漏洞分析

1

高危漏洞

5

中危漏洞

2

低危漏洞

7

警告

文件名 direk.apk
上传者 FongMi
文件大小 19.954566955566MB
MD5 3598f06ef2e04ee695ec1c6542763f28
包名 com.direk.android.newest
Main Activity com.direk.android.ui.www.WwwActivity
Min SDK 16
Target SDK 27

权限列表

# 名称 说明 提示
0 android.permission.ACCESS_COARSE_LOCATION 访问大概的位置源(例如蜂窝网络数据库)以确定手机的大概位置(如果可以)。恶意应用程序可借此确定您所处的大概位置。 注意
1 android.permission.ACCESS_FINE_LOCATION 访问精准的位置源,例如手机上的全球定位系统(如果有)。恶意应用程序可能会借此确定您所处的位置,并可能消耗额外的电池电量。 注意
2 android.permission.BLUETOOTH 允许应用程序查看本地蓝牙手机的配置,以及建立或接受与配对设备的连接。 注意
3 android.permission.READ_CALENDAR 允许应用程序读取您手机上存储的所有日历活动。恶意应用程序可借此将您的日历活动发送给其他人。 注意
4 android.permission.READ_CONTACTS 允许应用程序读取您手机上存储的所有联系人(地址)数据。恶意应用程序可借此将您的数据发送给其他人。 注意
5 android.permission.READ_PHONE_STATE 允许应用程序访问设备的手机功能。有此权限的应用程序可确定此手机的号码和序列号,是否正在通话,以及对方的号码等。 注意
6 android.permission.RECEIVE_BOOT_COMPLETED 允许应用程序在系统完成启动后即自行启动。这样会延长手机的启动时间,而且如果应用程序一直运行,会降低手机的整体速度。 注意
7 android.permission.RECORD_AUDIO 允许应用程序访问录音路径。 注意
8 android.permission.WRITE_SETTINGS 允许应用程序修改系统设置方面的数据。恶意应用程序可借此破坏您的系统配置。 注意
9 android.permission.ACCESS_NETWORK_STATE 允许应用程序查看所有网络的状态。 提示
10 android.permission.BLUETOOTH_ADMIN 允许应用程序配置本地蓝牙手机,以及发现远程设备并与其配对。 提示
11 android.permission.CAMERA 允许应用程序使用相机拍照,这样应用程序可随时收集进入相机镜头的图像。 提示
12 android.permission.FLASHLIGHT 允许应用程序控制闪光灯。 提示
13 android.permission.INTERNET 允许程序访问网络. 提示
14 android.permission.MODIFY_AUDIO_SETTINGS 允许应用程序修改整个系统的音频设置,如音量和路由。 提示
15 android.permission.VIBRATE 允许应用程序控制振动器。 提示
16 android.permission.WAKE_LOCK 允许应用程序防止手机进入休眠状态。 提示
17 android.permission.WRITE_EXTERNAL_STORAGE 允许应用程序写入SD卡。 提示

四大组件

组件名称

com.direk.android.ui.www.WwwActivity
com.direk.android.CustomLoginActivity
com.direk.android.ui.beacon.BeaconActivity
com.direk.android.ui.beacon.BeaconContentActivity
com.direk.android.ui.chat.ChatActivity
com.direk.android.ui.chat.ChatContentActivity
com.direk.android.ui.chat.ChatNewTextActivity
com.direk.android.ui.chat.ChatNewGroupActivity
com.direk.android.ui.chat.ChatMemberActivity
com.direk.android.ui.chat.ChatForwardActivity
com.direk.android.ui.drive.DriveChooseActivity
com.direk.android.ui.mail.MailActivity
com.direk.android.ui.mail.MailContentActivity
com.direk.android.ui.mail.MailWriteActivity
com.direk.android.ui.mail.MailToActivity
com.direk.android.ui.mail.MailSignActivity
com.direk.android.ui.market.MarketActivity
com.direk.android.ui.market.MarketContentActivity
com.direk.android.ui.push.PushRecordActivity
com.direk.android.clock.ClockActivity
com.direk.android.clock.ClockRecordActivity
com.direk.android.clock.ClockSettingActivity
com.direk.android.clock.ClockBeaconActivity
com.direk.android.clock.ClockManagerActivity
com.direk.android.clock.ClockMapActivity
com.direk.android.face.FaceRegisterActivity
com.direk.android.face.FaceRecognizeActivity
com.direk.android.ras.RasActivity
com.direk.android.ras.RasContentActivity
com.direk.android.ras.RasReportActivity
com.direk.android.ras.RasReportContentActivity
com.direk.android.ras.RasSettingActivity
com.direk.android.ras.RasTargetFormActivity
com.direk.android.ras.RasTargetFormDiskActivity
com.direk.android.ras.RasTargetGroupActivity
com.direk.android.ras.RasTargetMemberActivity
com.direk.android.linphone.LinphoneActivity
com.direk.android.ui.home.HomeActivity
com.direk.android.ui.home.HomeFolderActivity
com.direk.android.ui.about.AboutActivity
com.direk.android.ui.attach.AttachActivity
com.direk.android.ui.attach.AttachImageActivity
com.direk.android.ui.attach.AttachPlayerActivity
com.direk.android.ui.announce.AnnounceActivity
com.direk.android.ui.announce.AnnounceContentActivity
com.direk.android.ui.apptree.AppTreeActivity
com.direk.android.ui.contact.ContactActivity
com.direk.android.ui.contact.ContactContentActivity
com.direk.android.ui.contact.ContactProxyActivity
com.direk.android.ui.calendars.CalendarsActivity
com.direk.android.ui.calendars.CalendarsMonthActivity
com.direk.android.ui.calendars.CalendarsContentActivity
com.direk.android.ui.calendars.CalendarsEditActivity
com.direk.android.ui.calendars.CalendarsInviteActivity
com.direk.android.ui.calendars.CalendarsCycleActivity
com.direk.android.ui.calendars.CalendarsShareActivity
com.direk.android.ui.camera.CameraEditActivity
com.direk.android.ui.drive.DriveActivity
com.direk.android.ui.drive.DriveFolderActivity
com.direk.android.ui.drive.DriveContentActivity
com.direk.android.ui.forum.ForumActivity
com.direk.android.ui.forum.ForumSubjectActivity
com.direk.android.ui.forum.ForumSearchActivity
com.direk.android.ui.forum.ForumContentActivity
com.direk.android.ui.forum.ForumEditActivity
com.direk.android.ui.privacy.PrivacyActivity
com.direk.android.ui.profile.ProfileActivity
com.direk.android.ui.profile.ProfileResetActivity
com.direk.android.ui.push.PushActivity
com.direk.android.ui.question.QuestionActivity
com.direk.android.ui.question.QuestionContentActivity
com.direk.android.ui.question.QuestionInputActivity
com.direk.android.ui.question.QuestionVoteActivity
com.direk.android.ui.question.QuestionVoteEditActivity
com.direk.android.ui.question.QuestionVoteMemberActivity
com.direk.android.ui.question.QuestionVoteSettingActivity
com.direk.android.ui.rss.RssActivity
com.direk.android.ui.task.TaskActivity
com.direk.android.ui.task.TaskContentActivity
com.direk.android.ui.task.TaskEditActivity
com.direk.android.ui.web.WebActivity
com.direk.android.ui.error.ErrorActivity
com.yalantis.ucrop.UCropActivity
com.zhihu.matisse.ui.MatisseActivity
com.zhihu.matisse.internal.ui.AlbumPreviewActivity
com.zhihu.matisse.internal.ui.SelectedPreviewActivity
cat.ereza.customactivityoncrash.activity.DefaultErrorActivity
com.journeyapps.barcodescanner.CaptureActivity
com.google.android.gms.auth.api.signin.internal.SignInHubActivity
com.google.android.gms.common.api.GoogleApiActivity

