漏洞分析

0

高危漏洞

6

中危漏洞

1

低危漏洞

2

警告

文件名 Apex.apk
上传者 Jacky.Li
文件大小 21.084046363831MB
MD5 6fa0e8bf3986d33c812f85e090cfca53
包名 chinapex.com.wallet
Main Activity chinapex.com.wallet.view.BootPageActivity
Min SDK 18
Target SDK 27

权限列表

# 名称 说明 提示
0 android.permission.CAMERA 允许应用程序使用相机拍照,这样应用程序可随时收集进入相机镜头的图像。 提示
1 android.permission.FLASHLIGHT 允许应用程序控制闪光灯。 提示
2 android.permission.INTERNET 允许程序访问网络. 提示
3 android.permission.VIBRATE 允许应用程序控制振动器。 提示
4 android.permission.WRITE_EXTERNAL_STORAGE 允许应用程序写入SD卡。 提示

四大组件

组件名称

chinapex.com.wallet.view.BootPageActivity
chinapex.com.wallet.view.NewVisitorActivity
chinapex.com.wallet.view.MainActivity
chinapex.com.wallet.view.MeSkipActivity
chinapex.com.wallet.view.wallet.CreateWalletActivity
chinapex.com.wallet.view.wallet.ImportWalletActivity
chinapex.com.wallet.view.wallet.BackupWalletActivity
chinapex.com.wallet.view.assets.AssetsOverviewActivity
chinapex.com.wallet.view.assets.BalanceDetailActivity
chinapex.com.wallet.view.assets.TransferActivity
chinapex.com.wallet.view.assets.GatheringActivity
chinapex.com.wallet.view.wallet.ExportKeystoreActivity
chinapex.com.wallet.view.me.TransactionDetailActivity
com.google.zxing.activity.CaptureActivity

第三方库

# 库名 介绍
0 android.support.transition A backport of the new Transitions API for Android.
1 okhttp3 An HTTP+SPDY client for Android and Java applications.
2 com.bumptech.glide An image loading and caching library for Android focused on smooth scrolling
3 com.google.zxing Official ZXing ("Zebra Crossing") project home
4 com.google.gson A Java serialization library that can convert Java Objects into JSON and back.

静态扫描发现风险点

风险等级 风险名称

中危

检测到当前标志被设置成true或没设置,这会导致adb调试备份允许恶意攻击者复制应用程序数据,造成数据泄露。

中危

检测到1处证书弱校验漏洞。

位置: classes.dex
chinapex.com.wallet.net.OkHttpClientManager$TrustAllManager;

当移动App客户端使用https或ssl/tls进行通信时,如果不校验证书的可信性,将存在中间人攻击漏洞,可导致信息泄露,传输数据被篡改,甚至通过中间人劫持将原有信息替换成恶意链接或恶意代码程序,以达到远程控制等攻击意图。建议:
对SSL证书进行强校验,包括签名CA是否合法、证书是否是自签名、主机域名是否匹配、证书是否过期等。

参考案例:
www.wooyun.org/bugs/wooyun-2014-079358

参考资料:
http://drops.wooyun.org/tips/3296
http://wolfeye.baidu.com/blog/webview-ignore-ssl-error/
https://jaq.alibaba.com/blog.htm?id=60

中危

检测到debug模式被打开。如果该项被打开,app存在被恶意程序调试的风险,可能导致泄露敏感信息等问题,建议关闭debug模式。

中危

该app需要移除大部分日志打印代码。
经扫描该包仍存在大量打日志代码,共发现80处打日志代码.(此处扫描的日志打印代码,是指调用android.util.Log.* 打印的.)
详情如下:

