导航菜单
登录 注册

应用安全检测报告

应用安全检测报告,支持文件搜索、内容检索和AI代码分析

移动应用安全检测报告

应用图标

VivaMoneda v1.4

Android APK 6c39992e...
49
安全评分

安全基线评分

49/100

中风险

综合风险等级

风险等级评定
  1. A
  2. B
  3. C
  4. F

应用存在一定安全风险,建议优化

漏洞与安全项分布

3 高危
11 中危
2 信息
2 安全

隐私风险评估

1
第三方跟踪器

中等隐私风险
检测到少量第三方跟踪器


检测结果分布

高危安全漏洞 3
中危安全漏洞 11
安全提示信息 2
已通过安全项 2
重点安全关注 0

高危安全漏洞 不安全的Web视图实现。Web视图忽略SSL证书错误并接受任何SSL证书。此应用程序易受MITM攻击 

不安全的Web视图实现。Web视图忽略SSL证书错误并接受任何SSL证书。此应用程序易受MITM攻击
https://github.com/OWASP/owasp-mstg/blob/master/Document/0x05g-Testing-Network-Communication.md#webview-server-certificate-verification

Files:
com/moneda/cloud/iotdqkynjet/fluffy/Zeffirelli.java, line(s) 60,47

高危安全漏洞 已启用远程WebView调试 

已启用远程WebView调试
https://github.com/OWASP/owasp-mstg/blob/master/Document/0x04c-Tampering-and-Reverse-Engineering.md#debugging-and-tracing

Files:
com/moneda/cloud/tt/rgu/remhaqpmfg/Tautologies.java, line(s) 47,9,10

高危安全漏洞 该文件是World Readable。任何应用程序都可以读取文件 

该文件是World Readable。任何应用程序都可以读取文件
https://github.com/OWASP/owasp-mstg/blob/master/Document/0x05d-Testing-Data-Storage.md#testing-local-storage-for-sensitive-data-mstg-storage-1-and-mstg-storage-2

Files:
com/appsflyer/internal/AFb1tSDK.java, line(s) 3014

中危安全漏洞 应用数据允许备份 

[android:allowBackup=true]
该标志允许通过 adb 工具备份应用数据。启用 USB 调试的用户可直接复制应用数据,存在数据泄露风险。

中危安全漏洞 Broadcast Receiver (androidx.profileinstaller.ProfileInstallReceiver) 受权限保护,但应检查权限保护级别。 

Permission: android.permission.DUMP [android:exported=true]
检测到  Broadcast Receiver 已导出并受未在本应用定义的权限保护。请在权限定义处核查其保护级别。若为 normal 或 dangerous,恶意应用可申请并与组件交互;若为 signature,仅同证书签名应用可访问。

中危安全漏洞 MD5是已知存在哈希冲突的弱哈希 

MD5是已知存在哈希冲突的弱哈希
https://github.com/OWASP/owasp-mstg/blob/master/Document/0x04g-Testing-Cryptography.md#identifying-insecure-andor-deprecated-cryptographic-algorithms-mstg-crypto-4

Files:
com/moneda/cloud/iqplrcjvl/pefbor/pkckxjb/kirchner/Gibson.java, line(s) 140
com/moneda/cloud/iqplrcjvl/xuqyslbdid/xfre/millennium/kotwp/Brackets.java, line(s) 183
com/moneda/cloud/usgbbi/funnily/extensive/Wherever.java, line(s) 39

中危安全漏洞 文件可能包含硬编码的敏感信息,如用户名、密码、密钥等 

文件可能包含硬编码的敏感信息,如用户名、密码、密钥等
https://github.com/OWASP/owasp-mstg/blob/master/Document/0x05d-Testing-Data-Storage.md#checking-memory-for-sensitive-data-mstg-storage-10

Files:
coil/memory/MemoryCache.java, line(s) 207
coil/request/l.java, line(s) 89

中危安全漏洞 应用程序可以读取/写入外部存储器,任何应用程序都可以读取写入外部存储器的数据 

应用程序可以读取/写入外部存储器,任何应用程序都可以读取写入外部存储器的数据
https://github.com/OWASP/owasp-mstg/blob/master/Document/0x05d-Testing-Data-Storage.md#external-storage

Files:
w4/f.java, line(s) 24,35,126
z4/b.java, line(s) 431

中危安全漏洞 应用程序使用不安全的随机数生成器 

应用程序使用不安全的随机数生成器
https://github.com/OWASP/owasp-mstg/blob/master/Document/0x04g-Testing-Cryptography.md#weak-random-number-generators

Files:
com/appsflyer/internal/AFa1zSDK.java, line(s) 16
com/appsflyer/internal/AFc1jSDK.java, line(s) 15
com/moneda/cloud/pyuwbuf/Newborn.java, line(s) 19
h8/k0.java, line(s) 6
m7/a.java, line(s) 20
m7/b.java, line(s) 3
n7/a.java, line(s) 3

