应用安全检测报告
应用安全检测报告,支持文件搜索、内容检索和AI代码分析
移动应用安全检测报告
Minits v4.9.3.32
49
安全评分
安全基线评分
49/100
中风险
综合风险等级
风险等级评定
- A
- B
- C
- F
应用存在一定安全风险,建议优化
漏洞与安全项分布
5
高危
41
中危
3
信息
3
安全
隐私风险评估
1
第三方跟踪器
中等隐私风险
检测到少量第三方跟踪器
检测结果分布
高危安全漏洞
5
中危安全漏洞
41
安全提示信息
3
已通过安全项
3
重点安全关注
2
高危安全漏洞 应用程序在加密算法中使用ECB模式。ECB模式是已知的弱模式,因为它对相同的明文块[UNK]产生相同的密文
应用程序在加密算法中使用ECB模式。ECB模式是已知的弱模式,因为它对相同的明文块[UNK]产生相同的密文 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x04g-Testing-Cryptography.md#weak-block-cipher-mode Files: P7/a.java, line(s) 113
高危安全漏洞 如果一个应用程序使用WebView.loadDataWithBaseURL方法来加载一个网页到WebView,那么这个应用程序可能会遭受跨站脚本攻击
如果一个应用程序使用WebView.loadDataWithBaseURL方法来加载一个网页到WebView,那么这个应用程序可能会遭受跨站脚本攻击 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x05h-Testing-Platform-Interaction.md#static-analysis-7 Files: com/xone/android/framework/views/XOneWebView.java, line(s) 403,31
高危安全漏洞 应用程序使用带PKCS5/PKCS7填充的加密模式CBC。此配置容易受到填充oracle攻击。
应用程序使用带PKCS5/PKCS7填充的加密模式CBC。此配置容易受到填充oracle攻击。 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x04g-Testing-Cryptography.md#identifying-insecure-andor-deprecated-cryptographic-algorithms-mstg-crypto-4 Files: Na/a.java, line(s) 807,963 Oa/C0882e.java, line(s) 289 Oa/C3795e.java, line(s) 301 Oa/g.java, line(s) 26 aa/h.java, line(s) 250
高危安全漏洞 使用弱加密算法
使用弱加密算法 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x04g-Testing-Cryptography.md#identifying-insecure-andor-deprecated-cryptographic-algorithms-mstg-crypto-4 Files: P7/b.java, line(s) 30,61,99 P7/f.java, line(s) 23,48 com/xone/android/nfc/runtimeobjects/NfcTagScriptWrapper.java, line(s) 170
高危安全漏洞 该文件是World Readable。任何应用程序都可以读取文件
该文件是World Readable。任何应用程序都可以读取文件 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x05d-Testing-Data-Storage.md#testing-local-storage-for-sensitive-data-mstg-storage-1-and-mstg-storage-2 Files: com/xone/android/framework/mainEntry.java, line(s) 2160
中危安全漏洞 Activity-Alias (com.xone.android.framework.activities.MainEntryLeanback) 未受保护。
[android:exported=true] 检测到 Activity-Alias 已导出,未受任何权限保护,任意应用均可访问。
中危安全漏洞 Activity-Alias (com.xone.android.framework.MainEntryMessageAlias) 未受保护。
[android:exported=true] 检测到 Activity-Alias 已导出,未受任何权限保护,任意应用均可访问。
中危安全漏洞 Activity (com.xone.android.framework.AppLauncherAndShortcuts) 未受保护。
[android:exported=true] 检测到 Activity 已导出,未受任何权限保护,任意应用均可访问。
中危安全漏洞 Activity 设置了 TaskAffinity 属性
(com.xone.android.framework.activities.NotificationClickActivity) 设置 taskAffinity 后,其他应用可读取发送至该 Activity 的 Intent。为防止敏感信息泄露,建议保持默认 affinity(包名)。
中危安全漏洞 Activity (com.xone.android.framework.activities.DeepLinkActivity) 未受保护。
[android:exported=true] 检测到 Activity 已导出,未受任何权限保护,任意应用均可访问。
中危安全漏洞 Activity (com.xone.android.framework.activities.ShareActivity) 未受保护。
[android:exported=true] 检测到 Activity 已导出,未受任何权限保护,任意应用均可访问。
中危安全漏洞 Broadcast Receiver (com.xone.android.framework.receivers.XoneBroadcastReceiver) 未受保护。
[android:exported=true] 检测到 Broadcast Receiver 已导出,未受任何权限保护,任意应用均可访问。
中危安全漏洞 Broadcast Receiver (com.xone.android.framework.receivers.BootCompletedReceiver) 未受保护。
[android:exported=true] 检测到 Broadcast Receiver 已导出,未受任何权限保护,任意应用均可访问。
中危安全漏洞 Content Provider (com.xone.android.framework.providers.DataProvider) 未受保护。
[android:exported=true] 检测到 Content Provider 已导出,未受任何权限保护,任意应用均可访问。
中危安全漏洞 Broadcast Receiver (com.xone.android.sms.FrameworkSmsCommandReceiver) 受权限保护,但应检查权限保护级别。
Permission: android.permission.BROADCAST_SMS [android:exported=true] 检测到 Broadcast Receiver 已导出并受未在本应用定义的权限保护。请在权限定义处核查其保护级别。若为 normal 或 dangerous,恶意应用可申请并与组件交互;若为 signature,仅同证书签名应用可访问。
中危安全漏洞 Activity (com.xone.android.nfc.XoneNFCDriverActivity) 未受保护。
[android:exported=true] 检测到 Activity 已导出,未受任何权限保护,任意应用均可访问。
中危安全漏洞 Activity (com.xone.android.nfc.NfcReceiverActivity) 未受保护。
[android:exported=true] 检测到 Activity 已导出,未受任何权限保护,任意应用均可访问。
中危安全漏洞 Service (com.xone.android.nfc.ndef.emulator.NdefTagEmulatorService) 受权限保护,但应检查权限保护级别。
Permission: android.permission.BIND_NFC_SERVICE [android:exported=true] 检测到 Service 已导出并受未在本应用定义的权限保护。请在权限定义处核查其保护级别。若为 normal 或 dangerous,恶意应用可申请并与组件交互;若为 signature,仅同证书签名应用可访问。
中危安全漏洞 Activity (com.xone.android.script.activities.BluetoothDeviceSelector) 未受保护。
[android:exported=true] 检测到 Activity 已导出,未受任何权限保护,任意应用均可访问。
中危安全漏洞 Broadcast Receiver (com.amazon.device.iap.ResponseReceiver) 未受保护。
