com/acg/android/utils/network/WifiUtil.java com/splunk/mint/Utils.java
组件-> 启动 Service	显示文件 com/acg/android/utils/crash/CrashManager.java com/acg/android/utils/system/SystemUtil.java com/inreality/android_rules_engine/MainActivity.java org/acra/builder/ReportExecutor.java org/acra/dialog/BaseCrashReportDialog.java org/acra/sender/SenderServiceStarter.java org/acra/util/ApplicationStartupProcessor.java
一般功能-> 获取网络接口信息	显示文件 com/acg/android/utils/network/NetworkUtil.java com/acg/android/utils/network/WifiUtil.java com/acg/android/utils/system/SystemUtil.java org/acra/collector/SimpleValuesCollector.java
一般功能-> 获取Android广告ID	com/acg/android/utils/system/SystemUtil.java
一般功能-> 设置手机铃声，媒体音量	com/acg/android/utils/system/SystemUtil.java com/acg/android/utils/system/VolumeUtil.java
隐私数据-> 屏幕截图	com/acg/android/utils/system/SystemUtil.java
一般功能-> PowerManager操作	com/acg/android/utils/system/SystemUtil.java
网络通信-> WebView JavaScript接口	com/inreality/androidutils/ui/webview/IRCachedWebView.java com/splunk/mint/MintWebView.java
网络通信-> WebView使用File协议	com/inreality/androidutils/ui/webview/IRCachedWebView.java
网络通信-> HTTP请求、连接和会话	com/acg/android/utils/http/AnySSLClient.java com/acg/android/utils/remoting/image/ImageDownloader.java
网络通信-> DefaultHttpClient Connection	com/acg/android/utils/http/AnySSLClient.java com/acg/android/utils/media/YoutubeUtil.java com/acg/android/utils/remoting/image/ImageDownloader.java
网络通信-> AndroidHttpClient Connection	com/acg/android/utils/remoting/image/ImageDownloader.java
加密解密-> Base64 加密	org/acra/util/HttpRequest.java
隐私数据-> 获取GPS位置信息	com/acg/android/utils/location/LocationUtil.java com/splunk/mint/BaseDTO.java

