应用安全检测报告
应用安全检测报告,支持文件搜索、内容检索和AI代码分析
移动应用安全检测报告
Bugko v9.2.6.0
57
安全评分
安全基线评分
57/100
低风险
综合风险等级
风险等级评定
- A
- B
- C
- F
应用存在一定安全风险,建议优化
漏洞与安全项分布
0
高危
16
中危
2
信息
2
安全
隐私风险评估
4
第三方跟踪器
中等隐私风险
检测到少量第三方跟踪器
检测结果分布
高危安全漏洞
0
中危安全漏洞
16
安全提示信息
2
已通过安全项
2
重点安全关注
0
中危安全漏洞 应用已启用明文网络流量
[android:usesCleartextTraffic=true] 应用允许明文网络流量(如 HTTP、FTP 协议、DownloadManager、MediaPlayer 等)。API 级别 27 及以下默认启用,28 及以上默认禁用。明文流量缺乏机密性、完整性和真实性保护,攻击者可窃听或篡改传输数据。建议关闭明文流量,仅使用加密协议。
中危安全漏洞 应用数据允许备份
[android:allowBackup=true] 该标志允许通过 adb 工具备份应用数据。启用 USB 调试的用户可直接复制应用数据,存在数据泄露风险。
中危安全漏洞 Broadcast Receiver (com.google.firebase.iid.FirebaseInstanceIdReceiver) 受权限保护,但应检查权限保护级别。
Permission: com.google.android.c2dm.permission.SEND [android:exported=true] 检测到 Broadcast Receiver 已导出并受未在本应用定义的权限保护。请在权限定义处核查其保护级别。若为 normal 或 dangerous,恶意应用可申请并与组件交互;若为 signature,仅同证书签名应用可访问。
中危安全漏洞 Service (crc640190106674015c54.PushNotificationMessagingService) 未受保护。
[android:exported=true] 检测到 Service 已导出,未受任何权限保护,任意应用均可访问。
中危安全漏洞 Activity (crc6455d3dd4cdc9e7ca2.DropboxCallbackActivity) 未受保护。
[android:exported=true] 检测到 Activity 已导出,未受任何权限保护,任意应用均可访问。
中危安全漏洞 Activity (crc6455d3dd4cdc9e7ca2.InitializeActivity) 未受保护。
[android:exported=true] 检测到 Activity 已导出,未受任何权限保护,任意应用均可访问。
中危安全漏洞 Broadcast Receiver (androidx.profileinstaller.ProfileInstallReceiver) 受权限保护,但应检查权限保护级别。
Permission: android.permission.DUMP [android:exported=true] 检测到 Broadcast Receiver 已导出并受未在本应用定义的权限保护。请在权限定义处核查其保护级别。若为 normal 或 dangerous,恶意应用可申请并与组件交互;若为 signature,仅同证书签名应用可访问。
中危安全漏洞 Service (androidx.work.impl.background.systemjob.SystemJobService) 受权限保护,但应检查权限保护级别。
Permission: android.permission.BIND_JOB_SERVICE [android:exported=true] 检测到 Service 已导出并受未在本应用定义的权限保护。请在权限定义处核查其保护级别。若为 normal 或 dangerous,恶意应用可申请并与组件交互;若为 signature,仅同证书签名应用可访问。
中危安全漏洞 Broadcast Receiver (androidx.work.impl.diagnostics.DiagnosticsReceiver) 受权限保护,但应检查权限保护级别。
Permission: android.permission.DUMP [android:exported=true] 检测到 Broadcast Receiver 已导出并受未在本应用定义的权限保护。请在权限定义处核查其保护级别。若为 normal 或 dangerous,恶意应用可申请并与组件交互;若为 signature,仅同证书签名应用可访问。
中危安全漏洞 IP地址泄露
IP地址泄露 Files: crc644f3901d6e2deaf74/BaseRecyclerViewViewHolder_1.java, line(s) 13,13,21,21 crc644f3901d6e2deaf74/CardRandomAbilityAbilityViewHolder.java, line(s) 12,12,20,20 crc64692a67b1ffd85ce9/ActivityLifecycleCallbacks.java, line(s) 12,12,12,12,12,12,12,12,12,12,12,12,12,12,12,12,12,12,12,12,12,58,58,58,58,58,58,58,58,58,58,58,58,58,58,58,58,58,58,58,58,58 crc648e35430423bd4943/GLTextureView.java, line(s) 14,14,14,14,14 crc648e35430423bd4943/SKGLSurfaceViewRenderer.java, line(s) 12,12,12 crc648e35430423bd4943/SKSurfaceView.java, line(s) 13,13,13 crc64a60a676139c23dc8/HideAnimatorListener.java, line(s) 11,11,11,11,23,23,23,23 crc64a60a676139c23dc8/ShowAnimatorListener.java, line(s) 11,11,11,11,23,23,23,23 crc64a60a676139c23dc8/ViewTouchListener.java, line(s) 11 crc64a60a676139c23dc8/VisionTextRecognizer.java, line(s) 13 crc64ba438d8f48cf7e75/ActivityLifecycleContextListener.java, line(s) 12,12,12,12,12,12,12,12,12,12,12,12,12,12,12,12,12,12,12,12,12,58,58,58,58,58,58,58,58,58,58,58,58,58,58,58,58,58,58,58,58,58 crc64bd4a3c52fec04726/AutoSuspendHelper_ObservableLifecycle.java, line(s) 12,12,12,12,12,12,12,12,12,12,12,12,12,12,12,12,12,12,12,12,12,58,58,58,58,58,58,58,58,58,58,58,58,58,58,58,58,58,58,58,58,58 crc64bd4a3c52fec04726/ContextExtensions_ServiceConnection_1.java, line(s) 12,12,12,12 crc64bd4a3c52fec04726/SharedPreferencesExtensions_OnSharedPreferenceChangeListener.java, line(s) 10 io/sentry/SpotlightIntegration.java, line(s) 89 mono/android/TypeManager.java, line(s) 11 mono/android/accessibilityservice/AccessibilityService_MagnificationController_OnMagnificationChangedListenerImplementor.java, line(s) 11 mono/android/accessibilityservice/AccessibilityService_SoftKeyboardController_OnShowModeChangedListenerImplementor.java, line(s) 10 mono/android/accounts/OnAccountsUpdateListenerImplementor.java, line(s) 