[android:exported=true] 检测到 Broadcast Receiver 已导出,未受任何权限保护,任意应用均可访问。
中危安全漏洞 Broadcast Receiver (com.xone.android.script.receivers.ScriptBroadcastReceiverWrapper) 未受保护。
[android:exported=true] 检测到 Broadcast Receiver 已导出,未受任何权限保护,任意应用均可访问。
中危安全漏洞 Activity (com.xone.replicator.XoneReplicator) 未受保护。
[android:exported=true] 检测到 Activity 已导出,未受任何权限保护,任意应用均可访问。
中危安全漏洞 Service (com.xone.replicator.ReplicatorIntentService) 未受保护。
[android:exported=true] 检测到 Service 已导出,未受任何权限保护,任意应用均可访问。
中危安全漏洞 Broadcast Receiver (com.xone.replicator.ReplicatorBroadcastReceiver) 未受保护。
[android:exported=true] 检测到 Broadcast Receiver 已导出,未受任何权限保护,任意应用均可访问。
中危安全漏洞 Broadcast Receiver (com.xone.replicator.ReplicatorWidgetProvider) 未受保护。
[android:exported=true] 检测到 Broadcast Receiver 已导出,未受任何权限保护,任意应用均可访问。
中危安全漏洞 Service (com.evernote.android.job.gcm.PlatformGcmService) 受权限保护,但应检查权限保护级别。
Permission: com.google.android.gms.permission.BIND_NETWORK_TASK_SERVICE [android:exported=true] 检测到 Service 已导出并受未在本应用定义的权限保护。请在权限定义处核查其保护级别。若为 normal 或 dangerous,恶意应用可申请并与组件交互;若为 signature,仅同证书签名应用可访问。
中危安全漏洞 Activity (net.openid.appauth.RedirectUriReceiverActivity) 未受保护。
[android:exported=true] 检测到 Activity 已导出,未受任何权限保护,任意应用均可访问。
中危安全漏洞 Broadcast Receiver (com.google.firebase.iid.FirebaseInstanceIdReceiver) 受权限保护,但应检查权限保护级别。
Permission: com.google.android.c2dm.permission.SEND [android:exported=true] 检测到 Broadcast Receiver 已导出并受未在本应用定义的权限保护。请在权限定义处核查其保护级别。若为 normal 或 dangerous,恶意应用可申请并与组件交互;若为 signature,仅同证书签名应用可访问。
中危安全漏洞 Service (com.google.android.gms.auth.api.signin.RevocationBoundService) 受权限保护,但应检查权限保护级别。
Permission: com.google.android.gms.auth.api.signin.permission.REVOCATION_NOTIFICATION [android:exported=true] 检测到 Service 已导出并受未在本应用定义的权限保护。请在权限定义处核查其保护级别。若为 normal 或 dangerous,恶意应用可申请并与组件交互;若为 signature,仅同证书签名应用可访问。
中危安全漏洞 Broadcast Receiver (androidx.profileinstaller.ProfileInstallReceiver) 受权限保护,但应检查权限保护级别。
Permission: android.permission.DUMP [android:exported=true] 检测到 Broadcast Receiver 已导出并受未在本应用定义的权限保护。请在权限定义处核查其保护级别。若为 normal 或 dangerous,恶意应用可申请并与组件交互;若为 signature,仅同证书签名应用可访问。
中危安全漏洞 Activity (com.redsys.tpvvinapplibrary.directPayment.DirectPaymentActivity) 未受保护。
[android:exported=true] 检测到 Activity 已导出,未受任何权限保护,任意应用均可访问。
中危安全漏洞 Activity (com.redsys.tpvvinapplibrary.webviewPayment.WebViewPaymentActivity) 未受保护。
[android:exported=true] 检测到 Activity 已导出,未受任何权限保护,任意应用均可访问。
中危安全漏洞 高优先级 Intent(1000) - {1} 个命中
[android:priority] 通过设置较高的 Intent 优先级,应用可覆盖其他请求,可能导致安全风险。
中危安全漏洞 SHA-1是已知存在哈希冲突的弱哈希
SHA-1是已知存在哈希冲突的弱哈希 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x04g-Testing-Cryptography.md#identifying-insecure-andor-deprecated-cryptographic-algorithms-mstg-crypto-4 Files: Eb/C.java, line(s) 798 H5/k.java, line(s) 63 Oa/g.java, line(s) 36 P5/B.java, line(s) 58 T2/C3111q.java, line(s) 115 T2/C4317q.java, line(s) 115 V7/a.java, line(s) 70 W1/d0.java, line(s) 97 aa/h.java, line(s) 240 com/xone/db/soa/SOAConnection.java, line(s) 437 da/C0594b.java, line(s) 293,525 da/C2575b.java, line(s) 313,545 hc/A.java, line(s) 41 i2/k.java, line(s) 94 l5/b.java, line(s) 51 r9/a.java, line(s) 241,367 xone/runtime/core/XoneDataObject.java, line(s) 3728
中危安全漏洞 应用程序创建临时文件。敏感信息永远不应该被写进临时文件
应用程序创建临时文件。敏感信息永远不应该被写进临时文件 Files: B1/C1889a.java, line(s) 1795 E/A.java, line(s) 130 l5/c.java, line(s) 55 n1/C2639b.java, line(s) 110 n1/C3691b.java, line(s) 110
中危安全漏洞 应用程序使用SQLite数据库并执行原始SQL查询。原始SQL查询中不受信任的用户输入可能会导致SQL注入。敏感信息也应加密并写入数据库
应用程序使用SQLite数据库并执行原始SQL查询。原始SQL查询中不受信任的用户输入可能会导致SQL注入。敏感信息也应加密并写入数据库 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x04h-Testing-Code-Quality.md#injection-flaws-mstg-arch-2-and-mstg-platform-2 Files: C3/M.java, line(s) 8,9,152,189,226,242,300,312,350,693 C3/U.java, line(s) 4,5,135 E2/i.java, line(s) 9,10,11,278 H4/AbstractC2964m.java, line(s) 4,5,49,94 H4/C2222l.java, line(s) 6,7,79,89,197,233 H4/C2898b.java, line(s) 5,6,290 H4/C2958l.java, line(s) 6,7,92,102,210,246,349,797 H4/C3002s1.java, line(s) 6,7,8,9,406 H4/S4.java, line(s) 7,8,846 Xb/x.java, line(s) 6,7,8,245 aa/k.java, line(s) 5,21,108,120,132,144,156,168,180,192,205,218,231,244,257,270,283,297,309,321,334,348,361,381,409,422,435,467,484,497,509,516,567,194 jc/d.java, line(s) 6,7,152,178,188,261
中危安全漏洞 MD5是已知存在哈希冲突的弱哈希