位置: classes.dex
com.bumptech.glide.load.data.HttpUrlFetcher;->getStreamForSuccessfulRequest(Ljava/net/HttpURLConnection;)Ljava/io/InputStream;==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.bumptech.glide.load.resource.gif.ByteBufferGifDecoder;->decode(Ljava/nio/ByteBuffer; I I Lcom/bumptech/glide/gifdecoder/GifHeaderParser; Lcom/bumptech/glide/load/Options;)Lcom/bumptech/glide/load/resource/gif/GifDrawableResource;==>android.util.Log;->v(Ljava/lang/String; Ljava/lang/String;)I
com.google.zxing.camera.OpenCameraInterface;->open()Landroid/hardware/Camera;==>android.util.Log;->i(Ljava/lang/String; Ljava/lang/String;)I
com.bumptech.glide.load.engine.bitmap_recycle.LruBitmapPool;->getDirtyOrNull(I I Landroid/graphics/Bitmap$Config;)Landroid/graphics/Bitmap;==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.google.zxing.camera.CameraManager;->setManualFramingRect(I I)V==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.bumptech.glide.load.resource.bitmap.Downsampler;->calculateScaling(Lcom/bumptech/glide/load/ImageHeaderParser$ImageType; Ljava/io/InputStream; Lcom/bumptech/glide/load/resource/bitmap/Downsampler$DecodeCallbacks; Lcom/bumptech/glide/load/engine/bitmap_recycle/BitmapPool; Lcom/bumptech/glide/load/resource/bitmap/DownsampleStrategy; I I I I I Landroid/graphics/BitmapFactory$Options;)V==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.bumptech.glide.load.resource.bitmap.Downsampler;->calculateScaling(Lcom/bumptech/glide/load/ImageHeaderParser$ImageType; Ljava/io/InputStream; Lcom/bumptech/glide/load/resource/bitmap/Downsampler$DecodeCallbacks; Lcom/bumptech/glide/load/engine/bitmap_recycle/BitmapPool; Lcom/bumptech/glide/load/resource/bitmap/DownsampleStrategy; I I I I I Landroid/graphics/BitmapFactory$Options;)V==>android.util.Log;->v(Ljava/lang/String; Ljava/lang/String;)I
chinapex.com.wallet.utils.CpLog;->e(Ljava/lang/String; Ljava/lang/String;)V==>android.util.Log;->e(Ljava/lang/String; Ljava/lang/String;)I
com.google.zxing.decode.CaptureActivityHandler;->handleMessage(Landroid/os/Message;)V==>android.util.Log;->w(Ljava/lang/String; Ljava/lang/String;)I
com.google.zxing.camera.CameraManager;->getFramingRectInPreview()Landroid/graphics/Rect;==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.bumptech.glide.Glide;->initializeGlide(Landroid/content/Context; Lcom/bumptech/glide/GlideBuilder;)V==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.bumptech.glide.request.target.ViewTarget$SizeDeterminer;->getTargetDimen(I I I)I==>android.util.Log;->i(Ljava/lang/String; Ljava/lang/String;)I
com.bumptech.glide.load.engine.bitmap_recycle.LruBitmapPool;->clearMemory()V==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.bumptech.glide.load.engine.bitmap_recycle.LruBitmapPool;->getDirtyOrNull(I I Landroid/graphics/Bitmap$Config;)Landroid/graphics/Bitmap;==>android.util.Log;->v(Ljava/lang/String; Ljava/lang/String;)I
com.bumptech.glide.request.target.ViewTarget$SizeDeterminer$SizeDeterminerLayoutListener;->onPreDraw()Z==>android.util.Log;->v(Ljava/lang/String; Ljava/lang/String;)I
com.bumptech.glide.load.resource.bitmap.TransformationUtils;->centerInside(Lcom/bumptech/glide/load/engine/bitmap_recycle/BitmapPool; Landroid/graphics/Bitmap; I I)Landroid/graphics/Bitmap;==>android.util.Log;->v(Ljava/lang/String; Ljava/lang/String;)I
com.bumptech.glide.load.resource.bitmap.DefaultImageHeaderParser;->parseExifSegment(Lcom/bumptech/glide/load/resource/bitmap/DefaultImageHeaderParser$RandomAccessReader;)I==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.bumptech.glide.request.SingleRequest;->logV(Ljava/lang/String;)V==>android.util.Log;->v(Ljava/lang/String; Ljava/lang/String;)I
com.bumptech.glide.load.resource.bitmap.DefaultImageHeaderParser;->getOrientation(Lcom/bumptech/glide/load/resource/bitmap/DefaultImageHeaderParser$Reader; Lcom/bumptech/glide/load/engine/bitmap_recycle/ArrayPool;)I==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.bumptech.glide.manager.RequestTracker;->runRequest(Lcom/bumptech/glide/request/Request;)V==>android.util.Log;->v(Ljava/lang/String; Ljava/lang/String;)I
com.bumptech.glide.Glide;->getPhotoCacheDir(Landroid/content/Context; Ljava/lang/String;)Ljava/io/File;==>android.util.Log;->e(Ljava/lang/String; Ljava/lang/String;)I
com.bumptech.glide.load.engine.bitmap_recycle.LruBitmapPool;->trimToSize(J)V==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.google.zxing.camera.CameraConfigurationManager;->findBestPreviewSizeValue(Landroid/hardware/Camera$Parameters; Landroid/graphics/Point;)Landroid/graphics/Point;==>android.util.Log;->w(Ljava/lang/String; Ljava/lang/String;)I
com.bumptech.glide.load.resource.bitmap.HardwareConfigState;->isFdSizeBelowHardwareLimit()Z==>android.util.Log;->w(Ljava/lang/String; Ljava/lang/String;)I
