温馨提示:本平台仅供研究软件风险、安全评估,禁止用于非法用途。由于展示的数据过于全面,请耐心等待加载完成。如有疑问或建议, 可加入我们的微信群讨论

APP评分

病毒检测 无法判定

安全评分

文件信息

文件名称 fb45517b615bad6518dbd8016696d31c.apk
文件大小 71.19MB
MD5 bb70e1027710f31edecdeb3537fe28c9
SHA1 b694253848f40593142bf0c93b30ad200f037655
SHA256 8c3b90cf9ea1bb788ff5f2a750960ec59f6cc763e8bc0b266d2d326fc980daa1

应用信息

应用名称 小丑牌
包名 org.bal6tro.android
主活动 com.milu.sdk.ui.MainActivity
目标SDK 34     最小SDK 16
版本号 1.0.0     子版本号 10
加固信息 未加壳

组件导出信息

反编译代码

Manifest文件 查看
APK文件 下载
Java源代码 查看 -- 下载

证书信息

二进制文件已签名
v1 签名: True
v2 签名: True
v3 签名: True
v4 签名: False
主题: C=, ST=, L=, O=, OU=, CN=by_wxw
签名算法: rsassa_pkcs1v15
有效期自: 2021-01-21 13:31:49+00:00
有效期至: 2120-12-28 13:31:49+00:00
发行人: C=, ST=, L=, O=, OU=, CN=by_wxw
序列号: 0x28bf2538
哈希算法: sha512
证书MD5: c9c20f4649033912afc4c26ab4e97677
证书SHA1: 9268f33c023e03b4506437e135e44bab42b1f8ca
证书SHA256: 3fd6ffdb59e237fe0d612dce84ac4140b76911e4e2cc9d232c124cefafa2add9
证书SHA512: acb213a0656a7e6fe5d1998ecade23666292f8dc33a3af1c84a9a947e26cd54d497092c318af6bca158f76839b65e09dd7829c7440739edfc54e93bb6910a3a7
公钥算法: rsa
密钥长度: 2048
指纹: cba239f5090498f70805c5d9ccbacf25b68727dde0b030878869f73341fc858a
找到 1 个唯一证书

应用程序权限

权限名称 安全等级 权限内容 权限描述 关联代码
android.permission.INTERNET 危险 完全互联网访问 允许应用程序创建网络套接字。
android.permission.VIBRATE 普通 控制振动器 允许应用程序控制振动器,用于消息通知振动功能。
android.permission.ACCESS_NETWORK_STATE 普通 获取网络状态 允许应用程序查看所有网络的状态。
android.permission.BLUETOOTH 危险 创建蓝牙连接 允许应用程序查看或创建蓝牙连接。
android.permission.WRITE_EXTERNAL_STORAGE 危险 读取/修改/删除外部存储内容 允许应用程序写入外部存储。
org.bal6tro.android.DYNAMIC_RECEIVER_NOT_EXPORTED_PERMISSION 未知 未知权限 来自 android 引用的未知权限。
android.permission.QUERY_ALL_PACKAGES 普通 获取已安装应用程序列表 Android 11引入与包可见性相关的权限,允许查询设备上的任何普通应用程序,而不考虑清单声明。

证书分析

高危
0
警告
1
信息
1
标题 严重程度 描述信息
已签名应用 信息 应用程序已使用代码签名证书进行签名

MANIFEST分析

高危
0
警告
4
信息
0
屏蔽
0
序号 问题 严重程度 描述信息 操作
1 应用程序可以安装在有漏洞的已更新 Android 版本上
Android 4.1-4.1.2, [minSdk=16]
信息 该应用程序可以安装在具有多个未修复漏洞的旧版本 Android 上。这些设备不会从 Google 接收合理的安全更新。支持 Android 版本 => 10、API 29 以接收合理的安全更新。
2 应用程序具有网络安全配置
[android:networkSecurityConfig=0x7f0f0001]
信息 网络安全配置功能让应用程序可以在一个安全的,声明式的配置文件中自定义他们的网络安全设置,而不需要修改应用程序代码。这些设置可以针对特定的域名和特定的应用程序进行配置。
3 应用程序数据存在被泄露的风险
未设置[android:allowBackup]标志
警告 这个标志 [android:allowBackup]应该设置为false。默认情况下它被设置为true,允许任何人通过adb备份你的应用程序数据。它允许已经启用了USB调试的用户从设备上复制应用程序数据。
4 Activity (org.love2d.android.GameActivity) 未被保护。
存在一个intent-filter。
警告 发现 Activity与设备上的其他应用程序共享,因此让它可以被设备上的任何其他应用程序访问。intent-filter的存在表明这个Activity是显式导出的。
5 Content Provider (androidx.startup.InitializationProvider) 如果应用程序在API级别低于17的设备上运行,则不会受到保护。
[Content Provider, targetSdkVersion >= 17]
警告 如果应用程序运行在一个API级别低于17的设备上,内容提供者( Content Provider)就会被导出。在这种情况下,它会被共享给了设备上的其他应用程序,因此让它可以被设备上的任何其他应用程序访问。
6 Content Provider (com.mod.plugin.shell.provider.FakeProvider) 如果应用程序在API级别低于17的设备上运行,则不会受到保护。
[Content Provider, targetSdkVersion >= 17]
警告 如果应用程序运行在一个API级别低于17的设备上,内容提供者( Content Provider)就会被导出。在这种情况下,它会被共享给了设备上的其他应用程序,因此让它可以被设备上的任何其他应用程序访问。