MD5是已知存在哈希冲突的弱哈希 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x04g-Testing-Cryptography.md#identifying-insecure-andor-deprecated-cryptographic-algorithms-mstg-crypto-4 Files: H4/a5.java, line(s) 148 Na/a.java, line(s) 1029 Q8/e.java, line(s) 32 hc/A.java, line(s) 39 xone/runtime/core/XoneDataObject.java, line(s) 3725
中危安全漏洞 应用程序使用不安全的随机数生成器
应用程序使用不安全的随机数生成器 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x04g-Testing-Cryptography.md#weak-random-number-generators Files: Eb/C.java, line(s) 16 G3/C2108e.java, line(s) 18 G3/C2809e.java, line(s) 18 H4/a5.java, line(s) 33 J6/o.java, line(s) 10 L3/c.java, line(s) 4 P7/d.java, line(s) 4 S8/h.java, line(s) 29 Vb/AbstractC1068a.java, line(s) 3 Vb/AbstractC4661a.java, line(s) 3 Vb/C1069b.java, line(s) 3 Vb/C4662b.java, line(s) 3 Wb/C1084a.java, line(s) 4 Wb/C4740a.java, line(s) 4 com/xone/android/framework/XoneGlobalUI.java, line(s) 110 com/xone/android/framework/services/AppForegroundService.java, line(s) 22 com/xone/android/framework/xoneApp.java, line(s) 135 com/xone/android/script/runtimeobjects/XOneFileManager.java, line(s) 78 com/xone/android/utils/Utils.java, line(s) 144 i7/m.java, line(s) 10 j$/util/concurrent/ThreadLocalRandom.java, line(s) 15 kc/a.java, line(s) 19 xone/runtime/core/XoneDataObject.java, line(s) 52 yb/i.java, line(s) 3
中危安全漏洞 应用程序可以读取/写入外部存储器,任何应用程序都可以读取写入外部存储器的数据
应用程序可以读取/写入外部存储器,任何应用程序都可以读取写入外部存储器的数据 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x05d-Testing-Data-Storage.md#external-storage Files: F2/C2079c.java, line(s) 179 F2/C2745c.java, line(s) 184 Na/a.java, line(s) 1225,1228 Na/k.java, line(s) 1090,1090 Q7/C4054b.java, line(s) 64,68,72 Q7/b.java, line(s) 63,67,71 com/xone/android/browser/activities/XoneFileBrowser.java, line(s) 113,817,829 com/xone/android/framework/XoneGlobalUI.java, line(s) 1310,4250 com/xone/android/framework/activities/LoadAppActivity.java, line(s) 531 com/xone/android/framework/xoneApp.java, line(s) 920,921,922,1190,1191,1192 com/xone/android/script/runtimeobjects/SystemSettings.java, line(s) 1105,1205,1212,1219,1257,1419,1474,1495 com/xone/android/script/runtimeobjects/XOneFileManager.java, line(s) 1776 com/xone/android/utils/Utils.java, line(s) 349,4280 ha/AbstractC0752g.java, line(s) 51,54 ha/AbstractC3085g.java, line(s) 51,54 l5/C2500m.java, line(s) 24 l5/C3510m.java, line(s) 24
中危安全漏洞 IP地址泄露
IP地址泄露 Files: Fb/v.java, line(s) 84 V7/e.java, line(s) 29,59,35,66,41,73,47,80,30,87,36,94,42,101,48,108,31,115,37,122,43,129,49,136,32,143,38,150,44,157,50,164 com/xone/android/dniemanager/provider/a.java, line(s) 26,31,32,36,37,41,42,24,25 com/xone/android/javascript/objects/XOneKeyStore.java, line(s) 581,589 com/xone/android/script/runtimeobjects/XOneWebSocket.java, line(s) 211 da/C0594b.java, line(s) 75,100,102 da/C2575b.java, line(s) 89,114,116
中危安全漏洞 不安全的Web视图实现。可能存在WebView任意代码执行漏洞
不安全的Web视图实现。可能存在WebView任意代码执行漏洞 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x05h-Testing-Platform-Interaction.md#testing-javascript-execution-in-webviews-mstg-platform-5 Files: com/xone/android/framework/views/XOneWebView.java, line(s) 1277,1245
中危安全漏洞 可能存在跨域漏洞。在 WebView 中启用从 URL 访问文件可能会泄漏文件系统中的敏感信息
可能存在跨域漏洞。在 WebView 中启用从 URL 访问文件可能会泄漏文件系统中的敏感信息 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x05h-Testing-Platform-Interaction.md#static-analysis-6 Files: com/xone/android/framework/views/XOneWebView.java, line(s) 1253,1245
中危安全漏洞 此应用程序可能会请求root(超级用户)权限
此应用程序可能会请求root(超级用户)权限 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x05j-Testing-Resiliency-Against-Reverse-Engineering.md#testing-root-detection-mstg-resilience-1 Files: Q9/d.java, line(s) 29,29,29,29,29,29,29,29 com/xone/android/utils/Utils.java, line(s) 2991,2991,2991
中危安全漏洞 文件可能包含硬编码的敏感信息,如用户名、密码、密钥等
文件可能包含硬编码的敏感信息,如用户名、密码、密钥等 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x05d-Testing-Data-Storage.md#checking-memory-for-sensitive-data-mstg-storage-10 Files: Xb/C0388c.java, line(s) 46 Xb/C1737c.java, line(s) 48 com/xone/maps/ui/XoneMapsViewEmbed.java, line(s) 2995
中危安全漏洞 应用程序包含隐私跟踪程序
此应用程序有多个1隐私跟踪程序。跟踪器可以跟踪设备或用户,是终端用户的隐私问题。
中危安全漏洞 此应用可能包含硬编码机密信息