com.direk.android.newest.ChatService
com.direk.android.fcm.InstanceIDService
com.direk.android.fcm.MessagingService
org.altbeacon.beacon.service.BeaconService
org.altbeacon.beacon.BeaconIntentProcessor
com.evernote.android.job.v21.PlatformJobService
com.evernote.android.job.v14.PlatformAlarmService
com.evernote.android.job.v14.PlatformAlarmServiceExact
com.evernote.android.job.gcm.PlatformGcmService
com.evernote.android.job.JobRescheduleService
com.google.android.gms.auth.api.signin.RevocationBoundService
com.google.firebase.messaging.FirebaseMessagingService
com.google.android.gms.measurement.AppMeasurementService
com.google.android.gms.measurement.AppMeasurementJobService
com.google.firebase.iid.FirebaseInstanceIdService

com.direk.android.newest.BootReceiver
com.direk.android.newest.AlarmReceiver
com.direk.android.newest.PhoneStateReceiver
com.direk.android.newest.LogoutReceiver
org.altbeacon.beacon.startup.StartupBroadcastReceiver
com.evernote.android.job.v14.PlatformAlarmReceiver
com.evernote.android.job.JobBootReceiver
com.google.android.gms.measurement.AppMeasurementReceiver
com.google.android.gms.measurement.AppMeasurementInstallReferrerReceiver
com.google.firebase.iid.FirebaseInstanceIdReceiver

android.support.v4.content.FileProvider
cat.ereza.customactivityoncrash.provider.CaocInitProvider
com.google.firebase.provider.FirebaseInitProvider

第三方库

# 库名 介绍
0 com.google.android.gms.maps 谷歌地图是 Google 公司提供的电子地图服务,包括局部详细的卫星照片。此款服务可以提供含有政区和交通以及商业信息的矢量地图、不同分辨率的卫星照片和可以用来显示地形和等高线地形视图。在各类平台均有应用,操作简单方便。
1 okhttp3 An HTTP+SPDY client for Android and Java applications.
2 com.afollestad.materialdialogs Not even AppCompat uses Material theming for AlertDialogs on pre-Lollipop. This is a beautiful and easy solution.
3 org.altbeacon.beacon Allows Android apps to interact with BLE beacons
4 me.leolin.shortcutbadger The ShortcutBadger makes your Android App show the count of unread messages as a badge on your App shortcut!
5 com.bumptech.glide An image loading and caching library for Android focused on smooth scrolling
6 com.google.zxing Official ZXing ("Zebra Crossing") project home
7 android.support.transition A backport of the new Transitions API for Android.
8 me.zhanghai.android.materialprogressbar Material design ProgressBar with consistent appearance
9 com.astuetz An interactive indicator to navigate between the different pages of a ViewPager
10 com.raizlabs.android.dbflow A blazing fast, powerful, and very simple ORM android database library that writes database code for you.
11 com.makeramen.roundedimageview A fast ImageView that supports rounded corners, ovals, and circles.
12 android.support.multidex DEPRECATED
13 com.daimajia.easing Android Animation Easing Functions. Let's make animation more real!
14 com.daimajia.androidanimations.library Cute view animation collection.
15 me.relex.circleindicator a lightweight viewpager indicator like in nexus 5 launcher
16 com.rengwuxian.materialedittext EditText in Material Design
17 butterknife View "injection" library for Android.
18 com.google.gson A Java serialization library that can convert Java Objects into JSON and back.
19 com.prolificinteractive.materialcalendarview A Material design back port of Android's CalendarView

静态扫描发现风险点

风险等级 风险名称

高危

检测到1处webview file域同源策略绕过漏洞。

位置: classes.dex
com.direk.android.ui.mail.MailWriteActivity

恶意app可以利用该漏洞读取cookie等隐私信息文件。不要将不必要组件导出;如需导出,禁止使用File协议;如需使用File协议,禁止js执行:setJavaScriptEnabled(False)。

参考资料:
https://jaq.alibaba.com/blog.htm?id=62

中危

检测到当前标志被设置成true或没设置,这会导致adb调试备份允许恶意攻击者复制应用程序数据,造成数据泄露。

中危

该app需要移除大部分日志打印代码。
经扫描该包仍存在大量打日志代码,共发现195处打日志代码.(此处扫描的日志打印代码,是指调用android.util.Log.* 打印的.)
详情如下:

位置: classes.dex
com.google.firebase.iid.z;->(Landroid/content/Context; Ljava/lang/String;)V==>android.util.Log;->i(Ljava/lang/String; Ljava/lang/String;)I
com.journeyapps.barcodescanner.camera.b$3;->run()V==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.a.a.j$a;->b(Ljava/lang/Object;)V==>android.util.Log;->e(Ljava/lang/String; Ljava/lang/String;)I
org.altbeacon.beacon.c.h;->d(Ljava/lang/String; Ljava/lang/String; [Ljava/lang/Object;)V==>android.util.Log;->e(Ljava/lang/String; Ljava/lang/String;)I
com.journeyapps.barcodescanner.camera.b$6;->run()V==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.bumptech.glide.load.engine.a.f;->b(I)V==>android.util.Log;->w(Ljava/lang/String; Ljava/lang/String;)I
com.google.zxing.a.a.a.a.a;->a(I)I==>android.util.Log;->w(Ljava/lang/String; Ljava/lang/String;)I
com.journeyapps.barcodescanner.camera.h;->b(Lcom/journeyapps/barcodescanner/n; Lcom/journeyapps/barcodescanner/n;)Landroid/graphics/Rect;==>android.util.Log;->i(Ljava/lang/String; Ljava/lang/String;)I
com.google.firebase.iid.v;->a()I==>android.util.Log;->e(Ljava/lang/String; Ljava/lang/String;)I
com.google.firebase.iid.v;->a(Ljava/lang/String;)Landroid/content/pm/PackageInfo;==>android.util.Log;->w(Ljava/lang/String; Ljava/lang/String;)I
com.yalantis.ucrop.task.BitmapLoadTask;->processInputUri()V==>android.util.Log;->e(Ljava/lang/String; Ljava/lang/String;)I
com.google.zxing.a.a.a.a;->a(Ljava/lang/String; Ljava/util/Collection; [Ljava/lang/String;)Ljava/lang/String;==>android.util.Log;->i(Ljava/lang/String; Ljava/lang/String;)I
com.google.firebase.messaging.a;->a(Ljava/lang/CharSequence; Ljava/lang/String; I Ljava/lang/Integer; Landroid/net/Uri; Landroid/app/PendingIntent; Landroid/app/PendingIntent; Ljava/lang/String;)Landroid/app/Notification;==>android.util.Log;->e(Ljava/lang/String; Ljava/lang/String;)I
com.journeyapps.barcodescanner.camera.c;->b(Z)V==>android.util.Log;->i(Ljava/lang/String; Ljava/lang/String;)I
com.bumptech.glide.load.engine.a.f;->a(Landroid/graphics/Bitmap;)Z==>android.util.Log;->v(Ljava/lang/String; Ljava/lang/String;)I
com.google.firebase.iid.m;->onServiceConnected(Landroid/content/ComponentName; Landroid/os/IBinder;)V==>android.util.Log;->v(Ljava/lang/String; Ljava/lang/String;)I
com.google.firebase.iid.j;->onServiceConnected(Landroid/content/ComponentName; Landroid/os/IBinder;)V==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.direk.android.facerec.ui.b;->b(Landroid/content/Context;)Lcom/google/android/gms/vision/e;==>android.util.Log;->w(Ljava/lang/String; Ljava/lang/String;)I
com.yalantis.ucrop.util.ImageHeaderParser;->getOrientation()I==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.google.firebase.iid.w;->c(Landroid/os/Bundle;)Landroid/os/Bundle;==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.google.firebase.iid.m;->a(Landroid/os/Message;)Z==>android.util.Log;->w(Ljava/lang/String; Ljava/lang/String;)I
com.google.firebase.iid.g;->run()V==>android.util.Log;->w(Ljava/lang/String; Ljava/lang/String;)I
com.google.firebase.messaging.FirebaseMessagingService;->c(Landroid/content/Intent;)Z==>android.util.Log;->e(Ljava/lang/String; Ljava/lang/String;)I
com.google.firebase.messaging.c;->a(Landroid/content/Context; Ljava/lang/String; [B Lcom/google/firebase/messaging/b; I)V==>android.util.Log;->v(Ljava/lang/String; Ljava/lang/String;)I
com.yalantis.ucrop.util.ImageHeaderParser;->copyExif(Landroid/media/ExifInterface; I I Ljava/lang/String;)V==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
me.leolin.shortcutbadger.ShortcutBadger;->initBadger(Landroid/content/Context;)Z==>android.util.Log;->e(Ljava/lang/String; Ljava/lang/String;)I
com.google.firebase.iid.y;->a(Landroid/content/Context; Landroid/content/Intent;)I==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.google.firebase.iid.t;->a(Ljava/lang/Object;)V==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.google.firebase.a;->b(Z)V==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.google.firebase.iid.t;->a(Lcom/google/firebase/iid/zzs;)V==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.google.zxing.a.a.b$2;->onError(Landroid/media/MediaPlayer; I I)Z==>android.util.Log;->w(Ljava/lang/String; Ljava/lang/String;)I
org.altbeacon.beacon.c.c;->d(Ljava/lang/String; Ljava/lang/String; [Ljava/lang/Object;)V==>android.util.Log;->e(Ljava/lang/String; Ljava/lang/String;)I
com.google.zxing.a.a.a.a;->b(Landroid/hardware/Camera$Parameters;)V==>android.util.Log;->i(Ljava/lang/String; Ljava/lang/String;)I
com.journeyapps.barcodescanner.camera.b$5;->run()V==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.journeyapps.barcodescanner.d$2;->surfaceChanged(Landroid/view/SurfaceHolder; I I I)V==>android.util.Log;->e(Ljava/lang/String; Ljava/lang/String;)I
com.journeyapps.barcodescanner.camera.c$a;->onPreviewFrame([B Landroid/hardware/Camera;)V==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.google.firebase.iid.m;->a(Lcom/google/firebase/iid/t;)Z==>android.util.Log;->v(Ljava/lang/String; Ljava/lang/String;)I
com.google.firebase.iid.w;->a(Landroid/os/Message;)V==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.a.a.j;->a(Ljava/lang/Class; Ljava/lang/String; Ljava/lang/Class;)Ljava/lang/reflect/Method;==>android.util.Log;->e(Ljava/lang/String; Ljava/lang/String;)I
com.yalantis.ucrop.view.TransformImageView;->printMatrix(Ljava/lang/String; Landroid/graphics/Matrix;)V==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.google.firebase.messaging.c;->b(Landroid/content/Context;)Z==>android.util.Log;->v(Ljava/lang/String; Ljava/lang/String;)I
com.bumptech.glide.load.resource.bitmap.RecyclableBufferedInputStream;->a(Ljava/io/InputStream; [B)I==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.google.firebase.messaging.c;->a(Lcom/google/android/gms/measurement/AppMeasurement; Landroid/content/Context; Ljava/lang/String; Lcom/google/android/gms/internal/rg; Lcom/google/firebase/messaging/b; I)V==>android.util.Log;->v(Ljava/lang/String; Ljava/lang/String;)I
com.journeyapps.barcodescanner.d;->e()V==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.bumptech.glide.load.engine.a.f;->b(I I Landroid/graphics/Bitmap$Config;)Landroid/graphics/Bitmap;==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.google.firebase.iid.j;->a()V==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.journeyapps.barcodescanner.camera.b$4;->run()V==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.google.firebase.a;->a(Ljava/lang/Class; Ljava/lang/Object; Ljava/lang/Iterable;)V==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.bumptech.glide.load.resource.bitmap.b;->a(Lcom/bumptech/glide/load/engine/i; Ljava/io/OutputStream;)Z==>android.util.Log;->v(Ljava/lang/String; Ljava/lang/String;)I
com.bumptech.glide.d.k;->handleMessage(Landroid/os/Message;)Z==>android.util.Log;->w(Ljava/lang/String; Ljava/lang/String;)I
com.google.firebase.messaging.a;->c(Landroid/os/Bundle; Ljava/lang/String;)[Ljava/lang/Object;==>android.util.Log;->w(Ljava/lang/String; Ljava/lang/String;)I
butterknife.ButterKnife;->a(Ljava/lang/Class;)Ljava/lang/reflect/Constructor;==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.journeyapps.barcodescanner.i;->b(Lcom/journeyapps/barcodescanner/o;)V==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.afollestad.materialdialogs.internal.c;->b(Landroid/widget/EditText; I)V==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.google.firebase.iid.w;->c(Landroid/os/Bundle;)Landroid/os/Bundle;==>android.util.Log;->w(Ljava/lang/String; Ljava/lang/String;)I
com.bumptech.glide.load.engine.a;->a(Ljava/lang/String; J)V==>android.util.Log;->v(Ljava/lang/String; Ljava/lang/String;)I
com.google.firebase.iid.k;->a(Lcom/google/firebase/iid/t;)Lcom/google/android/gms/tasks/e;==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.google.firebase.iid.m;->a()V==>android.util.Log;->v(Ljava/lang/String; Ljava/lang/String;)I
com.google.firebase.messaging.FirebaseMessagingService;->b(Landroid/content/Intent;)V==>android.util.Log;->w(Ljava/lang/String; Ljava/lang/String;)I
com.google.firebase.iid.aa;->a(Ljava/lang/String;)Lcom/google/firebase/iid/aa;==>android.util.Log;->w(Ljava/lang/String; Ljava/lang/String;)I
com.google.zxing.a.a.a.a;->a(Landroid/hardware/Camera$Parameters; Lcom/journeyapps/barcodescanner/camera/CameraSettings$FocusMode; Z)V==>android.util.Log;->i(Ljava/lang/String; Ljava/lang/String;)I
com.bumptech.glide.b.a;->f()Landroid/graphics/Bitmap;==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.bumptech.glide.request.b.k$a$a;->onPreDraw()Z==>android.util.Log;->v(Ljava/lang/String; Ljava/lang/String;)I
com.google.firebase.iid.y;->a(Landroid/content/Context; Landroid/content/Intent;)I==>android.util.Log;->e(Ljava/lang/String; Ljava/lang/String;)I