可浏览的ACTIVITIES

ACTIVITY INTENT

网络安全配置

高危
1
警告
0
信息
0
安全
0
序号 范围 严重级别 描述
1 *
基本配置不安全地配置为允许到所有域的明文流量。

API调用分析

API功能 源码文件
一般功能-> 获取系统服务(getSystemService)
一般功能-> 文件操作
WXW/Hook/C0072.java
WXW/Hook/C0073.java
WXW/Hook/C0074.java
WXW/Hook/core/C0000.java
WXW/Hook/core/C0001.java
WXW/Hook/proguard/C0010.java
WXW/Hook/proguard/C0035.java
WXW/Hook/proguard/C0036.java
WXW/Hook/proguard/C0038.java
WXW/Hook/proguard/C0040.java
WXW/Hook/proguard/C0068.java
WXW/Hook/proguard/C0070.java
c0/a.java
com/milu/Milu.java
com/milu/sdk/compat/MLAdviceAgeCompat.java
com/mod/plugin/iiii/a.java
com/mod/plugin/iiii/b.java
com/one/oaid/OAIDManager.java
com/unity/vq/c.java
com_milu_o00O00oOoooo00OOOoO0ooo0oOOOOO/ooO0oo0Oo0ooO0O000oOOOOo00o0o0.java
com_milu_o0O0O0000O0OOoO0O0ooo00oO00O0o/ooO0oo0Oo0ooO0O000oOOOOo00o0o0.java
com_milu_o0OOOOo00OoooOOO000O0oooo0Oo0o/o00oOOOo0O00o0O0000OoOOO0OO0O0.java
com_milu_o0OOOoOoO0Oo0Oo0o0OooooO0OoO0o/o0OOoO0Ooooo00o0oOoO00o0Oo00o0.java
com_milu_o0OOOoOoO0Oo0Oo0o0OooooO0OoO0o/o0oo0OoO00oO00O0OOOO0OoOOoooOO.java
com_milu_o0OOOoOoO0Oo0Oo0o0OooooO0OoO0o/oOo0oooO00OOooOo0O0OooooooOoOo.java
com_milu_o0OOo0ooO0Oooo0oOOo0o00OOOOOoO/oo00oOoo0oOo0oOOO0OOoOOoOo00O0.java
com_milu_o0OOo0ooO0Oooo0oOOo0o00OOOOOoO/ooo0oO0o0OooOoOO0OOOOoo000ooO0.java
com_milu_o0oO0OOO0OO0OOO00oo0O00Oo0o0O0/oOoO0Ooo0ooOO000OOoo0OOOoOO0OO.java
com_milu_o0ooOo0ooooOOo0O000oooooooo00o/o0OO00Ooo00oOoOo0000OOO00OOo0o.java
com_milu_o0ooOo0ooooOOo0O000oooooooo00o/o0o0OoOOOo00OooOOoo0OO0Oo0ooo0.java
com_milu_o0ooOo0ooooOOo0O000oooooooo00o/o0oO0oOoOOOO0O00OoO00ooo0OOO0O.java
com_milu_o0ooOo0ooooOOo0O000oooooooo00o/oOo0oooO00OOooOo0O0OooooooOoOo.java
com_milu_o0ooOo0ooooOOo0O000oooooooo00o/oOooOOoO0oO0oo0O0OoOOOOO0ooO0O.java
com_milu_o0ooOo0ooooOOo0O000oooooooo00o/ooO0OOOo0oO00OoOO0OoOO0o0Oo0OO.java
com_milu_o0ooOo0ooooOOo0O000oooooooo00o/oooO0OO0oO000oOoOO0o00o0Oooooo.java
com_milu_oO0OOooOOo00o00oO0O00000o000oo/ooO0oo0Oo0ooO0O000oOOOOo00o0o0.java
com_milu_oO0o0OO00OoO00oooo0oooooO0o0Oo/oOoO0Ooo0ooOO000OOoo0OOOoOO0OO.java
com_milu_oO0o0OO00OoO00oooo0oooooO0o0Oo/ooO0oo0Oo0ooO0O000oOOOOo00o0o0.java
com_milu_oOO00o0oOoOOo00OooOo0ooOoo0O0o/o00oOOOo0O00o0O0000OoOOO0OO0O0.java
com_milu_oOO00o0oOoOOo00OooOo0ooOoo0O0o/o0OOooo000oOOO0O00ooooOoOOO0oo.java
com_milu_oOO00o0oOoOOo00OooOo0ooOoo0O0o/o0oo0OoO00oO00O0OOOO0OoOOoooOO.java
com_milu_oOO00o0oOoOOo00OooOo0ooOoo0O0o/oOo0oooO00OOooOo0O0OooooooOoOo.java
com_milu_oOO00o0oOoOOo00OooOo0ooOoo0O0o/oOoO0Ooo0ooOO000OOoo0OOOoOO0OO.java
com_milu_oOO00o0oOoOOo00OooOo0ooOoo0O0o/ooo0oO0o0OooOoOO0OOOOoo000ooO0.java
com_milu_oOO00o0oOoOOo00OooOo0ooOoo0O0o/oooOo0Oo0OooOOOOOO000oO0o000O0.java
com_milu_oOO0OooO0oooooo0oOO0OOO0OO0OOo/o0OOoO0Ooooo00o0oOoO00o0Oo00o0.java
com_milu_oOO0OooO0oooooo0oOO0OOO0OO0OOo/oO0oo0O0o00oOoO0OOOOOO0o00000o.java
com_milu_oOO0OooO0oooooo0oOO0OOO0OO0OOo/ooo0oO0o0OooOoOO0OOOOoo000ooO0.java
com_milu_oOo0OOo0O0O0Oo0oOOOOO00oo0oOOO/o00o0O0OooOOO0Oo00O0OOOo0OOo00.java
com_milu_oOo0OOo0O0O0Oo0oOOOOO00oo0oOOO/o0OOoO0Ooooo00o0oOoO00o0Oo00o0.java
com_milu_oOo0OOo0O0O0Oo0oOOOOO00oo0oOOO/o0OOooo000oOOO0O00ooooOoOOO0oo.java
com_milu_oOo0OOo0O0O0Oo0oOOOOO00oo0oOOO/oO0oo0O0o00oOoO0OOOOOO0o00000o.java
com_milu_oOo0OOo0O0O0Oo0oOOOOO00oo0oOOO/oOoO0Ooo0ooOO000OOoo0OOOoOO0OO.java
com_milu_oOo0OOo0O0O0Oo0oOOOOO00oo0oOOO/oo00oOoo0oOo0oOOO0OOoOOoOo00O0.java
com_milu_oOo0OOo0O0O0Oo0oOOOOO00oo0oOOO/oo0o0Oo00OO0O0o0o0oOoOo00O0oO0.java
com_milu_oOo0OOo0O0O0Oo0oOOOOO00oo0oOOO/ooO0o00O00o0oo0Oo0oo00ooo00000.java
com_milu_oOo0OOo0O0O0Oo0oOOOOO00oo0oOOO/ooO0oo0Oo0ooO0O000oOOOOo00o0o0.java
com_milu_oOo0OOo0O0O0Oo0oOOOOO00oo0oOOO/ooo0oO0o0OooOoOO0OOOOoo000ooO0.java
com_milu_oOo0OOo0O0O0Oo0oOOOOO00oo0oOOO/oooO0OO0oO000oOoOO0o00o0Oooooo.java
com_milu_oOo0OOo0O0O0Oo0oOOOOO00oo0oOOO/oooOo0Oo0OooOOOOOO000oO0o000O0.java
com_milu_oOoO0o00OoOOOo0O0o000OoOoooOOo/oOoO0Ooo0ooOO000OOoo0OOOoOO0OO.java
com_milu_oOoo00OooOoo000OOo0O00oOoOOoOo/ooo0oO0o0OooOoOO0OOOOoo000ooO0.java
com_milu_oOooOoOoOO000o0oO00o00oO0oOO00/oOoO0Ooo0ooOO000OOoo0OOOoOO0OO.java
com_milu_oOooOoOoOO000o0oO00o00oO0oOO00/oOoOoo0ooOO0ooOoOO00o0O00OO000.java
com_milu_oOooOoOoOO000o0oO00o00oO0oOO00/oo0o0Oo00OO0O0o0o0oOoOo00O0oO0.java
com_milu_oOooOoOoOO000o0oO00o00oO0oOO00/ooo000OO000ooOOoOooo0OoO0O00Oo.java
com_milu_oo000000O000ooo00oo0Oo0Oo00OOo/o00oOOOo0O00o0O0000OoOOO0OO0O0.java
com_milu_oo000000O000ooo00oo0Oo0Oo00OOo/ooO0oo0Oo0ooO0O000oOOOOo00o0o0.java
com_milu_oo000000O000ooo00oo0Oo0Oo00OOo/oooOo0Oo0OooOOOOOO000oO0o000O0.java
com_milu_oo0OO000oO0oOooOoo0oo0o0OOooOo/o00oOOOo0O00o0O0000OoOOO0OO0O0.java
com_milu_oo0OO000oO0oOooOoo0oo0o0OOooOo/o0OOoO0Ooooo00o0oOoO00o0Oo00o0.java
com_milu_oo0OO000oO0oOooOoo0oo0o0OOooOo/o0OOooo000oOOO0O00ooooOoOOO0oo.java
com_milu_oo0OO000oO0oOooOoo0oo0o0OOooOo/o0oo0OoO00oO00O0OOOO0OoOOoooOO.java
com_milu_oo0OO000oO0oOooOoo0oo0o0OOooOo/oOOoo00ooOoO00000oOo000o0OOo0O.java
com_milu_oo0OO000oO0oOooOoo0oo0o0OOooOo/oOo0oooO00OOooOo0O0OooooooOoOo.java
com_milu_oo0OO000oO0oOooOoo0oo0o0OOooOo/oo00oOoo0oOo0oOOO0OOoOOoOo00O0.java
com_milu_oo0OO000oO0oOooOoo0oo0o0OOooOo/ooO0oo0Oo0ooO0O000oOOOOo00o0o0.java
com_milu_oo0OO000oO0oOooOoo0oo0o0OOooOo/ooo000OO000ooOOoOooo0OoO0O00Oo.java
com_milu_oo0OO000oO0oOooOoo0oo0o0OOooOo/ooo0oO0o0OooOoOO0OOOOoo000ooO0.java
com_milu_oo0OOoOooO0OOO0o00o00O00o0000o/ooO0oo0Oo0ooO0O000oOOOOo00o0o0.java
com_milu_ooO00oOO0oooOoOOOOOOOoO0ooOOo0/o0OOoO0Ooooo00o0oOoO00o0Oo00o0.java
com_milu_ooO00oOO0oooOoOOOOOOOoO0ooOOo0/o0o0OoOo00O00oOo00O000O0Ooo0oo.java
com_milu_ooO00oOO0oooOoOOOOOOOoO0ooOOo0/o0oo0OoO00oO00O0OOOO0OoOOoooOO.java
com_milu_ooO00oOO0oooOoOOOOOOOoO0ooOOo0/oOO0ooOo0o0Oo00oOO0Ooooo0oOO0o.java