安全漏洞检测

高危

2

警告

11

信息

1

安全

2

屏蔽

0

序号	问题	等级	参考标准	文件位置	操作
1	MD5是已知存在哈希冲突的弱哈希	警告	CWE: CWE-327: 使用已被攻破或存在风险的密码学算法 OWASP Top 10: M5: Insufficient Cryptography OWASP MASVS: MSTG-CRYPTO-4	升级会员：解锁高级权限	对应用 com.inreality.android_rules_engine 屏蔽 android_md5 规则仅对这些文件屏蔽 android_md5 规则
2	SHA-1是已知存在哈希冲突的弱哈希	警告	CWE: CWE-327: 使用已被攻破或存在风险的密码学算法 OWASP Top 10: M5: Insufficient Cryptography OWASP MASVS: MSTG-CRYPTO-4	升级会员：解锁高级权限	对应用 com.inreality.android_rules_engine 屏蔽 android_sha1 规则仅对这些文件屏蔽 android_sha1 规则
3	应用程序记录日志信息,不得记录敏感信息	信息	CWE: CWE-532: 通过日志文件的信息暴露 OWASP MASVS: MSTG-STORAGE-3	升级会员：解锁高级权限	对应用 com.inreality.android_rules_engine 屏蔽 android_logging 规则仅对这些文件屏蔽 android_logging 规则
4	文件可能包含硬编码的敏感信息，如用户名、密码、密钥等	警告	CWE: CWE-312: 明文存储敏感信息 OWASP Top 10: M9: Reverse Engineering OWASP MASVS: MSTG-STORAGE-14	升级会员：解锁高级权限	对应用 com.inreality.android_rules_engine 屏蔽 android_hardcoded 规则仅对这些文件屏蔽 android_hardcoded 规则
5	应用程序创建临时文件。敏感信息永远不应该被写进临时文件	警告	CWE: CWE-276: 默认权限不正确 OWASP Top 10: M2: Insecure Data Storage OWASP MASVS: MSTG-STORAGE-2	升级会员：解锁高级权限	对应用 com.inreality.android_rules_engine 屏蔽 android_temp_file 规则仅对这些文件屏蔽 android_temp_file 规则
6	应用程序可以读取/写入外部存储器，任何应用程序都可以读取写入外部存储器的数据	警告	CWE: CWE-276: 默认权限不正确 OWASP Top 10: M2: Insecure Data Storage OWASP MASVS: MSTG-STORAGE-2	升级会员：解锁高级权限	对应用 com.inreality.android_rules_engine 屏蔽 android_read_write_external 规则仅对这些文件屏蔽 android_read_write_external 规则
7	此应用程序可能会请求root（超级用户）权限	警告	CWE: CWE-250: 以不必要的权限执行 OWASP MASVS: MSTG-RESILIENCE-1	升级会员：解锁高级权限	对应用 com.inreality.android_rules_engine 屏蔽 android_su_detect 规则仅对这些文件屏蔽 android_su_detect 规则
8	IP地址泄露	警告	CWE: CWE-200: 信息泄露 OWASP MASVS: MSTG-CODE-2	升级会员：解锁高级权限	对应用 com.inreality.android_rules_engine 屏蔽 android_ip_disclosure 规则仅对这些文件屏蔽 android_ip_disclosure 规则
9	启用了调试配置。生产版本不能是可调试的	高危	CWE: CWE-919: 移动应用程序中的弱点 OWASP Top 10: M1: Improper Platform Usage OWASP MASVS: MSTG-RESILIENCE-2	升级会员：解锁高级权限	对应用 com.inreality.android_rules_engine 屏蔽 android_aar_jar_debug_enabled 规则仅对这些文件屏蔽 android_aar_jar_debug_enabled 规则
10	SSL的不安全实现。信任所有证书或接受自签名证书是一个关键的安全漏洞。此应用程序易受MITM攻击	高危	CWE: CWE-295: 证书验证不恰当 OWASP Top 10: M3: Insecure Communication OWASP MASVS: MSTG-NETWORK-3	升级会员：解锁高级权限	对应用 com.inreality.android_rules_engine 屏蔽 android_insecure_ssl 规则仅对这些文件屏蔽 android_insecure_ssl 规则
11	此应用程序使用SSL Pinning 来检测或防止安全通信通道中的MITM攻击	安全	OWASP MASVS: MSTG-NETWORK-4	升级会员：解锁高级权限	对应用 com.inreality.android_rules_engine 屏蔽 android_ssl_pinning 规则仅对这些文件屏蔽 android_ssl_pinning 规则
12	此应用程序可能具有Root检测功能	安全	OWASP MASVS: MSTG-RESILIENCE-1	升级会员：解锁高级权限	对应用 com.inreality.android_rules_engine 屏蔽 android_detect_root 规则仅对这些文件屏蔽 android_detect_root 规则
13	应用程序使用不安全的随机数生成器	警告	CWE: CWE-330: 使用不充分的随机数 OWASP Top 10: M5: Insufficient Cryptography OWASP MASVS: MSTG-CRYPTO-6	升级会员：解锁高级权限	对应用 com.inreality.android_rules_engine 屏蔽 android_insecure_random 规则仅对这些文件屏蔽 android_insecure_random 规则
14	不安全的Web视图实现。可能存在WebView任意代码执行漏洞	警告	CWE: CWE-749: 暴露危险方法或函数 OWASP Top 10: M1: Improper Platform Usage OWASP MASVS: MSTG-PLATFORM-7	升级会员：解锁高级权限	对应用 com.inreality.android_rules_engine 屏蔽 android_webview 规则仅对这些文件屏蔽 android_webview 规则
15	可能存在跨域漏洞。在 WebView 中启用从 URL 访问文件可能会泄漏文件系统中的敏感信息	警告	CWE: CWE-200: 信息泄露 OWASP Top 10: M1: Improper Platform Usage OWASP MASVS: MSTG-PLATFORM-7	升级会员：解锁高级权限	对应用 com.inreality.android_rules_engine 屏蔽 android_webview_allow_file_from_url 规则仅对这些文件屏蔽 android_webview_allow_file_from_url 规则
16	应用程序使用SQLite数据库并执行原始SQL查询。原始SQL查询中不受信任的用户输入可能会导致SQL注入。敏感信息也应加密并写入数据库	警告	CWE: CWE-89: SQL命令中使用的特殊元素转义处理不恰当（'SQL 注入'） OWASP Top 10: M7: Client Code Quality	升级会员：解锁高级权限	对应用 com.inreality.android_rules_engine 屏蔽 android_sql_raw_query 规则仅对这些文件屏蔽 android_sql_raw_query 规则