11 mono/android/animation/AnimatorEventDispatcher.java, line(s) 10,10,10,10,22,22,22,22 mono/android/animation/Animator_AnimatorListenerImplementor.java, line(s) 10,10,10,10,22,22,22,22 mono/android/animation/Animator_AnimatorPauseListenerImplementor.java, line(s) 10,10 mono/android/animation/LayoutTransition_TransitionListenerImplementor.java, line(s) 12,12 mono/android/animation/TimeAnimator_TimeListenerImplementor.java, line(s) 10 mono/android/animation/ValueAnimator_AnimatorUpdateListenerImplementor.java, line(s) 10 mono/android/animation/ValueAnimator_DurationScaleChangeListenerImplementor.java, line(s) 10 mono/android/app/ActionBar_OnMenuVisibilityListenerImplementor.java, line(s) 10 mono/android/app/ActionBar_OnNavigationListenerImplementor.java, line(s) 10 mono/android/app/ActionBar_TabListenerImplementor.java, line(s) 11,11,11,21,21,21 mono/android/app/AlarmManager_OnAlarmListenerImplementor.java, line(s) 10 mono/android/app/AppOpsManager_OnOpActiveChangedListenerImplementor.java, line(s) 10,10 mono/android/app/AppOpsManager_OnOpChangedListenerImplementor.java, line(s) 10,10 mono/android/app/ApplicationRegistration.java, line(s) 8 mono/android/app/Application_OnProvideAssistDataListenerImplementor.java, line(s) 12 mono/android/app/DatePickerDialog_OnDateSetListenerImplementor.java, line(s) 11 mono/android/app/FragmentBreadCrumbs_OnBreadCrumbClickListenerImplementor.java, line(s) 11 mono/android/app/FragmentManager_OnBackStackChangedListenerImplementor.java, line(s) 10 mono/android/app/KeyguardManager_KeyguardLockedStateListenerImplementor.java, line(s) 10 mono/android/app/SearchManager_OnCancelListenerImplementor.java, line(s) 10 mono/android/app/SearchManager_OnDismissListenerImplementor.java, line(s) 10 mono/android/app/SharedElementCallback_OnSharedElementsReadyListenerImplementor.java, line(s) 10 mono/android/app/TabEventDispatcher.java, line(s) 11,11,11,21,21,21 mono/android/app/TimePickerDialog_OnTimeSetListenerImplementor.java, line(s) 11 mono/android/app/UiAutomation_OnAccessibilityEventListenerImplementor.java, line(s) 11 mono/android/app/UiModeManager_ContrastChangeListenerImplementor.java, line(s) 10 mono/android/app/WallpaperManager_OnColorsChangedListenerImplementor.java, line(s) 11 mono/android/app/admin/DevicePolicyManager_OnClearApplicationUserDataListenerImplementor.java, line(s) 10 mono/android/bluetooth/BluetoothProfile_ServiceListenerImplementor.java, line(s) 10,10 mono/android/companion/virtual/VirtualDeviceManager_VirtualDeviceListenerImplementor.java, line(s) 10,10 mono/android/database/sqlite/SQLiteTransactionListenerImplementor.java, line(s) 10,10,10 mono/android/drm/DrmManagerClient_OnErrorListenerImplementor.java, line(s) 11 mono/android/drm/DrmManagerClient_OnEventListenerImplementor.java, line(s) 11 mono/android/drm/DrmManagerClient_OnInfoListenerImplementor.java, line(s) 11 mono/android/gesture/GestureOverlayView_OnGestureListenerImplementor.java, line(s) 11,11,11,11 mono/android/gesture/GestureOverlayView_OnGesturePerformedListenerImplementor.java, line(s) 11 mono/android/gesture/GestureOverlayView_OnGesturingListenerImplementor.java, line(s) 10,10 mono/android/graphics/ImageDecoder_OnHeaderDecodedListenerImplementor.java, line(s) 10 mono/android/graphics/ImageDecoder_OnPartialImageListenerImplementor.java, line(s) 10 mono/android/graphics/SurfaceTexture_OnFrameAvailableListenerImplementor.java, line(s) 10 mono/android/graphics/drawable/Icon_OnDrawableLoadedListenerImplementor.java, line(s) 11 mono/android/hardware/Camera_FaceDetectionListenerImplementor.java, line(s) 10 mono/android/hardware/Camera_OnZoomChangeListenerImplementor.java, line(s) 10 mono/android/hardware/SensorEventListenerImplementor.java, line(s) 12,12 mono/android/hardware/SensorListenerImplementor.java, line(s) 10,10 mono/android/hardware/display/DisplayManager_DisplayListenerImplementor.java, line(s) 