中危安全漏洞 应用程序创建临时文件。敏感信息永远不应该被写进临时文件 

应用程序创建临时文件。敏感信息永远不应该被写进临时文件


Files:
coil/decode/o0.java, line(s) 36
o1/a.java, line(s) 1928
u/r.java, line(s) 135
u1/e.java, line(s) 68

中危安全漏洞 应用程序使用SQLite数据库并执行原始SQL查询。原始SQL查询中不受信任的用户输入可能会导致SQL注入。敏感信息也应加密并写入数据库 

应用程序使用SQLite数据库并执行原始SQL查询。原始SQL查询中不受信任的用户输入可能会导致SQL注入。敏感信息也应加密并写入数据库
https://github.com/OWASP/owasp-mstg/blob/master/Document/0x04h-Testing-Code-Quality.md#injection-flaws-mstg-arch-2-and-mstg-platform-2

Files:
z1/a.java, line(s) 4,5,6,7,122

中危安全漏洞 IP地址泄露 

IP地址泄露


Files:
h4/j.java, line(s) 107

中危安全漏洞 应用程序包含隐私跟踪程序 

此应用程序有多个1隐私跟踪程序。跟踪器可以跟踪设备或用户,是终端用户的隐私问题。

中危安全漏洞 此应用可能包含硬编码机密信息 

从应用程序中识别出以下机密确保这些不是机密或私人信息
b2phYmFydCBlZCBhZGFsbGF0ZWQgbsOzaWNjZXJpRA==
LmV0bmVpbGMgbGEgbsOzaWNuZXRhIGVkIG9pY2l2cmVzIGxlIG5vYyBlc2V1ccOtbnVtb2MgLG9scmFjaWZpZG9tIGF0aXNlY2VuIGlTIC5haXJhY25hYiBhdGVqcmF0IGFsIGVkIG7Ds2ljYWNpZmlkb20gYWwgZXRpbWRhIGVzIG9uIGV0bmVtbGF1dGNB
LmFsb2Ruw6F1bGF2ZSDDoXRzZSBhbWV0c2lzIGxlIHkgZXRuZW1hc290aXhlIGFkYWdhcnRuZSBvZGlzIGFoIG7Ds2ljYW1yb2ZuaSB1Uw==
P27Ds2ljYWNpZml0cmVjIGFsbiUgcmFsZWNuYWMgYWVzZWQgZXRuZW1sYWVSwr8=
ZGFkaXRuZWRpIGVkIG90bmVtdWNvZCBuJWxlZCBvc3JldmVyIGxlIHJhZW5hY3NF
bG10aC55Y2F2aXJwL3htLmFkZW5vbWF2aXYuNWgvLzpzcHR0aA==
OmFtZWxib3JwIGVkIG9waXQgdXMgZW5vaWNjZWxlUw==
ZGFkaWxhdG90IHVzIG5lIGFnYXAgZXMgbGFtcm9uIG9kaWRlcCBsZSBvZG5hdWMgYXppbGl0dSBlUw==
IWFyb2hhIGVzZXVxw610bmV0dUHCoS5vZGFjaXRuZXR1YSDDoXRzZSBvbiBuw7pB
MnJlYm11bl90Y2FydG5vY19yZW1lXzIwcWNh
b3RuZW1vbSBsZSByb3AgZWxiaW5vcHNpZCBvdGN1ZG9ycCBuaVM=
bm9pdGFjdWRlX2h0dWFfZXNhYl8yMHFjYQ==
ZXRuYXZlbGVyIG5vaWNhbXJvZm5pIGFsIGV1cWlmaXJldiByb3ZhZiByb1A=
bG10aC5wbGVoL3htLmFkZW5vbWF2aXYuNWgvLzpzcHR0aA==
cmVkcm9feWFwZXJfb25fbGxpYl8zMHFjYQ==
eWFwZXJfbGxhX2xpYXRlZF90bmVteWFwZXJfMzBxY2E=
LmFkYWJvcnBhIGFlcyBvZG5hdWMgb3BtZWl0IGEgb2RhY2lmaXRvbiBzw6FyZXMgeSBuw7Npc2l2ZXIgbmUgw6F0c2Ugb21hdHPDqXJwIGVkIGR1dGljaWxvcyB1VA==
YWNpcnTDqW1vaWIgbsOzaWNhY2l0bmV0dUE=
YWRhZ2VydG5lIG9tYXRzw6lycCBlZCBkdXRpY2lsb1M=
