温馨提示:本平台仅供研究软件风险、安全评估,禁止用于非法用途。由于展示的数据过于全面,请耐心等待加载完成。如有疑问或建议, 可加入我们的微信群讨论

APP评分

病毒检测 2 个厂商报毒

安全评分

文件信息

文件名称 qzwk.apk
文件大小 1.33MB
MD5 e8272fcac24426ee79cdbdcbecdaa10a
SHA1 3a2c6a339a58662f75da91a87901ffd9a851602e
SHA256 69642d5d1346d4a5c107ed5c25ed08f784509ee59dfdfa8794b59da8d6c8c15a

应用信息

应用名称 轻之文库
包名 com.lknovel.lkbunko
主活动 .MainActivity
目标SDK 21     最小SDK 10
版本号 2.0.7     子版本号 2015093004
加固信息 未加壳

组件导出信息

扫描选项

重新扫描 管理规则 动态分析

反编译代码

Manifest文件 查看
APK文件 下载
Java源代码 查看 -- 下载

证书信息

二进制文件已签名
v1 签名: True
v2 签名: False
v3 签名: False
v4 签名: False
主题: C=US, ST=California, L=Mountain View, O=Android, OU=Android, CN=Android, E=android@android.com
签名算法: rsassa_pkcs1v15
有效期自: 2008-02-29 01:33:46+00:00
有效期至: 2035-07-17 01:33:46+00:00
发行人: C=US, ST=California, L=Mountain View, O=Android, OU=Android, CN=Android, E=android@android.com
序列号: 0x936eacbe07f201df
哈希算法: sha1
证书MD5: e89b158e4bcf988ebd09eb83f5378e87
证书SHA1: 61ed377e85d386a8dfee6b864bd85b0bfaa5af81
证书SHA256: a40da80a59d170caa950cf15c18c454d47a39b26989d8b640ecd745ba71bf5dc
证书SHA512: 5216ccb62004c4534f35c780ad7c582f4ee528371e27d4151f0553325de9ccbe6b34ec4233f5f640703581053abfea303977272d17958704d89b7711292a4569
找到 1 个唯一证书

应用程序权限

权限名称 安全等级 权限内容 权限描述 关联代码
android.permission.INTERNET 危险 完全互联网访问 允许应用程序创建网络套接字。
android.permission.READ_PHONE_STATE 危险 读取手机状态和标识 允许应用程序访问设备的手机功能。有此权限的应用程序可确定此手机的号码和序列号,是否正在通话,以及对方的号码等。
android.permission.ACCESS_NETWORK_STATE 普通 获取网络状态 允许应用程序查看所有网络的状态。
android.permission.ACCESS_WIFI_STATE 普通 查看Wi-Fi状态 允许应用程序查看有关Wi-Fi状态的信息。
android.permission.WRITE_EXTERNAL_STORAGE 危险 读取/修改/删除外部存储内容 允许应用程序写入外部存储。
android.permission.WRITE_SETTINGS 危险 修改全局系统设置 允许应用程序修改系统设置方面的数据。恶意应用程序可借此破坏您的系统配置。

证书分析

高危
1
警告
0
信息
1
标题 严重程度 描述信息
已签名应用 信息 应用程序已使用代码签名证书进行签名
应用程序存在Janus漏洞 高危 应用程序使用了v1签名方案进行签名,如果只使用v1签名方案,那么它就容易受到安卓5.0-8.0上的Janus漏洞的攻击。在安卓5.0-7.0上运行的使用了v1签名方案的应用程序,以及同时使用了v2/v3签名方案的应用程序也同样存在漏洞。

MANIFEST分析

高危
0
警告
1
信息
0
屏蔽
0
序号 问题 严重程度 描述信息 操作
1 应用程序可以安装在有漏洞的已更新 Android 版本上
Android 2.3.3-2.3.7, [minSdk=10]
信息 该应用程序可以安装在具有多个未修复漏洞的旧版本 Android 上。这些设备不会从 Google 接收合理的安全更新。支持 Android 版本 => 10、API 29 以接收合理的安全更新。
2 应用程序数据可以被备份
[android:allowBackup=true]
警告 这个标志允许任何人通过adb备份你的应用程序数据。它允许已经启用了USB调试的用户从设备上复制应用程序数据。