Native库安全分析

序号	动态库	NX(堆栈禁止执行)	PIE	STACK CANARY(栈保护)	RELRO	RPATH（指定SO搜索路径）	RUNPATH（指定SO搜索路径）	FORTIFY(常用函数加强检查)	SYMBOLS STRIPPED(裁剪符号表)
1	arm64-v8a/libcrashmanager-lib.so	True info 二进制文件设置了 NX 位。这标志着内存页面不可执行，使得攻击者注入的 shellcode 不可执行。		True info 这个二进制文件在栈上添加了一个栈哨兵值，以便它会被溢出返回地址的栈缓冲区覆盖。这样可以通过在函数返回之前验证栈哨兵的完整性来检测溢出	Full RELRO info 此共享对象已完全启用 RELRO。 RELRO 确保 GOT 不会在易受攻击的 ELF 二进制文件中被覆盖。在完整 RELRO 中，整个 GOT（.got 和 .got.plt 两者）被标记为只读。	None info 二进制文件没有设置运行时搜索路径或RPATH	None info 二进制文件没有设置 RUNPATH	False warning 二进制文件没有任何加固函数。加固函数提供了针对 glibc 的常见不安全函数（如 strcpy，gets 等）的缓冲区溢出检查。使用编译选项 -D_FORTIFY_SOURCE=2 来加固函数。这个检查对于 Dart/Flutter 库不适用	False warning 符号可用

文件分析

序号	问题	文件

敏感权限分析

恶意软件常用权限 2/30

android.permission.WAKE_LOCK
android.permission.RECEIVE_BOOT_COMPLETED

其它常用权限 9/46

android.permission.INTERNET
android.permission.CHANGE_WIFI_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.READ_EXTERNAL_STORAGE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.FOREGROUND_SERVICE
android.permission.ACCESS_NETWORK_STATE
android.permission.REORDER_TASKS
com.google.android.gms.permission.AD_ID