10,10,10 mono/android/hardware/input/InputManager_InputDeviceListenerImplementor.java, line(s) 10,10,10 mono/android/inputmethodservice/KeyboardView_OnKeyboardActionListenerImplementor.java, line(s) 10,10,10,10,10,10,10,10 mono/android/location/Geocoder_GeocodeListenerImplementor.java, line(s) 11,11 mono/android/location/GnssAntennaInfo_ListenerImplementor.java, line(s) 11 mono/android/location/GpsStatus_ListenerImplementor.java, line(s) 10 mono/android/location/GpsStatus_NmeaListenerImplementor.java, line(s) 10 mono/android/location/LocationListenerImplementor.java, line(s) 12,12,12,12,12 mono/android/location/OnNmeaMessageListenerImplementor.java, line(s) 10 mono/android/media/AudioManager_OnAudioFocusChangeListenerImplementor.java, line(s) 10 mono/android/media/AudioManager_OnCommunicationDeviceChangedListenerImplementor.java, line(s) 11 mono/android/media/AudioManager_OnModeChangedListenerImplementor.java, line(s) 10 mono/android/media/AudioManager_OnPreferredMixerAttributesChangedListenerImplementor.java, line(s) 13 mono/android/media/AudioRecord_OnRecordPositionUpdateListenerImplementor.java, line(s) 10,10 mono/android/media/AudioRouting_OnRoutingChangedListenerImplementor.java, line(s) 10 mono/android/media/AudioTrack_OnCodecFormatChangedListenerImplementor.java, line(s) 11 mono/android/media/AudioTrack_OnPlaybackPositionUpdateListenerImplementor.java, line(s) 10,10 mono/android/media/ImageReader_OnImageAvailableListenerImplementor.java, line(s) 10 mono/android/media/ImageWriter_OnImageReleasedListenerImplementor.java, line(s) 10 mono/android/media/JetPlayer_OnJetEventListenerImplementor.java, line(s) 10,10,10,10 mono/android/media/LoudnessCodecController_OnLoudnessCodecUpdateListenerImplementor.java, line(s) 12 mono/android/media/MediaCas_EventListenerImplementor.java, line(s) 10,10,10,10 mono/android/media/MediaCodec_OnFirstTunnelFrameReadyListenerImplementor.java, line(s) 10 mono/android/media/MediaCodec_OnFrameRenderedListenerImplementor.java, line(s) 10 mono/android/media/MediaDrm_OnEventListenerImplementor.java, line(s) 10 mono/android/media/MediaDrm_OnExpirationUpdateListenerImplementor.java, line(s) 10 mono/android/media/MediaDrm_OnKeyStatusChangeListenerImplementor.java, line(s) 11 mono/android/media/MediaDrm_OnSessionLostStateListenerImplementor.java, line(s) 10 mono/android/media/MediaPlayer_OnBufferingUpdateListenerImplementor.java, line(s) 10 mono/android/media/MediaPlayer_OnCompletionListenerImplementor.java, line(s) 10 mono/android/media/MediaPlayer_OnDrmInfoListenerImplementor.java, line(s) 10 mono/android/media/MediaPlayer_OnDrmPreparedListenerImplementor.java, line(s) 10 mono/android/media/MediaPlayer_OnErrorListenerImplementor.java, line(s) 10 mono/android/media/MediaPlayer_OnInfoListenerImplementor.java, line(s) 10 mono/android/media/MediaPlayer_OnMediaTimeDiscontinuityListenerImplementor.java, line(s) 11 mono/android/media/MediaPlayer_OnPreparedListenerImplementor.java, line(s) 10 mono/android/media/MediaPlayer_OnSeekCompleteListenerImplementor.java, line(s) 10 mono/android/media/MediaPlayer_OnSubtitleDataListenerImplementor.java, line(s) 11 mono/android/media/MediaPlayer_OnTimedMetaDataAvailableListenerImplementor.java, line(s) 11 mono/android/media/MediaPlayer_OnTimedTextListenerImplementor.java, line(s) 11 mono/android/media/MediaPlayer_OnVideoSizeChangedListenerImplementor.java, line(s) 10 mono/android/media/MediaRecorder_OnErrorListenerImplementor.java, line(s) 10 mono/android/media/MediaRecorder_OnInfoListenerImplementor.java, line(s) 10 mono/android/media/MediaRouter2_OnGetControllerHintsListenerImplementor.java, line(s) 12 mono/android/media/MediaScannerConnection_OnScanCompletedListenerImplementor.java, line(s) 11 mono/android/media/MediaSync_OnErrorListenerImplementor.java, line(s) 10 