可浏览的ACTIVITIES

ACTIVITY INTENT

网络安全配置

序号 范围 严重级别 描述

API调用分析

API功能 源码文件
组件-> 启动 Service
一般功能-> IPC通信
com/lknovel/fb/ConversationActivity.java
com/lknovel/fb/FeedbackAgent.java
com/lknovel/fb/HelpActivity.java
com/lknovel/fb/fragment/FeedbackFragment.java
com/lknovel/fb/push/FeedbackPush.java
com/lknovel/fb/push/a.java
com/lknovel/fb/push/b.java
com/lknovel/fb/push/c.java
com/lknovel/fb/util/d.java
com/lknovel/lib/e.java
com/lknovel/lib/f.java
com/lknovel/lkbunko/MainActivity.java
com/lknovel/lkbunko/as.java
com/lknovel/lkbunko/b.java
com/lknovel/lkbunko/bf.java
com/lknovel/lkbunko/ep.java
com/lknovel/lkbunko/ew.java
com/lknovel/lkbunko/ex.java
com/lknovel/message/ElectionReceiver.java
com/lknovel/message/MessageReceiver.java
com/lknovel/message/MessageSharedPrefs.java
com/lknovel/message/MsgConstant.java
com/lknovel/message/NotificationProxyBroadcastReceiver.java
com/lknovel/message/PushAgent.java
com/lknovel/message/RegistrationReceiver.java
com/lknovel/message/SystemReceiver.java
com/lknovel/message/UpdateActionReceiver.java
com/lknovel/message/lknovelBaseIntentService.java
com/lknovel/message/lknovelDownloadResourceService.java
com/lknovel/message/lknovelIntentService.java
com/lknovel/message/lknovelMessageBootReceiver.java
com/lknovel/message/lknovelMessageCallbackHandlerService.java
com/lknovel/message/lknovelMessageHandler.java
com/lknovel/message/lknovelMessageIntentReceiverService.java
com/lknovel/message/lknovelNotificationClickHandler.java
com/lknovel/message/proguard/AbstractC0047bg.java
com/lknovel/message/proguard/C0049bi.java
com/lknovel/message/proguard/C0051bk.java
com/lknovel/message/proguard/C0057bq.java
com/lknovel/message/proguard/C0062g.java
com/lknovel/message/proguard/aV.java
com/lknovel/message/proguard/bQ.java
com/lknovel/mobile/MMAdView.java
com/lknovel/mobile/csdk/umupdate/a/t.java
com/lknovel/update/UpdateDialogActivity.java
com/lknovel/update/c.java
com/lknovel/update/lknovelUpdateAgent.java
com/lknovel/update/net/DownloadingService.java
com/lknovel/update/net/a.java
com/lknovel/update/net/c.java
com/lknovel/update/net/f.java
com/lknovel/update/util/b.java
一般功能-> 文件操作
com/a/a.java
com/a/a/a/a.java
com/a/a/a/aa.java
com/a/a/a/e.java
com/a/a/a/f.java
com/a/a/a/g.java
com/a/a/a/l.java
com/a/a/a/m.java
com/a/a/a/n.java
com/a/a/a/u.java
com/a/a/a/v.java
com/a/a/a/w.java
com/a/a/a/y.java
com/a/a/a/z.java
com/a/j.java
com/a/p.java
com/a/q.java
com/b/a/a/a/a.java
com/b/a/a/a/a/a.java
com/b/a/a/a/a/a/a.java
com/b/a/a/a/a/a/b.java
com/b/a/a/a/a/a/c.java
com/b/a/a/a/a/a/d.java
com/b/a/a/a/a/a/e.java
com/b/a/a/a/a/a/f.java
com/b/a/a/a/a/a/g.java
com/b/a/a/a/a/a/h.java
com/b/a/a/a/a/a/i.java
com/b/a/a/a/a/a/j.java
com/b/a/a/a/a/a/k.java
com/b/a/a/a/a/b.java
com/b/a/b/a.java
com/b/a/b/a/a.java
com/b/a/b/a/a/d.java
com/b/a/b/a/d.java
com/b/a/b/b/a.java
com/b/a/b/d/a.java
com/b/a/b/d/c.java
com/b/a/b/j.java
com/b/a/b/k.java
com/b/a/b/m.java
com/b/a/b/o.java
com/b/a/c/c.java
com/b/a/c/h.java
com/c/a/aa.java
com/c/a/ag.java
com/c/a/an.java
com/c/a/d.java
com/c/a/f.java
com/c/a/k.java
com/c/a/n.java
com/c/a/s.java
com/c/a/t.java
com/d/a/a/a/b.java
com/d/a/b/a/d.java
com/d/a/b/a/e.java
com/d/a/b/a/f.java
com/d/a/b/a/h.java
com/d/a/c/d.java
com/lknovel/aa.java
com/lknovel/ag.java
com/lknovel/am.java
com/lknovel/analytics/d.java
com/lknovel/analytics/h.java
com/lknovel/analytics/onlineconfig/a.java
com/lknovel/analytics/social/c.java
com/lknovel/analytics/social/f.java
com/lknovel/as.java
com/lknovel/ay.java
com/lknovel/b.java
com/lknovel/bf.java
com/lknovel/bm.java
com/lknovel/bs.java
com/lknovel/by.java
com/lknovel/cf.java
com/lknovel/cl.java
com/lknovel/common/message/lknovelMessageDeviceConfig.java
com/lknovel/cr.java
com/lknovel/cx.java
com/lknovel/d.java
com/lknovel/dd.java
com/lknovel/dj.java
com/lknovel/dp.java
com/lknovel/dy.java
com/lknovel/e.java
com/lknovel/ee.java
com/lknovel/el.java
com/lknovel/er.java
com/lknovel/ex.java
com/lknovel/f.java
com/lknovel/fb/audio/AudioAgent.java
com/lknovel/fb/audio/a.java
com/lknovel/fb/audio/b.java
com/lknovel/fb/audio/c.java
com/lknovel/fb/common/b.java
com/lknovel/fb/image/b.java
com/lknovel/fb/model/Store.java
com/lknovel/fb/net/a.java
com/lknovel/fb/opus/OpusTool.java
com/lknovel/fb/push/b.java
com/lknovel/fb/util/a.java
com/lknovel/fb/util/b.java
com/lknovel/fb/util/c.java
com/lknovel/fb/util/d.java
com/lknovel/fd.java
com/lknovel/fj.java
com/lknovel/fl.java
com/lknovel/fo.java
com/lknovel/fp.java
com/lknovel/fq.java
com/lknovel/ft.java
com/lknovel/fz.java
com/lknovel/gg.java
com/lknovel/gh.java
com/lknovel/gl.java
com/lknovel/gn.java
com/lknovel/go.java
com/lknovel/gp.java
com/lknovel/gw.java
com/lknovel/h.java
com/lknovel/hf.java
com/lknovel/hk.java
com/lknovel/ho.java
com/lknovel/hq.java
com/lknovel/hv.java
com/lknovel/ib.java
com/lknovel/ic.java
com/lknovel/id.java
com/lknovel/ih.java
com/lknovel/ii.java
com/lknovel/lib/b.java
com/lknovel/lib/d.java
com/lknovel/lib/e.java
com/lknovel/lib/f.java
com/lknovel/lib/i.java
com/lknovel/lib/j.java
com/lknovel/lib/k.java
com/lknovel/lib/l.java
com/lknovel/lib/n.java
com/lknovel/lkbunko/MainActivity.java
com/lknovel/lkbunko/a.java
com/lknovel/lkbunko/ai.java
com/lknovel/lkbunko/as.java
com/lknovel/lkbunko/ba.java
com/lknovel/lkbunko/bt.java
com/lknovel/lkbunko/cy.java
com/lknovel/lkbunko/de.java
com/lknovel/lkbunko/ew.java
com/lknovel/lkbunko/gi.java
com/lknovel/lkbunko/gu.java
com/lknovel/lkbunko/hy.java
com/lknovel/lkbunko/io.java
com/lknovel/lkbunko/o.java
com/lknovel/message/MessageSharedPrefs.java
com/lknovel/message/MsgLogStore.java
com/lknovel/message/UTrack.java
com/lknovel/message/lknovelDownloadResourceService.java