com.bumptech.glide.gifdecoder.StandardGifDecoder;->getNextFrame()Landroid/graphics/Bitmap;==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.bumptech.glide.manager.DefaultConnectivityMonitorFactory;->build(Landroid/content/Context; Lcom/bumptech/glide/manager/ConnectivityMonitor$ConnectivityListener;)Lcom/bumptech/glide/manager/ConnectivityMonitor;==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.google.zxing.decode.CaptureActivityHandler;->handleMessage(Landroid/os/Message;)V==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.bumptech.glide.load.engine.bitmap_recycle.LruBitmapPool;->trimMemory(I)V==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.google.zxing.activity.CaptureActivity;->surfaceCreated(Landroid/view/SurfaceHolder;)V==>android.util.Log;->e(Ljava/lang/String; Ljava/lang/String;)I
com.bumptech.glide.load.engine.cache.MemorySizeCalculator;->(Lcom/bumptech/glide/load/engine/cache/MemorySizeCalculator$Builder;)V==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.bumptech.glide.load.resource.bitmap.DefaultImageHeaderParser;->moveToExifSegmentAndGetLength(Lcom/bumptech/glide/load/resource/bitmap/DefaultImageHeaderParser$Reader;)I==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.bumptech.glide.Glide;->getAnnotationGeneratedGlideModules()Lcom/bumptech/glide/GeneratedAppGlideModule;==>android.util.Log;->w(Ljava/lang/String; Ljava/lang/String;)I
chinapex.com.wallet.utils.CpLog;->d(Ljava/lang/String; Ljava/lang/String;)V==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.bumptech.glide.load.engine.Engine;->logWithTimeAndKey(Ljava/lang/String; J Lcom/bumptech/glide/load/Key;)V==>android.util.Log;->v(Ljava/lang/String; Ljava/lang/String;)I
com.bumptech.glide.load.engine.bitmap_recycle.LruBitmapPool;->trimToSize(J)V==>android.util.Log;->w(Ljava/lang/String; Ljava/lang/String;)I
com.bumptech.glide.load.resource.gif.ByteBufferGifDecoder;->getSampleSize(Lcom/bumptech/glide/gifdecoder/GifHeader; I I)I==>android.util.Log;->v(Ljava/lang/String; Ljava/lang/String;)I
com.bumptech.glide.util.pool.FactoryPools$FactoryPool;->acquire()Ljava/lang/Object;==>android.util.Log;->v(Ljava/lang/String; Ljava/lang/String;)I
com.google.zxing.camera.OpenCameraInterface;->open()Landroid/hardware/Camera;==>android.util.Log;->w(Ljava/lang/String; Ljava/lang/String;)I
chinapex.com.wallet.utils.CpLog;->w(Ljava/lang/String; Ljava/lang/String;)V==>android.util.Log;->w(Ljava/lang/String; Ljava/lang/String;)I
com.google.zxing.common.InactivityTimer$InactivityAsyncTask;->doInBackground([Ljava/lang/Object;)Ljava/lang/Object;==>android.util.Log;->i(Ljava/lang/String; Ljava/lang/String;)I
android.arch.lifecycle.LifecycleRegistry;->sync()V==>android.util.Log;->w(Ljava/lang/String; Ljava/lang/String;)I
com.google.zxing.camera.CameraConfigurationManager;->setDesiredCameraParameters(Landroid/hardware/Camera; Z)V==>android.util.Log;->i(Ljava/lang/String; Ljava/lang/String;)I
com.bumptech.glide.load.resource.bitmap.Downsampler;->logDecode(I I Ljava/lang/String; Landroid/graphics/BitmapFactory$Options; Landroid/graphics/Bitmap; I I J)V==>android.util.Log;->v(Ljava/lang/String; Ljava/lang/String;)I
com.bumptech.glide.load.engine.bitmap_recycle.LruBitmapPool;->put(Landroid/graphics/Bitmap;)V==>android.util.Log;->v(Ljava/lang/String; Ljava/lang/String;)I
com.google.zxing.camera.CameraConfigurationManager;->initFromCameraParameters(Landroid/hardware/Camera;)V==>android.util.Log;->i(Ljava/lang/String; Ljava/lang/String;)I
com.bumptech.glide.manager.DefaultConnectivityMonitor$1;->onReceive(Landroid/content/Context; Landroid/content/Intent;)V==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.google.zxing.camera.CameraManager;->openDriver(Landroid/view/SurfaceHolder;)V==>android.util.Log;->w(Ljava/lang/String; Ljava/lang/String;)I
com.bumptech.glide.load.data.HttpUrlFetcher;->loadData(Lcom/bumptech/glide/Priority; Lcom/bumptech/glide/load/data/DataFetcher$DataCallback;)V==>android.util.Log;->v(Ljava/lang/String; Ljava/lang/String;)I
com.bumptech.glide.module.ManifestParser;->parse()Ljava/util/List;==>android.util.Log;->v(Ljava/lang/String; Ljava/lang/String;)I
chinapex.com.wallet.utils.CpLog;->i(Ljava/lang/String; Ljava/lang/String;)V==>android.util.Log;->i(Ljava/lang/String; Ljava/lang/String;)I
com.bumptech.glide.load.resource.bitmap.Downsampler;->decodeFromWrappedStreams(Ljava/io/InputStream; Landroid/graphics/BitmapFactory$Options; Lcom/bumptech/glide/load/resource/bitmap/DownsampleStrategy; Lcom/bumptech/glide/load/DecodeFormat; Z I I Z Lcom/bumptech/glide/load/resource/bitmap/Downsampler$DecodeCallbacks;)Landroid/graphics/Bitmap;==>android.util.Log;->v(Ljava/lang/String; Ljava/lang/String;)I
com.bumptech.glide.load.engine.bitmap_recycle.LruBitmapPool;->dumpUnchecked()V==>android.util.Log;->v(Ljava/lang/String; Ljava/lang/String;)I