cyUgZWxiaW5vcHNpZCBvbWl4w6FtIGV0aW3DrUw=
b3NpbXJlcCB1cyByZW5ldGJvIGF0aXNlY2VuIGFtZXRzaXMgbEU=
bXVuX25lcmRsaWhjX2h0dWFfZXNhYl8yMHFjYQ==
IXNhZGlkcsOpcCBzYWwgcmltdXNhIGVkIGVsYmFzbm9wc2VyIMOhcmVzIGRldHN1ICxsYW5vc3JlcCByb3JyZSBudSBhIGViZWQgZXMgYXRuZXVjIGFydG8gYSBzb2Rub2YgZWQgYWRpZHLDqXAgYWwgbyBvbWF0c8OpcnAgbGVkIG9sbGFmIGxlIGlTwqEgLjM=
P2xhdXRjYSBhdG5ldWMgYWwgcmFycm9iIGFlc2VkIGV1cSBlZCBhL29ydWdlcyDDoXRzRcK/IC5yYXJlcHVjZXIgw6FyZG9wIGVzIG9uIHkgZXRuZW1ldG5lbmFtcmVwIMOhcmFuaW1pbGUgZXMgYXRuZXVjIGFsICxuw7NpY2NhIGF0c2UgZW1yaWZub2MgZXVxIHpldiBhblUgLmF0bmV1YyB1cyByYXJyb2IgZWQgb3RudXAgYSDDoXRzRQ==
LnNhZGFkbmVtb2NlciBzZW5vaWNwbyB5YWggb04=
LmFkYXJ0bmUgZWQgYWplZG5hYiB1cyBlc2l2ZVIgIW9kYWl2bmUgbsOzaWNhY2lmaXJldiBlZCBvZ2lkw7NDwqE=
eWFkX2V1ZHJldm9feGFtX3lldnJ1c18yMHFjYQ==
Lm92ZXVuIGVkIG9sZXRuw6l0bmkgcm92YWYgcm9wICxzb2lyYXRuZW1vYyBzdXMgcmFpdm5lIGxhIHJvcnJlIG51IG9idUg=
LnNvbWVyYWNpZml0b24gZWwgLG9zZWNvcnAgbGUgZXRlbHBtb2MgZXMgb21vYyBvdG5vcnAgbmFUIC56ZWRpcGFyIG5vYyBhbG9kbsOhc2Vjb3JwIHNvbWF0c0UgLmFkYWl2bmUgb2RpcyBhaCBkdXRpY2lsb3MgdVM=
b2NyYW0gbGVkIG9ydG5lZCBuw7NpY2FjaWZpdG5lZGkgdXMgZWQgb3RvZiBhbnUgZW1vVA==
LnJvdmFmIHJvcCBvdmV1biBlZCBlw61mYXJnb3RvZiAsZGFkaXRuZWRpIGVkIGF0ZWpyYXQgZWQgb3NyZXZuYSBsZWQgbsOzaWNhY2l0bmV0dWEgYWwgw7NsbGFG
LnRlbnJldG5JIGEgbsOzaXhlbm9jIGFuZXViIGFudSBhZ25ldCBvZG5hdWMgUFRPIGxlIGFnbmV0Ym8gLHJvdmFmIHJvUCAuMQ==
KW9taXjDoW0gbGEgNSggb3RvZiByaWJ1Uw==
bsOzaWNhY2lmaXJldiBlZCBvZ2lkw7NjIGxlIGVzZXJnbkk=
Lm9kaWRlcCBvdmV1biBsZWQgc2VsbGF0ZWQgc29sIHJldiBhcmFwIGFydXRjYUYgaU0gYSByaSBlZGV1UCAub3RpeMOpIG5vYyBvZGlkbmV0eGUgYWggZXMgZHV0aWNpbG9zIHVzIHMkMSUgbmUgLHNlbm9pY2F0aWNpbGVG
Lm1hcHMgZWQgYXRlcHJhYyBhbCBvcmVtaXJwIGVzaXZlciAsb2dpZMOzYyBsZSBvZGliaWNlciBhaCBvbiBpUyAuMg==
bG10aC50bmVtZWVyZ2EveG0uYWRlbm9tYXZpdi41aC8vOnNwdHRo
6ff7e9ff0ec3b8bf1725f6684d9b7a3b
ZXRhdHNfeXJyYW1faHR1YV9lc2FiXzIwcWNh
c2VtaXRfbmFvbF95ZXZydXNfMjBxY2E=
MDM6ODEgLSAwMzo5IDpldG5laWxDIGxhIG7Ds2ljbmV0QSBlZCBvaXJhcm9I
dG51b2NjYV9rbmFiX2tuYWJfMzBxY2E=