com/lknovel/message/lknovelMessageHandler.java
com/lknovel/message/lknovelRegistrar.java
com/lknovel/message/proguard/C0013a.java
com/lknovel/message/proguard/C0019af.java
com/lknovel/message/proguard/C0022ai.java
com/lknovel/message/proguard/C0023aj.java
com/lknovel/message/proguard/C0027an.java
com/lknovel/message/proguard/C0030aq.java
com/lknovel/message/proguard/C0032as.java
com/lknovel/message/proguard/C0039az.java
com/lknovel/message/proguard/C0042bb.java
com/lknovel/message/proguard/C0044bd.java
com/lknovel/message/proguard/C0046bf.java
com/lknovel/message/proguard/C0051bk.java
com/lknovel/message/proguard/C0057bq.java
com/lknovel/message/proguard/C0061f.java
com/lknovel/message/proguard/C0062g.java
com/lknovel/message/proguard/C0066k.java
com/lknovel/message/proguard/C0067l.java
com/lknovel/message/proguard/C0078w.java
com/lknovel/message/proguard/D.java
com/lknovel/message/proguard/N.java
com/lknovel/message/proguard/X.java
com/lknovel/message/proguard/Y.java
com/lknovel/message/proguard/Z.java
com/lknovel/message/proguard/aA.java
com/lknovel/message/proguard/aB.java
com/lknovel/message/proguard/aC.java
com/lknovel/message/proguard/aD.java
com/lknovel/message/proguard/aE.java
com/lknovel/message/proguard/aH.java
com/lknovel/message/proguard/aI.java
com/lknovel/message/proguard/aJ.java
com/lknovel/message/proguard/aK.java
com/lknovel/message/proguard/aL.java
com/lknovel/message/proguard/aO.java
com/lknovel/message/proguard/aP.java
com/lknovel/message/proguard/aQ.java
com/lknovel/message/proguard/aW.java
com/lknovel/message/proguard/aX.java
com/lknovel/message/proguard/bA.java
com/lknovel/message/proguard/bB.java
com/lknovel/message/proguard/bD.java
com/lknovel/message/proguard/bI.java
com/lknovel/message/proguard/bM.java
com/lknovel/message/proguard/bO.java
com/lknovel/message/proguard/bt.java
com/lknovel/message/proguard/bu.java
com/lknovel/message/proguard/bv.java
com/lknovel/message/proguard/bx.java
com/lknovel/mobile/a.java
com/lknovel/mobile/b.java
com/lknovel/mobile/csdk/umupdate/a/n.java
com/lknovel/mobile/csdk/umupdate/a/t.java
com/lknovel/mobile/csdk/umupdate/models/e.java
com/lknovel/o.java
com/lknovel/u.java
com/lknovel/update/UpdateConfig.java
com/lknovel/update/UpdateDialogActivity.java
com/lknovel/update/UpdateResponse.java
com/lknovel/update/c.java
com/lknovel/update/lknovelUpdateAgent.java
com/lknovel/update/net/DownloadingService.java
com/lknovel/update/net/c.java
com/lknovel/update/net/e.java
com/lknovel/update/net/j.java
com/lknovel/update/util/DeltaUpdate.java
网络通信-> TCP套接字 com/a/a/a/y.java
com/lknovel/message/proguard/aJ.java
一般功能-> 获取系统服务(getSystemService)
com/a/a.java
com/b/a/b/i.java
com/d/a/a/a/g.java
com/lknovel/analytics/social/f.java
com/lknovel/common/message/lknovelMessageDeviceConfig.java
com/lknovel/fb/FeedbackAgent.java
com/lknovel/fb/adapter/a.java
com/lknovel/fb/fragment/FeedbackFragment.java
com/lknovel/fb/image/b.java
com/lknovel/fb/push/b.java
com/lknovel/fb/util/b.java
com/lknovel/fj.java
com/lknovel/hj.java
com/lknovel/ic.java
com/lknovel/lib/m.java
com/lknovel/lkbunko/MainActivity.java
com/lknovel/lkbunko/bl.java
com/lknovel/lkbunko/bq.java
com/lknovel/lkbunko/ck.java
com/lknovel/lkbunko/ct.java
com/lknovel/lkbunko/dx.java
com/lknovel/lkbunko/g.java
com/lknovel/lkbunko/hc.java
com/lknovel/lkbunko/ie.java
com/lknovel/message/lknovelDownloadResourceService.java
com/lknovel/message/lknovelMessageHandler.java
com/lknovel/message/proguard/AbstractC0047bg.java
com/lknovel/message/proguard/C0020ag.java
com/lknovel/message/proguard/C0029ap.java
com/lknovel/message/proguard/C0030aq.java
com/lknovel/message/proguard/C0034au.java
com/lknovel/message/proguard/C0049bi.java
com/lknovel/message/proguard/C0052bl.java
com/lknovel/message/proguard/C0057bq.java
com/lknovel/message/proguard/C0062g.java
com/lknovel/message/proguard/C0067l.java
com/lknovel/message/proguard/C0081z.java
com/lknovel/message/proguard/aU.java
com/lknovel/message/proguard/aV.java
com/lknovel/message/proguard/bD.java
com/lknovel/mobile/csdk/umupdate/a/n.java
com/lknovel/update/lknovelUpdateAgent.java
com/lknovel/update/net/DownloadingService.java
com/lknovel/update/net/c.java
加密解密-> Crypto加解密组件
加密解密-> 信息摘要算法
进程操作-> 获取进程pid
调用java反射机制
一般功能-> 加载so文件 com/lknovel/fb/opus/OpusTool.java
com/lknovel/update/util/DeltaUpdate.java
网络通信-> HTTP建立连接
网络通信-> HTTPS建立连接 com/lknovel/message/proguard/C0066k.java
网络通信-> SSL证书处理 com/a/a/a/a.java
com/lknovel/message/proguard/C0066k.java
组件-> 启动 Activity
一般功能-> 获取WiFi相关信息
一般功能-> 获取活动网路信息
一般功能-> Android通知
进程操作-> 获取运行的进程\服务
网络通信-> DefaultHttpClient Connection
网络通信-> URLConnection com/lknovel/lib/k.java
com/lknovel/message/proguard/aX.java
一般功能-> 查看\修改Android系统属性 com/lknovel/message/proguard/C0081z.java
com/lknovel/message/proguard/bD.java
DEX-> 动态加载 com/lknovel/message/proguard/bI.java
com/lknovel/message/proguard/bJ.java
com/lknovel/message/proguard/bN.java
设备指纹-> 查看本机IMSI
进程操作-> 杀死进程 com/lknovel/message/proguard/aV.java
组件-> 发送广播 com/lknovel/message/proguard/C0051bk.java
com/lknovel/update/lknovelUpdateAgent.java
一般功能-> PowerManager操作 com/lknovel/message/lknovelMessageHandler.java
网络通信-> WebView JavaScript接口 com/lknovel/analytics/MobclickAgentJSInterface.java
com/lknovel/fb/fragment/QuestionFragment.java
网络通信-> WebView 相关 com/lknovel/analytics/MobclickAgentJSInterface.java
com/lknovel/fb/fragment/QuestionFragment.java
隐私数据-> 获取GPS位置信息
网络通信-> HTTP请求、连接和会话 com/a/a/a/f.java
隐私数据-> 录制音频行为 com/lknovel/fb/audio/b.java
命令执行-> getRuntime.exec() com/lknovel/message/proguard/bu.java
隐私数据-> 获取已安装的应用程序 com/lknovel/common/message/lknovelMessageDeviceConfig.java