com.google.zxing.decode.DecodeThread;->(Lcom/google/zxing/activity/CaptureActivity; Ljava/util/Collection; Ljava/util/Map; Ljava/lang/String; Lcom/google/zxing/ResultPointCallback;)V==>android.util.Log;->i(Ljava/lang/String; Ljava/lang/String;)I
com.bumptech.glide.load.engine.DecodeJob;->logWithTimeAndKey(Ljava/lang/String; J Ljava/lang/String;)V==>android.util.Log;->v(Ljava/lang/String; Ljava/lang/String;)I
chinapex.com.wallet.utils.CpLog;->v(Ljava/lang/String; Ljava/lang/String;)V==>android.util.Log;->v(Ljava/lang/String; Ljava/lang/String;)I
com.bumptech.glide.load.engine.prefill.BitmapPreFillRunner;->allocate()Z==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.bumptech.glide.load.resource.bitmap.BitmapEncoder;->encode(Lcom/bumptech/glide/load/engine/Resource; Ljava/io/File; Lcom/bumptech/glide/load/Options;)Z==>android.util.Log;->v(Ljava/lang/String; Ljava/lang/String;)I
com.google.zxing.camera.CameraConfigurationManager;->setDesiredCameraParameters(Landroid/hardware/Camera; Z)V==>android.util.Log;->w(Ljava/lang/String; Ljava/lang/String;)I
com.bumptech.glide.module.ManifestParser;->parse()Ljava/util/List;==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.google.zxing.common.InactivityTimer;->onPause()V==>android.util.Log;->w(Ljava/lang/String; Ljava/lang/String;)I
com.bumptech.glide.manager.RequestManagerRetriever;->handleMessage(Landroid/os/Message;)Z==>android.util.Log;->w(Ljava/lang/String; Ljava/lang/String;)I
com.bumptech.glide.load.resource.bitmap.DefaultImageHeaderParser;->parseExifSegment(Lcom/bumptech/glide/load/resource/bitmap/DefaultImageHeaderParser$Reader; [B I)I==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.google.zxing.common.InactivityTimer;->onResume()V==>android.util.Log;->w(Ljava/lang/String; Ljava/lang/String;)I
com.google.zxing.camera.PreviewCallback;->onPreviewFrame([B Landroid/hardware/Camera;)V==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.google.zxing.camera.CameraManager;->openDriver(Landroid/view/SurfaceHolder;)V==>android.util.Log;->i(Ljava/lang/String; Ljava/lang/String;)I
com.google.zxing.common.InactivityTimer;->onResume()V==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.google.zxing.camera.AutoFocusManager;->(Landroid/content/Context; Landroid/hardware/Camera;)V==>android.util.Log;->i(Ljava/lang/String; Ljava/lang/String;)I
com.bumptech.glide.load.engine.SourceGenerator;->cacheData(Ljava/lang/Object;)V==>android.util.Log;->v(Ljava/lang/String; Ljava/lang/String;)I
com.google.zxing.camera.CameraManager;->getFramingRect()Landroid/graphics/Rect;==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.bumptech.glide.load.engine.cache.DiskLruCacheWrapper;->put(Lcom/bumptech/glide/load/Key; Lcom/bumptech/glide/load/engine/cache/DiskCache$Writer;)V==>android.util.Log;->v(Ljava/lang/String; Ljava/lang/String;)I
com.bumptech.glide.load.resource.bitmap.TransformationUtils;->fitCenter(Lcom/bumptech/glide/load/engine/bitmap_recycle/BitmapPool; Landroid/graphics/Bitmap; I I)Landroid/graphics/Bitmap;==>android.util.Log;->v(Ljava/lang/String; Ljava/lang/String;)I
com.bumptech.glide.load.engine.bitmap_recycle.LruArrayPool;->getForKey(Lcom/bumptech/glide/load/engine/bitmap_recycle/LruArrayPool$Key; Ljava/lang/Class;)Ljava/lang/Object;==>android.util.Log;->v(Ljava/lang/String; Ljava/lang/String;)I
com.google.zxing.activity.CaptureActivity;->initCamera(Landroid/view/SurfaceHolder;)V==>android.util.Log;->w(Ljava/lang/String; Ljava/lang/String;)I
com.bumptech.glide.load.resource.bitmap.DrawableToBitmapConverter;->drawToBitmap(Lcom/bumptech/glide/load/engine/bitmap_recycle/BitmapPool; Landroid/graphics/drawable/Drawable; I I)Landroid/graphics/Bitmap;==>android.util.Log;->w(Ljava/lang/String; Ljava/lang/String;)I
com.google.zxing.camera.CameraConfigurationManager;->findBestPreviewSizeValue(Landroid/hardware/Camera$Parameters; Landroid/graphics/Point;)Landroid/graphics/Point;==>android.util.Log;->i(Ljava/lang/String; Ljava/lang/String;)I
com.bumptech.glide.load.engine.bitmap_recycle.LruArrayPool;->evictToSize(I)V==>android.util.Log;->v(Ljava/lang/String; Ljava/lang/String;)I
com.bumptech.glide.load.engine.cache.DiskLruCacheWrapper;->get(Lcom/bumptech/glide/load/Key;)Ljava/io/File;==>android.util.Log;->v(Ljava/lang/String; Ljava/lang/String;)I
com.bumptech.glide.request.SingleRequest;->onResourceReady(Lcom/bumptech/glide/load/engine/Resource; Ljava/lang/Object; Lcom/bumptech/glide/load/DataSource;)V==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.google.zxing.camera.CameraConfigurationManager;->findSettableValue(Ljava/util/Collection; [Ljava/lang/String;)Ljava/lang/String;==>android.util.Log;->i(Ljava/lang/String; Ljava/lang/String;)I
com.google.zxing.decode.DecodeHandler;->decode([B I I)V==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I