com_milu_ooO00oOO0oooOoOOOOOOOoO0ooOOo0/oOoO0Ooo0ooOO000OOoo0OOOoOO0OO.java
com_milu_ooO00oOO0oooOoOOOOOOOoO0ooOOo0/ooO0o00O00o0oo0Oo0oo00ooo00000.java
com_milu_ooO00oOO0oooOoOOOOOOOoO0ooOOo0/ooO0oo0Oo0ooO0O000oOOOOo00o0o0.java
com_milu_ooO00oOO0oooOoOOOOOOOoO0ooOOo0/ooo000OO000ooOOoOooo0OoO0O00Oo.java
com_milu_ooOO0o0OO00o0OOo00o0o00OoO0O00/ooO0oo0Oo0ooO0O000oOOOOo00o0o0.java
com_milu_oooo0OO0o0000o0OoOOOoo00000Oo0/o0OOoO0Ooooo00o0oOoO00o0Oo00o0.java
e0/e.java
f/c.java
f0/c.java
l0/r.java
n0/a.java
org/libsdl/app/HIDDeviceManager.java
org/love2d/android/GameActivity.java
w/d.java
x/r.java
x/s.java
y/c.java
y/f.java
加密解密-> 信息摘要算法
一般功能-> 获取活动网路信息 com_milu_ooO00oOO0oooOoOOOOOOOoO0ooOOo0/o0o0OoOo00O00oOo00O000O0Ooo0oo.java
调用java反射机制
WXW/Hook/core/HookMain.java
WXW/Hook/proguard/C0003.java
WXW/Hook/proguard/C0004.java
WXW/Hook/proguard/C0014.java
WXW/Hook/proguard/C0037.java
WXW/Hook/proguard/C0038.java
WXW/Hook/proguard/C0039.java
WXW/Hook/proguard/C0040.java
WXW/Hook/proguard/C0069.java
com/milu/Milu.java
com/mod/plugin/iiii/a.java
com/one/oaid/OAIDRom.java
com/one/oaid/imp/XiaomiDeviceIDHelper.java
com/unity/vq/c.java
com_milu_o000oOooo0O0OOoOo0O0OOoOO0Ooo0/oooOo0Oo0OooOOOOOO000oO0o000O0.java
com_milu_o0OOOOo00OoooOOO000O0oooo0Oo0o/oOoO0Ooo0ooOO000OOoo0OOOoOO0OO.java
com_milu_o0OOOOo00OoooOOO000O0oooo0Oo0o/ooo0oO0o0OooOoOO0OOOOoo000ooO0.java
com_milu_o0OOOOo00OoooOOO000O0oooo0Oo0o/oooOo0Oo0OooOOOOOO000oO0o000O0.java
com_milu_o0OOOoOoO0Oo0Oo0o0OooooO0OoO0o/o0OOooo000oOOO0O00ooooOoOOO0oo.java
com_milu_o0OOOoOoO0Oo0Oo0o0OooooO0OoO0o/oOOoo00ooOoO00000oOo000o0OOo0O.java
com_milu_o0OOOoOoO0Oo0Oo0o0OooooO0OoO0o/ooO0o00O00o0oo0Oo0oo00ooo00000.java
com_milu_o0OOo0ooO0Oooo0oOOo0o00OOOOOoO/o0oo0OoO00oO00O0OOOO0OoOOoooOO.java
com_milu_oO0o0OO00OoO00oooo0oooooO0o0Oo/o00oOOOo0O00o0O0000OoOOO0OO0O0.java
com_milu_oO0o0OO00OoO00oooo0oooooO0o0Oo/oOoO0Ooo0ooOO000OOoo0OOOoOO0OO.java
com_milu_oO0o0OO00OoO00oooo0oooooO0o0Oo/ooO0oo0Oo0ooO0O000oOOOOo00o0o0.java
com_milu_oO0o0OO00OoO00oooo0oooooO0o0Oo/ooo0oO0o0OooOoOO0OOOOoo000ooO0.java
com_milu_oO0o0OO00OoO00oooo0oooooO0o0Oo/oooOo0Oo0OooOOOOOO000oO0o000O0.java
com_milu_oOO0OooO0oooooo0oOO0OOO0OO0OOo/o00oOOOo0O00o0O0000OoOOO0OO0O0.java
com_milu_oOO0OooO0oooooo0oOO0OOO0OO0OOo/oOoO0Ooo0ooOO000OOoo0OOOoOO0OO.java
com_milu_oOO0OooO0oooooo0oOO0OOO0OO0OOo/oooOo0Oo0OooOOOOOO000oO0o000O0.java
com_milu_oOoo00OooOoo000OOo0O00oOoOOoOo/ooo0oO0o0OooOoOO0OOOOoo000ooO0.java
com_milu_oOooOoOoOO000o0oO00o00oO0oOO00/o00oOOOo0O00o0O0000OoOOO0OO0O0.java
com_milu_oOooOoOoOO000o0oO00o00oO0oOO00/oOoOoo0ooOO0ooOoOO00o0O00OO000.java
e0/f.java
f/c.java
n0/a.java
n0/b.java
o0O0oO0OOooOO00Oo0ooO0oo00o0OoOoo0o0O0OOOoo0oO0OO0o000OoOo0OoO0O/OOooO00OoOo00oO0O000OoOO00ooO0O00o0OooOOoo0Oo0OOo0o0O0o0oOOooO0O.java
r/b.java
u/b.java
z/a.java
z/b.java
网络通信-> 蓝牙连接 org/libsdl/app/HIDDeviceBLESteamController.java
org/libsdl/app/HIDDeviceManager.java
org/libsdl/app/m.java
一般功能-> IPC通信
WXW/Hook/proguard/C0048.java
WXW/Hook/proguard/C0059.java
WXW/Hook/proguard/C0060.java
WXW/Hook/proguard/C0064.java
WXW/Hook/proguard/C0065.java
WXW/Hook/proguard/C0066.java
WXW/Hook/proguard/C0067.java
WXW/Hook/proguard/C0070.java
com/milu/application/activity/ProcessPhoenix.java
com/milu/sdk/ui/MainActivity.java
com/milu/sdk/ui/PrivacyDialog.java
com/one/oaid/imp/ASUSDeviceIDHelper.java
com/one/oaid/imp/CoolpadHelper.java
com/one/oaid/imp/FreemeHelper.java
com/one/oaid/imp/GMSADIDHelper.java
com/one/oaid/imp/HWDeviceIDHelper.java
com/one/oaid/imp/LenovoDeviceIDHelper.java
com/one/oaid/imp/MSAOAIDHelper.java
com/one/oaid/imp/OppoDeviceIDHelper.java
com/one/oaid/imp/SamsungDeviceIDHelper.java
com/one/oaid/imp/ZTEDeviceIDHelper.java
com/one/oaid/interfaces/ASUSIDInterface.java
com/one/oaid/interfaces/HWIDInterface.java
com/one/oaid/interfaces/LenovoIDInterface.java
com/one/oaid/interfaces/OnePlusIDInterface.java
com/one/oaid/interfaces/OppoIDInterface.java
com/one/oaid/interfaces/SamsungIDInterface.java
com/one/oaid/interfaces/ZTEIDInterface.java
com_milu_o00OoOOooOo00O0o00Ooo00o0oOoOO/oOoO0Ooo0ooOO000OOoo0OOOoOO0OO.java
onemsa/com/asus/msa/SupplementaryDID/IDidAidlInterface.java
onemsa/com/bun/lib/MsaIdInterface.java
onemsa/com/coolpad/deviceidsupport/IDeviceIdManager.java
onemsa/com/heytap/openid/IOpenID.java
onemsa/com/samsung/android/deviceidservice/IDeviceIdService.java
onemsa/com/uodis/opendevice/aidl/OpenDeviceIdentifierService.java
onemsa/com/zui/deviceidservice/IDeviceidInterface.java
org/libsdl/app/HIDDeviceManager.java
org/libsdl/app/SDLActivity.java
org/love2d/android/GameActivity.java
DEX-> 动态加载 WXW/Hook/proguard/C0070.java
com/mod/plugin/iiii/a.java
org/libsdl/app/SDL.java
进程操作-> 获取进程pid
网络通信-> TCP套接字
网络通信-> SSL证书处理
进程操作-> 获取运行的进程\服务 com/mod/plugin/shell/FakeApplication.java
com/mod/plugin/shell/provider/FakeProvider.java
组件-> ContentProvider com/mod/plugin/shell/provider/FakeProvider.java
com/one/oaid/imp/NubiaDeviceIDHelper.java
一般功能-> 查看\修改Android系统属性 com/one/oaid/OAIDRom.java
加密解密-> Base64 解密 com_milu_o00OoOOooOo00O0o00Ooo00o0oOoOO/ooO0oo0Oo0ooO0O000oOOOOo00o0o0.java
com_milu_ooO00oOO0oooOoOOOOOOOoO0ooOOo0/o0OOoO0Ooooo00o0oOoO00o0Oo00o0.java
组件-> 启动 Service
隐私数据-> 录制音频行为 org/libsdl/app/SDLAudioManager.java
一般功能-> 加载so文件
组件-> 启动 Activity
进程操作-> 杀死进程 com/milu/application/activity/ProcessPhoenix.java
com_milu_o00OoOOooOo00O0o00Ooo00o0oOoOO/oOoO0Ooo0ooOO000OOoo0OOOoOO0OO.java
一般功能-> 传感器相关操作 org/libsdl/app/SDLSurface.java
隐私数据-> 剪贴板数据读写操作 org/libsdl/app/SDLClipboardHandler.java
网络通信-> HTTP建立连接 com_milu_ooO00oOO0oooOoOOOOOOOoO0ooOOo0/o0OOoO0Ooooo00o0oOoO00o0Oo00o0.java
一般功能-> 查询数据库(短信、联系人、通话记录、浏览器历史等) com/one/oaid/imp/MeizuDeviceIDHelper.java

