应用安全检测报告
应用安全检测报告,支持文件搜索、内容检索和AI代码分析
移动应用安全检测报告
汤不热视频 v11.9
45
安全评分
安全基线评分
45/100
中风险
综合风险等级
风险等级评定
- A
- B
- C
- F
应用存在一定安全风险,建议优化
漏洞与安全项分布
5
高危
15
中危
3
信息
2
安全
隐私风险评估
1
第三方跟踪器
中等隐私风险
检测到少量第三方跟踪器
检测结果分布
高危安全漏洞
5
中危安全漏洞
15
安全提示信息
3
已通过安全项
2
重点安全关注
0
高危安全漏洞 应用程序在加密算法中使用ECB模式。ECB模式是已知的弱模式,因为它对相同的明文块[UNK]产生相同的密文
应用程序在加密算法中使用ECB模式。ECB模式是已知的弱模式,因为它对相同的明文块[UNK]产生相同的密文 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x04g-Testing-Cryptography.md#weak-block-cipher-mode Files: com/app/glide/glide/c/a.java, line(s) 218 com/app/shortPlay/widget/player/a/d.java, line(s) 550 com/video/tx/widget/jzPlayer/common/d.java, line(s) 358 com/video/tx/widget/jzPlayer/event/b.java, line(s) 546
高危安全漏洞 该文件是World Writable。任何应用程序都可以写入文件
该文件是World Writable。任何应用程序都可以写入文件 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x05d-Testing-Data-Storage.md#testing-local-storage-for-sensitive-data-mstg-storage-1-and-mstg-storage-2 Files: com/jetpack/lib/common/e/k.java, line(s) 115,107,111,119 com/jetpack/lib/common/e/s.java, line(s) 25
高危安全漏洞 应用程序使用带PKCS5/PKCS7填充的加密模式CBC。此配置容易受到填充oracle攻击。
应用程序使用带PKCS5/PKCS7填充的加密模式CBC。此配置容易受到填充oracle攻击。 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x04g-Testing-Cryptography.md#identifying-insecure-andor-deprecated-cryptographic-algorithms-mstg-crypto-4 Files: com/app/glide/glide/c/a.java, line(s) 200 com/video/tx/a/d.java, line(s) 17,28
高危安全漏洞 使用弱加密算法
使用弱加密算法 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x04g-Testing-Cryptography.md#identifying-insecure-andor-deprecated-cryptographic-algorithms-mstg-crypto-4 Files: com/video/tx/a/d.java, line(s) 17,28
高危安全漏洞 SSL的不安全实现。信任所有证书或接受自签名证书是一个关键的安全漏洞。此应用程序易受MITM攻击
SSL的不安全实现。信任所有证书或接受自签名证书是一个关键的安全漏洞。此应用程序易受MITM攻击 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x05g-Testing-Network-Communication.md#android-network-apis Files: com/video/tx/b.java, line(s) 165,29,30,31,32,33,34,35,36
中危安全漏洞 应用已启用明文网络流量
[android:usesCleartextTraffic=true] 应用允许明文网络流量(如 HTTP、FTP 协议、DownloadManager、MediaPlayer 等)。API 级别 27 及以下默认启用,28 及以上默认禁用。明文流量缺乏机密性、完整性和真实性保护,攻击者可窃听或篡改传输数据。建议关闭明文流量,仅使用加密协议。
中危安全漏洞 Activity-Alias (com.video.tx.activity_alias) 未受保护。
存在 intent-filter。 检测到 Activity-Alias 已与设备上的其他应用共享,因此可被任意应用访问。intent-filter 的存在表明该 Activity-Alias 被显式导出,存在安全风险。
中危安全漏洞 Service (com.video.tx.service.PlayMusicService) 未受保护。
[android:exported=true] 检测到 Service 已导出,未受任何权限保护,任意应用均可访问。
中危安全漏洞 Service (androidx.work.impl.background.systemjob.SystemJobService) 受权限保护,但应检查权限保护级别。
Permission: android.permission.BIND_JOB_SERVICE [android:exported=true] 检测到 Service 已导出并受未在本应用定义的权限保护。请在权限定义处核查其保护级别。若为 normal 或 dangerous,恶意应用可申请并与组件交互;若为 signature,仅同证书签名应用可访问。
中危安全漏洞 应用程序可以读取/写入外部存储器,任何应用程序都可以读取写入外部存储器的数据