源代码分析

高危
3
警告
7
信息
1
安全
1
屏蔽
0
序号 问题 等级 参考标准 文件位置 操作
1 应用程序记录日志信息,不得记录敏感信息 信息 CWE: CWE-532: 通过日志文件的信息暴露
OWASP MASVS: MSTG-STORAGE-3
com/a/a/a/p.java
com/a/b.java
com/b/a/a/a/a/a/a.java
com/lknovel/analytics/social/UMSocialService.java
com/lknovel/analytics/social/b.java
com/lknovel/common/message/Log.java
com/lknovel/common/message/lknovelMessageDeviceConfig.java
com/lknovel/fb/audio/a.java
com/lknovel/fb/push/FeedbackPush.java
com/lknovel/fb/util/Log.java
com/lknovel/fb/util/b.java
com/lknovel/fk.java
com/lknovel/message/MessageSharedPrefs.java
com/lknovel/message/MsgLogStore.java
com/lknovel/message/lknovelIntentService.java
com/lknovel/message/lknovelMessageCallbackHandlerService.java
com/lknovel/message/proguard/AbstractC0047bg.java
com/lknovel/message/proguard/C0042bb.java
com/lknovel/message/proguard/C0043bc.java
com/lknovel/message/proguard/C0044bd.java
com/lknovel/message/proguard/C0046bf.java
com/lknovel/message/proguard/C0049bi.java
com/lknovel/message/proguard/C0051bk.java
com/lknovel/message/proguard/C0057bq.java
com/lknovel/message/proguard/C0078w.java
com/lknovel/message/proguard/C0080y.java
com/lknovel/message/proguard/C0081z.java
com/lknovel/message/proguard/aU.java
com/lknovel/message/proguard/aW.java
com/lknovel/message/proguard/aX.java
com/lknovel/message/proguard/bI.java
com/lknovel/message/proguard/bN.java
com/lknovel/message/proguard/bO.java
com/lknovel/message/proguard/bt.java
com/lknovel/message/proguard/bu.java
com/lknovel/mobile/MMAdView.java
com/lknovel/mobile/csdk/umupdate/a/e.java
com/lknovel/mobile/csdk/umupdate/a/q.java
com/lknovel/mobile/csdk/umupdate/a/t.java
com/lknovel/update/UpdateDialogActivity.java
2 IP地址泄露 警告 CWE: CWE-200: 信息泄露
OWASP MASVS: MSTG-CODE-2
3 应用程序使用不安全的随机数生成器 警告 CWE: CWE-330: 使用不充分的随机数
OWASP Top 10: M5: Insufficient Cryptography
OWASP MASVS: MSTG-CRYPTO-6
4 MD5是已知存在哈希冲突的弱哈希 警告 CWE: CWE-327: 使用已被攻破或存在风险的密码学算法
OWASP Top 10: M5: Insufficient Cryptography
OWASP MASVS: MSTG-CRYPTO-4
5 应用程序可以读取/写入外部存储器,任何应用程序都可以读取写入外部存储器的数据 警告 CWE: CWE-276: 默认权限不正确
OWASP Top 10: M2: Insecure Data Storage
OWASP MASVS: MSTG-STORAGE-2
6 此应用程序使用SSL Pinning 来检测或防止安全通信通道中的MITM攻击 安全
OWASP MASVS: MSTG-NETWORK-4
com/lknovel/message/proguard/C0066k.java
7 应用程序使用带PKCS5/PKCS7填充的加密模式CBC。此配置容易受到填充oracle攻击。 高危 CWE: CWE-649: 依赖于混淆或加密安全相关输入而不进行完整性检查
OWASP Top 10: M5: Insufficient Cryptography
OWASP MASVS: MSTG-CRYPTO-3
com/d/a/a/a/a.java
com/lknovel/analytics/b.java
com/lknovel/message/proguard/C0040b.java
8 应用程序使用SQLite数据库并执行原始SQL查询。原始SQL查询中不受信任的用户输入可能会导致SQL注入。敏感信息也应加密并写入数据库 警告 CWE: CWE-89: SQL命令中使用的特殊元素转义处理不恰当('SQL 注入')
OWASP Top 10: M7: Client Code Quality
9 该文件是World Writable。任何应用程序都可以写入文件 高危 CWE: CWE-276: 默认权限不正确
OWASP Top 10: M2: Insecure Data Storage
OWASP MASVS: MSTG-STORAGE-2
com/lknovel/message/proguard/bM.java
10 该文件是World Readable。任何应用程序都可以读取文件 高危 CWE: CWE-276: 默认权限不正确
OWASP Top 10: M2: Insecure Data Storage
OWASP MASVS: MSTG-STORAGE-2
com/lknovel/mobile/a.java
11 SHA-1是已知存在哈希冲突的弱哈希 警告 CWE: CWE-327: 使用已被攻破或存在风险的密码学算法
OWASP Top 10: M5: Insufficient Cryptography
OWASP MASVS: MSTG-CRYPTO-4
com/d/a/a/a/a.java
com/d/a/c/d.java
12 文件可能包含硬编码的敏感信息,如用户名、密码、密钥等 警告 CWE: CWE-312: 明文存储敏感信息
OWASP Top 10: M9: Reverse Engineering
OWASP MASVS: MSTG-STORAGE-14
com/lknovel/message/MsgConstant.java

动态库分析

序号 动态库 NX(堆栈禁止执行) STACK CANARY(栈保护) RELRO RPATH(指定SO搜索路径) RUNPATH(指定SO搜索路径) FORTIFY(常用函数加强检查) SYMBOLS STRIPPED(裁剪符号表)
1 armeabi/libbspatch.so
True
info
二进制文件设置了 NX 位。这标志着内存页面不可执行,使得攻击者注入的 shellcode 不可执行。
False
high
这个二进制文件没有在栈上添加栈哨兵值。栈哨兵是用于检测和防止攻击者覆盖返回地址的一种技术。使用选项-fstack-protector-all来启用栈哨兵。这对于Dart/Flutter库不适用,除非使用了Dart FFI
Partial RELRO
warning
此共享对象启用了部分 RELRO。 RELRO 确保 GOT 不会在易受攻击的 ELF 二进制文件中被覆盖。在部分 RELRO 中,GOT 部分的非 PLT 部分是只读的,但 .got.plt 仍然是可写的。使用选项 -z,relro,-z,now 启用完整的 RELRO。
None
info
二进制文件没有设置运行时搜索路径或RPATH
None
info
二进制文件没有设置 RUNPATH
False
warning
二进制文件没有任何加固函数。加固函数提供了针对 glibc 的常见不安全函数(如 strcpy,gets 等)的缓冲区溢出检查。使用编译选项 -D_FORTIFY_SOURCE=2 来加固函数。这个检查对于 Dart/Flutter 库不适用
True
info
符号被剥离
2 armeabi/liblknovel_opustool.so
True
info
二进制文件设置了 NX 位。这标志着内存页面不可执行,使得攻击者注入的 shellcode 不可执行。
False
high
这个二进制文件没有在栈上添加栈哨兵值。栈哨兵是用于检测和防止攻击者覆盖返回地址的一种技术。使用选项-fstack-protector-all来启用栈哨兵。这对于Dart/Flutter库不适用,除非使用了Dart FFI
Partial RELRO
warning
此共享对象启用了部分 RELRO。 RELRO 确保 GOT 不会在易受攻击的 ELF 二进制文件中被覆盖。在部分 RELRO 中,GOT 部分的非 PLT 部分是只读的,但 .got.plt 仍然是可写的。使用选项 -z,relro,-z,now 启用完整的 RELRO。
None
info
二进制文件没有设置运行时搜索路径或RPATH
None
info
二进制文件没有设置 RUNPATH
False
warning
二进制文件没有任何加固函数。加固函数提供了针对 glibc 的常见不安全函数(如 strcpy,gets 等)的缓冲区溢出检查。使用编译选项 -D_FORTIFY_SOURCE=2 来加固函数。这个检查对于 Dart/Flutter 库不适用
True
info
符号被剥离

文件分析

序号 问题 文件

VIRUSTOTAL扫描

  检出率: 2 / 56       完整报告

反病毒引擎 检出结果
BitDefenderFalx Android.Riskware.GenericML.mZE
Trustlook Android.PUA.DebugKey