mono/android/media/RemoteControlClient_OnGetPlaybackPositionListenerImplementor.java, line(s) 10 mono/android/media/RemoteControlClient_OnMetadataUpdateListenerImplementor.java, line(s) 10 mono/android/media/RemoteControlClient_OnPlaybackPositionUpdateListenerImplementor.java, line(s) 10 mono/android/media/RemoteController_OnClientUpdateListenerImplementor.java, line(s) 10,10,10,10,10 mono/android/media/SoundPool_OnLoadCompleteListenerImplementor.java, line(s) 10 mono/android/media/Spatializer_OnHeadTrackerAvailableListenerImplementor.java, line(s) 10 mono/android/media/Spatializer_OnSpatializerStateChangedListenerImplementor.java, line(s) 10,10 mono/android/media/audiofx/AudioEffect_OnControlStatusChangeListenerImplementor.java, line(s) 10 mono/android/media/audiofx/AudioEffect_OnEnableStatusChangeListenerImplementor.java, line(s) 10 mono/android/media/audiofx/BassBoost_OnParameterChangeListenerImplementor.java, line(s) 10 mono/android/media/audiofx/EnvironmentalReverb_OnParameterChangeListenerImplementor.java, line(s) 10 mono/android/media/audiofx/Equalizer_OnParameterChangeListenerImplementor.java, line(s) 10 mono/android/media/audiofx/PresetReverb_OnParameterChangeListenerImplementor.java, line(s) 10 mono/android/media/audiofx/Virtualizer_OnParameterChangeListenerImplementor.java, line(s) 10 mono/android/media/audiofx/Visualizer_OnDataCaptureListenerImplementor.java, line(s) 10,10 mono/android/media/effect/EffectUpdateListenerImplementor.java, line(s) 11 mono/android/media/midi/MidiManager_OnDeviceOpenedListenerImplementor.java, line(s) 11 mono/android/media/session/MediaSessionManager_OnActiveSessionsChangedListenerImplementor.java, line(s) 11 mono/android/media/session/MediaSessionManager_OnMediaKeyEventSessionChangedListenerImplementor.java, line(s) 11 mono/android/media/session/MediaSessionManager_OnSession2TokensChangedListenerImplementor.java, line(s) 11 mono/android/media/tv/TvView_OnUnhandledInputEventListenerImplementor.java, line(s) 11 mono/android/media/tv/interactive/TvInteractiveAppView_OnUnhandledInputEventListenerImplementor.java, line(s) 11 mono/android/net/ConnectivityManager_OnNetworkActiveListenerImplementor.java, line(s) 10 mono/android/net/http/UrlRequest_StatusListenerImplementor.java, line(s) 10 mono/android/net/nsd/NsdManager_DiscoveryListenerImplementor.java, line(s) 11,11,11,11,11,11 mono/android/net/nsd/NsdManager_RegistrationListenerImplementor.java, line(s) 11,11,11,11 mono/android/net/nsd/NsdManager_ResolveListenerImplementor.java, line(s) 11,11,11,11 mono/android/net/sip/SipRegistrationListenerImplementor.java, line(s) 10,10,10 mono/android/net/wifi/WifiManager_LocalOnlyConnectionFailureListenerImplementor.java, line(s) 11 mono/android/net/wifi/WifiManager_SuggestionConnectionStatusListenerImplementor.java, line(s) 11 mono/android/net/wifi/WifiManager_SuggestionUserApprovalStatusListenerImplementor.java, line(s) 10 mono/android/net/wifi/p2p/WifiP2pManager_ActionListenerImplementor.java, line(s) 10,10 mono/android/net/wifi/p2p/WifiP2pManager_ChannelListenerImplementor.java, line(s) 10 mono/android/net/wifi/p2p/WifiP2pManager_ConnectionInfoListenerImplementor.java, line(s) 11 mono/android/net/wifi/p2p/WifiP2pManager_DeviceInfoListenerImplementor.java, line(s) 11 mono/android/net/wifi/p2p/WifiP2pManager_DiscoveryStateListenerImplementor.java, line(s) 10 mono/android/net/wifi/p2p/WifiP2pManager_DnsSdServiceResponseListenerImplementor.java, line(s) 11 mono/android/net/wifi/p2p/WifiP2pManager_DnsSdTxtRecordListenerImplementor.java, line(s) 12 mono/android/net/wifi/p2p/WifiP2pManager_ExternalApproverRequestListenerImplementor.java, line(s) 13,13,13,13 mono/android/net/wifi/p2p/WifiP2pManager_GroupInfoListenerImplementor.java, line(s) 11 mono/android/net/wifi/p2p/WifiP2pManager_NetworkInfoListenerImplementor.java, line(s) 11 mono/android/net/wifi/p2p/WifiP2pManager_P2pStateListenerImplementor.java, line(s) 10 