从应用程序中识别出以下机密确保这些不是机密或私人信息 谷歌地图的=> "com.google.android.maps.v2.API_KEY" : "AIzaSyBVjKb2DnSLuXhoJ_0HQwYmHhxd22-jQgk" "default_login_username" : "Usuario" "osm_compass" : "Compas" "default_login_username" : "User" "default_login_password" : "Senha" "default_login_password" : "Adgangskode" "default_login_username" : "Gebruiker" "default_login_password" : "Wachtwoord" "default_login_username" : "Utilizator" "default_login_username" : "Utilisateur" "default_login_username" : "Bruger" "osm_compass" : "Kompas" "osm_compass" : "Compass" "google_crash_reporting_api_key" : "AIzaSyAkqj3U-iMQ5J9uh5Zl36dkwogZm1JCayE" "default_login_password" : "Passwort" "google_app_id" : "1:669369395832:android:1abfdfb7c4065282e4db8d" "osm_compass" : "Bussola" "default_login_password" : "Password" "firebase_database_url" : "https://push-varios-clientes.firebaseio.com" "osm_compass" : "Kompass" "google_api_key" : "AIzaSyAkqj3U-iMQ5J9uh5Zl36dkwogZm1JCayE" OmNpZDowMDExNjAwMDAxem1RcmFBQUU6cGxhdGZvcm06NDA6ZXhwaXJlOm5ldmVyOnZlcnNpb246MTpsaWJ2ZXI6NC45LjA6aG1hYzplMDYxMTVhNzY2ZDcxNTQzNDVhYzUwNmZiYzViY2E0OTYxMjlmZjVm 04188DA80EB03090F67CBF20EB43A18800F4FF0AFD82FF101207192B95FFC8DA78631011ED6B24CDD573F977A11E794811 4A8C7DD22CE28268B39B55416F0447C2FB77DE107DCD2A62E880EA53EEB62D57CB4390295DBC9943AB78696FA504C11 469A28EF7C28CCA3DC721D044F4496BCCA7EF4146FBF25C9 64210519E59C80E70FA7E9AB72243049FEB8DEECC146B9B1 boundary=123456789XONEFILE987654321 7BC382C63D8C150C3C72080ACE05AFA0C2BEA28E4FB22787139165EFBA91F90F8AA5814A503AD4EB04A8C7DD22CE2826 040D9029AD2C7E5CF4340823B2A87DC68C9E4CE3174C1E6EFDEE12C07D58AA56F772C0726F24C6B89E4ECDAC24354B9E99CAA3F6D3761402CD 041D1C64F068CF45FFA2A63A81B7C13F6B8847A3E77EF14FE3DB7FCAFE0CBD10E8E826E03436D646AAEF87B2E247D4AF1E8ABE1D7520F9C2A45CB1EB8E95CFD55262B70B29FEEC5864E19C054FF99129280E4646217791811142820341263C5315 26DC5C6CE94A4B44F330B5D9BBD77CBF958416295CF7E1CE6BCCDC18FF8C07B6 6A91174076B1E0E19C39C031FE8685C1CAE040E5C69A28EF 520883949DFDBC42D3AD198640688A6FE13F41349554B49ACC31DCCD884539816F5EB4AC8FB1F1A6 0051953EB9618E1C9A1F929A21A0B68540EEA2DA725B99B315F3B8B489918EF109E156193951EC7E937B1652C0BD3BB1BF073573DF883D2C34F1EF451FD46B503F00 046B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C2964FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5 04B70E0CBD6BB4BF7F321390B94A03C1D356C21122343280D6115C1D21BD376388B5F723FB4C22DFE6CD4375A05A07476444D5819985007E34 3F8887F6A492188863AA576D4FE811098A05ADFACCE39C41B168E40298D895EC3976572D1DF9001E2CB29D11BDB027D6 B4050A850C04B3ABF54132565044B0B7D7BFD8BA270B39432355FFB4 8CB91E82A3386D280F5D6F7E50E641DF152F7109ED5456B412B1DA197FB71123ACD3A729901D1A71874700133107EC53 258EAFA5-E914-47DA-95CA-C5AB0DC85B11 0400C6858E06B70404E9CD9E3ECB662395B4429C648139053FB521F828AF606B4D3DBAA14B5E77EFE75928FE1DC127A2FFA8DE3348B3C1856A429BF97E7E31C2E5BD66011839296A789A3BC0045C8A5FB42C7D1BD998F54449579B446817AFBD17273E662C97EE72995EF42640C550B9013FAD0761353C7086A272C24088BE94769FD16650 3EE30B568FBAB0F883CCEBD46D3F3BB8A2A73513F5EB79DA66190EB085FFA9F492F375A97D860EB4 ABi2fbt8vkzj7SJ8aD5jc4xJFTDFntdkMrYXL3itsvqY1QIw 7fmduHKTdHHrlMvldlEqAIlSfii1tl35bxj1OXN5Ve8c4lU6URVu4xtSHc3BVZxS6WWJnxMDhIfQN0N0K2NDJg== AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA703308717D4D9B009BC66842AECDA12AE6A380E62881FF2F2D82C68528AA6056583A48F3 A9FB57DBA1EEA9BC3E660A909D838D726E3BF623D52620282013481D1F6E5377 7D5A0975FC2C3057EEF67530417AFFE7FB8055C126DC5C6CE94A4B44F330B5D9 0481AEE4BDD82ED9645A21322E9C4C6A9385ED9F70B5D916C1B43B62EEF4D0098EFF3B1F78E2D0D48D50D1687B93B97D5F7C6D5047406A5E688B352209BCB9F8227DDE385D566332ECC0EABFA9CF7822FDF209F70024A57B1AA000C55B881F8111B2DCDE494A5F485E5BCA4BD88A2763AED1CA2B2FA8F0540678CD1E0F3AD80892 048BD2AEB9CB7E57CB2C4B482FFC81B7AFB9DE27E1E3BD23C23A4453BD9ACE3262547EF835C3DAC4FD97F8461A14611DC9C27745132DED8E545C1D54C72F046997 0443BD7E9AFB53D8B85289BCC48EE5BFE6F20137D10A087EB6E7871E2A10A599C710AF8D0D39E2061114FDD05545EC1CC8AB4093247F77275E0743FFED117182EAA9C77877AAAC6AC7D35245D1692E8EE1 B3312FA7E23EE7E4988E056BE3F82D19181D9C6EFE8141120314088F5013875AC656398D8A2ED19D2A85C8EDD3EC2AEF 04AA87CA22BE8B05378EB1C71EF320AD746E1D3B628BA79B9859F741E082542A385502F25DBF55296C3A545E3872760AB73617DE4A96262C6F5D9E98BF9292DC29F8F41DBD289A147CE9DA3113B5F0B8C00A60B1CE1D7E819D7A431D7C90EA0E5F dZozdop5rgKNxjbrQAd5nntAGpgh9w84O1Xgg== 2580F63CCFE44138870713B1A92369E33E2135D266DBB372386C400B 