滥用权限

恶意软件常用权限 2/30
android.permission.READ_PHONE_STATE
android.permission.WRITE_SETTINGS
其它常用权限 4/46
android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.WRITE_EXTERNAL_STORAGE

恶意软件常用权限 是被已知恶意软件广泛滥用的权限。
其它常用权限 是已知恶意软件经常滥用的权限。

IP地图

域名检测

域名 状态 中国境内 位置信息 解析
oc.lknovel.com 安全
没有可用的地理位置信息。




au.lknovel.com 安全
没有可用的地理位置信息。




upoll.lknovelcloud.com 安全
没有可用的地理位置信息。




au.lknovel.co 安全
没有可用的地理位置信息。




dev.lknovel.com 安全
没有可用的地理位置信息。




api.7tianshi.com 安全
IP地址: 172.232.4.213
国家: 美利坚合众国
地区: 伊利诺伊州
城市: 芝加哥
查看: Google 地图





fb.lknovel.com 安全
没有可用的地理位置信息。




www.memtest86.com 安全
IP地址: 216.146.215.39
国家: 美利坚合众国
地区: 宾夕法尼亚
城市: 匹兹堡
查看: Google 地图





alog.lknovel.com 安全
没有可用的地理位置信息。




alog.lknovel.co 安全
没有可用的地理位置信息。




lkbunko.b0.upaiyun.com 安全
IP地址: 127.0.0.1
国家: -
地区: -
城市: -
查看: Google 地图





utop.lknovelcloud.com 安全
没有可用的地理位置信息。




oc.lknovel.co 安全
没有可用的地理位置信息。




手机号码

网址

网址信息 源码文件
http://dev.lknovel.com/push/android/integration
com/lknovel/message/PushAgent.java
10.0.0.172
com/lknovel/ic.java
10.0.0.172
com/lknovel/message/proguard/C0067l.java
http://oc.lknovel.com/v2/check_config_update
http://oc.lknovel.com/v2/get_update_time
com/lknovel/analytics/onlineconfig/a.java
100.69.165.28
http://gpushdm.wapa.google.com/gpush/report
110.75.98.154
100.69.168.33
http://gpushdm.m.google.com/gpush/report
http://100.69.168.33/gpush/report
http://100.69.165.28/gpush/report
com/lknovel/message/proguard/C0057bq.java
10.0.0.200
10.0.0.172
com/lknovel/message/proguard/C0052bl.java
https://lkbunko.b0.upaiyun.com/app/20150815/3.jpg
https://lkbunko.b0.upaiyun.com//nc/image/20150921/3e2698f0c78edb6d18cd33daa4389f26.jpg!min250
https://lkbunko.b0.upaiyun.com//nc/image/20150911/682a40c74ad7d643ba8035ade8f8141c.jpg!min250
https://lkbunko.b0.upaiyun.com/app/20150918/vertical1.jpg
https://lkbunko.b0.upaiyun.com/app/20150918/6.jpg
https://lkbunko.b0.upaiyun.com//nc/image/20150919/dbbed0c55138a4774621f1dd01f7c294.jpg!min250
https://lkbunko.b0.upaiyun.com//nc/image/20150921/eda010bb7552c61a261b44734a69ee7e.jpg!min250
https://lkbunko.b0.upaiyun.com/app/20150918/small2.jpg
https://lkbunko.b0.upaiyun.com//nc/image/20150904/e821fe529acaf5b31f95295c1213417c.jpg!min250
https://lkbunko.b0.upaiyun.com/app/20150918/horizontal1.jpg
https://lkbunko.b0.upaiyun.com/app/20150918/small1.jpg
https://lkbunko.b0.upaiyun.com/app/20150815/2.jpg
https://lkbunko.b0.upaiyun.com//nc/image/20150904/34ee28b02c94ab7c5c6aeac824e5f252.jpg!min250
https://lkbunko.b0.upaiyun.com/app/20150815/5.jpg
https://lkbunko.b0.upaiyun.com/app/20150815/4.jpg
com/lknovel/lkbunko/cy.java
http://alog.lknovel.com/app_logs
http://oc.lknovel.co/check_config_update
http://alog.lknovel.co/app_logs
http://oc.lknovel.com/check_config_update
com/lknovel/analytics/a.java
http://log.google.com/share/api/
http://log.google.com/
com/lknovel/analytics/social/e.java
http://api.7tianshi.com:8080/baka/
http://lkbunko.b0.upaiyun.com/
http://api.7tianshi.com/down
http://api.7tianshi.com:8080/ua
http://api.7tianshi.com/v1/
com/lknovel/lib/n.java
http://adash.m.google.com/rest/sur
com/lknovel/message/proguard/C0075t.java
https://lkbunko.b0.upaiyun.com/c/c3.jpg
https://lkbunko.b0.upaiyun.com/c/c4.jpg
https://lkbunko.b0.upaiyun.com/c/c8.jpg
https://lkbunko.b0.upaiyun.com/c/c21.jpg
https://lkbunko.b0.upaiyun.com/c/c10.jpg
https://lkbunko.b0.upaiyun.com/c/c18.jpg
https://lkbunko.b0.upaiyun.com/c/c6.jpg
https://lkbunko.b0.upaiyun.com/c/c13.jpg
https://lkbunko.b0.upaiyun.com/c/c15.jpg
https://lkbunko.b0.upaiyun.com/c/c5.jpg
https://lkbunko.b0.upaiyun.com/c/c20.jpg
https://lkbunko.b0.upaiyun.com/c/c11.jpg
https://lkbunko.b0.upaiyun.com/c/c16.jpg
https://lkbunko.b0.upaiyun.com/c/c1.jpg
https://lkbunko.b0.upaiyun.com/c/c7.jpg
https://lkbunko.b0.upaiyun.com/c/c17.jpg
https://lkbunko.b0.upaiyun.com/c/c14.jpg
https://lkbunko.b0.upaiyun.com/c/c23.jpg
https://lkbunko.b0.upaiyun.com/c/c2.jpg
https://lkbunko.b0.upaiyun.com/c/c22.jpg
https://lkbunko.b0.upaiyun.com/c/c12.jpg
https://lkbunko.b0.upaiyun.com/c/c19.jpg
https://lkbunko.b0.upaiyun.com/c/c104.jpg
com/lknovel/lkbunko/hc.java
http://log.google.com/share/api/
com/lknovel/analytics/social/f.java
http://fb.lknovel.com/api/v2/feedback/reply/show
http://fb.lknovel.com
http://fb.lknovel.com/api/v2/user/getuid
http://fb.lknovel.com/api/v2/feedback/new
http://fb.lknovel.com/api/v2/feedback/reply/new
http://fb.lknovel.com/api/v2/user/update
com/lknovel/fb/net/a.java
http://fb.lknovel.com/feedback_sdk_webview/questions.html?appkey=
com/lknovel/fb/fragment/QuestionFragment.java
http://adash.m.google.com/rest/abtest
com/lknovel/message/proguard/P.java
http://adash.m.google.com/rest/gc
com/lknovel/message/proguard/X.java
http://w.m.google.com/api/q?
http://w.m.google.com/api/r?
com/lknovel/mobile/csdk/umupdate/b/a.java
http://au.lknovel.co/api/check_app_update