mono/android/net/wifi/p2p/WifiP2pManager_PeerListListenerImplementor.java, line(s) 11 mono/android/net/wifi/p2p/WifiP2pManager_ServiceResponseListenerImplementor.java, line(s) 11 mono/android/net/wifi/p2p/WifiP2pManager_UpnpServiceResponseListenerImplementor.java, line(s) 12 mono/android/net/wifi/p2p/WifiP2pManager_WifiP2pListenerImplementor.java, line(s) 14,14,14,14,14,14,14,14,14,14,14,14,14 mono/android/nfc/NfcAdapter_OnTagRemovedListenerImplementor.java, line(s) 10 mono/android/os/ActionHandlerCallback.java, line(s) 11 mono/android/os/CancellationSignal_OnCancelListenerImplementor.java, line(s) 10 mono/android/os/FileUtils_ProgressListenerImplementor.java, line(s) 10 mono/android/os/MessageQueue_OnFileDescriptorEventListenerImplementor.java, line(s) 11 mono/android/os/ParcelFileDescriptor_OnCloseListenerImplementor.java, line(s) 11 mono/android/os/PowerManager_OnThermalStatusChangedListenerImplementor.java, line(s) 10 mono/android/os/PowerManager_WakeLockStateListenerImplementor.java, line(s) 10 mono/android/os/RecoverySystem_ProgressListenerImplementor.java, line(s) 10 mono/android/os/StrictMode_OnThreadViolationListenerImplementor.java, line(s) 11 mono/android/os/StrictMode_OnVmViolationListenerImplementor.java, line(s) 11 mono/android/preference/PreferenceManager_OnActivityDestroyListenerImplementor.java, line(s) 10 mono/android/preference/PreferenceManager_OnActivityResultListenerImplementor.java, line(s) 11 mono/android/preference/PreferenceManager_OnActivityStopListenerImplementor.java, line(s) 10 mono/android/preference/Preference_OnPreferenceChangeListenerImplementor.java, line(s) 10 mono/android/preference/Preference_OnPreferenceClickListenerImplementor.java, line(s) 10 mono/android/renderscript/Allocation_OnBufferAvailableListenerImplementor.java, line(s) 10 mono/android/sax/EndElementListenerImplementor.java, line(s) 10 mono/android/sax/EndTextElementListenerImplementor.java, line(s) 10 mono/android/sax/StartElementListenerImplementor.java, line(s) 11 mono/android/se/omapi/SEService_OnConnectedListenerImplementor.java, line(s) 10 mono/android/speech/ModelDownloadListenerImplementor.java, line(s) 10,10,10,10 mono/android/speech/RecognitionListenerImplementor.java, line(s) 11,11,11,11,11,11,11,11,11,11,11,11 mono/android/speech/tts/TextToSpeech_OnInitListenerImplementor.java, line(s) 10 mono/android/speech/tts/TextToSpeech_OnUtteranceCompletedListenerImplementor.java, line(s) 10 mono/android/telephony/CarrierConfigManager_CarrierConfigChangeListenerImplementor.java, line(s) 10 mono/android/telephony/TelephonyCallback_ActiveDataSubscriptionIdListenerImplementor.java, line(s) 10 mono/android/telephony/TelephonyCallback_BarringInfoListenerImplementor.java, line(s) 11 mono/android/telephony/TelephonyCallback_CallDisconnectCauseListenerImplementor.java, line(s) 10 mono/android/telephony/TelephonyCallback_CallForwardingIndicatorListenerImplementor.java, line(s) 10 mono/android/telephony/TelephonyCallback_CallStateListenerImplementor.java, line(s) 10 mono/android/telephony/TelephonyCallback_CarrierNetworkListenerImplementor.java, line(s) 10 mono/android/telephony/TelephonyCallback_CellInfoListenerImplementor.java, line(s) 11 mono/android/telephony/TelephonyCallback_CellLocationListenerImplementor.java, line(s) 11 mono/android/telephony/TelephonyCallback_DataActivationStateListenerImplementor.java, line(s) 10 mono/android/telephony/TelephonyCallback_DataActivityListenerImplementor.java, line(s) 10 mono/android/telephony/TelephonyCallback_DataConnectionStateListenerImplementor.java, line(s) 10 mono/android/telephony/TelephonyCallback_DisplayInfoListenerImplementor.java, line(s) 11 mono/android/telephony/TelephonyCallback_EmergencyNumberListListenerImplementor.java, line(s) 11 mono/android/telephony/TelephonyCallback_ImsCallDisconnectCauseListenerImplementor.java, line(s) 11 