7830A3318B603B89E2327145AC234CC594CBDD8D3DF91610A83441CAEA9863BC2DED5D5AA8253AA10A2EF1C98B9AC8B57F1117A72BF2C7B9E7C1AC4D77FC94CA D35E472036BC4FB7E13C785ED201E065F98FCFA6F6F40DEF4F92B9EC7893EC28FCD412B1F1B32E27 04C0A0647EAAB6A48753B033C56CB0F0900A2F5C4853375FD614B690866ABD5BB88B5F4828C1490002E6773FA2FA299B8F 5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B C302F41D932A36CDA7A3463093D18DB78FCE476DE1A86297 D7C134AA264366862A18302575D1D787B09F075797DA89F57EC8C0FF 68A5E62CA9CE6C1C299803A6C1530B514E182AD8B0042A59CAD29F43 18446744073709551615 3DF91610A83441CAEA9863BC2DED5D5AA8253AA10A2EF1C98B9AC8B57F1117A72BF2C7B9E7C1AC4D77FC94CADC083E67984050B75EBAE5DD2809BD638016F723
安全提示信息 应用程序记录日志信息,不得记录敏感信息
应用程序记录日志信息,不得记录敏感信息 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x05d-Testing-Data-Storage.md#logs Files: A3/b.java, line(s) 94,105 B0/c.java, line(s) 60 B0/d.java, line(s) 66 B0/h.java, line(s) 134,143,257 B1/AbstractC1481b.java, line(s) 26 B1/AbstractC1890b.java, line(s) 26 B1/C1480a.java, line(s) 733,776,842,894,910,914,977,1154,1217,1220,1229,1235,1296,1434,1504,1556,1745,1756,1763,1803,1943,1972,2116,2179,2199,2212,2244,2429,144,856,860,864,1446,1452,1460,1712,1717,1851,1859,2004,2091,2264 B1/C1889a.java, line(s) 921,964,1030,1082,1098,1102,1165,1342,1484,1487,1496,1502,1530,1545,1560,1575,1607,1621,1629,1635,1678,1684,1694,1708,1713,1720,1964,2083,2286,2356,2408,2597,2608,2615,2655,2795,2824,2839,2858,2865,3030,3279,3342,3362,3375,3407,3463,3471,3506,3533,3704,521,634,642,652,667,148,647,1044,1048,1052,1397,2298,2304,2312,2564,2569,2703,2711,3167,3254,3427 B3/f.java, line(s) 17 B3/p.java, line(s) 19,16 B3/q.java, line(s) 66,74,103,47,56,119 C/AbstractC0256o0.java, line(s) 13,20,27,34,41,50,72,79 C/AbstractC0290o0.java, line(s) 13,20,27,34,41,50,72,79 C/C0230b0.java, line(s) 430,517,651,672,437 C/C0264b0.java, line(s) 430,517,651,672,437 C0/d.java, line(s) 507,512 C0/f.java, line(s) 80 C0/g.java, line(s) 42,74 C0/h.java, line(s) 55,243 C0/j.java, line(s) 29,83,97,119,130 C0/l.java, line(s) 96 C9/e.java, line(s) 26 D0/a.java, line(s) 127,138,178,188 D0/e.java, line(s) 40,65 D1/c.java, line(s) 207,222,81 D4/O.java, line(s) 27,42,44,88,70,103,50 E/Z.java, line(s) 121,123,127,131,136 E1/e.java, line(s) 19 E3/h.java, line(s) 25 E4/C2033e.java, line(s) 61 E4/C2045q.java, line(s) 53 E4/C2635e.java, line(s) 61 E4/C2647q.java, line(s) 53 Ea/C0643d.java, line(s) 188 Ea/C2708d.java, line(s) 191 Ea/N.java, line(s) 51 Ea/T.java, line(s) 402,2007,268,2506,2512 Ea/g0.java, line(s) 1673,1722,1746,2728,774,811,828,1751 F8/C0110l.java, line(s) 749,957 F8/C0474l.java, line(s) 838,1046 G3/a.java, line(s) 70,46,83,104,161,191,212,276,65,122 G8/d.java, line(s) 678 G8/j.java, line(s) 696,745 G9/AbstractC2838B.java, line(s) 107 H1/AbstractC2128a.java, line(s) 30 H1/AbstractC2864a.java, line(s) 30 H4/C0365b.java, line(s) 701 H4/C0549b.java, line(s) 701 H4/C2308z1.java, line(s) 182 H4/C2898b.java, line(s) 724 H4/C3044z1.java, line(s) 182 H4/Q2.java, line(s) 15 H5/C2320i.java, line(s) 22,31,38,30,37,44,45,51,52 H5/C3056i.java, line(s) 22,31,38,30,37,44,45,51,52 H5/k.java, line(s) 96 H5/n.java, line(s) 89,109,127 H5/s.java, line(s) 34,44,33,43 I3/d.java, line(s) 51,78,84 I4/AbstractC2355a.java, line(s) 61,76,75,37,53 I4/AbstractC3121a.java, line(s) 61,76,75,37,53 I6/C2366j.java, line(s) 171,198,235,239,244,265,273 I6/C3132j.java, line(s) 172,199,236,240,245,266,274 J0/f.java, line(s) 30,34,38 J0/t.java, line(s) 37,57 J1/v.java, line(s) 102,106,110,13,115 J6/C2406f.java, line(s) 62 J6/C3363f.java, line(s) 62 J6/n.java, line(s) 54,62,100 J6/p.java, line(s) 134,136 J7/AbstractC2416d.java, line(s) 223 J7/AbstractC3377d.java, line(s) 227 K0/e.java, line(s) 60,91 K1/C2427b.java, line(s) 54,69,77,101,199,218,328,334,356,61 K1/C3406b.java, line(s) 54,69,77,101,199,218,328,334,356,61 K4/C2432a.java, line(s) 87,91 K4/C3411a.java, line(s) 87,91 K5/C2445a.java, line(s) 230,233,95,106,208 K5/C2446b.java, line(s) 21 K5/C2450f.java, line(s) 151 K5/C2455k.java, line(s) 31 K5/C2459o.java, line(s) 48,60,63,66,70,103,109,124 K5/C3424a.java, line(s) 230,233,95,106,208 K5/C3425b.java, line(s) 21 K5/C3429f.java, line(s) 151 K5/C3434k.java, line(s) 31 K5/C3438o.java, line(s) 48,60,63,66,70,103,109,124 