dGNhcnRub2NfcmVtZV8xMHFjYQ==
LnNldG5laWRub3BzZXJyb2Mgc2FpY25ldWNlc25vYyBzYWwgw6FyaW11c2Egb2lyYXVzdSBsZSAsYXRuZXVjIGFydG8gbmUgYXRpc29wZWQgZXMgb21hdHPDqXJwIGxlIG8gYWxsYWYgZHV0aWNpbG9zIGFsIGlTIC5kZXRzdSBhIGFjemVuZXRyZXAgYXRuZXVjIGF0c2UgZXVxIGVkIGVzZXLDumdlc2EgeSBhaXJhY25hYiBuw7NpY2Ftcm9mbmkgYWwgZWQgZHV0aXRjYXhlIGFsIGVtcmlmbm9D
L3htLmFkZW5vbWF2aXYuNWgvLzpzcHR0aA==
cmVibXVuX2RpX2h0dWFfeXRpdG5lZGlfMjBxY2E=
LnNlbGF1Z2kgcmVzIG5lZGV1cCBvbiBvdGNhdG5vYyBlZCBzZW5vaWNhbGVyIHNhTA==
Lm90bGEgc8OhbSBvdGlkw6lyYyBlZCBldGltw61sIG51IGEgcmVkZWNjYSDDoXJpdGltcmVwIGVsIG90c2UgZXVxIGF5ICxhdGVscG1vYyB5IGFzaWNlcnAgbsOzaWNhbXJvZm5pIHJhbm9pY3JvcG9ycG4lc29tYWRuZW1vY2VyIGVsICxhdHNldWNuZSBhbCByYXRlbHBtb2MgbGEgOmVkcmV1Y2VS
ZWRyYXQgc8OhbSBldG5ldG5pICxvZG5hc2l2ZXIgw6F0c2UgYW1ldHNpcyBsRQ==
ZHV0aWNpbG9zIGFsIHJhdG5lc2VyUA==
bsOzaWNhY2lmaXJldiBhbCByYXpuZW1vQw==
LnNlbGF1Z2kgcmVzIG5lZGV1cCBvbiBzb3RjYXRub2Mgc29sIGVkIG9ub2bDqWxldCBlZCBzb3JlbcO6biBzb0w=
E3F9E1E0CF99D0E56A055BA65E241B3399F7CEA524326B0CDD6EC1327ED0FDC1
bG10aC5lcm90cy94bS5hZGVub21hdml2LjVoLy86c3B0dGg=
Lm90Y2F0bm9jIGxlIG5vYyBuw7NpY2FsZXIgYWwgZW5vaWNjZWxlUw==
YW5kcm9pZC5wZXJtaXNzaW9uLlJFQURfU01T
IG90bmV1Y3NlZCBlZCBzZW5vcHVjIGVkIGV0dXJmc2lE
Lm90aXjDqSBub2Mgb2RpYmljZXIgbsOzcHVD
cmF0czVfZXJvY3Nfb3RfZ25pc3NlY29ycF9uYW9sXzMwcWNh
8c4c1036dfbd41079367a1b8aa769daa
bGlhdGVkX3RuZW15YXBlcl8xMHFjYQ==
eXJ0c3VkbmlfaHR1YV9lc2FiXzIwcWNh
c3RudW9jX25hb2xfd29uX3lldnJ1c18yMHFjYQ==
dGltYnVzX3lscHBhX3RjdWRvcnBfMzBxY2E=
YXRuZXVjIHVzIGVkIG7Ds2ljYW1yb2ZuaSBhbCBldXFpZmlyZXYgcm92YWYgcm9Q
b3RuZW1vbSBsZSByb3Agc29kaWRlcCB5YWggb04=
cyQxJSA6ZXRuZWlsQyBsYSBuw7NpY25ldEEgZWQgb2lyYXJvSA==
bsOzaWNhY2lmaXJldiBlZCBvZ2lkw7NjIHJlbmV0Yk8=
LnNvdGlnw61kIDQgZWQgb2dpZMOzYyBsZSBhc2VyZ25pICxyb3ZhZiByb1A=
LnNvZG51Z2VzIGQkMSUgcmFtb3QgYcOtcmViZWQgb3RzRSAuZXRpbcOtbCB1cyBvZG5hdWxhdmUgw6F0c2UgYW1ldHNpcyBsZSB5IG7Ds2ljYW1yb2ZuaSB1cyBvZGliaWNlciBzb21lSA==
ZCUgYWljbmVncmVtZSBlZCBvdGNhdG5vQw==