源代码分析

高危
1
警告
4
信息
3
安全
1
屏蔽
0
序号 问题 等级 参考标准 文件位置 操作
1 MD5是已知存在哈希冲突的弱哈希 警告 CWE: CWE-327: 使用已被攻破或存在风险的密码学算法
OWASP Top 10: M5: Insufficient Cryptography
OWASP MASVS: MSTG-CRYPTO-4
com_milu_ooO00oOO0oooOoOOOOOOOoO0ooOOo0/o0o0OoOo00O00oOo00O000O0Ooo0oo.java
2 应用程序记录日志信息,不得记录敏感信息 信息 CWE: CWE-532: 通过日志文件的信息暴露
OWASP MASVS: MSTG-STORAGE-3
3 应用程序可以读取/写入外部存储器,任何应用程序都可以读取写入外部存储器的数据 警告 CWE: CWE-276: 默认权限不正确
OWASP Top 10: M2: Insecure Data Storage
OWASP MASVS: MSTG-STORAGE-2
com/mod/plugin/iiii/a.java
org/love2d/android/GameActivity.java
4 应用程序使用不安全的随机数生成器 警告 CWE: CWE-330: 使用不充分的随机数
OWASP Top 10: M5: Insufficient Cryptography
OWASP MASVS: MSTG-CRYPTO-6
5 SHA-1是已知存在哈希冲突的弱哈希 警告 CWE: CWE-327: 使用已被攻破或存在风险的密码学算法
OWASP Top 10: M5: Insufficient Cryptography
OWASP MASVS: MSTG-CRYPTO-4
com/one/oaid/imp/OppoDeviceIDHelper.java
6 该文件是World Writable。任何应用程序都可以写入文件 高危 CWE: CWE-276: 默认权限不正确
OWASP Top 10: M2: Insecure Data Storage
OWASP MASVS: MSTG-STORAGE-2
com_milu_ooO00oOO0oooOoOOOOOOOoO0ooOOo0/oOoO0Ooo0ooOO000OOoo0OOOoOO0OO.java
7 此应用程序使用SSL Pinning 来检测或防止安全通信通道中的MITM攻击 安全
OWASP MASVS: MSTG-NETWORK-4
com_milu_oOoo00OooOoo000OOo0O00oOoOOoOo/ooo0oO0o0OooOoOO0OOOOoo000ooO0.java
8 此应用侦听剪贴板更改。一些恶意软件也会监听剪贴板更改 信息
OWASP MASVS: MSTG-PLATFORM-4
org/libsdl/app/SDLClipboardHandler.java
9 此应用程序将数据复制到剪贴板。敏感数据不应复制到剪贴板,因为其他应用程序可以访问它 信息
OWASP MASVS: MSTG-STORAGE-10
org/libsdl/app/SDLClipboardHandler.java

动态库分析

序号 动态库 NX(堆栈禁止执行) STACK CANARY(栈保护) RELRO RPATH(指定SO搜索路径) RUNPATH(指定SO搜索路径) FORTIFY(常用函数加强检查) SYMBOLS STRIPPED(裁剪符号表)
1 arm64-v8a/libFirebaseCxxStatic.so
True
info
二进制文件设置了 NX 位。这标志着内存页面不可执行,使得攻击者注入的 shellcode 不可执行。
True
info
这个二进制文件在栈上添加了一个栈哨兵值,以便它会被溢出返回地址的栈缓冲区覆盖。这样可以通过在函数返回之前验证栈哨兵的完整性来检测溢出
Full RELRO
info
此共享对象已完全启用 RELRO。 RELRO 确保 GOT 不会在易受攻击的 ELF 二进制文件中被覆盖。在完整 RELRO 中,整个 GOT(.got 和 .got.plt 两者)被标记为只读。
None
info
二进制文件没有设置运行时搜索路径或RPATH
None
info
二进制文件没有设置 RUNPATH
True
info
二进制文件有以下加固函数: ['__strlen_chk', '__memmove_chk', '__vsnprintf_chk']
False
warning
符号可用
2 arm64-v8a/libml_unzip.so
True
info
二进制文件设置了 NX 位。这标志着内存页面不可执行,使得攻击者注入的 shellcode 不可执行。
True
info
这个二进制文件在栈上添加了一个栈哨兵值,以便它会被溢出返回地址的栈缓冲区覆盖。这样可以通过在函数返回之前验证栈哨兵的完整性来检测溢出
Full RELRO
info
此共享对象已完全启用 RELRO。 RELRO 确保 GOT 不会在易受攻击的 ELF 二进制文件中被覆盖。在完整 RELRO 中,整个 GOT(.got 和 .got.plt 两者)被标记为只读。
None
info
二进制文件没有设置运行时搜索路径或RPATH
None
info
二进制文件没有设置 RUNPATH
True
info
二进制文件有以下加固函数: ['__fgets_chk', '__vsprintf_chk', '__strcat_chk', '__vsnprintf_chk', '__memcpy_chk', '__strcpy_chk', '__strlen_chk', '__memmove_chk']
False
warning
符号可用
3 arm64-v8a/libmolest_native.so
True
info
二进制文件设置了 NX 位。这标志着内存页面不可执行,使得攻击者注入的 shellcode 不可执行。
True
info
这个二进制文件在栈上添加了一个栈哨兵值,以便它会被溢出返回地址的栈缓冲区覆盖。这样可以通过在函数返回之前验证栈哨兵的完整性来检测溢出
Full RELRO
info
此共享对象已完全启用 RELRO。 RELRO 确保 GOT 不会在易受攻击的 ELF 二进制文件中被覆盖。在完整 RELRO 中,整个 GOT(.got 和 .got.plt 两者)被标记为只读。
None
info
二进制文件没有设置运行时搜索路径或RPATH
None
info
二进制文件没有设置 RUNPATH
True
info
二进制文件有以下加固函数: ['__strcat_chk', '__memcpy_chk', '__strcpy_chk', '__vsprintf_chk', '__strlen_chk', '__fgets_chk', '__vsnprintf_chk', '__memset_chk', '__strrchr_chk', '__memmove_chk']
False
warning
符号可用
4 arm64-v8a/libmpg123.so
True
info
二进制文件设置了 NX 位。这标志着内存页面不可执行,使得攻击者注入的 shellcode 不可执行。
True
info
这个二进制文件在栈上添加了一个栈哨兵值,以便它会被溢出返回地址的栈缓冲区覆盖。这样可以通过在函数返回之前验证栈哨兵的完整性来检测溢出
Full RELRO
info
此共享对象已完全启用 RELRO。 RELRO 确保 GOT 不会在易受攻击的 ELF 二进制文件中被覆盖。在完整 RELRO 中,整个 GOT(.got 和 .got.plt 两者)被标记为只读。
None
info
二进制文件没有设置运行时搜索路径或RPATH
None
info
二进制文件没有设置 RUNPATH
True
info
二进制文件有以下加固函数: ['__strncpy_chk', '__FD_SET_chk', '__read_chk']
False
warning
符号可用

文件分析

序号 问题 文件

VIRUSTOTAL扫描

  该文件并未在病毒库中,文件上传功能被禁用。

滥用权限

恶意软件常用权限 1/30
android.permission.VIBRATE
其它常用权限 4/46
android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.BLUETOOTH
android.permission.WRITE_EXTERNAL_STORAGE

恶意软件常用权限 是被已知恶意软件广泛滥用的权限。
其它常用权限 是已知恶意软件经常滥用的权限。

IP地图

域名检测

域名 状态 中国境内 位置信息 解析
dev-pkg-upg-api.shanzhildq.com 安全
IP地址: 39.108.74.120
国家: 中国
地区: 广东
城市: 深圳
查看: 高德地图





game.shanzhildq.com 安全
IP地址: 39.108.74.120
国家: 中国
地区: 广东
城市: 深圳
查看: 高德地图





手机号码

网址

网址信息 源码文件
https://dev-pkg-upg-api.shanzhildq.com
com/milu/Milu.java
https://game.shanzhildq.com/agreement/privacy/child_privacy_policies
https://game.shanzhildq.com/agreement/privacy/privacy_policies
com/milu/sdk/BuildConfig.java
https://game.shanzhildq.com/agreement/privacy/privacy_policies?game=
https://game.shanzhildq.com/agreement/privacy/child_privacy_policies?game=
com/milu/sdk/ui/PrivacyDialog.java
https://game.shanzhildq.com/agreement/privacy/privacy_policies
https://dev-pkg-upg-api.shanzhildq.com
https://game.shanzhildq.com/agreement/privacy/child_privacy_policies?game=
https://game.shanzhildq.com/agreement/privacy/privacy_policies?game=
https://game.shanzhildq.com/agreement/privacy/child_privacy_policies
自研引擎-S
6.7.8.5
lib/arm64-v8a/libmolest_native.so