com.google.firebase.messaging.c;->a(Landroid/content/Context; Ljava/lang/String; Ljava/lang/String; Ljava/lang/String; Ljava/lang/String;)V==>android.util.Log;->v(Ljava/lang/String; Ljava/lang/String;)I
com.google.firebase.iid.FirebaseInstanceIdService;->b(Landroid/content/Intent;)V==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.google.zxing.a.a.a.a;->f(Landroid/hardware/Camera$Parameters;)V==>android.util.Log;->i(Ljava/lang/String; Ljava/lang/String;)I
com.google.firebase.iid.c;->a()V==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.google.firebase.iid.b;->a(Ljava/lang/String;)Z==>android.util.Log;->e(Ljava/lang/String; Ljava/lang/String;)I
me.leolin.shortcutbadger.ShortcutBadger;->isBadgeCounterSupported(Landroid/content/Context;)Z==>android.util.Log;->w(Ljava/lang/String; Ljava/lang/String;)I
com.bumptech.glide.load.engine.a.f;->d()V==>android.util.Log;->v(Ljava/lang/String; Ljava/lang/String;)I
com.bumptech.glide.request.GenericRequest;->a(Ljava/lang/String;)V==>android.util.Log;->v(Ljava/lang/String; Ljava/lang/String;)I
com.google.firebase.provider.FirebaseInitProvider;->onCreate()Z==>android.util.Log;->i(Ljava/lang/String; Ljava/lang/String;)I
com.google.firebase.iid.z;->(Landroid/content/Context; Ljava/lang/String;)V==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.journeyapps.barcodescanner.camera.f;->b(Lcom/journeyapps/barcodescanner/n; Lcom/journeyapps/barcodescanner/n;)Landroid/graphics/Rect;==>android.util.Log;->i(Ljava/lang/String; Ljava/lang/String;)I
com.journeyapps.barcodescanner.camera.k;->a(Ljava/util/List; Lcom/journeyapps/barcodescanner/n;)Lcom/journeyapps/barcodescanner/n;==>android.util.Log;->i(Ljava/lang/String; Ljava/lang/String;)I
com.google.firebase.iid.c;->onReceive(Landroid/content/Context; Landroid/content/Intent;)V==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
org.altbeacon.beacon.c.g;->d(Ljava/lang/String; Ljava/lang/String; [Ljava/lang/Object;)V==>android.util.Log;->e(Ljava/lang/String; Ljava/lang/String;)I
com.google.firebase.messaging.a;->d(Landroid/os/Bundle; Ljava/lang/String;)Ljava/lang/String;==>android.util.Log;->w(Ljava/lang/String; Ljava/lang/String;)I
com.google.firebase.iid.j;->onServiceDisconnected(Landroid/content/ComponentName;)V==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.bumptech.glide.load.resource.bitmap.p;->a(Landroid/graphics/Bitmap; Lcom/bumptech/glide/load/engine/a/c; I I)Landroid/graphics/Bitmap;==>android.util.Log;->v(Ljava/lang/String; Ljava/lang/String;)I
com.yalantis.ucrop.UCropActivity;->onCreateOptionsMenu(Landroid/view/Menu;)Z==>android.util.Log;->i(Ljava/lang/String; Ljava/lang/String;)I
com.google.firebase.iid.h;->a(Lcom/google/firebase/iid/f;)V==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.google.firebase.iid.p;->run()V==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.google.firebase.messaging.d;->b(Landroid/content/Context; Landroid/content/Intent;)V==>android.util.Log;->w(Ljava/lang/String; Ljava/lang/String;)I
com.a.a.j;->b(Ljava/lang/Object;)V==>android.util.Log;->e(Ljava/lang/String; Ljava/lang/String;)I
org.altbeacon.beacon.c.g;->b(Ljava/lang/String; Ljava/lang/String; [Ljava/lang/Object;)V==>android.util.Log;->i(Ljava/lang/String; Ljava/lang/String;)I
com.yalantis.ucrop.util.BitmapLoadUtils;->calculateMaxBitmapSize(Landroid/content/Context;)I==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
org.altbeacon.beacon.BeaconParser;->a(Ljava/lang/String;)Lorg/altbeacon/beacon/BeaconParser;==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.anthonycr.grant.b;->b(Ljava/lang/String;)Z==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.bumptech.glide.load.engine.EngineRunnable;->e()Lcom/bumptech/glide/load/engine/i;==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.yalantis.ucrop.task.BitmapLoadTask;->copyFile(Landroid/net/Uri; Landroid/net/Uri;)V==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.bumptech.glide.load.engine.b.i;->(Landroid/content/Context; Landroid/app/ActivityManager; Lcom/bumptech/glide/load/engine/b/i$b;)V==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.google.firebase.iid.i;->run()V==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.journeyapps.barcodescanner.d;->d()V==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
me.zhanghai.android.materialprogressbar.MaterialProgressBar;->setIndeterminate(Z)V==>android.util.Log;->w(Ljava/lang/String; Ljava/lang/String;)I
com.bumptech.glide.load.engine.a.f;->b(I I Landroid/graphics/Bitmap$Config;)Landroid/graphics/Bitmap;==>android.util.Log;->v(Ljava/lang/String; Ljava/lang/String;)I
com.yalantis.ucrop.task.BitmapLoadTask;->downloadFile(Landroid/net/Uri; Landroid/net/Uri;)V==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.journeyapps.barcodescanner.d;->a(Lcom/journeyapps/barcodescanner/camera/d;)V==>android.util.Log;->i(Ljava/lang/String; Ljava/lang/String;)I
com.makeramen.roundedimageview.RoundedDrawable;->drawableToBitmap(Landroid/graphics/drawable/Drawable;)Landroid/graphics/Bitmap;==>android.util.Log;->w(Ljava/lang/String; Ljava/lang/String;)I
com.google.zxing.a.a.a.a;->d(Landroid/hardware/Camera$Parameters;)V==>android.util.Log;->i(Ljava/lang/String; Ljava/lang/String;)I
com.devbrackets.android.exomedia.core.video.scale.a;->a(Landroid/view/View; Lcom/devbrackets/android/exomedia/core/video/scale/ScaleType;)Z==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.google.firebase.messaging.FirebaseMessagingService;->b(Landroid/content/Intent;)V==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.journeyapps.barcodescanner.camera.c;->l()I==>android.util.Log;->i(Ljava/lang/String; Ljava/lang/String;)I
com.bumptech.glide.load.engine.b;->a(Ljava/lang/String; J Lcom/bumptech/glide/load/b;)V==>android.util.Log;->v(Ljava/lang/String; Ljava/lang/String;)I
com.google.firebase.iid.v;->a(Ljava/security/KeyPair;)Ljava/lang/String;==>android.util.Log;->w(Ljava/lang/String; Ljava/lang/String;)I
com.google.firebase.messaging.d;->b(Landroid/content/Context; Landroid/content/Intent;)V==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.yalantis.ucrop.util.ImageHeaderParser;->moveToExifSegmentAndGetLength()I==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
android.arch.lifecycle.h;->d()V==>android.util.Log;->w(Ljava/lang/String; Ljava/lang/String;)I
com.google.firebase.messaging.c;->a(Lcom/google/android/gms/measurement/AppMeasurement; Ljava/lang/String;)Ljava/util/List;==>android.util.Log;->v(Ljava/lang/String; Ljava/lang/String;)I
com.bumptech.glide.load.resource.bitmap.ImageHeaderParser;->a(Lcom/bumptech/glide/load/resource/bitmap/ImageHeaderParser$a;)I==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.google.firebase.iid.m;->a(Landroid/os/Message;)Z==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.yalantis.ucrop.view.TransformImageView;->onImageLaidOut()V==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.google.zxing.a.a.a.a;->c(Landroid/hardware/Camera$Parameters;)V==>android.util.Log;->i(Ljava/lang/String; Ljava/lang/String;)I
com.google.firebase.iid.b;->a(Ljava/lang/String;)Z==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
org.altbeacon.beacon.c.h;->c(Ljava/lang/String; Ljava/lang/String; [Ljava/lang/Object;)V==>android.util.Log;->w(Ljava/lang/String; Ljava/lang/String;)I
com.google.firebase.iid.b;->d()Z==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.google.firebase.iid.d;->onBind(Landroid/content/Intent;)Landroid/os/IBinder;==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.bumptech.glide.load.resource.c.j;->a(Lcom/bumptech/glide/load/engine/i; Ljava/io/OutputStream;)Z==>android.util.Log;->v(Ljava/lang/String; Ljava/lang/String;)I
com.bumptech.glide.load.a.f;->a(Ljava/net/HttpURLConnection;)Ljava/io/InputStream;==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
org.linphone.core.LinphoneCoreFactoryImpl;->()V==>android.util.Log;->i(Ljava/lang/String; Ljava/lang/String;)I
com.google.zxing.a.a.a.a;->b(Landroid/hardware/Camera$Parameters; Z)V==>android.util.Log;->i(Ljava/lang/String; Ljava/lang/String;)I
cat.ereza.customactivityoncrash.CustomActivityOnCrash;->a(Landroid/content/Context;)V==>android.util.Log;->e(Ljava/lang/String; Ljava/lang/String;)I
com.google.firebase.iid.z;->e(Ljava/lang/String;)Ljava/security/KeyPair;==>android.util.Log;->w(Ljava/lang/String; Ljava/lang/String;)I
com.d.a.b.a;->b(Ljava/lang/String;)V==>android.util.Log;->i(Ljava/lang/String; Ljava/lang/String;)I
com.yalantis.ucrop.view.TransformImageView;->setScaleType(Landroid/widget/ImageView$ScaleType;)V==>android.util.Log;->w(Ljava/lang/String; Ljava/lang/String;)I
com.google.firebase.iid.m;->a(I Ljava/lang/String;)V==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.direk.android.facerec.ui.camera.CameraSourcePreview;->d()Z==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.google.firebase.iid.j;->a()V==>android.util.Log;->e(Ljava/lang/String; Ljava/lang/String;)I