LnJvbGF2IG5hcmcgZWQgc2Vub3B1YyByaWJpY2VyIGFyYXAgbsOzaWNhY2l0bmV0dWEgYWwgcmF0ZWxwbW9D
dGNpcnRzaWRfa3Jvd19odHVhX2VzYWJfMjBxY2E=
KWxhbm9pY3BPKCBhc2VycG1lIGFsIGVkIG9ub2bDqWxlVA==
eWFwZXJfb3RfbGlhdGVkX3RuZW15YXBlcl8zMHFjYQ==
b3RvaHBfZHJhY190bm9yZl9odHVhX3l0aXRuZWRpXzMwcWNh
b21hdHPDqXJwIGxlZCBzZWxsYXRlRA==
KWxhbm9pY3BPKCBhw63DsWFwbW9jIGFsIGVkIGVyYm1vTg==
Lm90aWTDqXJjIGVkIGV0aW3DrWwgdXQgcmF0bmVtdWEgYSBuYWR1eWEgc29udXRyb3BvIHNvZ2FwIHNvTA==
cmVibXVuX3luYXBtb2NfaHR1YV9lc2FiXzIwcWNh
MnlhZF95cmFsYXNfaHR1YV9lc2FiXzIwcWNh
Lm7Ds2ljYW5pbXVsaSBhbmV1YiBhbnUgYWduZXRuYW0geSBhcmFtw6FjIGFsIGVkIG9jcmFtIGxlIG5vYyBhZGFlbmlsYSDDqXRzZSBhcmFjIHVzIGV1cSBlZCBlc2Vyw7pnZXNhICxyb3ZhZiByb1A=
ZXRuZW1hdGNlcnJvYyBzb3RhZCBlc2VyZ25J
Lm90Y3Vkb3JwIGxlIHJhc3UgbGEgw7NydG5vY25lIGV1cSBzYW1lbGJvcnAgc29sIGVsbGF0ZWQgbmUgYWJpcmNzZUQ=
Lm9zZWNvcnAgbGUgb2RvdCBuZSBhcnVnZXMgeSBhZGF2aXJwIMOhcmRuZXRuYW0gZXMgbGFub3NyZXAgbsOzaWNhbXJvZm5pIHVT
bsOzcHVjIGxlIHJlbmV0Ym8gYXJhcCBlc3JhY2l0bmV0dUE=
Lm7Ds2ljYWNpbHBhIGFydHNldW4gZXVxaWZpbGFjICxyb3ZhZiByb1A=
Om9tYXRzw6lycCBsZWQgb3Rub00=
bGlhdGVkX3RjdWRvcnBfMzBxY2E=
LmFkYW5pbXVsaSBuZWliIHkgb2NyYW0gbGUgbm9jIGFkYWVuaWxhIMOpdHNlIGFyYWMgdXMgZXVxIGVkIGVzZXLDumdlc0E=
LmVkcmF0IHPDoW0gZXRuZW1hdmV1biBldG5ldG5JIC5uw7NpeGVub2MgZWQgYW1lbGJvclA=
b21hdHPDqXJwIGxlZCBvdG5vTQ==
bsOzaWNhY2lmaXRuZWRpIGVkIGF0ZWpyYXQgYWwgZWQgZXRuZXJG
IW7Ds2ljdWFjZXJwIG5vYyBhZGVjb3JwICxyb3ZhZiByb1DCoSAucmFyZXB1Y2VyIGVkZXVwIGVzIG9uICxhdG5ldWMgYWwgYWRhbmltaWxlIHpldiBhblUgLnNvdGFkIGVkIGVzYWIgYWwgYSBvZGlidXMgYXlhaCBldXEgc29tYXRzw6lycCBlZCBsYWlyb3RzaWggZSBvdGlkw6lyYyBlZCBzb3J0c2lnZXIgc29sIHNvZG90IHkgbGFub3NyZXAgbsOzaWNhbXJvZm5pIHVzIGFkb3QgZXRuZW1ldG5lbmFtcmVwIHNvbWVyYW5pbWlsZSBldXEgYWNpZmluZ2lzIGF0bmV1YyBhbCByYXJyb0I=
E5624547c7da6fbe9573927101048e52
Lm90bm9ycCBkZXRzdSBub2Mgc29tZXJhY2ludW1vYyBzb24geSBzb2lyYXRuZW1vYyBzdXMgb2RpYmljZXIgc29tZUg=
bsOzaWNuZXRhIGVkIG9pY2l2cmVT
MW5vaXRhbGVyX3RjYXJ0bm9jX3JlbWVfMjBxY2E=
eWFwZXJfbm9pc25ldHhlX2xpYXRlZF90bmVteWFwZXJfMzBxY2E=