应用程序可以读取/写入外部存储器,任何应用程序都可以读取写入外部存储器的数据 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x05d-Testing-Data-Storage.md#external-storage Files: com/app/gameBus/e/b.java, line(s) 15,19 com/devil/library/camera/a.java, line(s) 399 com/devil/library/camera/c/e.java, line(s) 8 com/devil/library/media/utils/b.java, line(s) 48 com/e/a/d/c.java, line(s) 27,49 com/g/a/c.java, line(s) 66 com/jetpack/lib/common/e/c.java, line(s) 221,222,239 com/jetpack/lib/common/e/g.java, line(s) 44,56 com/jetpack/lib/common/e/h.java, line(s) 323 com/jetpack/lib/common/e/j.java, line(s) 15,16,34,35,53,54,71 com/video/tx/a/g.java, line(s) 83,121 com/video/tx/a/h.java, line(s) 67,71 com/video/tx/a/k.java, line(s) 250 com/video/tx/a/m.java, line(s) 13,22,23,41,42,102,103,114 com/video/tx/a/u.java, line(s) 23 com/video/tx/activity/game/GameDetailActivity.java, line(s) 128 com/video/tx/updateApp/AppUpgradeManager.java, line(s) 269,342,369,389 com/video/tx/widget/k.java, line(s) 99 com/video/tx/widget/q.java, line(s) 54 com/yzq/zxinglibrary/d/g.java, line(s) 31 me/iwf/photopicker/d/b.java, line(s) 31
中危安全漏洞 MD5是已知存在哈希冲突的弱哈希
MD5是已知存在哈希冲突的弱哈希 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x04g-Testing-Cryptography.md#identifying-insecure-andor-deprecated-cryptographic-algorithms-mstg-crypto-4 Files: cn/a/e/n/w.java, line(s) 68 com/apk/secury/f.java, line(s) 25 com/d/c/h/cm.java, line(s) 53,171 com/d/c/h/ex.java, line(s) 24,37 com/d/c/x.java, line(s) 30
中危安全漏洞 文件可能包含硬编码的敏感信息,如用户名、密码、密钥等
文件可能包含硬编码的敏感信息,如用户名、密码、密钥等 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x05d-Testing-Data-Storage.md#checking-memory-for-sensitive-data-mstg-storage-10 Files: cn/a/c/b/b.java, line(s) 45 cn/a/e/n/m.java, line(s) 40 com/a/a/a.java, line(s) 44 com/e/a/b/a.java, line(s) 12,84 com/e/a/g/a.java, line(s) 15,11
中危安全漏洞 应用程序使用不安全的随机数生成器
应用程序使用不安全的随机数生成器 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x04g-Testing-Cryptography.md#weak-random-number-generators Files: cn/a/e/l/e.java, line(s) 35 cn/a/e/n/y.java, line(s) 5 cn/a/e/u/o.java, line(s) 11 cn/a/e/u/r.java, line(s) 14 com/a/a/f/c.java, line(s) 14 com/app/shortPlay/widget/player/a/b.java, line(s) 21 com/b/a/h.java, line(s) 20 com/miyouquan/library/DVPermissionUtils.java, line(s) 18 com/video/tx/activity/shortVideo/ShortFindListPlayActivity.java, line(s) 55 com/video/tx/d/n.java, line(s) 48 com/video/tx/fragment/TabShortVideoFragment.java, line(s) 62 com/video/tx/widget/jzPlayer/common/b.java, line(s) 21 d/b/ac.java, line(s) 6 d/o/a.java, line(s) 5 d/o/b.java, line(s) 5 d/o/c.java, line(s) 5 d/o/d.java, line(s) 5 d/o/e.java, line(s) 7 e/a/a/b/b.java, line(s) 4 e/a/a/b/f.java, line(s) 4 f/a/k/a.java, line(s) 20 f/a/k/d.java, line(s) 8 f/z.java, line(s) 18 org/greenrobot/greendao/test/DbTest.java, line(s) 7
中危安全漏洞 IP地址泄露