mono/android/telephony/TelephonyCallback_MessageWaitingIndicatorListenerImplementor.java, line(s) 10 mono/android/telephony/TelephonyCallback_PhysicalChannelConfigListenerImplementor.java, line(s) 11 mono/android/telephony/TelephonyCallback_PreciseDataConnectionStateListenerImplementor.java, line(s) 11 mono/android/telephony/TelephonyCallback_RegistrationFailedListenerImplementor.java, line(s) 11 mono/android/telephony/TelephonyCallback_ServiceStateListenerImplementor.java, line(s) 11 mono/android/telephony/TelephonyCallback_SignalStrengthsListenerImplementor.java, line(s) 11 mono/android/telephony/TelephonyCallback_UserMobileDataStateListenerImplementor.java, line(s) 10 mono/android/text/TextWatcherImplementor.java, line(s) 12,12,12 mono/android/transition/Transition_TransitionListenerImplementor.java, line(s) 10,10,10,10,10 mono/android/view/ActionProvider_VisibilityListenerImplementor.java, line(s) 10 mono/android/view/AttachedSurfaceControl_OnBufferTransformHintChangedListenerImplementor.java, line(s) 10 mono/android/view/GestureDetector_OnContextClickListenerImplementor.java, line(s) 11 mono/android/view/GestureDetector_OnDoubleTapListenerImplementor.java, line(s) 11,11,11 mono/android/view/GestureDetector_OnGestureListenerImplementor.java, line(s) 11,11,11,11,11,11 mono/android/view/MenuItem_OnActionExpandListenerImplementor.java, line(s) 10,10 mono/android/view/MenuItem_OnMenuItemClickListenerImplementor.java, line(s) 10 mono/android/view/OnReceiveContentListenerImplementor.java, line(s) 12 mono/android/view/PixelCopy_OnPixelCopyFinishedListenerImplementor.java, line(s) 10 mono/android/view/ScaleGestureDetector_OnScaleGestureListenerImplementor.java, line(s) 10,10,10 mono/android/view/SurfaceControl_TransactionCommittedListenerImplementor.java, line(s) 10 mono/android/view/TextureView_SurfaceTextureListenerImplementor.java, line(s) 11,11,11,11 mono/android/view/ViewGroup_OnHierarchyChangeListenerImplementor.java, line(s) 11,11 mono/android/view/ViewStub_OnInflateListenerImplementor.java, line(s) 11 mono/android/view/ViewTreeObserver_OnDrawListenerImplementor.java, line(s) 10 mono/android/view/ViewTreeObserver_OnGlobalFocusChangeListenerImplementor.java, line(s) 11 mono/android/view/ViewTreeObserver_OnGlobalLayoutListenerImplementor.java, line(s) 10 mono/android/view/ViewTreeObserver_OnPreDrawListenerImplementor.java, line(s) 10 mono/android/view/ViewTreeObserver_OnScrollChangedListenerImplementor.java, line(s) 10 mono/android/view/ViewTreeObserver_OnTouchModeChangeListenerImplementor.java, line(s) 10 mono/android/view/ViewTreeObserver_OnWindowAttachListenerImplementor.java, line(s) 10,10 mono/android/view/ViewTreeObserver_OnWindowFocusChangeListenerImplementor.java, line(s) 10 mono/android/view/ViewTreeObserver_OnWindowVisibilityChangeListenerImplementor.java, line(s) 10 mono/android/view/View_OnApplyWindowInsetsListenerImplementor.java, line(s) 11 mono/android/view/View_OnAttachStateChangeListenerImplementor.java, line(s) 10,10 mono/android/view/View_OnCapturedPointerListenerImplementor.java, line(s) 11 mono/android/view/View_OnClickListenerImplementor.java, line(s) 10 mono/android/view/View_OnContextClickListenerImplementor.java, line(s) 10 mono/android/view/View_OnCreateContextMenuListenerImplementor.java, line(s) 11 mono/android/view/View_OnDragListenerImplementor.java, line(s) 11 mono/android/view/View_OnFocusChangeListenerImplementor.java, line(s) 10 mono/android/view/View_OnGenericMotionListenerImplementor.java, line(s) 11 mono/android/view/View_OnHoverListenerImplementor.java, line(s) 11 mono/android/view/View_OnKeyListenerImplementor.java, line(s) 11 mono/android/view/View_OnLayoutChangeListenerImplementor.java, line(s) 10 mono/android/view/View_OnLongClickListenerImplementor.java, line(s) 10,10 mono/android/view/View_OnScrollChangeListenerImplementor.java, line(s) 10 mono/android/view/View_OnSystemUiVisibilityChangeListenerImplementor.java, line(s) 