恶意软件常用权限 是被已知恶意软件广泛滥用的权限。
其它常用权限 是已知恶意软件经常滥用的权限。

IP地理位置

恶意域名检测

域名	状态	中国境内	位置信息
events.inreality.com	安全	否	IP地址: 52.27.106.30 国家: 美利坚合众国地区: 俄勒冈城市: 博德曼查看: Google 地图
v3-dev-gcp.inreality.com	安全	否	没有可用的地理位置信息。
h2database.com	安全	否	IP地址: 54.183.119.43 国家: 瑞士地区: 苏黎世城市: 苏黎世查看: Google 地图
www.rabbitmq.com	安全	否	IP地址: 104.20.69.112 国家: 美利坚合众国地区: 加利福尼亚城市: 旧金山查看: Google 地图
www.bouncycastle.org	安全	否	IP地址: 203.32.61.103 国家: 澳大利亚地区: 维多利亚城市: 墨尔本查看: Google 地图
eow1nc31jvca2a3.m.pipedream.net	安全	否	IP地址: 3.224.66.200 国家: 美利坚合众国地区: 弗吉尼亚州城市: 阿什本查看: Google 地图
vimeo.com	安全	否	IP地址: 3.224.66.200 国家: 美利坚合众国地区: 加利福尼亚城市: 旧金山查看: Google 地图
v3-dev.inreality.com	安全	否	IP地址: 13.226.225.128 国家: 美利坚合众国地区: 俄勒冈城市: 博德曼查看: Google 地图
www.http.httpclient	安全	否	没有可用的地理位置信息。
dmoz.org	安全	否	IP地址: 76.223.84.192 国家: 美利坚合众国地区: 华盛顿城市: 西雅图查看: Google 地图
ostermiller.org	安全	否	IP地址: 54.183.119.43 国家: 美利坚合众国地区: 加利福尼亚城市: 圣何塞查看: Google 地图
cloud.inreality.com	安全	否	没有可用的地理位置信息。
app.inreality.com	安全	否	IP地址: 13.226.225.128 国家: 美利坚合众国地区: 加利福尼亚城市: 洛杉矶查看: Google 地图
pagead2.googlesyndication.com	安全	是	IP地址: 180.163.150.166 国家: 中国地区: 上海城市: 上海查看: 高德地图
tools.ietf.org	安全	否	IP地址: 104.16.45.99 国家: 美利坚合众国地区: 加利福尼亚城市: 旧金山查看: Google 地图
jsoup.org	安全	否	IP地址: 104.16.45.99 国家: 美利坚合众国地区: 加利福尼亚城市: 旧金山查看: Google 地图
datatracker.ietf.org	安全	否	IP地址: 104.20.69.112 国家: 美利坚合众国地区: 加利福尼亚城市: 旧金山查看: Google 地图