com.yalantis.ucrop.task.BitmapCropTask;->crop()Z==>android.util.Log;->i(Ljava/lang/String; Ljava/lang/String;)I
com.google.firebase.iid.w;->a(Ljava/lang/String; Ljava/lang/String;)V==>android.util.Log;->w(Ljava/lang/String; Ljava/lang/String;)I
com.yalantis.ucrop.task.BitmapLoadTask;->processInputUri()V==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.google.firebase.iid.w;->a(Landroid/os/Message;)V==>android.util.Log;->w(Ljava/lang/String; Ljava/lang/String;)I
com.journeyapps.barcodescanner.camera.c;->b(Z)V==>android.util.Log;->w(Ljava/lang/String; Ljava/lang/String;)I
com.google.firebase.messaging.a;->a(I)Z==>android.util.Log;->e(Ljava/lang/String; Ljava/lang/String;)I
com.journeyapps.barcodescanner.e$3;->run()V==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.direk.android.facerec.b.a$b;->run()V==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.google.firebase.iid.m;->a(I Ljava/lang/String;)V==>android.util.Log;->v(Ljava/lang/String; Ljava/lang/String;)I
com.bumptech.glide.c.a;->c()V==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.journeyapps.barcodescanner.e;->b(Lcom/journeyapps/barcodescanner/c;)Ljava/lang/String;==>android.util.Log;->w(Ljava/lang/String; Ljava/lang/String;)I
me.zhanghai.android.materialprogressbar.BaseProgressLayerDrawable;->setTintList(Landroid/content/res/ColorStateList;)V==>android.util.Log;->w(Ljava/lang/String; Ljava/lang/String;)I
com.google.firebase.messaging.a;->c(Ljava/lang/String;)Ljava/lang/String;==>android.util.Log;->w(Ljava/lang/String; Ljava/lang/String;)I
com.google.firebase.iid.m;->a(I)V==>android.util.Log;->w(Ljava/lang/String; Ljava/lang/String;)I
com.google.zxing.a.a.d;->a(Landroid/content/Intent;)Ljava/util/Map;==>android.util.Log;->i(Ljava/lang/String; Ljava/lang/String;)I
cat.ereza.customactivityoncrash.CustomActivityOnCrash;->a(Landroid/content/Context;)V==>android.util.Log;->i(Ljava/lang/String; Ljava/lang/String;)I
com.devbrackets.android.exomedia.core.video.mp.NativeVideoDelegate$b;->onError(Landroid/media/MediaPlayer; I I)Z==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.google.firebase.iid.r;->(Landroid/os/IBinder;)V==>android.util.Log;->w(Ljava/lang/String; Ljava/lang/String;)I
com.google.firebase.iid.m;->onServiceDisconnected(Landroid/content/ComponentName;)V==>android.util.Log;->v(Ljava/lang/String; Ljava/lang/String;)I
org.altbeacon.beacon.c.g;->a(Ljava/lang/String; Ljava/lang/String; [Ljava/lang/Object;)V==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
cat.ereza.customactivityoncrash.CustomActivityOnCrash$1;->uncaughtException(Ljava/lang/Thread; Ljava/lang/Throwable;)V==>android.util.Log;->e(Ljava/lang/String; Ljava/lang/String;)I
me.leolin.shortcutbadger.ShortcutBadger;->isBadgeCounterSupported(Landroid/content/Context;)Z==>android.util.Log;->i(Ljava/lang/String; Ljava/lang/String;)I
com.a.a.j;->a(Ljava/lang/Object;)V==>android.util.Log;->e(Ljava/lang/String; Ljava/lang/String;)I
com.google.firebase.messaging.a;->e(Landroid/os/Bundle;)Landroid/app/PendingIntent;==>android.util.Log;->w(Ljava/lang/String; Ljava/lang/String;)I
com.yalantis.ucrop.util.FileUtils;->getDataColumn(Landroid/content/Context; Landroid/net/Uri; Ljava/lang/String; [Ljava/lang/String;)Ljava/lang/String;==>android.util.Log;->i(Ljava/lang/String; Ljava/lang/String;)I
com.bumptech.glide.load.engine.a.f;->a(I)V==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.google.firebase.messaging.a;->b(Ljava/lang/String;)Ljava/lang/Integer;==>android.util.Log;->w(Ljava/lang/String; Ljava/lang/String;)I
com.zhihu.matisse.internal.c.c;->c(Landroid/content/ContentResolver; Landroid/net/Uri;)Z==>android.util.Log;->e(Ljava/lang/String; Ljava/lang/String;)I
com.journeyapps.barcodescanner.camera.a;->(Landroid/hardware/Camera; Lcom/journeyapps/barcodescanner/camera/CameraSettings;)V==>android.util.Log;->i(Ljava/lang/String; Ljava/lang/String;)I
com.journeyapps.barcodescanner.e$2;->d()V==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.google.firebase.iid.y;->a(Landroid/content/Context; Ljava/lang/String; Landroid/content/Intent;)I==>android.util.Log;->w(Ljava/lang/String; Ljava/lang/String;)I
com.google.firebase.iid.aa;->a(Ljava/lang/String; Ljava/lang/String; J)Ljava/lang/String;==>android.util.Log;->w(Ljava/lang/String; Ljava/lang/String;)I
com.google.firebase.messaging.a;->c(Landroid/os/Bundle;)Z==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.d.a.b.a;->a(Ljava/lang/String;)V==>android.util.Log;->e(Ljava/lang/String; Ljava/lang/String;)I
com.google.firebase.iid.w;->a(Landroid/os/Bundle;)Landroid/os/Bundle;==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.bumptech.glide.load.engine.a.f;->b(I)V==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.google.firebase.iid.b;->c()Z==>android.util.Log;->e(Ljava/lang/String; Ljava/lang/String;)I
com.google.firebase.messaging.d;->a(Landroid/content/Context; Ljava/lang/String; Landroid/content/Intent;)V==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
org.altbeacon.beacon.c.c;->c(Ljava/lang/String; Ljava/lang/String; [Ljava/lang/Object;)V==>android.util.Log;->w(Ljava/lang/String; Ljava/lang/String;)I
com.bumptech.glide.i;->a(Ljava/lang/Class; Ljava/lang/Class; Landroid/content/Context;)Lcom/bumptech/glide/load/b/l;==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
org.linphone.core.LinphoneCoreFactoryImpl;->loadOptionalLibrary(Ljava/lang/String;)Z==>android.util.Log;->w(Ljava/lang/String; Ljava/lang/String;)I
com.direk.android.a.b;->a(Ljava/io/File;)V==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.google.zxing.a.a.a.a;->a(Landroid/hardware/Camera$Parameters; Z)V==>android.util.Log;->i(Ljava/lang/String; Ljava/lang/String;)I
com.direk.android.facerec.b.a;->a(Landroid/graphics/Bitmap;)V==>android.util.Log;->e(Ljava/lang/String; Ljava/lang/String;)I
com.journeyapps.barcodescanner.d;->m()V==>android.util.Log;->w(Ljava/lang/String; Ljava/lang/String;)I
com.google.firebase.iid.FirebaseInstanceIdReceiver;->a(Landroid/content/Context; Landroid/content/Intent; Ljava/lang/String;)V==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.google.zxing.a.a.d;->a(Landroid/content/Intent;)Ljava/util/Map;==>android.util.Log;->w(Ljava/lang/String; Ljava/lang/String;)I
com.yalantis.ucrop.util.ImageHeaderParser;->parseExifSegment([B I)I==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
me.zhanghai.android.materialprogressbar.MaterialProgressBar;->applyTintForDrawable(Landroid/graphics/drawable/Drawable; Landroid/content/res/ColorStateList; Z Landroid/graphics/PorterDuff$Mode; Z)V==>android.util.Log;->w(Ljava/lang/String; Ljava/lang/String;)I
com.google.firebase.iid.v;->a()I==>android.util.Log;->w(Ljava/lang/String; Ljava/lang/String;)I
org.altbeacon.beacon.c.g;->c(Ljava/lang/String; Ljava/lang/String; [Ljava/lang/Object;)V==>android.util.Log;->w(Ljava/lang/String; Ljava/lang/String;)I
com.bumptech.glide.h.a;->b()[B==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.google.firebase.iid.b;->c()Z==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.google.firebase.iid.j;->a(Landroid/content/Intent; Landroid/content/BroadcastReceiver$PendingResult;)V==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.bumptech.glide.load.engine.a.f;->a()V==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.journeyapps.barcodescanner.d;->o()V==>android.util.Log;->w(Ljava/lang/String; Ljava/lang/String;)I
org.altbeacon.beacon.c.c;->b(Ljava/lang/String; Ljava/lang/String; [Ljava/lang/Object;)V==>android.util.Log;->i(Ljava/lang/String; Ljava/lang/String;)I
com.google.firebase.messaging.a;->c(Landroid/os/Bundle;)Z==>android.util.Log;->w(Ljava/lang/String; Ljava/lang/String;)I
com.google.zxing.a.a.a.a;->e(Landroid/hardware/Camera$Parameters;)V==>android.util.Log;->i(Ljava/lang/String; Ljava/lang/String;)I
com.THLight.USBeacon.App.Lib.XmlParserDownloadFile;->readFeed(Lorg/xmlpull/v1/XmlPullParser;)V==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.journeyapps.barcodescanner.camera.c;->m()V==>android.util.Log;->w(Ljava/lang/String; Ljava/lang/String;)I
com.google.firebase.messaging.d;->a(Landroid/content/Context; Ljava/lang/String; Landroid/content/Intent;)V==>android.util.Log;->w(Ljava/lang/String; Ljava/lang/String;)I
butterknife.ButterKnife;->b(Ljava/lang/Object; Landroid/view/View;)Lbutterknife/Unbinder;==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.yalantis.ucrop.util.ImageHeaderParser;->parseExifSegment(Lcom/yalantis/ucrop/util/ImageHeaderParser$RandomAccessReader;)I==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.bumptech.glide.load.resource.bitmap.ImageHeaderParser;->d()[B==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.google.zxing.a.a.a.a;->a(Landroid/hardware/Camera$Parameters; I I)V==>android.util.Log;->i(Ljava/lang/String; Ljava/lang/String;)I