http://au.lknovel.com/api/check_app_update
com/lknovel/update/b.java
https://lkbunko.b0.upaiyun.com/c/c8.jpg
https://lkbunko.b0.upaiyun.com//nc/image/20150921/eda010bb7552c61a261b44734a69ee7e.jpg!min250
http://api.7tianshi.com/v1/
http://dev.lknovel.com/push/android/integration
http://oc.lknovel.com/v2/get_update_time
http://adash.m.google.com/rest/abtest
https://lkbunko.b0.upaiyun.com/c/c13.jpg
http://api.waptest.google.com/rest/api3.do
https://lkbunko.b0.upaiyun.com/app/20150815/3.jpg
https://lkbunko.b0.upaiyun.com//nc/image/20150911/682a40c74ad7d643ba8035ade8f8141c.jpg!min250
http://alog.lknovel.co/app_logs
110.75.120.15
http://fb.lknovel.com/feedback_sdk_webview/questions.html?appkey=
2.0.17.1
http://utop.lknovelcloud.com/rest/api3.do
http://api.7tianshi.com:8080/ua
https://lkbunko.b0.upaiyun.com/c/c12.jpg
https://lkbunko.b0.upaiyun.com/c/c19.jpg
http://fb.lknovel.com/api/v2/user/getuid
https://lkbunko.b0.upaiyun.com//nc/image/20150904/34ee28b02c94ab7c5c6aeac824e5f252.jpg!min250
http://log.google.com/
http://au.lknovel.com/api/check_app_update
https://lkbunko.b0.upaiyun.com/app/20150918/vertical1.jpg
https://lkbunko.b0.upaiyun.com/app/20150918/small2.jpg
https://lkbunko.b0.upaiyun.com/c/c6.jpg
https://lkbunko.b0.upaiyun.com/c/c18.jpg
https://lkbunko.b0.upaiyun.com/app/20150815/4.jpg
https://lkbunko.b0.upaiyun.com//nc/image/20150921/3e2698f0c78edb6d18cd33daa4389f26.jpg!min250
http://gpushdm.wapa.google.com/gpush/report
http://lkbunko.b0.upaiyun.com/
110.75.98.154
https://lkbunko.b0.upaiyun.com//nc/image/20150904/e821fe529acaf5b31f95295c1213417c.jpg!min250
https://lkbunko.b0.upaiyun.com/c/c5.jpg
http://apoll.m.google.com
http://log.google.com/share/api/
https://lkbunko.b0.upaiyun.com/c/c16.jpg
http://%s:%d%s
https://lkbunko.b0.upaiyun.com/c/c7.jpg
http://api.wapa.google.com/rest/api3.do
https://lkbunko.b0.upaiyun.com/c/c23.jpg
https://lkbunko.b0.upaiyun.com/app/20150918/small1.jpg
http://fb.lknovel.com
100.69.168.33
https://lkbunko.b0.upaiyun.com/app/20150815/2.jpg
http://100.69.165.28/gpush/report
100.69.165.28
https://lkbunko.b0.upaiyun.com//nc/image/20150919/dbbed0c55138a4774621f1dd01f7c294.jpg!min250
http://api.m.google.com/rest/api3.do
http://w.m.google.com/api/r?
http://alog.lknovel.com/app_logs
https://lkbunko.b0.upaiyun.com/app/20150815/5.jpg
http://w.m.google.com/api/q?
http://api.7tianshi.com:8080/baka/
https://lkbunko.b0.upaiyun.com/app/20150918/6.jpg
http://api.7tianshi.com/down
http://100.69.168.33/gpush/report
http://fb.lknovel.com/api/v2/user/update
https://lkbunko.b0.upaiyun.com/c/c11.jpg
https://lkbunko.b0.upaiyun.com/c/c1.jpg
http://oc.lknovel.com/check_config_update
https://lkbunko.b0.upaiyun.com/c/c17.jpg
http://adash.m.google.com/rest/sur
http://adash.m.google.com/rest/gc
https://lkbunko.b0.upaiyun.com/c/c22.jpg
http://%s:%d/%s/%s/%d/%s
10.0.0.200
10.0.0.172
http://upoll.lknovelcloud.com
https://lkbunko.b0.upaiyun.com/c/c104.jpg
http://oc.lknovel.com/v2/check_config_update
http://gpushdm.m.google.com/gpush/report
http://fb.lknovel.com/api/v2/feedback/reply/new
http://oc.lknovel.co/check_config_update
https://lkbunko.b0.upaiyun.com/c/c3.jpg
https://lkbunko.b0.upaiyun.com/c/c4.jpg
https://lkbunko.b0.upaiyun.com/c/c21.jpg
https://lkbunko.b0.upaiyun.com/app/20150918/horizontal1.jpg
https://lkbunko.b0.upaiyun.com/c/c10.jpg
https://lkbunko.b0.upaiyun.com/c/c15.jpg
http://fb.lknovel.com/api/v2/feedback/reply/show
https://lkbunko.b0.upaiyun.com/c/c20.jpg
https://lkbunko.b0.upaiyun.com/c/c14.jpg
http://fb.lknovel.com/api/v2/feedback/new
https://lkbunko.b0.upaiyun.com/c/c2.jpg
42.120.80.36
http://au.lknovel.co/api/check_app_update
42.120.111.1
自研引擎-S
www.memtest86.com
lib/armeabi/libbspatch.so

FIREBASE实例

邮箱

EMAIL 源码文件
jseward@bzip.org
lib/armeabi/libbspatch.so

追踪器

名称 类别 网址

密钥凭证

已显示 15 个secrets
1、 "lknovel_fb_contact_key_email" : "email"
2、 "lknovel_fb_contact_key_phone" : "phone"
3、 "lknovel_fb_contact_key_other" : "plain"
4、 "lknovel_fb_contact_key_qq" : "qq"
5、 eda010bb7552c61a261b44734a69ee7e
6、 34ee28b02c94ab7c5c6aeac824e5f252
7、 e821fe529acaf5b31f95295c1213417c
8、 XwYp8WL8bm6S4wu6yEYmLGy4RRRdJDIhxCBdk3CiNZTwGoj1bScVZEeVp9vBiiIsgwDtqZHP8QLoFM6o6MRYjW8QqyrZBI654mqoUk5SOLDyzordzOU5QhYguEJh54q3K1KqMEXpdEQJJjs1Urqjm2s4jgPfCZ4hMuIjAMRrEQluA7FeoqWMJOwghcLcPVleQ8PLzAcaKidybmwhvNAxIyKRpbZlcDjNCcUvsJYvyzEA9VUIaHkIAJ62lpA3EE3H
9、 3e2698f0c78edb6d18cd33daa4389f26
10、 QrMgt8GGYI6T52ZY5AnhtxkLzb8egpFn3j5JELI8H6wtACbUnZ5cc3aYTsTRbmkAkRJeYbtx92LPBWm7nBO9UIl7y5i5MQNmUZNf5QENurR5tGyo7yJ2G0MBjWvy6iAtlAbacKP0SwOUeUWx5dsBdyhxa7Id1APtybSdDgicBDuNjI0mlZFUzZSS9dmN8lBD0WTVOMz0pRZbR3cysomRXOO1ghqjJdTcyDIxzpNAEszN8RMGjrzyU7Hjbmwi6YNK
11、 efedc24fecde188aaa9161
12、 d5e8cc4c8e7425132b652343967635c8bd4fdfb2
13、 dbbed0c55138a4774621f1dd01f7c294
14、 d6fc3a4a06adbde89223b
15、 682a40c74ad7d643ba8035ade8f8141c