IP地址泄露 Files: cn/a/e/q/b.java, line(s) 318,318,38,318,318,318,318 cn/a/g/a/h.java, line(s) 80 com/d/c/h/m/a.java, line(s) 30,36,39,42,33,48,45,51,54 com/d/c/h/m/af.java, line(s) 34 com/d/c/h/m/ag.java, line(s) 16,17,9,5,7,12,13,14,15,18,19 com/d/c/h/m/c.java, line(s) 24,26,27,28,32,33,34,35,36,29,22,30,31,40,39,37 com/d/c/h/m/e.java, line(s) 27,29,29 com/d/c/h/m/j.java, line(s) 23,56,57,46,45,47,25,60,61,26,62,63,27,64,65,24,58,59,41,42,43,44,29,68,69,28,66,67,30,70,71,35,36,37,34,32,31,33,48,72 com/d/c/h/m/k.java, line(s) 22,23,24,25,20,21,16,17,18,15,12,13,14,26 com/d/c/h/m/z.java, line(s) 321
中危安全漏洞 SHA-1是已知存在哈希冲突的弱哈希
SHA-1是已知存在哈希冲突的弱哈希 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x04g-Testing-Cryptography.md#identifying-insecure-andor-deprecated-cryptographic-algorithms-mstg-crypto-4 Files: cn/a/e/u/r.java, line(s) 155 com/d/c/h/m/z.java, line(s) 288,290 com/video/tx/activity/FeedCallbackActivity.java, line(s) 91 org/c/a/a/a/a/b.java, line(s) 113
中危安全漏洞 应用程序使用SQLite数据库并执行原始SQL查询。原始SQL查询中不受信任的用户输入可能会导致SQL注入。敏感信息也应加密并写入数据库
应用程序使用SQLite数据库并执行原始SQL查询。原始SQL查询中不受信任的用户输入可能会导致SQL注入。敏感信息也应加密并写入数据库 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x04h-Testing-Code-Quality.md#injection-flaws-mstg-arch-2-and-mstg-platform-2 Files: com/e/a/f/e.java, line(s) 4,5,43,44,45,46,57,60,63,66 com/e/a/f/f.java, line(s) 4,31,32,11,43 com/video/tx/ab/greendao/ActorEntityDao.java, line(s) 4,48,56 com/video/tx/ab/greendao/ActorModyDataEntityDao.java, line(s) 4,29,37 com/video/tx/ab/greendao/AdClickEntityDao.java, line(s) 4,32,40 com/video/tx/ab/greendao/ApiCacheEntityDao.java, line(s) 4,28,36 com/video/tx/ab/greendao/ChannelLabelEntityDao.java, line(s) 4,44,52 com/video/tx/ab/greendao/ChannelLabelStatusEntityDao.java, line(s) 4,33,41 com/video/tx/ab/greendao/CollectFileEntityDao.java, line(s) 4,37,45 com/video/tx/ab/greendao/ComicSaveCacheEntityDao.java, line(s) 4,31,39 com/video/tx/ab/greendao/MovieEsRecordEntityDao.java, line(s) 4,31,39 com/video/tx/ab/greendao/MovieWatchRecordEntityDao.java, line(s) 4,31,39 com/video/tx/ab/greendao/MyProductEntityDao.java, line(s) 4,46,54 com/video/tx/ab/greendao/PicComicEntityDao.java, line(s) 4,34,42 com/video/tx/ab/greendao/ResourceOperateEntityDao.java, line(s) 4,32,40 com/video/tx/ab/greendao/SubscribeNotifyEntityDao.java, line(s) 4,31,39 com/video/tx/ab/greendao/TabLikeEntityDao.java, line(s) 4,30,38 com/video/tx/ab/greendao/UserSubscribeEntityDao.java, line(s) 4,33,41 com/video/tx/ab/greendao/VideoPositionEntityDao.java, line(s) 4,30,38 com/video/tx/greenDao/GreenDaoCompatibleUpdateHelper.java, line(s) 4,62 com/video/tx/greenDao/b.java, line(s) 4,42 org/greenrobot/greendao/AbstractDao.java, line(s) 6,7,408,412,428,498,518 org/greenrobot/greendao/DbUtils.java, line(s) 6,42,85 org/greenrobot/greendao/database/StandardDatabase.java, line(s) 4,63,64