K5/b.java, line(s) 28 K5/r.java, line(s) 20 K5/s.java, line(s) 22 K8/n.java, line(s) 783,800,803 L/g.java, line(s) 176,222,279 M4/d.java, line(s) 159,187 N0/AbstractC0373c0.java, line(s) 53,69 N0/AbstractC0383h0.java, line(s) 43,52,66,86,100,115,129 N0/AbstractC0635c0.java, line(s) 53,69 N0/AbstractC0645h0.java, line(s) 43,52,66,86,100,115,129 N0/B.java, line(s) 41 N0/B0.java, line(s) 785,802,556,568,575,584,46,65,776 N0/Z.java, line(s) 959,828,958 N2/f.java, line(s) 192,203,219,230,240,698,705,706 N2/h.java, line(s) 171,199,220,222,257,265,378,385,397,765,931,1075 N3/C2656g.java, line(s) 38 N3/C3708g.java, line(s) 38 O0/I.java, line(s) 326 P/x.java, line(s) 87,363 P0/d.java, line(s) 411 P3/AbstractC2724b.java, line(s) 95,109,84 P3/AbstractC2746x.java, line(s) 29,36,28,35 P3/AbstractC3862b.java, line(s) 95,109,84 P3/AbstractC3884x.java, line(s) 29,36,28,35 P3/C2717A.java, line(s) 61,60 P3/C2718B.java, line(s) 47,29,68 P3/C2725c.java, line(s) 89,102,123,209,249,264,88,101,122,208,248,263,119,139,151,271,292,313 P3/C2732j.java, line(s) 15,12,12 P3/C2744v.java, line(s) 22 P3/C3855A.java, line(s) 61,60 P3/C3856B.java, line(s) 47,29,68 P3/C3863c.java, line(s) 90,103,124,210,250,265,89,102,123,209,249,264,120,140,152,272,293,314 P3/C3870j.java, line(s) 15,12,12 P3/C3882v.java, line(s) 22 P3/ServiceConnectionC2742t.java, line(s) 36,77,146,35,76,90,145,191,223,252,281,91,192,224,253,282,43,180 P3/ServiceConnectionC3880t.java, line(s) 36,77,146,35,76,90,145,191,223,252,281,91,192,224,253,282,43,180 P4/h.java, line(s) 529 P5/AbstractC0456d.java, line(s) 241,308,311,152,166,176,200,225,229,235,268,275 P5/AbstractC0718d.java, line(s) 241,308,311,152,166,176,200,225,229,235,268,275 P5/AbstractServiceC0461i.java, line(s) 93,92 P5/AbstractServiceC0723i.java, line(s) 93,92 P5/B.java, line(s) 87 P5/C0458f.java, line(s) 76,75,98,102,104 P5/C0466n.java, line(s) 46,45 P5/C0469q.java, line(s) 27 P5/C0720f.java, line(s) 76,75,98,102,104 P5/C0728n.java, line(s) 46,45 P5/C0731q.java, line(s) 27 P5/C2764A.java, line(s) 22,31,38,30,37,44,45,51,52 P5/C3902A.java, line(s) 22,31,38,30,37,44,45,51,52 P5/D.java, line(s) 62,53,54,61,78,79,47 P5/F.java, line(s) 313,332,339,246,322,51,312,331,338,150,159,175,181,206,261,297,305,319,342 P5/G.java, line(s) 89,108,121 P5/H.java, line(s) 66,79,99,102,142,152,165,182,194,228,241 P5/M.java, line(s) 21 P5/T.java, line(s) 44,53,78,88,123,58,61,64,111,114,43,77,87,122 P5/V.java, line(s) 52 P5/W.java, line(s) 39,49,92,86,140,67,70,89,99,102,105 P5/X.java, line(s) 37 P5/a0.java, line(s) 79,82 P5/b0.java, line(s) 42,56,101,195,100,122,125,158,181,189,202 P5/f0.java, line(s) 29,28 P5/i0.java, line(s) 87,91,99,112,129,151,169,137,142,159,86,90,98,111,125,150,168,46 Q0/e.java, line(s) 71 Q3/AbstractBinderC2827G.java, line(s) 50 Q3/AbstractBinderC4005G.java, line(s) 50 Q3/AbstractC2832L.java, line(s) 83,87,126,130,38 Q3/AbstractC2852o.java, line(s) 40,106,52,90,125,137,147,161,164,166,170 Q3/AbstractC4010L.java, line(s) 83,87,126,130,38 Q3/AbstractC4030o.java, line(s) 40,106,52,90,125,137,147,161,164,166,170 Q3/C2837Q.java, line(s) 56,59,37 Q3/C2847j.java, line(s) 125,143,150 Q3/C2855s.java, line(s) 44,68 Q3/C4015Q.java, line(s) 56,59,37 Q3/C4025j.java, line(s) 125,143,150 Q3/C4033s.java, line(s) 187,106,115,139 Q3/HandlerC2859w.java, line(s) 29 Q3/HandlerC4037w.java, line(s) 29 Q3/W.java, line(s) 54,56,49 Q3/l.java, line(s) 17 R0/c.java, line(s) 51,60 R0/g.java, line(s) 41,50 R0/k.java, line(s) 35,34 R1/AbstractC0480c.java, line(s) 191 R1/AbstractC0742c.java, line(s) 191 R1/B.java, line(s) 219,397,124,320,355,471 R1/C0485h.java, line(s) 115 R1/C0747h.java, line(s) 115 R4/C2934g.java, line(s) 49 R4/C2955q0.java, line(s) 42,88,34,62,72,83,104,115,67,77,109,120,52 R4/C2965w.java, line(s) 35 R4/C2969y.java, line(s) 35 R4/C4121g.java, line(s) 49 R4/C4142q0.java, line(s) 42,88,34,62,72,83,104,115,67,77,109,120,52 R4/C4152w.java, line(s) 35 R4/C4156y.java, line(s) 35 R4/c.java, line(s) 618,622,626 R4/h1.java, line(s) 85,89,131 R4/o1.java, line(s) 44,65,94 S3/C2995E.java, line(s) 185,189,267,294,307,586 S3/C2998H.java, line(s) 63 S3/C3021f.java, line(s) 254,362 S3/C4190E.java, line(s) 185,189,267,294,307,586 S3/C4193H.java, line(s) 63 S3/C4216f.java, line(s) 