字符串列表

建议导出为TXT,方便查看。

活动列表

已显示 1 个activities
1、 .MainActivity

服务列表

广播接收者列表

内容提供者列表

第三方SDK

SDK名称 开发者 描述信息
bspatch Google bspatch library for applying delta patches.
File Provider Android FileProvider 是 ContentProvider 的特殊子类,它通过创建 content://Uri 代替 file:///Uri 以促进安全分享与应用程序关联的文件。

文件列表

AndroidManifest.xml
classes.dex
lib/armeabi/libbspatch.so
lib/armeabi/liblknovel_opustool.so
res/anim/lknovel_fb_audio_play_anim.xml
res/anim/lknovel_fb_dialog_enter_anim.xml
res/anim/lknovel_fb_dialog_exit_anim.xml
res/color/buc_g.xml
res/color/buc_w.xml
res/drawable-hdpi-v4/lknovel_update_btn_check_off_focused_holo_light.png
res/drawable-hdpi-v4/lknovel_update_btn_check_off_holo_light.png
res/drawable-hdpi-v4/lknovel_update_btn_check_off_pressed_holo_light.png
res/drawable-hdpi-v4/lknovel_update_btn_check_on_focused_holo_light.png
res/drawable-hdpi-v4/lknovel_update_btn_check_on_holo_light.png
res/drawable-hdpi-v4/lknovel_update_btn_check_on_pressed_holo_light.png
res/drawable-hdpi-v4/lknovel_update_close_bg_normal.png
res/drawable-hdpi-v4/lknovel_update_close_bg_tap.png
res/drawable-v11/lknovel_fb_help_tab_bg.xml
res/drawable-xhdpi-v4/acbu.xml
res/drawable-xhdpi-v4/acbu_down.xml
res/drawable-xhdpi-v4/acbu_up.xml
res/drawable-xhdpi-v4/avatar_notlogin.png
res/drawable-xhdpi-v4/backbu.png
res/drawable-xhdpi-v4/backbu_green.png
res/drawable-xhdpi-v4/battery.png
res/drawable-xhdpi-v4/battery_charging.png
res/drawable-xhdpi-v4/bind_notice_bk.xml
res/drawable-xhdpi-v4/book_cover_bk.xml
res/drawable-xhdpi-v4/book_cover_bk_down.xml
res/drawable-xhdpi-v4/book_cover_bk_n.xml
res/drawable-xhdpi-v4/book_cover_bk_up.xml
res/drawable-xhdpi-v4/bookshelf_avatar_bk.xml
res/drawable-xhdpi-v4/bookshelf_user_download_icon.png
res/drawable-xhdpi-v4/bookshelf_user_history_icon.png
res/drawable-xhdpi-v4/bookshelf_user_more_icon.png
res/drawable-xhdpi-v4/bu_disable.xml
res/drawable-xhdpi-v4/cat_icon_1.png
res/drawable-xhdpi-v4/cat_icon_2.png
res/drawable-xhdpi-v4/cat_icon_3.png
res/drawable-xhdpi-v4/cat_icon_4.png
res/drawable-xhdpi-v4/checkbox_off.png
res/drawable-xhdpi-v4/checkbox_on.png
res/drawable-xhdpi-v4/empty.png
res/drawable-xhdpi-v4/fade_in.xml
res/drawable-xhdpi-v4/fade_out.xml
res/drawable-xhdpi-v4/favbu.xml
res/drawable-xhdpi-v4/favbu_down.xml
res/drawable-xhdpi-v4/favbu_night.xml
res/drawable-xhdpi-v4/favbu_night_down.xml
res/drawable-xhdpi-v4/favbu_night_up.xml
res/drawable-xhdpi-v4/favbu_up.xml
res/drawable-xhdpi-v4/flip_left_in.xml
res/drawable-xhdpi-v4/flip_left_out.xml
res/drawable-xhdpi-v4/flip_right_in.xml
res/drawable-xhdpi-v4/flip_right_out.xml
res/drawable-xhdpi-v4/flip_up.xml
res/drawable-xhdpi-v4/ic_launcher.png
res/drawable-xhdpi-v4/lknovel_fb_audio_dialog_cancel.png
res/drawable-xhdpi-v4/lknovel_fb_audio_dialog_content.png
res/drawable-xhdpi-v4/lknovel_fb_audio_play_01.png
res/drawable-xhdpi-v4/lknovel_fb_audio_play_02.png
res/drawable-xhdpi-v4/lknovel_fb_audio_play_03.png
res/drawable-xhdpi-v4/lknovel_fb_audio_play_bg.9.png
res/drawable-xhdpi-v4/lknovel_fb_keyboard.png
res/drawable-xhdpi-v4/lknovel_fb_plus.png
res/drawable-xhdpi-v4/lknovel_fb_record.png
res/drawable-xhdpi-v4/menu_bk.9.png
res/drawable-xhdpi-v4/menu_sankaku.png
res/drawable-xhdpi-v4/my_icon_1.png
res/drawable-xhdpi-v4/my_icon_2.png
res/drawable-xhdpi-v4/my_icon_3.png
res/drawable-xhdpi-v4/my_icon_4.png
res/drawable-xhdpi-v4/my_menu_bk.xml
res/drawable-xhdpi-v4/my_menu_bk_down.xml
res/drawable-xhdpi-v4/my_menu_bk_up.xml
res/drawable-xhdpi-v4/page_search_search_box.xml
res/drawable-xhdpi-v4/popup_icon_delete.png
res/drawable-xhdpi-v4/popup_icon_detail.png
res/drawable-xhdpi-v4/popup_menu_bk.xml
res/drawable-xhdpi-v4/popup_menu_bk_down.xml
res/drawable-xhdpi-v4/popup_menu_bk_up.xml
res/drawable-xhdpi-v4/popup_rounded_bk.xml
res/drawable-xhdpi-v4/radio_off.png
res/drawable-xhdpi-v4/radio_on.png
res/drawable-xhdpi-v4/rbg_b.xml
res/drawable-xhdpi-v4/rbg_g.xml
res/drawable-xhdpi-v4/rbg_w.xml
res/drawable-xhdpi-v4/rbg_y.xml
res/drawable-xhdpi-v4/rbgi_b.png
res/drawable-xhdpi-v4/rbgi_g.png
res/drawable-xhdpi-v4/rbgi_w.png
res/drawable-xhdpi-v4/rbgi_y.png
res/drawable-xhdpi-v4/readbackground_blue.png
res/drawable-xhdpi-v4/readbackground_green.png
res/drawable-xhdpi-v4/readbackground_white.png
res/drawable-xhdpi-v4/readbackground_yellow.png
res/drawable-xhdpi-v4/readbu.xml
res/drawable-xhdpi-v4/readbu_down.xml
res/drawable-xhdpi-v4/readbu_up.xml
res/drawable-xhdpi-v4/reader_icon_a.png
res/drawable-xhdpi-v4/reader_icon_day.png
res/drawable-xhdpi-v4/reader_icon_gap.png