中危安全漏洞 应用程序创建临时文件。敏感信息永远不应该被写进临时文件
应用程序创建临时文件。敏感信息永远不应该被写进临时文件 Files: cn/a/e/m/g.java, line(s) 241 com/d/c/h/ez.java, line(s) 61 d/i/r.java, line(s) 116,201,202
中危安全漏洞 可能存在跨域漏洞。在 WebView 中启用从 URL 访问文件可能会泄漏文件系统中的敏感信息
可能存在跨域漏洞。在 WebView 中启用从 URL 访问文件可能会泄漏文件系统中的敏感信息 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x05h-Testing-Platform-Interaction.md#static-analysis-6 Files: com/video/tx/widget/X5WebView.java, line(s) 54,46
中危安全漏洞 应用程序包含隐私跟踪程序
此应用程序有多个1隐私跟踪程序。跟踪器可以跟踪设备或用户,是终端用户的隐私问题。
中危安全漏洞 此应用可能包含硬编码机密信息
从应用程序中识别出以下机密确保这些不是机密或私人信息 凭证信息=> "APP_ID" : "com.video.wx.t1" d005d14d7ce6312ae54527a659be2c55 29dbf38b1ff94c57a8555ce32bbb8c48 e392a8ddf08a08dcae5514168b8dfb53 664dbacccac2a664de39def2 258EAFA5-E914-47DA-95CA-C5AB0DC85B11 123456789012345678901234 664db61ccac2a664de39d984 946eca6b182e63ebe50cf82e483715bf 542c34779b2fb2295313ded1fdd2e84d 88ce35562a6f085b53a00145444c445f eU9ZnV46iYnLaFjXqM0peerbhB6gTrq2UvsrYkqwxFksmLxupK2qU8GOfC5VTxKS 67cb12812f8e400cb4bfdd615236d562 0123456789ABCDEFGHJKLMNPQRTUWXY 5bc1786994ce276210fa38e1fe46b1b3 e0feac9bd15005f78f769c41acfd5042 460643a974555d792b8f5a6e1a5d323c edef8ba9-79d6-4ace-a3c8-27dcd51d21ed jhjlpKWdCoFcQnvCIkBbRWkWpVHNvZUGFZ2kJQLNdLk1tYCKAYC6oosAfEPFJzmE 1oaCdygBKwvea3xtj3kVCELqyBfMjZ6T 746811187b2f8039a352265c7995a8d6
安全提示信息 应用程序记录日志信息,不得记录敏感信息
应用程序记录日志信息,不得记录敏感信息 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x05d-Testing-Data-Storage.md#logs Files: cn/a/e/n/e.java, line(s) 41,53,7,33,49 cn/a/m/a/d/b.java, line(s) 20 cn/jzvd/JZTextureView.java, line(s) 51,81,82 cn/jzvd/Jzvd.java, line(s) 126,130,408,750,1032,555,684,690,696,705,735,788,797,806,818,836,859,883,889,949,1053 cn/jzvd/ShortJzvd.java, line(s) 127,131,459,597,935,770,347,359,480,864,870,876,920,1001,1019,1065,1071 cn/jzvd/e.java, line(s) 56 com/aiqiyi/customewheel/adapter/AbstractWheelTextAdapter.java, line(s) 52 com/app/common/userModel/a/a.java, line(s) 21 com/app/common/userModel/c/f.java, line(s) 35 com/app/common/userModel/c/q.java, line(s) 78 com/app/common/userModel/d/c.java, line(s) 72 com/app/glide/glide/b/c.java, line(s) 142,174,141 com/app/glide/glide/c/a.java, line(s) 222 com/app/shortPlay/widget/player/a/d.java, line(s) 555,559 com/app/shortPlay/widget/player/a/h.java, line(s) 375 com/cl/downLoad/a/a/c.java, line(s) 27,36 com/d/b/a.java, line(s) 446,454,469,477,510,529,539,714,737,771 com/d/c/g/h.java, line(s) 22,27 com/d/c/g/i.java, line(s) 51,62,67,72,77,82 com/d/c/h/a/a.java, line(s) 911,1018,1053,1082,1119,1120,772,781,782 com/d/c/h/an.java, line(s) 59 com/d/c/h/bx.java, line(s) 1299 com/d/c/h/df.java, line(s) 29 com/d/c/h/f/b/b.java, line(s) 46,83,108,173,197 com/d/c/h/f/b/c.java, line(s) 49,135 com/d/c/h/g/f.java, line(s) 194 com/d/c/h/g/i.java, line(s) 145,150,155 