中危

检测到1个WebView远程执行漏洞。

位置: classes.dex
com.direk.android.ui.mail.MailWriteActivity;->c()V

Android API < 17之前版本存在远程代码执行安全漏洞,该漏洞源于程序没有正确限制使用addJavaScriptInterface方法,攻击者可以通过Java反射利用该漏洞执行任意Java对象的方法,导致远程代码执行安全漏洞。
(1)API等于高于17的Android系统。出于安全考虑,为了防止Java层的函数被随意调用,Google在4.2版本之后,规定允许被调用的函数必须以@JavascriptInterface进行注解。
(2)API等于高于17的Android系统。建议不要使用addJavascriptInterface接口,以免带来不必要的安全隐患,如果一定要使用该接口,建议使用证书校验。
(3)使用removeJavascriptInterface移除Android系统内部的默认内置接口:searchBoxJavaBridge_、accessibility、accessibilityTraversal。

参考案例:
www.wooyun.org/bugs/wooyun-2015-0140708
www.wooyun.org/bugs/wooyun-2016-0188252
http://drops.wooyun.org/papers/548

参考资料:
http://jaq.alibaba.com/blog.htm?id=48
http://blog.nsfocus.net/android-webview-remote-code-execution-vulnerability-analysis
https://developer.android.com/reference/android/webkit/WebView.html