254,362 S3/RunnableC2997G.java, line(s) 38 S3/RunnableC4192G.java, line(s) 38 S3/a0.java, line(s) 94 S3/d0.java, line(s) 21,36 S5/C3050e.java, line(s) 319,296,300,211 S5/C4245e.java, line(s) 319,296,300,211 S6/l.java, line(s) 166,170,202 T/f.java, line(s) 173 T0/o.java, line(s) 145 U0/c.java, line(s) 128 U1/AbstractC3134a.java, line(s) 33 U1/AbstractC4349a.java, line(s) 33 U3/AbstractBinderC3166a.java, line(s) 18 U3/AbstractBinderC4381a.java, line(s) 18 U3/AbstractC3144D.java, line(s) 35,38,41,44,47,50,61,64,67,70,166,177 U3/AbstractC3165Z.java, line(s) 34 U3/AbstractC3174e.java, line(s) 488,422,428,432,438,514 U3/AbstractC3175e0.java, line(s) 34 U3/AbstractC4359D.java, line(s) 35,38,41,44,47,50,61,64,67,70,166,177 U3/AbstractC4380Z.java, line(s) 34 U3/AbstractC4386c0.java, line(s) 32,42,68,74 U3/AbstractC4389e.java, line(s) 492,426,432,436,442,518 U3/AbstractC4390e0.java, line(s) 34 U3/AbstractDialogInterfaceOnClickListenerC3147G.java, line(s) 28 U3/AbstractDialogInterfaceOnClickListenerC4362G.java, line(s) 28 U3/BinderC3177f0.java, line(s) 20 U3/BinderC4392f0.java, line(s) 20 U3/C3181h0.java, line(s) 39,55 U3/C3188l.java, line(s) 21,27,33,16,39,45 U3/C3197p0.java, line(s) 51 U3/C4396h0.java, line(s) 39,55 U3/C4403l.java, line(s) 21,27,33,16,39,45 U3/C4412p0.java, line(s) 51 U3/HandlerC3173d0.java, line(s) 93 U3/HandlerC4388d0.java, line(s) 93 U8/C0998A.java, line(s) 244 U8/C4445A.java, line(s) 266 W1/C3411e.java, line(s) 188,191 W1/C3416j.java, line(s) 265,268 W1/C4703e.java, line(s) 188,191 W1/C4708j.java, line(s) 266,269 W1/M.java, line(s) 306,313 W2/e.java, line(s) 65 X3/C3459a.java, line(s) 45,50,37 X3/C4768a.java, line(s) 45,50,37 X8/f.java, line(s) 156,162,189,208 X8/l.java, line(s) 599 Y2/a.java, line(s) 15,22,29,14,21,28,42,43,49,50 Y6/m.java, line(s) 144 Y6/o.java, line(s) 52,112 Z/t.java, line(s) 81,93 Z3/w.java, line(s) 74,86 Z4/p.java, line(s) 22,31,38,30,37,44,45,51,52 aa/i.java, line(s) 20 b9/C0510a.java, line(s) 26 b9/C0511b.java, line(s) 60,73,76,80 b9/C2031a.java, line(s) 32 b9/C2032b.java, line(s) 64,77,80,84 c4/AbstractC2083e.java, line(s) 37,57,66 c6/b.java, line(s) 54,53 c6/h.java, line(s) 35,34 com/xone/android/blelibrary/BleManagerGattCallback.java, line(s) 168,384,418,436,685,722,750,805,378,412,679,716 com/xone/android/framework/XoneGlobalUI.java, line(s) 218,224 com/xone/android/nfc/emv/a.java, line(s) 80 com/xone/android/nfc/ndef/emulator/NdefTagEmulatorService.java, line(s) 98 e0/C1998m.java, line(s) 20,24 e0/C2600m.java, line(s) 20,24 e9/l.java, line(s) 22 e9/s.java, line(s) 35 f9/AbstractC0682b.java, line(s) 165 f9/AbstractC2768b.java, line(s) 195 g/AbstractC2088C.java, line(s) 50,59,80,92,104,113,127,141,152 g/AbstractC2095f.java, line(s) 267 g/AbstractC2789C.java, line(s) 50,59,76,85,106,118,130,139,153,167,178 g/AbstractC2796f.java, line(s) 267 g/F.java, line(s) 52,67 g/h.java, line(s) 2141,1383,1389,1898,2192,1119 g/y.java, line(s) 108 h3/C2130a.java, line(s) 102,206 h3/C2866a.java, line(s) 102,206 h3/d.java, line(s) 23,41,50,60 h6/i.java, line(s) 32,36 ha/AbstractC0750e.java, line(s) 20,28,46,55,69 ha/AbstractC3083e.java, line(s) 21,29,47,56,70 k/f.java, line(s) 293 l1/c.java, line(s) 82 l4/C2483a.java, line(s) 126,200,287,299,143,215 l4/C3493a.java, line(s) 126,200,287,299,143,215 l5/AbstractC2484A.java, line(s) 54 l5/AbstractC3494A.java, line(s) 54 l5/b.java, line(s) 55,76 m/MenuItemC2516c.java, line(s) 264 m/MenuItemC3549c.java, line(s) 264 m1/C2529a.java, line(s) 174,179,186,190,201,213 m1/C3562a.java, line(s) 174,179,186,190,201,213 m5/A0.java, line(s) 31,22,38,45,30,37,44,51,52,58,59 m5/C2588l.java, line(s) 48,52,45 m5/C2591o.java, line(s) 46,89,118,123,126,130,114 m5/C2598w.java, line(s) 27,33,63,52 m5/C3621l.java, line(s) 60,64,147,150,153,172,184,196,57,92,142,170 m5/C3624o.java, line(s) 46,89,118,123,126,130,114 m5/C3631w.java, line(s) 27,33,63,52 m5/G.java, line(s) 12 m5/RunnableC2587k.java, line(s) 31 m5/RunnableC3620k.java, line(s) 31 m5/c.java, line(s) 92,267,270,100,101,300,302 n/C2631x.java, line(s) 66,118,127,360 n/C3683x.java, line(s) 66,118,127,360 n/M.java, line(s) 397,511,205,210,217,307,601 n/O.java, line(s) 162,196 n/Q.java, line(s) 196,58,70,104,133,407 n/V.java, line(s) 39 n/g0.java, line(s) 