com/d/c/h/g/j.java, line(s) 418,419,420 com/d/c/h/ge.java, line(s) 70 com/d/c/h/k/l.java, line(s) 50,56,57,127 com/d/c/h/k/q.java, line(s) 106,118,123 com/d/c/h/l.java, line(s) 852 com/d/d/h.java, line(s) 121 com/devil/library/camera/a.java, line(s) 151,321,294,368,409,415,420,473,560,587,597,610 com/devil/library/camera/c/b.java, line(s) 90,101,105,112,116,130 com/devil/library/camera/c/c.java, line(s) 17,27 com/devil/library/camera/c/f.java, line(s) 11 com/devil/library/media/ui/activity/DVCameraActivity.java, line(s) 107,112,118 com/devil/library/media/ui/activity/SelectMediaTempActivity.java, line(s) 79 com/devil/library/media/utils/d.java, line(s) 69 com/e/a/l/d.java, line(s) 43,73,53,17,63 com/f/a/n.java, line(s) 106,108,195,197,312,344,377,379,431,449,451,520,522 com/huxq17/handygridview/HandyGridView.java, line(s) 221 com/jetpack/lib/common/BaseActivity.java, line(s) 103 com/jetpack/lib/common/a.java, line(s) 194 com/jetpack/lib/common/a/a.java, line(s) 45 com/jetpack/lib/common/c/c.java, line(s) 9,18,27,37,48,59,69,78,87,96,105 com/jetpack/lib/common/d/a.java, line(s) 33,58 com/jetpack/lib/common/e/d.java, line(s) 47 com/jetpack/lib/common/e/f.java, line(s) 89,130 com/jetpack/lib/common/e/n.java, line(s) 53 com/jetpack/lib/common/e/z.java, line(s) 88,91 com/shizhefei/view/largeimage/a.java, line(s) 92,99,123,150,183,237,248,260,288,325,361,390,515,536,614,667,728 com/tonyodev/fetch2core/j.java, line(s) 37,60,69,77 com/video/tx/a/b.java, line(s) 86 com/video/tx/a/d.java, line(s) 21 com/video/tx/a/g.java, line(s) 104,140,147,154,156 com/video/tx/a/h.java, line(s) 60 com/video/tx/a/k.java, line(s) 190,194 com/video/tx/a/o.java, line(s) 48 com/video/tx/a/q.java, line(s) 7 com/video/tx/a/s.java, line(s) 39 com/video/tx/a/u.java, line(s) 62,102 com/video/tx/a/y.java, line(s) 54 com/video/tx/ab/greendao/DaoMaster.java, line(s) 25,41 com/video/tx/activity/AboutUsActivity.java, line(s) 110,76,80 com/video/tx/activity/LauncherActivity.java, line(s) 142,169,259 com/video/tx/activity/VideoDetailActivity.java, line(s) 951 com/video/tx/activity/event/EventPlayActivity.java, line(s) 354 com/video/tx/activity/event/LfDetailActivity.java, line(s) 401 com/video/tx/activity/pay/WithDrawPasswardActivity.java, line(s) 63 com/video/tx/activity/search/SearchLfActivity.java, line(s) 123 com/video/tx/activity/shortVideo/ShortVideoPlayActivity.java, line(s) 358 com/video/tx/b.java, line(s) 55,78,81,84,187,192 com/video/tx/b/a.java, line(s) 99,105,258,462 com/video/tx/b/d.java, line(s) 24 com/video/tx/d/a/h.java, line(s) 16,38 com/video/tx/d/a/k.java, line(s) 92,148 com/video/tx/d/f.java, line(s) 63 com/video/tx/d/n.java, line(s) 141,320 com/video/tx/d/o.java, line(s) 37,65,74 com/video/tx/fragment/TabMeFrament.java, line(s) 