中危

检测到41条敏感明文信息,建议移除。

位置: classes.dex
'file:///android_asset/' used in: Lcom/bumptech/glide/load/b/a;->()V
'file:///android_asset/' used in: Lcom/direk/android/ui/web/WebActivity;->g()Ljava/lang/String;
'http://api.openweathermap.org/data/2.5/weather?APPID=6310af0d667f2ea3338aca0a9ef1c89f&units=metric&lat=' used in: Lcom/direk/android/ui/home/e;->a(Landroid/location/Location;)Ljava/lang/String;
'http://ciscobinary.openh264.org/libopenh264-1.5.0-android19.so.bz2' used in: Lorg/linphone/tools/OpenH264DownloadHelper;->(Landroid/content/Context;)V
'http://commons.apache.org/proper/commons-compress/limitations.html#7Z' used in: Lorg/apache/commons/compress/archivers/sevenz/Coders$BCJDecoder;->decode(Ljava/lang/String; Ljava/io/InputStream; J Lorg/apache/commons/compress/archivers/sevenz/Coder; [B)Ljava/io/InputStream;
'http://data.altbeacon.org/android-distance.json' used in: Lorg/altbeacon/beacon/BeaconManager;->()V
'http://maps.google.com/maps?' used in: Lcom/direk/android/ui/web/a;->a(Landroid/app/Activity; Ljava/lang/String;)V
'http://ras.direk.com.tw:3580/' used in: Lcom/direk/android/ras/a/h;->a(Landroid/widget/ImageView;)V
'http://ras.direk.com.tw:3580/' used in: Lcom/direk/android/ras/f/d;->()V
'http://ras.direk.com.tw:3580/' used in: Lcom/direk/android/ras/d/a;->(Ljava/lang/String; Lcom/direk/android/network/a/a;)V
'http://ras.direk.com.tw:3580/' used in: Lcom/direk/android/ras/a/a;->a(Landroid/widget/ImageView;)V
'http://ras.direk.com.tw:3580/login.do' used in: Lcom/direk/android/ras/d/a;->b(Ljava/lang/String;)Ljava/lang/String;
'http://ras.direk.com.tw:3580/photoView.do?realname=' used in: Lcom/direk/android/ras/b/b;->c(Ljava/lang/String;)Ljava/lang/String;
'http://schemas.android.com/apk/res/android' used in: Landroid/support/v4/content/res/TypedArrayUtils;->hasAttribute(Lorg/xmlpull/v1/XmlPullParser; Ljava/lang/String;)Z
'http://usbeacon.com.tw/api/func' used in: Lcom/THLight/USBeacon/App/Lib/USBeaconHttpCommand;->(Ljava/lang/String;)V
'http://www.w3.org/ns/ttml#parameter' used in: Lcom/google/android/exoplayer2/text/e/a;->a(Lorg/xmlpull/v1/XmlPullParser;)Lcom/google/android/exoplayer2/text/e/a$a;
'http://xmlpull.org/v1/doc/features.html#indent-output' used in: Lcom/evernote/android/job/a/a/a;->setFeature(Ljava/lang/String; Z)V
'http://xmlpull.org/v1/doc/features.html#indent-output' used in: Lcom/evernote/android/job/a/a/c;->a(Ljava/util/Map; Ljava/io/OutputStream;)V
'http://xmlpull.org/v1/doc/features.html#process-namespaces' used in: Lcom/THLight/USBeacon/App/Lib/XmlParserUSBeaconList;->parse(Ljava/io/InputStream;)V
'http://xmlpull.org/v1/doc/features.html#process-namespaces' used in: Lcom/THLight/USBeacon/App/Lib/XmlParserDownloadFile;->parse(Ljava/io/InputStream;)V
'http://xmlpull.org/v1/doc/features.html#process-namespaces' used in: Lcom/THLight/USBeacon/App/Lib/XmlParserLogin;->parse(Ljava/io/InputStream;)V
'https://app-measurement.com/a' used in: Lcom/google/android/gms/internal/kx;->()V
'https://apps.ntpc.gov.tw/toLogin' used in: Lcom/direk/android/ui/home/e;->c(Landroid/app/Activity;)V
'https://eip.direk.com.tw/' used in: Lcom/direk/android/c;->a()Ljava/lang/String;
'https://pagead2.googlesyndication.com/pagead/gen_204?id=gmob-apps' used in: Lcom/google/android/gms/a/a/b;->run()V
'https://play.google.com/store/apps/details?id=' used in: Lcom/direk/android/a/d;->g(Ljava/lang/String;)V
'https://plus.google.com/' used in: Lcom/google/android/gms/common/internal/l;->()V
'https://webmail.mirdc.org.tw/' used in: Lcom/direk/android/c;->b()Ljava/lang/String;
'https://www.google.com' used in: Lcom/google/android/gms/internal/pj;->a(Landroid/content/Intent;)Z
'https://www.google.com.tw/maps/@' used in: Lcom/direk/android/ui/web/a;->a(Landroid/app/Activity; Ljava/lang/String;)V
'https://www.googleapis.com/auth/drive' used in: Lcom/google/android/gms/drive/Drive;->()V
'https://www.googleapis.com/auth/drive.appdata' used in: Lcom/google/android/gms/drive/Drive;->()V
'https://www.googleapis.com/auth/drive.apps' used in: Lcom/google/android/gms/drive/Drive;->()V
'https://www.googleapis.com/auth/drive.file' used in: Lcom/google/android/gms/drive/Drive;->()V
'https://www.googleapis.com/auth/games' used in: Lcom/google/android/gms/auth/api/signin/GoogleSignInOptions;->()V
'https://www.googleapis.com/auth/games_lite' used in: Lcom/google/android/gms/auth/api/signin/GoogleSignInOptions;->()V
"javascript:didReceiveCode('" used in: Lcom/direk/android/ui/web/a;->a(Landroid/webkit/WebView; Ljava/lang/String;)V
"javascript:didReceiveImage('" used in: Lcom/direk/android/ui/web/a;->b(Landroid/app/Activity; Landroid/webkit/WebView; Ljava/io/File;)V
"javascript:didReceiveNfc('" used in: Lcom/direk/android/ui/web/a;->b(Landroid/webkit/WebView; Ljava/lang/String;)V
'javascript:getHtmlContent(false);' used in: Lcom/direk/android/ui/mail/MailWriteActivity;->v()V
'javascript:getHtmlContent(true);' used in: Lcom/direk/android/ui/mail/MailWriteActivity$5;->a(Lcom/afollestad/materialdialogs/MaterialDialog; Landroid/view/View; I Ljava/lang/CharSequence;)V

中危

检测到2处setSavePassword密码明文存储漏洞。

位置: classes.dex
com.direk.android.a.j;
com.direk.android.ui.mail.MailWriteActivity;

webview的保存密码功能默认设置为true。Webview会明文保存网站上的密码到本地私有文件”databases/webview.db”中。对于可以被root的系统环境或者配合其他漏洞(如webview的同源绕过漏洞),攻击者可以获取到用户密码。
建议:显示设置webView.getSetting().setSavePassword(false)。

参考案例:
www.wooyun.org/bugs/wooyun-2010-021420
www.wooyun.org/bugs/wooyun-2013-020246

参考资料:
http://wolfeye.baidu.com/blog/
www.claudxiao.net/2013/03/android-webview-cache/

低危

检测到3个WebView系统隐藏接口未移除。

位置: classes.dex
com.direk.android.ui.mail.MailWriteActivity;->c()V
com.direk.android.a.j;->b(Landroid.webkit.WebView;)V
com.direk.android.a.j;->a(Landroid.webkit.WebView;)V

android webview组件包含3个隐藏的系统接口:searchBoxJavaBridge_,accessibilityTraversal以及accessibility,恶意程序可以利用它们实现远程代码执行。
如果使用了WebView,那么使用WebView.removeJavascriptInterface(String name) API,显示的移除searchBoxJavaBridge_、accessibility、accessibilityTraversal这三个接口。