10 mono/android/view/View_OnTouchListenerImplementor.java, line(s) 11 mono/android/view/View_OnUnhandledKeyEventListenerImplementor.java, line(s) 11 mono/android/view/WindowInsetsAnimationControlListenerImplementor.java, line(s) 11,11,11 mono/android/view/WindowInsetsController_OnControllableInsetsChangedListenerImplementor.java, line(s) 10 mono/android/view/Window_OnFrameMetricsAvailableListenerImplementor.java, line(s) 11 mono/android/view/Window_OnRestrictedCaptionAreaChangedListenerImplementor.java, line(s) 11 mono/android/view/accessibility/AccessibilityManager_AccessibilityServicesStateChangeListenerImplementor.java, line(s) 10 mono/android/view/accessibility/AccessibilityManager_AccessibilityStateChangeListenerImplementor.java, line(s) 10 mono/android/view/accessibility/AccessibilityManager_AudioDescriptionRequestedChangeListenerImplementor.java, line(s) 10 mono/android/view/accessibility/AccessibilityManager_TouchExplorationStateChangeListenerImplementor.java, line(s) 10 mono/android/view/animation/Animation_AnimationListenerImplementor.java, line(s) 10,10,10 mono/android/view/textservice/SpellCheckerSession_SpellCheckerSessionListenerImplementor.java, line(s) 12,12 mono/android/webkit/DownloadListenerImplementor.java, line(s) 10 mono/android/webkit/WebIconDatabase_IconListenerImplementor.java, line(s) 11 mono/android/webkit/WebView_FindListenerImplementor.java, line(s) 10 mono/android/webkit/WebView_PictureListenerImplementor.java, line(s) 11 mono/android/widget/AbsListView_OnScrollListenerImplementor.java, line(s) 10,10 mono/android/widget/AbsListView_RecyclerListenerImplementor.java, line(s) 11 mono/android/widget/ActionMenuView_OnMenuItemClickListenerImplementor.java, line(s) 11 mono/android/widget/AdapterView_OnItemClickListenerImplementor.java, line(s) 11 mono/android/widget/AdapterView_OnItemLongClickListenerImplementor.java, line(s) 11 mono/android/widget/AdapterView_OnItemSelectedListenerImplementor.java, line(s) 11,11 mono/android/widget/AutoCompleteTextView_OnDismissListenerImplementor.java, line(s) 10 mono/android/widget/CalendarView_OnDateChangeListenerImplementor.java, line(s) 10 mono/android/widget/Chronometer_OnChronometerTickListenerImplementor.java, line(s) 10 mono/android/widget/CompoundButton_OnCheckedChangeListenerImplementor.java, line(s) 10 mono/android/widget/DatePicker_OnDateChangedListenerImplementor.java, line(s) 10 mono/android/widget/ExpandableListView_OnChildClickListenerImplementor.java, line(s) 11 mono/android/widget/ExpandableListView_OnGroupClickListenerImplementor.java, line(s) 11 mono/android/widget/ExpandableListView_OnGroupCollapseListenerImplementor.java, line(s) 10 mono/android/widget/ExpandableListView_OnGroupExpandListenerImplementor.java, line(s) 10 mono/android/widget/Filter_FilterListenerImplementor.java, line(s) 10 mono/android/widget/NumberPicker_OnScrollListenerImplementor.java, line(s) 10 mono/android/widget/NumberPicker_OnValueChangeListenerImplementor.java, line(s) 10 mono/android/widget/PopupMenu_OnDismissListenerImplementor.java, line(s) 10 mono/android/widget/PopupMenu_OnMenuItemClickListenerImplementor.java, line(s) 11 mono/android/widget/PopupWindow_OnDismissListenerImplementor.java, line(s) 10 mono/android/widget/RadioGroup_OnCheckedChangeListenerImplementor.java, line(s) 10 mono/android/widget/RatingBar_OnRatingBarChangeListenerImplementor.java, line(s) 10 mono/android/widget/SearchView_OnCloseListenerImplementor.java, line(s) 10 mono/android/widget/SearchView_OnQueryTextListenerImplementor.java, line(s) 10,10 mono/android/widget/SearchView_OnSuggestionListenerImplementor.java, line(s) 10,10 mono/android/widget/SeekBar_OnSeekBarChangeListenerImplementor.java, line(s) 10,10,10 mono/android/widget/ShareActionProvider_OnShareTargetSelectedListenerImplementor.java, line(s) 11 mono/android/widget/SlidingDrawer_OnDrawerCloseListenerImplementor.java, line(s) 