192,244 com/video/tx/fragment/WebViewFragment.java, line(s) 134 com/video/tx/fragment/label/LabelVideoFragment.java, line(s) 152 com/video/tx/fragment/main/a.java, line(s) 76 com/video/tx/fragment/pay/findPass/SetNewWithDrawPassFragment.java, line(s) 59 com/video/tx/g/a.java, line(s) 33,57,39,41,42 com/video/tx/g/c.java, line(s) 45,47,49,50,51 com/video/tx/g/d.java, line(s) 84,187,272,294 com/video/tx/greenDao/MyGreenDaoDbHelper.java, line(s) 25,27,31,36,39 com/video/tx/greenDao/b.java, line(s) 83,86,87,91,96,104,112,116,119,122,131,136,138,144,149,157,162,164,180,185 com/video/tx/ipNet/a.java, line(s) 35,97,104 com/video/tx/photoView/c.java, line(s) 136,171,188,419,446,495,20 com/video/tx/service/CollectFileDbService.java, line(s) 69 com/video/tx/updateApp/AppUpgradeManager.java, line(s) 81,108,146,152,153,164,241,246,273,274,351 com/video/tx/widget/CanvasImageView.java, line(s) 27 com/video/tx/widget/CircleImageView.java, line(s) 133 com/video/tx/widget/a/a.java, line(s) 175 com/video/tx/widget/aa.java, line(s) 138 com/video/tx/widget/ac.java, line(s) 151 com/video/tx/widget/ad.java, line(s) 153 com/video/tx/widget/ah.java, line(s) 169 com/video/tx/widget/f.java, line(s) 31 com/video/tx/widget/g.java, line(s) 248 com/video/tx/widget/jzPlayer/ad/a.java, line(s) 198 com/video/tx/widget/jzPlayer/common/d.java, line(s) 363,367 com/video/tx/widget/jzPlayer/common/h.java, line(s) 377 com/video/tx/widget/jzPlayer/event/b.java, line(s) 551,555 com/video/tx/widget/k.java, line(s) 110,232,258,282 com/video/tx/widget/l.java, line(s) 62,84 com/video/tx/widget/p.java, line(s) 72,90 com/video/tx/widget/q.java, line(s) 68 com/video/tx/widget/version2/CommentDialogFragment.java, line(s) 222 com/video/tx/widget/z.java, line(s) 143,64,103 com/yzq/zxinglibrary/android/CaptureActivity.java, line(s) 60,63 com/yzq/zxinglibrary/android/a.java, line(s) 50 com/yzq/zxinglibrary/android/d.java, line(s) 31,82,88 com/yzq/zxinglibrary/b/a.java, line(s) 58,80,94 com/yzq/zxinglibrary/b/b.java, line(s) 51,160,177,71,88,111,122 com/yzq/zxinglibrary/b/c.java, line(s) 73,189,114,113,122 com/yzq/zxinglibrary/b/d.java, line(s) 37,41,21,44 com/yzq/zxinglibrary/b/e.java, line(s) 29 d/i/d.java, line(s) 85,90,95,100,105,110,115,134,139,144,170,175,180,185,190,195,200,205,210,215,220 de/greenrobot/event/BackgroundPoster.java, line(s) 41 de/greenrobot/event/EventBus.java, line(s) 162,114,123,125,434 de/greenrobot/event/SubscriberMethodFinder.java, line(s) 84 de/greenrobot/event/util/AsyncExecutor.java, line(s) 98 de/greenrobot/event/util/ErrorDialogConfig.java, line(s) 42 de/greenrobot/event/util/ErrorDialogManager.java, line(s) 164 de/greenrobot/event/util/ExceptionToResourceMapping.java, line(s) 31 in/srain/cube/views/GridViewWithHeaderAndFooter.java, line(s) 