手机号提取

URL链接分析

URL信息	源码文件
https://e0aaafd4b87c75578de7c97d27a58a1d@o4505510466813952.ingest.sentry.io/4505865013035008	自研引擎-M
http://h2database.com/javadoc/	org/h2/util/Tool.java
https://github.com/jwtk/jjwt#json-jackson-custom-types https://github.com/jwtk/jjwt#custom-json-processor	io/jsonwebtoken/impl/DefaultClaims.java
http://www.rabbitmq.com/	com/rabbitmq/client/impl/Copyright.java
http://ostermiller.org/contact.pl?regarding=random+password+generator+applet	com/Ostermiller/util/RandPassApplet.java
http://ostermiller.org/contact.pl?regarding=java+utilities	com/Ostermiller/util/RandPass.java
file:///sdcard/notification/ringer.mp3	com/acg/android/utils/notification/NotificationUtil.java
http://ostermiller.org/contact.pl?regarding=java+utilities	com/Ostermiller/util/Tabs.java
http://org.dom4j.io.doucmentsource/feature	org/dom4j/io/DocumentSource.java
http://h2database.com/html/source.html?file= http://h2database.com/javadoc/org/h2/constant/errorcode.html#c	org/h2/server/web/WebApp.java
127.0.0.1	org/h2/util/NetUtils.java
http://ostermiller.org/contact.pl?regarding=java+utilities	com/Ostermiller/util/LineEnds.java
127.0.0.1 https://app.inreality.com/v3/'	com/inreality/android_rules_engine/Configurator.java
127.0.0.1	org/nanohttpd/protocols/http/HTTPSession.java
www.protocol.http.httpsurlconnection www.protocol.http.httpsurlconnectionimpl	com/splunk/mint/network/http/HTTPSURLStreamHandler.java
www.protocol.http.httpurlconnection www.protocol.http.httpurlconnectionimpl	com/splunk/mint/network/http/HTTPURLStreamHandler.java
https://tools.ietf.org/html/rfc7518#section-3.3 https://tools.ietf.org/html/rfc7518#section-3.4 https://tools.ietf.org/html/rfc7518#section- https://tools.ietf.org/html/rfc7518#section-3.2	io/jsonwebtoken/SignatureAlgorithm.java
https://jsoup.org/cookbook/extracting-data/working-with-urls http://undefined/	org/jsoup/helper/HttpConnection.java
1.9.2.2	com/acg/android/utils/media/YoutubeUtil.java
http://www.rabbitmq.com/	com/rabbitmq/client/impl/AMQConnection.java
http://vimeo.com/m/	com/acg/android/utils/media/VimeoUtil.java
https://datatracker.ietf.org/doc/html/rfc7518#section-3.4	io/jsonwebtoken/impl/crypto/EllipticCurveSignatureValidator.java
http://ostermiller.org/contact.pl?regarding=java+utilities	com/Ostermiller/util/Base64.java
http://www.google.com/ http://dmoz.org/ http://ostermiller.org	com/Ostermiller/util/Browser.java
https://datatracker.ietf.org/doc/html/rfc7518#section-3.4	io/jsonwebtoken/impl/crypto/EllipticCurveProvider.java
https://cloud.inreality.com/ https://app.inreality.com/ https://v3-dev-gcp.inreality.com/ https://v3-dev.inreality.com/	com/inreality/androidutils/server/IRServerUtils.java
https://tools.ietf.org/html/rfc7518#section-3.2	io/jsonwebtoken/security/Keys.java
http://192.168.0.12:8000/unity/json.action	com/acg/android/utils/remoting/RemotingManager.java