b25vZsOpbGV0IGVkIG9yZW3Dum4gdXMgZXNlcmduSQ==
c3NlcmRkYV9saWF0ZWRfa3Jvd19odHVhX2VzYWJfMjBxY2E=
3BAF59A2E5331C30675FAB35FF5FFF0D116142D3D4664F1C3CB804068B40614F
LmxpdsOzbSBvbm9mw6lsZXQgZWQgb3JlbcO6biB1cyBlYmV1cnBtb2MgLHJvdmFmIHJvUA==
Lm7Ds2lzbmV0eGUgYW51IHJhdGljaWxvcyByb3AgcmF0cG8gZWRldXAgLHNhcmVpY25hbmlmIHNlZGF0bHVjaWZpZCBlbmVpdCBldG5lbWxhZXIgb2RuYXVDIC5yb3lhbSBkYWRpdG5hYyBhbnUgcmVuZXRibyBhcmFwIGRhZGlsYXRvdCB1cyBuZSBldWdhcCBldXEgc29tYWRuZW1vY2VyIGVM
O3RvdXEmb21hdHPDqXJQIGVkIG90YXJ0bm9DO3RvdXEmIGxlIG90cGVjYSB5IG9kw61lbCBlSA==
c290aWfDrWQgNCBlZCBuw7NpY2FjaWZpcmVW
LmV0bmVtYXRhaWRlbW5pIG90Y3Vkb3JwIGV0c2UgbmUgcmF0aWNpbG9zIHNlZGV1UCAsb3RpeMOpIG5vYyBhZHVlZCB1dCBvZGFkaXVxaWwgc2FoICBzJDElIG5lICxzZW5vaWNhdGljaWxlRg==
b2dhcCBlZCBvZG90w6ltIHVzIGFqaWxF
dG51b2NjYV9rbmFiX2VnbmFoY19saWF0ZWRfbmFvbF8zMHFjYQ==
ZGFkaXRuZWRpIGVkIG90bmVtdWNvZCB1cyBldWdyYWMgLHJvdmFmIHJvUA==
FBA3AF4E7757D9016E953FB3EE4671CA2BD9AF725F9A53D52ED4A38EAAA08901
IC5lZG5vcHNlcnJvYyBpcyAsb3RuZWltaWNuZXYgZWQgYWZpcmF0IGFsIHPDoW0gbGFuaWdpcm8gb21hdHPDqXJwIGVkIG9pY2l2cmVzIGVkIGFmaXJhdCBhbCBhIGxhdWdpIHNlIGFnb3Jyw7NycCBlZCBhZmlyYXQgYUw=
b21hdHPDqXJwIGVkIGF0b3VjIGltIHJhY2lmaXJlVg==
eXRpY19rcm93X2h0dWFfZXNhYl8yMHFjYQ==
bG10aC5QVFMveG0uYWRlbm9tYXZpdi41aC8vOnNwdHRo
b8OtY2F2IHJhdHNlIGVkZXVwIG9uIG9kaW5ldG5vYyBsRQ==
LmV0bmVtYXNvZGFkaXVjIGV1cWlmaXJldiAscm92YWYgcm9QIC5hbm9pY3JvcG9ycCBldXEgbsOzaWNhbXJvZm5pIGFsIGVkIGRhZGljYXJldiBhbCBub2Mgb2Rhbm9pY2FsZXIgw6F0c2Ugb3RpZMOpcmMgZWQgZXRpbcOtbCB1UyA6b2plc25vQw==
LsOhcmFsbGFmIG7Ds2ljYWNpZmlyZXYgYWwgLG9pcmFydG5vYyBvbCBlZCAsYWlyYWNuYWIgYXRuZXVjIGFpcG9ycCB1cyBlY2lsaXRVIC4x
cmF0czVvbl9lcm9jc19vdF9nbmlzc2Vjb3JwX25hb2xfMzBxY2E=
FFE391E0EA186D0734ED601E4E70E3224B7309D48E2075BAC46D8C667EAE7212
c2VsYXV0Y2Egc29kaWRlcCBzb2wgcmV2IGFyYXAgYXJ1dGNhRiBpTSBlZCBhbmlnw6FwIGFsIGEgcmkgZWRldVA=
bsOzaWNhY2lmaXRuZWRpIGVkIGF0ZWpyYXQgYWwgZWQgb3Nyb0Q=