参考资料:
http://wolfeye.baidu.com/blog/android-webview/
http://blog.csdn.net/u013107656/article/details/51729398
http://wolfeye.baidu.com/blog/android-webview-cve-2014-7224/

低危

非debug包,需要通过打包平台proguard脚本,移除大部分系统输出代码。
经扫描该包仍存在大量系统输出代码,共发现3处系统输出代码.(此处扫描的系统输出代码,是指调用System.out.print*输出的,本应在打包平台移除的系统输出代码.)
各个bundle系统输出代码详情如下:

位置: classes.dex
org.linphone.core.LinphoneCoreFactory;
com.bumptech.glide.a.a;
org.linphone.core.tutorials.TutorialNotifier;

警告

检测到13处addFlags使用Intent.FLAG_ACTIVITY_NEW_TASK。

位置: classes.dex
com.direk.android.ui.attach.a;->a
com.direk.android.a.d;->e
com.direk.android.a.d;->d
com.direk.android.a.d;->g
com.direk.android.a.d;->f
com.direk.android.a.d;->a
com.direk.android.linphone.LinphoneActivity;->a
com.direk.android.a.d;->b
com.direk.android.ui.attach.a;->b
com.google.firebase.messaging.a;->e
com.direk.android.ui.chat.a;->b
com.direk.android.ui.mail.b;->a
com.direk.android.ui.apptree.a.b;->a

APP创建Intent传递数据到其他Activity,如果创建的Activity不是在同一个Task中打开,就很可能被其他的Activity劫持读取到Intent内容,跨Task的Activity通过Intent传递敏感信息是不安全的。建议:
尽量避免使用包含FLAG_ACTIVITY_NEW_TASK标志的Intent来传递敏感信息。

参考资料:
http://wolfeye.baidu.com/blog/intent-data-leak

警告

检测到18个导出的组件接收其他app的消息,这些组件会被其他app引用并导致dos攻击。

activity com.direk.android.ui.chat.ChatActivity
activity com.direk.android.ui.chat.ChatForwardActivity
activity com.direk.android.ui.drive.DriveChooseActivity
activity com.direk.android.ui.mail.MailActivity
activity com.direk.android.ui.mail.MailWriteActivity
activity com.direk.android.ui.market.MarketActivity
activity com.direk.android.ui.market.MarketContentActivity
activity com.direk.android.ui.push.PushRecordActivity
activity com.direk.android.ras.RasActivity
activity com.direk.android.ui.announce.AnnounceContentActivity
activity com.direk.android.ui.calendars.CalendarsContentActivity
activity com.direk.android.ui.drive.DriveContentActivity
activity com.direk.android.ui.task.TaskContentActivity
service com.google.firebase.messaging.FirebaseMessagingService
service com.google.firebase.iid.FirebaseInstanceIdService
receiver com.direk.android.newest.BootReceiver
receiver com.direk.android.newest.PhoneStateReceiver
receiver org.altbeacon.beacon.startup.StartupBroadcastReceiver

建议:
(1)最小化组件暴露。对不会参与跨应用调用的组件建议显示添加android:exported="false"属性。
(2)设置组件访问权限。对provider设置权限,同时将权限的protectionLevel设置为"signature"或"signatureOrSystem"。
(3)组件传输数据验证。对组件之间,特别是跨应用的组件之间的数据传入与返回做验证和增加异常处理,防止恶意调试数据传入,更要防止敏感数据返回。

参考案例:
http://www.wooyun.org/bugs/wooyun-2010-0169746
http://www.wooyun.org/bugs/wooyun-2010-0104965

参考资料:
http://jaq.alibaba.com/blog.htm?spm=0.0.0.0.Wz4OeC&id=55
《Android安全技术解密与防范》

警告

检测到2个导出的隐式Service组件。
service com.google.firebase.messaging.FirebaseMessagingService
service com.google.firebase.iid.FirebaseInstanceIdService

建议:为了确保应用的安全性,启动Service时,请始终使用显式Intent,且不要为服务声明Intent过滤器。使用隐式Intent启动服务存在安全隐患,因为您无法确定哪些服务将响应Intent,且用户无法看到哪些服务已启动。从Android 5.0(API 级别 21)开始,如果使用隐式 Intent 调用 bindService(),系统会抛出异常。

参考资料:
https://developer.android.com/guide/components/intents-filters.html#Types

警告

检测到2潜在的XSS漏洞。

位置: classes.dex
com.direk.android.a.j;->a(Landroid.webkit.WebView;)V
com.direk.android.a.j;->b(Landroid.webkit.WebView;)V

允许WebView执行JavaScript(setJavaScriptEnabled),有可能导致XSS攻击。建议尽量避免使用。
(1)API等于高高于17的Android系统。出于安全考虑,为了防止Java层的函数被随意调用,Google在4.2版本之后,规定允许被调用的函数必须以@JavascriptInterface进行注解。
(2)API等于高高于17的Android系统。建议不要使用addJavascriptInterface接口,以免带来不必要的安全隐患,如果一定要使用该接口,建议使用证书校验。
u(3)使用removeJavascriptInterface移除Android系统内部的默认内置接口:searchBoxJavaBridge_、accessibility、accessibilityTraversal。

参考案例:
www.wooyun.org/bugs/wooyun-2015-0140708
www.wooyun.org/bugs/wooyun-2016-0188252

参考资料:
http://jaq.alibaba.com/blog.htm?id=48
http://blog.nsfocus.net/android-webview-remote-code-execution-vulnerability-analysis

警告

检测到1处IvParameterSpec的使用。

位置: classes.dex
com.google.android.exoplayer2.source.hls.a;->a(Lcom.google.android.exoplayer2.upstream.g;)J

使用IVParameterSpec函数,如果使用了固定的初始化向量,那么密码文本可预测性高得多,容易受到字典攻击等。建议禁止使用常量初始化矢量构造IVParameterSpec,使用聚安全提供的安全组件。

参考资料:
http://drops.wooyun.org/tips/15870
https://developer.android.com/training/articles/keystore.html
http://wolfeye.baidu.com/blog/weak-encryption/
http://www.freebuf.com/articles/terminal/99868.html

警告

检测到1处provider的grantUriPermissions设置为true。
android.support.v4.content.FileProvider


grant-uri-permission若设置为true,可被其它程序员通过uri访问到content provider的内容,容易造成信息泄露。

参考资料:
https://security.tencent.com/index.php/blog/msg/6

警告

检测到1处使用了加解密算法。密钥处理不当可能会导致信息泄露。

位置: classes.dex
com.google.android.exoplayer2.source.hls.a;->a(Lcom.google.android.exoplayer2.upstream.g;)J

参考案例:
http://www.wooyun.org/bugs/wooyun-2010-0105766
http://www.wooyun.org/bugs/wooyun-2015-0162907
http://www.wooyun.org/bugs/wooyun-2010-0187287

参考资料:
http://drops.wooyun.org/tips/15870
https://developer.android.com/training/articles/keystore.html


动态扫描发现风险点

风险等级 风险名称

服务端分析

风险等级 风险名称

警告

检测到?处XSS漏洞。
开发中...

警告

检测到?处XSS跨站漏洞。
开发中...

应用证书