103 n/h0.java, line(s) 89 n/j0.java, line(s) 45,53,70,72,74 n/r.java, line(s) 47 n1/AbstractC2638a.java, line(s) 189,225,269,271,65,72,74,80,211,213,219,222,258,38,68,76,83,95,103,114,178,192 n1/AbstractC3690a.java, line(s) 189,225,269,271,65,72,74,80,211,213,219,222,258,38,68,76,83,95,103,114,178,192 n1/C2639b.java, line(s) 58,69,71,111,127,193,195,212,224,228,230,235,240,282,304,104,189,197,220,292,308,323 n1/C3691b.java, line(s) 58,69,71,111,127,193,195,212,224,228,230,235,240,282,304,104,189,197,220,292,308,323 n4/AbstractC2660b.java, line(s) 82,72,94,110,64,71,81,93,109,65 n4/AbstractC3712b.java, line(s) 82,72,94,110,64,71,81,93,109,65 n4/J.java, line(s) 69,70 n4/b.java, line(s) 86 net/zetetic/database/LogcatTarget.java, line(s) 19,28,9,22,16,25,31 net/zetetic/database/sqlcipher/CloseGuard.java, line(s) 14 net/zetetic/database/sqlcipher/SQLiteDatabase.java, line(s) 573 o5/C3780a.java, line(s) 226,153 r/d.java, line(s) 307 t4/d.java, line(s) 52 ua/AbstractC1033k.java, line(s) 12 ua/AbstractC4480k.java, line(s) 12 v/C3235b0.java, line(s) 630 v/C4515b0.java, line(s) 630 v/D1.java, line(s) 557,561,564 v0/C3310a.java, line(s) 185,187,203,106 v0/C4590a.java, line(s) 186,188,204,107 v0/b.java, line(s) 40 v1/AbstractC3316D.java, line(s) 44,92 v1/AbstractC4596D.java, line(s) 44,92 v2/k.java, line(s) 37,44,47,55,81,84,87,90,93 v4/C3368a.java, line(s) 208 v4/C4648a.java, line(s) 208 x5/C3473g.java, line(s) 29,36,39,48,86 x5/C4782g.java, line(s) 29,36,39,48,86 x5/o.java, line(s) 164 xone/runtime/core/XoneApplication.java, line(s) 4134,4103 xone/runtime/core/XoneDataCollection.java, line(s) 3724,4712,4729 z0/AbstractC3514d.java, line(s) 91,187 z0/AbstractC4845d.java, line(s) 91,187 z0/AbstractC4846e.java, line(s) 45,48,75 z0/C3510B.java, line(s) 62 z0/C4841B.java, line(s) 62 z0/p.java, line(s) 27 z0/u.java, line(s) 199,215,221,270,301,311,322,330,198,214,220,269,300,310,321,329,152,224,275,292 z1/b.java, line(s) 357 z7/b.java, line(s) 886
安全提示信息 此应用程序将数据复制到剪贴板。敏感数据不应复制到剪贴板,因为其他应用程序可以访问它
此应用程序将数据复制到剪贴板。敏感数据不应复制到剪贴板,因为其他应用程序可以访问它 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x04b-Mobile-App-Security-Testing.md#clipboard Files: com/xone/android/script/runtimeobjects/XOneClipboard.java, line(s) 6,74,249,274,288
安全提示信息 应用与Firebase数据库通信
该应用与位于 https://push-varios-clientes.firebaseio.com 的 Firebase 数据库进行通信
已通过安全项 此应用程序使用SSL Pinning 来检测或防止安全通信通道中的MITM攻击
此应用程序使用SSL Pinning 来检测或防止安全通信通道中的MITM攻击 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x05g-Testing-Network-Communication.md#testing-custom-certificate-stores-and-certificate-pinning-mstg-network-4 Files: F2/C2077a.java, line(s) 127,125,127,123,124,124 F2/C2743a.java, line(s) 126,124,126,122,123,123 R1/C0489l.java, line(s) 326,325,324,324 R1/C0751l.java, line(s) 325,324,323,323 com/xone/android/script/runtimeobjects/XOneFileManager.java, line(s) 156,451,453 com/xone/android/script/runtimeobjects/XOneWebSocket.java, line(s) 482,480,481,482,479,479 da/C0594b.java, line(s) 563,236,275,274,274 da/C2575b.java, line(s) 604,256,295,294,294
已通过安全项 此应用程序可能具有Root检测功能
此应用程序可能具有Root检测功能 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x05j-Testing-Resiliency-Against-Reverse-Engineering.md#testing-root-detection-mstg-resilience-1 Files: H5/w.java, line(s) 28 P5/AbstractC2781j.java, line(s) 59 P5/AbstractC3919j.java, line(s) 59 Q9/d.java, line(s) 169 Z4/AbstractC1354c.java, line(s) 25 Z4/AbstractC1743c.java, line(s) 25 com/xone/android/utils/Utils.java, line(s) 2991,2991,2991,2991,2991 m5/Z.java, line(s) 25
已通过安全项 Firebase远程配置已禁用
Firebase远程配置URL ( https://firebaseremoteconfig.googleapis.com/v1/projects/669369395832/namespaces/firebase:fetch?key=AIzaSyAkqj3U-iMQ5J9uh5Zl36dkwogZm1JCayE ) 已禁用。响应内容如下所示:
{
"state": "NO_TEMPLATE"
}
重点安全关注 应用程序可能与位于OFAC制裁国家 (中国) 的服务器 (app-measurement.com) 通信。
{'ip': '180.163.150.161', 'country_short': 'CN', 'country_long': '中国', 'region': '上海', 'city': '上海', 'latitude': '31.224333', 'longitude': '121.468948'}
重点安全关注 应用程序可能与位于OFAC制裁国家 (中国) 的服务器 (pagead2.googlesyndication.com) 通信。
{'ip': '180.163.150.38', 'country_short': 'CN', 'country_long': '中国', 'region': '上海', 'city': '上海', 'latitude': '31.224333', 'longitude': '121.468948'}
综合安全基线评分总结
Minits v4.9.3.32
Android APK
49
综合安全评分
中风险