LnNlbGJpbm9wc2lkIHNvZG5vZiBzZXRuZWljaWZ1cyBlbmVpdCBpcyBkYWRpbGF0b3QgdXMgbmUgb21hdHPDqXJwIGxlIHJhZ2FwIGFkbmVpbW9jZXIgZVMgLmRhZGlsYXRvdCB1cyBuZSBvbWF0c8OpcnAgbGUgcmFnYXAgZWRldXAgZXMgb24gb2RuYXVjIHNlbGFlciBzYXJlaWNuYW5pZiBzZWRhdGx1Y2lmaWQgZWQgc2Vub2ljYXV0aXMgbmUgZXNyYXRpY2lsb3MgZWJlZCBvbG9zIGFnb3Jyw7NycCBhTA==
b2ljaW5pIGVkIGFuaWfDoXAgYWwgYSByZXZsb1Y=
Lm9sZXRuw6l0bmllciByb3ZhZiByb3AgLG7Ds2ljYWNpdG5ldHVhIGVkIHJvcnJF
Lm9kaWNuZXYgYWggb21hdHPDqXJwIGxlZCBvemFscCBsZSBldXEgZWQgc8OpdXBzZWQgYWNpbHBhIGVzIHkgYWlyYWlkIG7Ds2ljcm9wb3JwIGF0cmVpYyBhbnUgZWQgc2Ugb3RuZWltaWNuZXYgcm9wIG9ncmFjIGVkIGFzYXQgYUw=
ZXRuYXZlbGVyIG7Ds2ljYW1yb2ZuaSBhbCBldXFpZmlyZXYgcm92YWYgcm9Q
LmV0bmF0c25pIGxhIG9tYXRzw6lycCBsZSByZW5ldGJvIGFyYXAgc2V0bmVpY2VyIHPDoW0gc2FsIG5hZXMgeSBkYWRpcmFsYyBub2MgbmVtb3QgZXMgc290bmVtdWNvZCBzb2wgZWQgc2VuZWfDoW1pIHNhbCBzYWRvdCBldXEgZWQgZXNlcsO6Z2VzYSA6b2plc25vQw==
cmVkcm9feWFwZXJfbGxpYl8zMHFjYQ==
ZXB5dF95cmFsYXNfaHR1YV9lc2FiXzIwcWNh
bm9pY2Ftcm9mbmkgYWwgZXVxaWZpcmV2IHJvdmFmIHJvUA==
Lm9jcmFtIGxlZCBvcnRuZWQgbsOzaWNhY2lmaXRuZWRpIHVzIGVkIG90b2YgYW51IGVtb1Q=
ZGFkaXRuZWRpIGVkIG90bmVtdWNvZCBuJSBsZWQgZXRuZXJmIGxlIHJhZW5hY3NF
b3RvaHBfZHJhY19rY2FiX2h0dWFfeXRpdG5lZGlfMzBxY2E=
LmFnb3Jyw7NycCBhbnUgcmF0aWNpbG9zIHJhcmVkaXNub2MgZWRldXAgLHNhcmVpY25hbmlmIHNlZGF0bHVjaWZpZCBlbmVpdCBpUyAub3BtZWl0IGEgb21hdHPDqXJwIHVzIGV1Z2FwIGV1cSBldG5hdHJvcG1pIHNlICxzb3JlaWNuYW5pZiBzYW1lbGJvcnAgc2Vyb3lhbSByYXRpdmUgYXJhUA==
Lm9tYXRzw6lycCB1cyByYXRpY2lsb3MgYXJhcCBsYXBpY25pcnAgYW5pZ8OhcCBhbCBhIHJhc2VyZ2VyIGVkZXVwIGFyb2hBIC5vZGFib3JwYSBvbWF0c8OpcnAgZWQgb3Rub20gbnUgZW5laXQgYVk=
cyQxJSA6b2RhemlsaXR1IG90aWTDqXJD
LsOhcmFsbGFmIG9nYXAgbGUgLG9pcmFydG5vYyBvbCBlZCAsYXRjZXJyb2MgYWVzIG7Ds2ljYW1yb2ZuaSBhbCBldXEgZWQgZXNlcsO6Z2VzQSAuMg==
bXJpZm5vY19vZm5pX3RudW9jY2FfMzBxY2E=
LnNvaXJvdGFnaWxibyBzb3BtYWMgc29sIGV1cWlmaXJlVg==
cmVkbmVnX2h0dWFfZXNhYl8yMHFjYQ==
b2RhZ2VydG5lIG9kaXMgYWggb21hdHPDqXJwIGVkIGR1dGljaWxvcyB1Uw==
b21hdHPDqXJwIHJpZGVQIC8zMA==
Mm5vaXRhbGVyX3RjYXJ0bm9jX3JlbWVfMjBxY2E=
ZW1vY25pX2h0bm9tX2h0dWFfZXNhYl8yMHFjYQ==
ZW1hbl9rbmFiX2tuYWJfMjBxY2E=