https://events.inreality.com/api/events	com/inreality/android/notification/IRNotificationUtils.java
127.0.0.1	com/inreality/android_rules_engine/api/Api.java
http://www.rabbitmq.com/ssl.html#validating-cerficates	com/rabbitmq/client/NullTrustManager.java
127.0.0.1	com/inreality/log/pv3/base/internal/InternalMessageUtils.java
https://eow1nc31jvca2a3.m.pipedream.net	com/inreality/android/pipedream/PipeDreamUtils.java
http://www.rabbitmq.com/ssl.html#validating-cerficates	com/rabbitmq/client/TrustEverythingTrustManager.java
2.5.4.23 http://192.168.0.12:8000/unity/json.action 2.5.4.43 2.5.29.54 2.5.29.16 2.5.29.56 1.2.2.4 2.5.4.26 2.5.29.15 2.5.4.49 https://tools.ietf.org/html/rfc7518#section-3.2 127.0.0.1 2.5.4.18 2.5.4.6 2.5.29.46 http://undefined/ 1.3.36.8 http://h2database.com/javadoc/org/h2/constant/errorcode.html#c 1.9.4.1 2.5.29.19 1.2.2.3 2.5.4.44 2.5.4.12 2.5.4.45 2.5.4.72 1.3.36.3 2.5.29.20 2.5.4.14 http://ostermiller.org/contact.pl?regarding=java+utilities 2.5.4.21 http://ostermiller.org/contact.pl?regarding=random+password+generator+applet 2.5.4.46 https://github.com/jwtk/jjwt#custom-json-processor 2.5.29.33 http://javax.xml.xmlconstants/feature/secure-processing 2.5.4.3 http://vimeo.com/m/ 2.5.4.50 2.5.4.22 2.5.4.28 http://h2database.com/html/source.html?file= https://v3-dev-gcp.inreality.com/ https://v3-dev.inreality.com/ www.protocol.http.httpurlconnectionimpl 2.5.4.33 2.5.4.47 2.5.29.9 1.2.2.1 https://pagead2.googlesyndication.com/pagead/gen_204?id=gmob-apps 2.5.4.16 2.5.29.27 https://tools.ietf.org/html/rfc7518#section-3.3 1.9.2.2 2.5.4.5 www.bouncycastle.org https://cloud.inreality.com/ 2.5.4.27 1.3.6.1 2.5.29.37 1.2.2.2 1.2.2.6 https://www.bouncycastle.org 3.1.2.1 http://org.dom4j.io.doucmentsource/feature 2.5.1.1 2.5.29.32 2.5.4.32 http://ostermiller.org http://127.0.0.1 https://events.inreality.com/api/events 2.5.29.55 2.5.29.21 https://github.com/jwtk/jjwt#json-jackson-custom-types 1.3.1.1 2.5.29.24 2.5.29.18 2.5.4.13 2.5.4.20 2.5.4.42 www.protocol.http.httpsurlconnectionimpl 2.5.4.9 2.5.29.35 2.5.29.28 2.5.4.54 http://www.google.com/ http://www.rabbitmq.com/ 2.5.4.51 2.5.4.17 http://www.rabbitmq.com/ssl.html#validating-cerficates 2.5.4.25 2.5.4.24 2.5.4.35 2.5.4.41 2.5.4.97 https://eow1nc31jvca2a3.m.pipedream.net https://plus.google.com/ http://dmoz.org/ 2.5.29.17 file:///sdcard/notification/ringer.mp3 2.5.29.31 2.5.29.30 2.5.29.29 2.5.4.34 https://jsoup.org/cookbook/extracting-data/working-with-urls http://h2database.com/javadoc/ https://app.inreality.com/ https://app.inreality.com/v3/' 2.5.4.7 2.5.29.14 2.5.4.19 www.http.httpclient 2.5.29.60 2.5.4.10 2.5.4.31 2.5.29.23 www.protocol.http.httpsurlconnection 1.3.132.1 2.5.4.4 2.5.4.11 2.5.4.65 1.2.2.5 2.5.4.8 www.protocol.http.httpurlconnection https://tools.ietf.org/html/rfc7518#section-3.4 2.5.4.15 https://tools.ietf.org/html/rfc7518#section- https://datatracker.ietf.org/doc/html/rfc7518#section-3.4 2.5.29.36	自研引擎-S