FIREBASE实例

邮箱

追踪器

名称 类别 网址

密钥凭证

已显示 6 个secrets
1、 100F6C34-1735-4313-B402-38567131E5F3
2、 amF2YS5uZXQuSHR0cFVSTENvbm5lY3Rpb24=
3、 3082035f30820247a0030201020204021de551300d06092a864886f70d01010b05003060310b300906035504061302636e310f300d0603550408130666756a69616e310d300b06035504071304616d6f793110300e060355040a13077a68756f796f753110300e060355040b13077a68756f796f75310d300b060355040313047469616e301e170d3134303832303134323334355a170d3339303831343134323334355a3060310b300906035504061302636e310f300d0603550408130666756a69616e310d300b06035504071304616d6f793110300e060355040a13077a68756f796f753110300e060355040b13077a68756f796f75310d300b060355040313047469616e30820122300d06092a864886f70d01010105000382010f003082010a028201010097e44b5d30ecdba3c75e8f30a5519e461c7465d30f9eace4ac90f7a692c94352f61feffef1dff77628553162df14d8ba1d42302a70d6a019025879763331df86e0718901edc72fbb43f1030e49103d19647e42c3446493de64088341410ce0a105014373f535a9e11628e4c35c63f74057e1bbf5caebc4c33f1b5eb127f813e56dce3d21ba07893262dce3f02b377183d31bf584ecc6ba26e015690c913efa2e27bc67011a6f002069c5942d711f168a37eaa95ebf037b6275f956cae708d8cf109d868064ad9dc341e8b846fd1120d38623c6bd6d56f3a906dc627e4743cac5c0571a39cffda856f32817eb48e232347a5e857d5c8e493ee2437b0a0457f4f50203010001a321301f301d0603551d0e04160414ace5e93fbc3a5ac74dae8471ff10ff9adba98c35300d06092a864886f70d01010b050003820101008fb9ca1ceca7983a7c8ce9fe6952ccf2f13189812f20a2a5dc597e1bcee5b7424387c2e89ce6b1ee636e2fc4baaddbc523994f78d4f7d74b8471850c92f606dbf21ef9e63e659d9f71e0f0a6189ee27ba8386a7c3b784d5986781829fd9913d50908a1a9e038d7dd4703cdce3105a580e7749ec044299643623800deb8aa7286fb3521ed280737b41198c25d3e5e0047a49ffb66f60b314ea01c79784a08cd35d743319e43b758490bcf79dc4efb59dc88627100828d3e51d6d2b6de04e55b07f330aa4b598024cefb5dc77de16aa7be2c6b7dbd670ce488799afef3f0896655c8da5e97ca70aa0a0187011e07e1ff2e647e92a48120e28af0af00692bdda6b6
4、 100F6C32-1735-4313-B402-38567131E5F3
5、 100F6C33-1735-4313-B402-38567131E5F3
6、 3082039130820279a00302010202045dd634b8300d06092a864886f70d01010b05003078310b300906035504061302434e31193017060355040813107a686f6e6767756f7368616e6768616931193017060355040713107a686f6e6767756f7368616e67686169310d300b060355040a130453485346310d300b060355040b130453485346311530130603550403130c77616e676a696e6368656e673020170d3133313031343039333832325a180f32313133303932303039333832325a3078310b300906035504061302434e31193017060355040813107a686f6e6767756f7368616e6768616931193017060355040713107a686f6e6767756f7368616e67686169310d300b060355040a130453485346310d300b060355040b130453485346311530130603550403130c77616e676a696e6368656e6730820122300d06092a864886f70d01010105000382010f003082010a0282010100b314ce727e1e1efd64aee984ccbe862a64a5783c2acf25db7df2fb50a3cf516e265aa10006f528b1fa108874f73a3dbd15eab66555f2f557337e7363dac35d819aecd403ab1a84f735db792f6369706fdc0e346724b81642dfc056908e63e12f7142da60ebd7bacee9fabd644551899c6542d5541f43d621810b3a71e010b728a96405479d655cf9798e3f5b8c07e7e504b55baf979fdc93e24f83da014e71ec193f8ce171c4b9ac3c76c7de1aa397d921c5f4af2c25b31fce9db8c37e3988385fecb6a6ee8e80151e9b255bfadea7ad6ee9a289c0f44d5be4a36eba1c116d21b4f50dbb6f3aadc8d69eed2350a2076c0eda71ef1a57b8d5e3c805804ca82b410203010001a321301f301d0603551d0e041604141bf42e2146c78e2f2cae7774b794fd1008d76139300d06092a864886f70d01010b0500038201010085af31f57ae8a0634338a0dfa6fb78b9c39b409dc30dbfa1d4e66cd49d8c39d92cfc0bb4e076c6eebb2f2eca9293ebb509155c852f6e55abff21398ea9887483f9f1452044edb3b7e06b2094635ac7176223d7477ccd3dbb46f10414f524fc56e8938581e0f72605eb19afadb726f404f0ed89bf16c95f2a9eb0aa9ecada1cbd7f2b8b42e8c79dcf7beaf521830cd35284d9a4a28cfe1a7b6b940b3226df7e246cc226c66d8c75a1b8e4d30194934bc1fc02a950d6177d7b942397b6e5f37958c4dda84dbc11dd9e82f8a9496964049a956a02986f0861f8a0fde845788b4126f225730ab0d72bf59127a78c633e01a78f2d99ce79969eba7351412f4833175c

字符串列表

建议导出为TXT,方便查看。

活动列表

已显示 3 个activities
1、 com.milu.application.activity.ProcessPhoenix
2、 com.milu.sdk.ui.MainActivity
3、 org.love2d.android.GameActivity

服务列表

广播接收者列表

内容提供者列表

已显示 2 个providers
1、 androidx.startup.InitializationProvider
2、 com.mod.plugin.shell.provider.FakeProvider

第三方SDK

SDK名称 开发者 描述信息
C++ 共享库 Android 在 Android 应用中运行原生代码。
OpenAL Ubuntu MOTU Developers Software implementation of the OpenAL audio API
Jetpack App Startup Google App Startup 库提供了一种直接,高效的方法来在应用程序启动时初始化组件。库开发人员和应用程序开发人员都可以使用 App Startup 来简化启动顺序并显式设置初始化顺序。App Startup 允许您定义共享单个内容提供程序的组件初始化程序,而不必为需要初始化的每个组件定义单独的内容提供程序。这可以大大缩短应用启动时间。