261,273,327 me/iwf/photopicker/PhotoPickerActivity.java, line(s) 96,319,330,332,343 me/iwf/photopicker/a/a.java, line(s) 85 me/iwf/photopicker/d/b.java, line(s) 33 me/iwf/photopicker/widget/TouchImageView.java, line(s) 625 org/c/b/b/a/b.java, line(s) 25,44 org/c/b/c/a/c.java, line(s) 182,118,161,170 org/c/b/c/a/d.java, line(s) 24 org/greenrobot/greendao/AbstractDao.java, line(s) 665,720 org/greenrobot/greendao/DaoException.java, line(s) 28,29 org/greenrobot/greendao/DaoLog.java, line(s) 15,19,27,35,39,43,51,55,23,59,63,67 org/greenrobot/greendao/DbUtils.java, line(s) 63,33 org/greenrobot/greendao/async/AsyncOperationExecutor.java, line(s) 326 org/greenrobot/greendao/internal/LongHashMap.java, line(s) 64 org/greenrobot/greendao/query/QueryBuilder.java, line(s) 99,102 org/greenrobot/greendao/test/AbstractDaoTest.java, line(s) 28,31,59 org/greenrobot/greendao/test/AbstractDaoTestLongPk.java, line(s) 18,23 org/greenrobot/greendao/test/AbstractDaoTestSinglePk.java, line(s) 29 org/greenrobot/greendao/test/DbTest.java, line(s) 62
安全提示信息 此应用程序将数据复制到剪贴板。敏感数据不应复制到剪贴板,因为其他应用程序可以访问它
此应用程序将数据复制到剪贴板。敏感数据不应复制到剪贴板,因为其他应用程序可以访问它 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x04b-Mobile-App-Security-Testing.md#clipboard Files: com/video/tx/a/p.java, line(s) 3,20 com/video/tx/activity/event/LfDetailActivity.java, line(s) 5,398 com/video/tx/activity/game/GameDetailActivity.java, line(s) 5,145 com/video/tx/activity/search/SearchLfActivity.java, line(s) 5,120 com/video/tx/d/n.java, line(s) 6,138 com/video/tx/widget/k.java, line(s) 6,229,255 com/video/tx/widget/l.java, line(s) 6,59 com/video/tx/widget/p.java, line(s) 6,87 com/video/tx/widget/version_3/d.java, line(s) 6,72 com/video/tx/widget/z.java, line(s) 6,60
安全提示信息 此应用程序使用SQL Cipher。SQLCipher为sqlite数据库文件提供256位AES加密
此应用程序使用SQL Cipher。SQLCipher为sqlite数据库文件提供256位AES加密 Files: org/greenrobot/greendao/database/DatabaseOpenHelper.java, line(s) 19,6,15
已通过安全项 此应用程序使用SSL Pinning 来检测或防止安全通信通道中的MITM攻击
此应用程序使用SSL Pinning 来检测或防止安全通信通道中的MITM攻击 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x05g-Testing-Network-Communication.md#testing-custom-certificate-stores-and-certificate-pinning-mstg-network-4 Files: com/cl/downLoad/a/a/a.java, line(s) 143,78,110,142,131,141,141 com/e/a/h/a.java, line(s) 145,78,110,144,132,143,143 com/jetpack/lib/common/e/m.java, line(s) 37,16 com/video/tx/b.java, line(s) 74,73,110,163,72 f/z.java, line(s) 520,519,533,518,518
已通过安全项 此应用程序可能具有Root检测功能
此应用程序可能具有Root检测功能 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x05j-Testing-Resiliency-Against-Reverse-Engineering.md#testing-root-detection-mstg-resilience-1 Files: com/apk/secury/e.java, line(s) 19,19,19,19,19 com/video/tx/updateApp/c.java, line(s) 115,116
综合安全基线评分总结
汤不热视频 v11.9
45
综合安全评分
中风险