res/drawable-xhdpi-v4/reader_icon_night.png
res/drawable-xhdpi-v4/reader_icon_vol.png
res/drawable-xhdpi-v4/reader_setting_bk.xml
res/drawable-xhdpi-v4/red_close.png
res/drawable-xhdpi-v4/reddot.png
res/drawable-xhdpi-v4/region_sankaku.png
res/drawable-xhdpi-v4/rounde_border_image.xml
res/drawable-xhdpi-v4/scale_in.xml
res/drawable-xhdpi-v4/search_box_backbu.png
res/drawable-xhdpi-v4/search_suggest_icon.png
res/drawable-xhdpi-v4/seekbar.xml
res/drawable-xhdpi-v4/seekbar_thumb_big.png
res/drawable-xhdpi-v4/setting_menu_bk.xml
res/drawable-xhdpi-v4/setting_menu_bk_down.xml
res/drawable-xhdpi-v4/setting_menu_bk_up.xml
res/drawable-xhdpi-v4/three_point.png
res/drawable-xhdpi-v4/three_point_green.png
res/drawable-xhdpi-v4/thumb_v.xml
res/drawable-xhdpi-v4/top_bar_bar.png
res/drawable-xhdpi-v4/top_bar_bookshelf.png
res/drawable-xhdpi-v4/top_bar_index.png
res/drawable-xhdpi-v4/top_bar_search.png
res/drawable-xhdpi-v4/view_large.png
res/drawable-xhdpi-v4/vol_down.png
res/drawable-xhdpi-v4/vollist_cover.png
res/drawable/lknovel_common_gradient_green.xml
res/drawable/lknovel_common_gradient_orange.xml
res/drawable/lknovel_common_gradient_red.xml
res/drawable/lknovel_fb_action_replay.png
res/drawable/lknovel_fb_arrow_right.png
res/drawable/lknovel_fb_help_tab_bg.xml
res/drawable/lknovel_fb_round_white_bg.xml
res/drawable/lknovel_update_button_cancel_bg_focused.xml
res/drawable/lknovel_update_button_cancel_bg_normal.xml
res/drawable/lknovel_update_button_cancel_bg_selector.xml
res/drawable/lknovel_update_button_cancel_bg_tap.xml
res/drawable/lknovel_update_button_check_selector.xml
res/drawable/lknovel_update_button_close_bg_selector.xml
res/drawable/lknovel_update_button_ok_bg_focused.xml
res/drawable/lknovel_update_button_ok_bg_normal.xml
res/drawable/lknovel_update_button_ok_bg_selector.xml
res/drawable/lknovel_update_button_ok_bg_tap.xml
res/drawable/lknovel_update_dialog_bg.xml
res/drawable/lknovel_update_title_bg.xml
res/drawable/lknovel_update_wifi_disable.png
res/drawable/tb_munion_icon.xml
res/drawable/tb_munion_item_selector.xml
res/layout-v17/lknovel_fb_contact.xml
res/layout-v17/lknovel_fb_input_contact.xml
res/layout-v17/lknovel_fb_input_conversation.xml
res/layout-v17/lknovel_fb_input_conversation_audio.xml
res/layout-v17/lknovel_fb_reply_item_audio.xml
res/layout-v17/lknovel_fb_reply_item_image.xml
res/layout-v17/lknovel_fb_reply_item_text.xml
res/layout-v17/lknovel_fb_welcome_item.xml
res/layout-v9/lknovel_common_download_notification.xml
res/layout/activity_main.xml
res/layout/book_cache_down_popup.xml
res/layout/bookshelf_longpress_popup.xml
res/layout/lknovel_common_download_notification.xml
res/layout/lknovel_fb_activity_conversation.xml
res/layout/lknovel_fb_activity_help.xml
res/layout/lknovel_fb_audio_dialog.xml
res/layout/lknovel_fb_contact.xml
res/layout/lknovel_fb_contact_spinner.xml
res/layout/lknovel_fb_fragment.xml
res/layout/lknovel_fb_fragment_question.xml
res/layout/lknovel_fb_image_dialog.xml
res/layout/lknovel_fb_input_contact.xml
res/layout/lknovel_fb_input_conversation.xml
res/layout/lknovel_fb_input_conversation_audio.xml
res/layout/lknovel_fb_reply_item_audio.xml
res/layout/lknovel_fb_reply_item_image.xml
res/layout/lknovel_fb_reply_item_text.xml
res/layout/lknovel_fb_welcome_item.xml
res/layout/lknovel_update_dialog.xml
res/layout/logout_clear_popup.xml
res/layout/page_aboutus.xml
res/layout/page_bind.xml
res/layout/page_bookshelf.xml
res/layout/page_change.xml
res/layout/page_download.xml
res/layout/page_downloaddetail.xml
res/layout/page_forget.xml
res/layout/page_forget_change.xml
res/layout/page_index.xml
res/layout/page_login.xml
res/layout/page_my.xml
res/layout/page_profile.xml
res/layout/page_reader.xml
res/layout/page_reg.xml
res/layout/page_search.xml
res/layout/page_setting.xml
res/layout/page_unbind.xml
res/layout/page_view_large_image.xml
res/layout/page_vollist.xml
res/layout/rbg_popup.xml
res/layout/remove_fav_popup.xml
res/layout/search_popup.xml
res/layout/tb_munion_aditem.xml
res/layout/tb_munion_adview.xml
resources.arsc
META-INF/MANIFEST.MF
META-INF/CERT.SF
META-INF/CERT.RSA

污点分析

当apk较大时,代码量会很大,造成数据流图(ICFG)呈现爆炸式增长,所以该功能比较耗时,请先喝杯咖啡,耐心等待……
规则名称 描述信息 操作
病毒分析 使用安卓恶意软件常用的API进行污点分析 开始分析  
漏洞挖掘 漏洞挖掘场景下的污点分析 开始分析  
隐私合规 隐私合规场景下的污点分析:组件内污点传播、组件间污点传播、组件与库函数之间的污点传播 开始分析  
密码分析 分析加密算法是否使用常量密钥、静态初始化的向量(IV)、加密模式是否使用ECB等 开始分析  
Callback 因为Android中系统级的Callback并不会出现显式地进行回调方法的调用,所以如果需要分析Callback方法需要在声明文件中将其声明,这里提供一份AndroidCallbacks.txt文件,里面是一些常见的原生回调接口或类,如果有特殊接口需求,可以联系管理员 开始分析