文件列表

kotlin/internal/internal.kotlin_builtins
kotlin/kotlin.kotlin_builtins
kotlin/coroutines/coroutines.kotlin_builtins
kotlin/ranges/ranges.kotlin_builtins
kotlin/annotation/annotation.kotlin_builtins
kotlin/collections/collections.kotlin_builtins
kotlin/reflect/reflect.kotlin_builtins
classes4.dex
classes3.dex
classes6.dex
resources.arsc
classes2.dex
META-INF/services/n0.g
META-INF/services/l0.d
classes5.dex
lib/armeabi-v7a/libFirebaseCxxStatic.so
lib/armeabi-v7a/libml_unzip.so
lib/armeabi-v7a/libmpg123.so
lib/armeabi-v7a/libc++_shared.so
lib/armeabi-v7a/libmolest_native.so
lib/armeabi-v7a/libopenal.so
lib/armeabi-v7a/liblove.so
lib/arm64-v8a/libFirebaseCxxStatic.so
lib/arm64-v8a/libml_unzip.so
lib/arm64-v8a/libmpg123.so
lib/arm64-v8a/libc++_shared.so
lib/arm64-v8a/libmolest_native.so
lib/arm64-v8a/libopenal.so
lib/arm64-v8a/liblove.so
classes7.dex
res/anim/btn_checkbox_to_checked_icon_null_animation.xml
res/anim/abc_tooltip_enter.xml
res/anim/abc_slide_out_top.xml
res/anim/abc_popup_exit.xml
res/anim/btn_radio_to_off_mtrl_dot_group_animation.xml
res/anim/abc_slide_in_top.xml
res/anim/btn_checkbox_to_unchecked_check_path_merged_animation.xml
res/anim/abc_tooltip_exit.xml
res/anim/btn_checkbox_to_unchecked_icon_null_animation.xml
res/anim/btn_checkbox_to_unchecked_box_inner_merged_animation.xml
res/anim/btn_radio_to_off_mtrl_ring_outer_path_animation.xml
res/anim/btn_radio_to_on_mtrl_ring_outer_path_animation.xml
res/anim/btn_radio_to_off_mtrl_ring_outer_animation.xml
res/anim/btn_checkbox_to_checked_box_outer_merged_animation.xml
res/anim/abc_fade_out.xml
res/anim/abc_popup_enter.xml
res/anim/btn_radio_to_on_mtrl_ring_outer_animation.xml
res/anim/abc_grow_fade_in_from_bottom.xml
res/anim/abc_slide_out_bottom.xml
res/anim/abc_fade_in.xml
res/anim/btn_checkbox_to_checked_box_inner_merged_animation.xml
res/anim/abc_shrink_fade_out_from_bottom.xml
res/anim/btn_radio_to_on_mtrl_dot_group_animation.xml
res/anim/abc_slide_in_bottom.xml
res/anim/fragment_fast_out_extra_slow_in.xml
res/layout-v21/notification_action_tombstone.xml
res/layout-v21/notification_action.xml
res/layout-v21/notification_template_icon_group.xml
res/layout-v21/notification_template_custom_big.xml
res/layout-v21/abc_screen_toolbar.xml
res/animator/fragment_close_exit.xml
res/animator/fragment_fade_enter.xml
res/animator/fragment_open_enter.xml
res/animator/fragment_fade_exit.xml
res/animator/fragment_close_enter.xml
res/animator/fragment_open_exit.xml
res/drawable-ldrtl-xxxhdpi-v17/abc_spinner_mtrl_am_alpha.9.png
res/xml/xxxx_file_paths.xml
res/xml/splits0.xml
res/xml/network_security_config.xml
res/drawable-watch-v20/abc_dialog_material_background.xml
res/layout-v22/abc_alert_dialog_button_bar_material.xml
res/drawable-xxhdpi/abc_text_select_handle_right_mtrl.png
res/drawable-xxhdpi/abc_text_select_handle_left_mtrl.png
res/drawable-xxhdpi/abc_btn_radio_to_on_mtrl_000.png
res/drawable-xxhdpi/abc_tab_indicator_mtrl_alpha.9.png
res/drawable-xxhdpi/abc_textfield_search_default_mtrl_alpha.9.png
res/drawable-xxhdpi/abc_textfield_default_mtrl_alpha.9.png
res/drawable-xxhdpi/abc_text_select_handle_middle_mtrl.png
res/drawable-xxhdpi/abc_scrubber_control_to_pressed_mtrl_000.png
res/drawable-xxhdpi/abc_scrubber_primary_mtrl_alpha.9.png
res/drawable-xxhdpi/abc_btn_switch_to_on_mtrl_00012.9.png
res/drawable-xxhdpi/abc_scrubber_track_mtrl_alpha.9.png
res/drawable-xxhdpi/abc_btn_check_to_on_mtrl_000.png
res/drawable-xxhdpi/abc_menu_hardkey_panel_mtrl_mult.9.png
res/drawable-xxhdpi/abc_textfield_search_activated_mtrl_alpha.9.png
res/drawable-xxhdpi/abc_btn_check_to_on_mtrl_015.png
res/drawable-xxhdpi/abc_list_pressed_holo_light.9.png
res/drawable-xxhdpi/abc_cab_background_top_mtrl_alpha.9.png
res/drawable-xxhdpi/abc_list_focused_holo.9.png
res/drawable-xxhdpi/abc_scrubber_control_off_mtrl_alpha.png
res/drawable-xxhdpi/abc_switch_track_mtrl_alpha.9.png
res/drawable-xxhdpi/abc_ab_share_pack_mtrl_alpha.9.png
res/drawable-xxhdpi/abc_list_pressed_holo_dark.9.png
res/drawable-xxhdpi/abc_spinner_mtrl_am_alpha.9.png
res/drawable-xxhdpi/abc_scrubber_control_to_pressed_mtrl_005.png
res/drawable-xxhdpi/abc_textfield_activated_mtrl_alpha.9.png
res/drawable-xxhdpi/abc_list_selector_disabled_holo_light.9.png
res/drawable-xxhdpi/abc_btn_radio_to_on_mtrl_015.png
res/drawable-xxhdpi/abc_list_selector_disabled_holo_dark.9.png
res/drawable-xxhdpi/abc_btn_switch_to_on_mtrl_00001.9.png
res/drawable-xxhdpi/abc_list_longpressed_holo.9.png
res/drawable-xxhdpi/abc_list_divider_mtrl_alpha.9.png
res/drawable-xxhdpi/abc_ic_commit_search_api_mtrl_alpha.png
res/drawable-xxhdpi/abc_popup_background_mtrl_mult.9.png
res/drawable-xxhdpi/love.png
res/color/abc_tint_btn_checkable.xml
res/color/abc_primary_text_disable_only_material_light.xml
res/color/abc_primary_text_material_light.xml
res/color/abc_tint_spinner.xml
res/color/abc_tint_default.xml
res/color/abc_tint_switch_track.xml
res/color/abc_btn_colored_borderless_text_material.xml
res/color/abc_primary_text_material_dark.xml
res/color/abc_background_cache_hint_selector_material_dark.xml
res/color/switch_thumb_material_light.xml
res/color/abc_secondary_text_material_dark.xml
res/color/abc_search_url_text.xml
res/color/abc_background_cache_hint_selector_material_light.xml
res/color/abc_hint_foreground_material_light.xml
res/color/abc_secondary_text_material_light.xml
res/color/abc_tint_edittext.xml
res/color/abc_primary_text_disable_only_material_dark.xml
res/color/abc_btn_colored_text_material.xml
res/color/abc_tint_seek_thumb.xml
res/color/switch_thumb_material_dark.xml
res/color/abc_hint_foreground_material_dark.xml
res/drawable-v21/abc_btn_colored_material.xml
res/drawable-v21/abc_list_divider_material.xml
res/drawable-v21/abc_action_bar_item_background_material.xml
res/drawable-v21/abc_edit_text_material.xml
res/drawable-v21/notification_action_background.xml
res/drawable-v21/abc_dialog_material_background.xml
res/color-v23/abc_tint_btn_checkable.xml
res/color-v23/abc_tint_spinner.xml
res/color-v23/abc_tint_default.xml
res/color-v23/abc_tint_switch_track.xml
res/color-v23/abc_btn_colored_borderless_text_material.xml
res/color-v23/abc_tint_edittext.xml
res/color-v23/abc_btn_colored_text_material.xml
res/color-v23/abc_tint_seek_thumb.xml
res/color-v23/abc_color_highlight_material.xml
res/drawable-ldrtl-xhdpi-v17/abc_spinner_mtrl_am_alpha.9.png
res/drawable-xxxhdpi/abc_text_select_handle_right_mtrl.png
res/drawable-xxxhdpi/abc_text_select_handle_left_mtrl.png
res/drawable-xxxhdpi/abc_btn_radio_to_on_mtrl_000.png
res/drawable-xxxhdpi/abc_tab_indicator_mtrl_alpha.9.png
res/drawable-xxxhdpi/abc_scrubber_control_to_pressed_mtrl_000.png
res/drawable-xxxhdpi/abc_btn_switch_to_on_mtrl_00012.9.png
res/drawable-xxxhdpi/abc_btn_check_to_on_mtrl_000.png
res/drawable-xxxhdpi/abc_btn_check_to_on_mtrl_015.png
res/drawable-xxxhdpi/abc_switch_track_mtrl_alpha.9.png