Firebase配置检测

邮箱地址提取

EMAIL	源码文件
your.account@domain.com	org/acra/sender/DefaultReportSenderFactory.java
your.account@domain.com	自研引擎-S

第三方追踪器

名称	类别	网址
ACRA	Crash reporting	https://reports.exodus-privacy.eu.org/trackers/444
Sentry	Crash reporting	https://reports.exodus-privacy.eu.org/trackers/447
Splunk MINT	Analytics	https://reports.exodus-privacy.eu.org/trackers/242

敏感凭证泄露

已显示 6 个secrets

1、 7AEIOUY8HW1BFPV2CGJKQSXZ3DT4L5MN6R
2、 30820277020100300d06092a864886f70d0101010500048202613082025d02010002818100dc0a13c602b7141110eade2f051b54777b060d0f74e6a110f9cce81159f271ebc88d8e8aa1f743b505fc2e7dfe38d33b8d3f64d1b363d1af4d877833897954cbaec2fa384c22a415498cf306bb07ac09b76b001cd68bf77ea0a628f5101959cf2993a9c23dbee79b19305977f8715ae78d023471194cc900b231eecb0aaea98d02030100010281810099aa4ff4d0a09a5af0bd953cb10c4d08c3d98df565664ac5582e494314d5c3c92dddedd5d316a32a206be4ec084616fe57be15e27cad111aa3c21fa79e32258c6ca8430afc69eddd52d3b751b37da6b6860910b94653192c0db1d02abcfd6ce14c01f238eec7c20bd3bb750940004bacba2880349a9494d10e139ecb2355d101024100ffdc3defd9c05a2d377ef6019fa62b3fbd5b0020a04cc8533bca730e1f6fcf5dfceea1b044fbe17d9eababfbc7d955edad6bc60f9be826ad2c22ba77d19a9f65024100dc28d43fdbbc93852cc3567093157702bc16f156f709fb7db0d9eec028f41fd0edcd17224c866e66be1744141fb724a10fd741c8a96afdd9141b36d67fff6309024077b1cddbde0f69604bdcfe33263fb36ddf24aa3b9922327915b890f8a36648295d0139ecdf68c245652c4489c6257b58744fbdd961834a4cab201801a3b1e52d024100b17142e8991d1b350a0802624759d48ae2b8071a158ff91fabeb6a8f7c328e762143dc726b8529f42b1fab6220d1c676fdc27ba5d44e847c72c52064afd351a902407c6e23fe35bcfcd1a662aa82a2aa725fcece311644d5b6e3894853fd4ce9fe78218c957b1ff03fc9e5ef8ffeb6bd58235f6a215c97d354fdace7e781e4a63e8b
3、 258EAFA5-E914-47DA-95CA-C5AB0DC85B11
4、 a3f1b3b76c8f4e2d91c6f068ed7b2e4f
5、 3082018b3081f502044295ce6b300d06092a864886f70d0101040500300d310b3009060355040313024832301e170d3035303532363133323630335a170d3337303933303036353734375a300d310b300906035504031302483230819f300d06092a864886f70d010101050003818d0030818902818100dc0a13c602b7141110eade2f051b54777b060d0f74e6a110f9cce81159f271ebc88d8e8aa1f743b505fc2e7dfe38d33b8d3f64d1b363d1af4d877833897954cbaec2fa384c22a415498cf306bb07ac09b76b001cd68bf77ea0a628f5101959cf2993a9c23dbee79b19305977f8715ae78d023471194cc900b231eecb0aaea98d0203010001300d06092a864886f70d01010405000381810083f4401a279453701bef9a7681a5b8b24f153f7d18c7c892133d97bd5f13736be7505290a445a7d5ceb75522403e5097515cd966ded6351ff60d5193de34cd36e5cb04d380398e66286f99923fd92296645fd4ada45844d194dfd815e6cd57f385c117be982809028bba1116c85740b3d27a55b1a0948bf291ddba44bed337b9
6、 12345678901234567890123456789012

字符串信息

建议导出为TXT，方便查看。

活动列表

显示 3 个 activities

服务列表

显示 4 个 services

广播接收者列表

显示 2 个 receivers

内容提供者列表

显示 3 个 providers

第三方SDK

SDK名称	开发者	描述信息
Sentry	Sentry	Sentry 是一个实时事件日志记录和聚合平台，它专门用于监视错误和提取执行适当的事后操作所需的所有信息。
File Provider	Android	FileProvider 是 ContentProvider 的特殊子类，它通过创建 content://Uri 代替 file:///Uri 以促进安全分享与应用程序关联的文件。
Jetpack App Startup	Google	App Startup 库提供了一种直接，高效的方法来在应用程序启动时初始化组件。库开发人员和应用程序开发人员都可以使用 App Startup 来简化启动顺序并显式设置初始化顺序。App Startup 允许您定义共享单个内容提供程序的组件初始化程序，而不必为需要初始化的每个组件定义单独的内容提供程序。这可以大大缩短应用启动时间。
Jetpack Media	Google	与其他应用共享媒体内容和控件。已被 media2 取代。

污点分析

当apk较大时，代码量会很大，造成数据流图（ICFG）呈现爆炸式增长，所以该功能比较耗时，请先喝杯咖啡，耐心等待……

规则名称	描述信息	操作
病毒分析	使用安卓恶意软件常用的API进行污点分析	开始分析
漏洞挖掘	漏洞挖掘场景下的污点分析	开始分析
隐私合规	隐私合规场景下的污点分析：组件内污点传播、组件间污点传播、组件与库函数之间的污点传播	开始分析
密码分析	分析加密算法是否使用常量密钥、静态初始化的向量（IV）、加密模式是否使用ECB等	开始分析
Callback	因为Android中系统级的Callback并不会出现显式地进行回调方法的调用，所以如果需要分析Callback方法需要在声明文件中将其声明，这里提供一份AndroidCallbacks.txt文件，里面是一些常见的原生回调接口或类，如果有特殊接口需求，可以联系管理员	开始分析