10 mono/android/widget/SlidingDrawer_OnDrawerOpenListenerImplementor.java, line(s) 10 mono/android/widget/SlidingDrawer_OnDrawerScrollListenerImplementor.java, line(s) 10,10 mono/android/widget/TabHost_OnTabChangeListenerImplementor.java, line(s) 10 mono/android/widget/TextView_OnEditorActionListenerImplementor.java, line(s) 11 mono/android/widget/TimePicker_OnTimeChangedListenerImplementor.java, line(s) 10 mono/android/widget/Toolbar_OnMenuItemClickListenerImplementor.java, line(s) 11 mono/android/widget/ZoomButtonsController_OnZoomListenerImplementor.java, line(s) 10,10 mono/android/window/SplashScreen_OnExitAnimationListenerImplementor.java, line(s) 11 xamarin/android/net/ServerCertificateCustomValidator_AlwaysAcceptingHostnameVerifier.java, line(s) 11 xamarin/android/net/ServerCertificateCustomValidator_TrustManager.java, line(s) 12,12,12 xamarin/android/net/ServerCertificateCustomValidator_TrustManager_FakeSSLSession.java, line(s) 14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14
中危安全漏洞 SHA-1是已知存在哈希冲突的弱哈希
SHA-1是已知存在哈希冲突的弱哈希 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x04g-Testing-Cryptography.md#identifying-insecure-andor-deprecated-cryptographic-algorithms-mstg-crypto-4 Files: io/sentry/util/StringUtils.java, line(s) 73
中危安全漏洞 应用程序可以读取/写入外部存储器,任何应用程序都可以读取写入外部存储器的数据
应用程序可以读取/写入外部存储器,任何应用程序都可以读取写入外部存储器的数据 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x05d-Testing-Data-Storage.md#external-storage Files: io/sentry/android/core/DeviceInfoUtil.java, line(s) 164,339
中危安全漏洞 文件可能包含硬编码的敏感信息,如用户名、密码、密钥等
文件可能包含硬编码的敏感信息,如用户名、密码、密钥等 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x05d-Testing-Data-Storage.md#checking-memory-for-sensitive-data-mstg-storage-10 Files: io/sentry/Baggage.java, line(s) 35 io/sentry/SpanDataConvention.java, line(s) 4,5,8,9,15,17,16,20,18 io/sentry/TraceContext.java, line(s) 25 io/sentry/protocol/User.java, line(s) 41
中危安全漏洞 此应用程序可能会请求root(超级用户)权限
此应用程序可能会请求root(超级用户)权限 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x05j-Testing-Resiliency-Against-Reverse-Engineering.md#testing-root-detection-mstg-resilience-1 Files: io/sentry/android/core/internal/util/RootChecker.java, line(s) 22,22,22,22,22
中危安全漏洞 应用程序包含隐私跟踪程序
此应用程序有多个4隐私跟踪程序。跟踪器可以跟踪设备或用户,是终端用户的隐私问题。
中危安全漏洞 此应用可能包含硬编码机密信息
从应用程序中识别出以下机密确保这些不是机密或私人信息 AdMob广告平台的=> "com.google.android.gms.ads.APPLICATION_ID" : "ca-app-pub-0646444153861496~6958753653" "firebase_database_url" : "https://bugko-com.firebaseio.com" "google_api_key" : "AIzaSyC_3or491Z50TnyQAJvotKOGAdcNzdJaM8" "google_app_id" : "1:676853876661:android:d15840cb41d4a8d4" "google_crash_reporting_api_key" : "AIzaSyC_3or491Z50TnyQAJvotKOGAdcNzdJaM8"
安全提示信息 应用程序记录日志信息,不得记录敏感信息
应用程序记录日志信息,不得记录敏感信息 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x05d-Testing-Data-Storage.md#logs Files: io/sentry/SystemOutLogger.java, line(s) 14,22,31 io/sentry/android/core/AndroidLogger.java, line(s) 86,82,74,78,84 io/sentry/android/core/SentryLogcatAdapter.java, line(s) 43,48,78,83,53,58,33,38,63,68,73,88,93,98 io/sentry/transport/StdoutTransport.java, line(s) 51 mono/android/incrementaldeployment/IncrementalClassLoader.java, line(s) 44,45
安全提示信息 应用与Firebase数据库通信
该应用与位于 https://bugko-com.firebaseio.com 的 Firebase 数据库进行通信
已通过安全项 此应用程序可能具有Root检测功能
此应用程序可能具有Root检测功能 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x05j-Testing-Resiliency-Against-Reverse-Engineering.md#testing-root-detection-mstg-resilience-1 Files: io/sentry/android/core/DeviceInfoUtil.java, line(s) 135 io/sentry/android/core/internal/util/RootChecker.java, line(s) 40,22,22,22,22,22,22,34
已通过安全项 Firebase远程配置已禁用
Firebase远程配置URL ( https://firebaseremoteconfig.googleapis.com/v1/projects/676853876661/namespaces/firebase:fetch?key=AIzaSyC_3or491Z50TnyQAJvotKOGAdcNzdJaM8 ) 已禁用。响应内容如下所示:
{
"state": "NO_TEMPLATE"
}
综合安全基线评分总结
Bugko v9.2.6.0
Android APK
57
综合安全评分
中风险