res/drawable-xxxhdpi/abc_spinner_mtrl_am_alpha.9.png
res/drawable-xxxhdpi/abc_scrubber_control_to_pressed_mtrl_005.png
res/drawable-xxxhdpi/abc_btn_radio_to_on_mtrl_015.png
res/drawable-xxxhdpi/abc_btn_switch_to_on_mtrl_00001.9.png
res/drawable-xxxhdpi/love.png
res/anim-v21/fragment_fast_out_extra_slow_in.xml
res/drawable-mdpi/abc_text_select_handle_right_mtrl.png
res/drawable-mdpi/abc_text_select_handle_left_mtrl.png
res/drawable-mdpi/abc_btn_radio_to_on_mtrl_000.png
res/drawable-mdpi/abc_tab_indicator_mtrl_alpha.9.png
res/drawable-mdpi/abc_textfield_search_default_mtrl_alpha.9.png
res/drawable-mdpi/abc_textfield_default_mtrl_alpha.9.png
res/drawable-mdpi/abc_text_select_handle_middle_mtrl.png
res/drawable-mdpi/abc_scrubber_control_to_pressed_mtrl_000.png
res/drawable-mdpi/abc_scrubber_primary_mtrl_alpha.9.png
res/drawable-mdpi/abc_btn_switch_to_on_mtrl_00012.9.png
res/drawable-mdpi/abc_scrubber_track_mtrl_alpha.9.png
res/drawable-mdpi/abc_btn_check_to_on_mtrl_000.png
res/drawable-mdpi/abc_menu_hardkey_panel_mtrl_mult.9.png
res/drawable-mdpi/abc_textfield_search_activated_mtrl_alpha.9.png
res/drawable-mdpi/abc_btn_check_to_on_mtrl_015.png
res/drawable-mdpi/abc_list_pressed_holo_light.9.png
res/drawable-mdpi/abc_cab_background_top_mtrl_alpha.9.png
res/drawable-mdpi/abc_list_focused_holo.9.png
res/drawable-mdpi/abc_scrubber_control_off_mtrl_alpha.png
res/drawable-mdpi/abc_switch_track_mtrl_alpha.9.png
res/drawable-mdpi/abc_ab_share_pack_mtrl_alpha.9.png
res/drawable-mdpi/abc_list_pressed_holo_dark.9.png
res/drawable-mdpi/notify_panel_notification_icon_bg.png
res/drawable-mdpi/abc_spinner_mtrl_am_alpha.9.png
res/drawable-mdpi/abc_scrubber_control_to_pressed_mtrl_005.png
res/drawable-mdpi/notification_bg_low_pressed.9.png
res/drawable-mdpi/abc_textfield_activated_mtrl_alpha.9.png
res/drawable-mdpi/abc_list_selector_disabled_holo_light.9.png
res/drawable-mdpi/notification_bg_normal_pressed.9.png
res/drawable-mdpi/abc_btn_radio_to_on_mtrl_015.png
res/drawable-mdpi/notification_bg_normal.9.png
res/drawable-mdpi/abc_list_selector_disabled_holo_dark.9.png
res/drawable-mdpi/abc_btn_switch_to_on_mtrl_00001.9.png
res/drawable-mdpi/abc_list_longpressed_holo.9.png
res/drawable-mdpi/abc_list_divider_mtrl_alpha.9.png
res/drawable-mdpi/abc_ic_commit_search_api_mtrl_alpha.png
res/drawable-mdpi/notification_bg_low_normal.9.png
res/drawable-mdpi/abc_popup_background_mtrl_mult.9.png
res/drawable-mdpi/love.png
res/drawable/abc_list_selector_background_transition_holo_dark.xml
res/drawable/abc_ratingbar_indicator_material.xml
res/drawable/tooltip_frame_dark.xml
res/drawable/abc_btn_colored_material.xml
res/drawable/abc_seekbar_track_material.xml
res/drawable/btn_checkbox_checked_to_unchecked_mtrl_animation.xml
res/drawable/notification_tile_bg.xml
res/drawable/abc_cab_background_internal_bg.xml
res/drawable/abc_ic_menu_share_mtrl_alpha.xml
res/drawable/btn_radio_off_to_on_mtrl_animation.xml
res/drawable/abc_item_background_holo_light.xml
res/drawable/btn_checkbox_unchecked_mtrl.xml
res/drawable/abc_ic_menu_paste_mtrl_am_alpha.xml
res/drawable/abc_btn_radio_material_anim.xml
res/drawable/abc_list_divider_material.xml
res/drawable/abc_spinner_textfield_background_material.xml
res/drawable/abc_star_black_48dp.xml
res/drawable/abc_btn_borderless_material.xml
res/drawable/abc_ratingbar_material.xml
res/drawable/abc_textfield_search_material.xml
res/drawable/abc_ic_menu_cut_mtrl_alpha.xml
res/drawable/abc_tab_indicator_material.xml
res/drawable/abc_btn_default_mtrl_shape.xml
res/drawable/abc_ratingbar_small_material.xml
res/drawable/notification_icon_background.xml
res/drawable/abc_ic_clear_material.xml
res/drawable/btn_checkbox_checked_mtrl.xml
res/drawable/notification_bg_low.xml
res/drawable/abc_star_half_black_48dp.xml
res/drawable/abc_ic_ab_back_material.xml
res/drawable/abc_ic_search_api_material.xml
res/drawable/abc_ic_voice_search_api_material.xml
res/drawable/abc_text_cursor_material.xml
res/drawable/abc_cab_background_top_material.xml
res/drawable/btn_radio_on_mtrl.xml
res/drawable/abc_btn_check_material.xml
res/drawable/abc_edit_text_material.xml
res/drawable/abc_ic_menu_selectall_mtrl_alpha.xml
res/drawable/abc_list_selector_holo_dark.xml
res/drawable/abc_seekbar_tick_mark_material.xml
res/drawable/abc_ic_menu_overflow_material.xml
res/drawable/abc_ic_arrow_drop_right_black_24dp.xml
res/drawable/abc_ic_go_search_api_material.xml
res/drawable/abc_btn_check_material_anim.xml
res/drawable/notification_bg.xml
res/drawable/abc_seekbar_thumb_material.xml
res/drawable/abc_ic_menu_copy_mtrl_am_alpha.xml
res/drawable/abc_list_selector_holo_light.xml
res/drawable/abc_switch_thumb_material.xml
res/drawable/btn_radio_on_to_off_mtrl_animation.xml
res/drawable/btn_radio_off_mtrl.xml
res/drawable/abc_vector_test.xml
res/drawable/test_level_drawable.xml
res/drawable/abc_btn_radio_material.xml
res/drawable/abc_dialog_material_background.xml
res/drawable/btn_checkbox_unchecked_to_checked_mtrl_animation.xml
res/drawable/abc_item_background_holo_dark.xml
res/drawable/abc_list_selector_background_transition_holo_light.xml
res/drawable/tooltip_frame_light.xml
res/drawable-xhdpi/abc_text_select_handle_right_mtrl.png
res/drawable-xhdpi/abc_text_select_handle_left_mtrl.png
res/drawable-xhdpi/abc_btn_radio_to_on_mtrl_000.png
res/drawable-xhdpi/abc_tab_indicator_mtrl_alpha.9.png
res/drawable-xhdpi/abc_textfield_search_default_mtrl_alpha.9.png
res/drawable-xhdpi/abc_textfield_default_mtrl_alpha.9.png
res/drawable-xhdpi/abc_text_select_handle_middle_mtrl.png
res/drawable-xhdpi/abc_scrubber_control_to_pressed_mtrl_000.png
res/drawable-xhdpi/abc_scrubber_primary_mtrl_alpha.9.png
res/drawable-xhdpi/abc_btn_switch_to_on_mtrl_00012.9.png
res/drawable-xhdpi/abc_scrubber_track_mtrl_alpha.9.png
res/drawable-xhdpi/abc_btn_check_to_on_mtrl_000.png
res/drawable-xhdpi/abc_menu_hardkey_panel_mtrl_mult.9.png
res/drawable-xhdpi/abc_textfield_search_activated_mtrl_alpha.9.png
res/drawable-xhdpi/abc_btn_check_to_on_mtrl_015.png
res/drawable-xhdpi/abc_list_pressed_holo_light.9.png
res/drawable-xhdpi/abc_cab_background_top_mtrl_alpha.9.png
res/drawable-xhdpi/abc_list_focused_holo.9.png
res/drawable-xhdpi/abc_scrubber_control_off_mtrl_alpha.png
res/drawable-xhdpi/abc_switch_track_mtrl_alpha.9.png
res/drawable-xhdpi/abc_ab_share_pack_mtrl_alpha.9.png
res/drawable-xhdpi/abc_list_pressed_holo_dark.9.png
res/drawable-xhdpi/notify_panel_notification_icon_bg.png
res/drawable-xhdpi/abc_spinner_mtrl_am_alpha.9.png
res/drawable-xhdpi/abc_scrubber_control_to_pressed_mtrl_005.png
res/drawable-xhdpi/notification_bg_low_pressed.9.png
res/drawable-xhdpi/abc_textfield_activated_mtrl_alpha.9.png
res/drawable-xhdpi/abc_list_selector_disabled_holo_light.9.png
res/drawable-xhdpi/notification_bg_normal_pressed.9.png
res/drawable-xhdpi/abc_btn_radio_to_on_mtrl_015.png