安全提示信息 应用程序记录日志信息,不得记录敏感信息 

应用程序记录日志信息,不得记录敏感信息
https://github.com/OWASP/owasp-mstg/blob/master/Document/0x05d-Testing-Data-Storage.md#logs

Files:
a6/e.java, line(s) 55
b1/h.java, line(s) 36,40,44
b1/t.java, line(s) 43
c2/b.java, line(s) 32
c6/a.java, line(s) 53
com/appsflyer/AFLogger.java, line(s) 52,70,113,68,85,94,120
com/appsflyer/internal/AFb1tSDK.java, line(s) 217,895
com/appsflyer/internal/AFc1kSDK.java, line(s) 73,73,78
com/appsflyer/internal/AFd1oSDK.java, line(s) 733
com/appsflyer/internal/AFe1bSDK.java, line(s) 36
com/appsflyer/internal/AFe1dSDK.java, line(s) 30,32,148,156
com/appsflyer/internal/AFe1eSDK.java, line(s) 39,63
com/appsflyer/internal/AFe1jSDK.java, line(s) 238,60,236,234
com/appsflyer/internal/AFe1oSDK.java, line(s) 34
com/appsflyer/internal/AFf1dSDK.java, line(s) 208,228,396,411,496,719,1237,1354,1355,1777,1798,1801
com/appsflyer/internal/AFf1rSDK.java, line(s) 79
com/appsflyer/internal/AFf1tSDK.java, line(s) 100,116,132,149,171,186,201,220,240,281,292
com/appsflyer/internal/AFf1uSDK.java, line(s) 29
com/appsflyer/internal/AFf1vSDK.java, line(s) 59,78
com/appsflyer/internal/AFg1ySDK.java, line(s) 43,44,45
com/appsflyer/internal/AFg1zSDK.java, line(s) 80,92,114,119
com/appsflyer/internal/AFh1gSDK.java, line(s) 48,154,49,155,298
com/moneda/cloud/iotdqkynjet/b.java, line(s) 159
com/moneda/cloud/iqplrcjvl/iybske/funding/dtfqm/Underground.java, line(s) 152,159
com/moneda/cloud/iqplrcjvl/pefbor/neikwtpn/tngh/waxing/Keyword.java, line(s) 888,898
com/moneda/cloud/iqplrcjvl/xuqyslbdid/xfre/millennium/kotwp/Brackets.java, line(s) 131,384
com/moneda/cloud/pyuwbuf/apical/Deal.java, line(s) 769,779
com/moneda/cloud/tt/rgu/uv/Zonal.java, line(s) 101
com/moneda/cloud/usgbbi/funnily/Interferes.java, line(s) 149,357,284
com/nick/permission/utils/a.java, line(s) 118,123,128,131,272,280,347
d1/b.java, line(s) 58,61
d2/l0.java, line(s) 42
d8/e.java, line(s) 54,91,91
e2/c.java, line(s) 188,191
e2/h.java, line(s) 267,270
f1/u.java, line(s) 269
h/g.java, line(s) 170,217,276
h1/f.java, line(s) 143
i/c.java, line(s) 276
i3/d.java, line(s) 162,195
i8/f.java, line(s) 16,21
j3/b.java, line(s) 71
k0/c.java, line(s) 117
k0/l.java, line(s) 48,49
k0/o.java, line(s) 128
k1/c.java, line(s) 169
l3/h.java, line(s) 517
m5/g.java, line(s) 35,38
me/jessyan/autosize/AutoSize.java, line(s) 107
me/jessyan/autosize/AutoSizeConfig.java, line(s) 321,334,347,243
me/jessyan/autosize/DefaultAutoAdaptStrategy.java, line(s) 21,31,34,15,28
me/jessyan/autosize/utils/AutoSizeLog.java, line(s) 15,21,35
n5/b.java, line(s) 13
o1/a.java, line(s) 331,1116,1242,1247,1253,1323,1487,1609,1612,1621,1627,1656,1677,1691,1707,1740,1756,1763,1766,1810,1817,1828,1845,1850,1857,2099,2198,2251,2454,2511,2564,2751,2762,2769,2793,2915,2941,2958,2980,2987,3146,3319,3370,3390,3403,3451,3503,3512,3550,3571,3595,3662,769,777,811,823,835,847,859,871,883,895,907,914,925,937,141,920,1212,1216,1220,1542,2445,2464,2472,2674,2684,2835,2843,3232,3294,3747
o1/b.java, line(s) 47
p0/a.java, line(s) 96,99
p0/c.java, line(s) 78,80
p0/d.java, line(s) 128,130
p0/f.java, line(s) 163,165
q0/a.java, line(s) 71
q0/e.java, line(s) 93
q0/f.java, line(s) 181,246,305
q0/g.java, line(s) 32,108
q0/h.java, line(s) 122,127
q0/j.java, line(s) 96,362
q0/k.java, line(s) 97,397,404
q0/l.java, line(s) 211,218
q0/m.java, line(s) 1005
r0/a.java, line(s) 229,118,274
r0/c.java, line(s) 113
r1/b.java, line(s) 38,46,64
r2/i.java, line(s) 53
s4/c.java, line(s) 43
t/l1.java, line(s) 14,21,28,35,42,51,70,77
t0/d.java, line(s) 92,248
t0/k.java, line(s) 43
t0/q.java, line(s) 67
tech/gujin/toast/ToastUtil.java, line(s) 25
u/l0.java, line(s) 98,100,104,108,113
u1/e.java, line(s) 120,123,128
v7/d.java, line(s) 440
w0/c.java, line(s) 64
w0/d.java, line(s) 68
w0/h.java, line(s) 334,340,346,144,153,274
x0/e.java, line(s) 564,569
x0/e0.java, line(s) 105
x0/g.java, line(s) 70
x0/h.java, line(s) 41,74
x0/m.java, line(s) 56,228
y1/c.java, line(s) 40,28,32
z/c.java, line(s) 21
z3/a.java, line(s) 25,40,26,41

安全提示信息 此应用程序将数据复制到剪贴板。敏感数据不应复制到剪贴板,因为其他应用程序可以访问它 

此应用程序将数据复制到剪贴板。敏感数据不应复制到剪贴板,因为其他应用程序可以访问它
https://github.com/OWASP/owasp-mstg/blob/master/Document/0x04b-Mobile-App-Security-Testing.md#clipboard

Files:
p5/v.java, line(s) 4,12

已通过安全项 此应用程序使用SSL Pinning 来检测或防止安全通信通道中的MITM攻击 

此应用程序使用SSL Pinning 来检测或防止安全通信通道中的MITM攻击
https://github.com/OWASP/owasp-mstg/blob/master/Document/0x05g-Testing-Network-Communication.md#testing-custom-certificate-stores-and-certificate-pinning-mstg-network-4

Files:
c8/d.java, line(s) 119,118,117
c8/e.java, line(s) 138,127,137,150,136,136
c8/j.java, line(s) 121,120,119,119
c8/k.java, line(s) 240,227,239,238,238

已通过安全项 此应用程序可能具有Root检测功能 

此应用程序可能具有Root检测功能
https://github.com/OWASP/owasp-mstg/blob/master/Document/0x05j-Testing-Resiliency-Against-Reverse-Engineering.md#testing-root-detection-mstg-resilience-1

Files:
z4/b.java, line(s) 179,180

综合安全基线评分总结

应用图标

VivaMoneda v1.4

Android APK
49
综合安全评分
中风险