res/drawable-xhdpi/notification_bg_normal.9.png
res/drawable-xhdpi/abc_list_selector_disabled_holo_dark.9.png
res/drawable-xhdpi/abc_btn_switch_to_on_mtrl_00001.9.png
res/drawable-xhdpi/abc_list_longpressed_holo.9.png
res/drawable-xhdpi/abc_list_divider_mtrl_alpha.9.png
res/drawable-xhdpi/abc_ic_commit_search_api_mtrl_alpha.png
res/drawable-xhdpi/notification_bg_low_normal.9.png
res/drawable-xhdpi/abc_popup_background_mtrl_mult.9.png
res/drawable-xhdpi/love.png
res/drawable-ldrtl-mdpi-v17/abc_spinner_mtrl_am_alpha.9.png
res/drawable-ldrtl-xxhdpi-v17/abc_spinner_mtrl_am_alpha.9.png
res/layout-v26/abc_screen_toolbar.xml
res/layout/abc_screen_simple.xml
res/layout/abc_tooltip.xml
res/layout/abc_action_menu_item_layout.xml
res/layout/abc_screen_content_include.xml
res/layout/abc_alert_dialog_title_material.xml
res/layout/abc_list_menu_item_checkbox.xml
res/layout/notification_action_tombstone.xml
res/layout/custom_dialog.xml
res/layout/notification_action.xml
res/layout/support_simple_spinner_dropdown_item.xml
res/layout/abc_action_bar_up_container.xml
res/layout/abc_action_bar_title_item.xml
res/layout/abc_activity_chooser_view_list_item.xml
res/layout/notification_template_icon_group.xml
res/layout/abc_select_dialog_material.xml
res/layout/abc_alert_dialog_material.xml
res/layout/abc_list_menu_item_layout.xml
res/layout/abc_popup_menu_header_item_layout.xml
res/layout/abc_list_menu_item_radio.xml
res/layout/abc_dialog_title_material.xml
res/layout/notification_template_part_chronometer.xml
res/layout/abc_activity_chooser_view.xml
res/layout/abc_cascading_menu_item_layout.xml
res/layout/abc_action_menu_layout.xml
res/layout/notification_template_custom_big.xml
res/layout/abc_search_dropdown_item_icons_2line.xml
res/layout/abc_alert_dialog_button_bar_material.xml
res/layout/abc_action_mode_bar.xml
res/layout/abc_screen_toolbar.xml
res/layout/abc_screen_simple_overlay_action_mode.xml
res/layout/abc_list_menu_item_icon.xml
res/layout/abc_search_view.xml
res/layout/select_dialog_singlechoice_material.xml
res/layout/select_dialog_multichoice_material.xml
res/layout/abc_popup_menu_item_layout.xml
res/layout/abc_action_mode_close_item_material.xml
res/layout/abc_expanded_menu_layout.xml
res/layout/select_dialog_item_material.xml
res/layout/notification_template_part_time.xml
res/layout-v17/abc_tooltip.xml
res/layout-v17/abc_alert_dialog_title_material.xml
res/layout-v17/notification_action_tombstone.xml
res/layout-v17/notification_action.xml
res/layout-v17/abc_select_dialog_material.xml
res/layout-v17/abc_popup_menu_header_item_layout.xml
res/layout-v17/abc_dialog_title_material.xml
res/layout-v17/notification_template_custom_big.xml
res/layout-v17/abc_alert_dialog_button_bar_material.xml
res/layout-v17/abc_list_menu_item_icon.xml
res/layout-v17/abc_search_view.xml
res/layout-v17/select_dialog_singlechoice_material.xml
res/layout-v17/select_dialog_multichoice_material.xml
res/layout-v17/abc_action_mode_close_item_material.xml
res/layout-watch-v20/abc_alert_dialog_title_material.xml
res/layout-watch-v20/abc_alert_dialog_button_bar_material.xml
res/drawable-ldrtl-hdpi-v17/abc_spinner_mtrl_am_alpha.9.png
res/interpolator/btn_checkbox_checked_mtrl_animation_interpolator_0.xml
res/interpolator/btn_checkbox_unchecked_mtrl_animation_interpolator_1.xml
res/interpolator/btn_checkbox_checked_mtrl_animation_interpolator_1.xml
res/interpolator/btn_radio_to_on_mtrl_animation_interpolator_0.xml
res/interpolator/btn_radio_to_off_mtrl_animation_interpolator_0.xml
res/interpolator/fast_out_slow_in.xml
res/interpolator/btn_checkbox_unchecked_mtrl_animation_interpolator_0.xml
res/drawable-hdpi/abc_text_select_handle_right_mtrl.png
res/drawable-hdpi/abc_text_select_handle_left_mtrl.png
res/drawable-hdpi/abc_btn_radio_to_on_mtrl_000.png
res/drawable-hdpi/abc_tab_indicator_mtrl_alpha.9.png
res/drawable-hdpi/abc_textfield_search_default_mtrl_alpha.9.png
res/drawable-hdpi/abc_textfield_default_mtrl_alpha.9.png
res/drawable-hdpi/abc_text_select_handle_middle_mtrl.png
res/drawable-hdpi/abc_scrubber_control_to_pressed_mtrl_000.png
res/drawable-hdpi/abc_scrubber_primary_mtrl_alpha.9.png
res/drawable-hdpi/abc_btn_switch_to_on_mtrl_00012.9.png
res/drawable-hdpi/abc_scrubber_track_mtrl_alpha.9.png
res/drawable-hdpi/abc_btn_check_to_on_mtrl_000.png
res/drawable-hdpi/abc_menu_hardkey_panel_mtrl_mult.9.png
res/drawable-hdpi/abc_textfield_search_activated_mtrl_alpha.9.png
res/drawable-hdpi/abc_btn_check_to_on_mtrl_015.png
res/drawable-hdpi/abc_list_pressed_holo_light.9.png
res/drawable-hdpi/abc_cab_background_top_mtrl_alpha.9.png
res/drawable-hdpi/abc_list_focused_holo.9.png
res/drawable-hdpi/abc_scrubber_control_off_mtrl_alpha.png
res/drawable-hdpi/abc_switch_track_mtrl_alpha.9.png
res/drawable-hdpi/abc_ab_share_pack_mtrl_alpha.9.png
res/drawable-hdpi/abc_list_pressed_holo_dark.9.png
res/drawable-hdpi/notify_panel_notification_icon_bg.png
res/drawable-hdpi/abc_spinner_mtrl_am_alpha.9.png
res/drawable-hdpi/abc_scrubber_control_to_pressed_mtrl_005.png
res/drawable-hdpi/notification_bg_low_pressed.9.png
res/drawable-hdpi/abc_textfield_activated_mtrl_alpha.9.png
res/drawable-hdpi/abc_list_selector_disabled_holo_light.9.png
res/drawable-hdpi/notification_bg_normal_pressed.9.png
res/drawable-hdpi/abc_btn_radio_to_on_mtrl_015.png
res/drawable-hdpi/notification_bg_normal.9.png
res/drawable-hdpi/abc_list_selector_disabled_holo_dark.9.png
res/drawable-hdpi/abc_btn_switch_to_on_mtrl_00001.9.png
res/drawable-hdpi/abc_list_longpressed_holo.9.png
res/drawable-hdpi/abc_list_divider_mtrl_alpha.9.png
res/drawable-hdpi/abc_ic_commit_search_api_mtrl_alpha.png
res/drawable-hdpi/notification_bg_low_normal.9.png
res/drawable-hdpi/abc_popup_background_mtrl_mult.9.png
res/drawable-hdpi/love.png
res/color-v21/abc_btn_colored_borderless_text_material.xml
res/drawable-v23/abc_control_background_material.xml
assets/libarm_32.so
assets/game.love
assets/libx86_64.so
assets/ml_assets/ntdb/kv
assets/orig.apk
assets/libx86_32.so
assets/gdpr/21.png
assets/gdpr/6.png
assets/gdpr/8.png
assets/gdpr/18.png
assets/gdpr/16.png
assets/gdpr/12.png
assets/libarm_64.so
assets/dexopt/baseline.prof
assets/dexopt/baseline.profm
androidsupportmultidexversion.txt
DebugProbesKt.bin
classes.dex
AndroidManifest.xml
assets/modplugin/mod_config
assets/modplugin/mod.json
assets/modplugin/loader/com.mod.plugin.loader.apk
assets/modplugin/main/com.mod.plugin.main.apk
META-INF/WXW.SF
META-INF/WXW.RSA
META-INF/MANIFEST.MF

污点分析

当apk较大时,代码量会很大,造成数据流图(ICFG)呈现爆炸式增长,所以该功能比较耗时,请先喝杯咖啡,耐心等待……
规则名称 描述信息 操作
病毒分析 使用安卓恶意软件常用的API进行污点分析 开始分析  
漏洞挖掘 漏洞挖掘场景下的污点分析 开始分析  
隐私合规 隐私合规场景下的污点分析:组件内污点传播、组件间污点传播、组件与库函数之间的污点传播 开始分析  
密码分析 分析加密算法是否使用常量密钥、静态初始化的向量(IV)、加密模式是否使用ECB等 开始分析  
Callback 因为Android中系统级的Callback并不会出现显式地进行回调方法的调用,所以如果需要分析Callback方法需要在声明文件中将其声明,这里提供一份AndroidCallbacks.txt文件,里面是一些常见的原生回调接口或类,如果有特殊接口需求,可以联系管理员 开始分析