中危

检测到8条敏感明文信息,建议移除。

位置: classes.dex
'data:image' used in: Lcom/bumptech/glide/load/model/DataUrlLoader;->handles(Ljava/lang/Object;)Z
'data:image' used in: Lcom/bumptech/glide/load/model/DataUrlLoader$StreamFactory$1;->decode(Ljava/lang/String;)Ljava/io/InputStream;
'file:///android_asset/' used in: Lcom/bumptech/glide/load/model/AssetUriLoader;->()V
'http://schemas.android.com/apk/res/android' used in: Landroid/support/v4/content/res/TypedArrayUtils;->hasAttribute(Lorg/xmlpull/v1/XmlPullParser; Ljava/lang/String;)Z
'http://tracker.chinapex.com.cn/tool/transaction-history/' used in: Lchinapex/com/wallet/executor/runnable/GetTransactionHistory;->run()V
'http://tracker.chinapex.com.cn:80/neo-cli/' used in: Lchinapex/com/wallet/executor/runnable/GetAccountState;->run()V
'http://tracker.chinapex.com.cn:80/neo-cli/' used in: Lchinapex/com/wallet/executor/runnable/SendRawTransaction;->run()V
'http://tracker.chinapex.com.cn:80/tool/utxos/' used in: Lchinapex/com/wallet/executor/runnable/GetUtxos;->run()V

中危

检测到1处app通用签名漏洞。
路径:META-INF\CERT.RSA

通用签名存在以下风险:
(1)如果攻击者的应用包名与目标应用相同,又使用了相同的密钥对应用进行签名,攻击者的应用就可以替换掉目标应用(2)另外目标应用的自定义权限android:protectionlevel为“signature”或者“signatureOrSystem”时,保护就形同虚设(3)如果设备使用的是第三方ROM,而第三方ROM的系统也是用AOSP默认的签名,那么使用如果使用系统级签名文件签名过的应用,权限就得到了提升对于普通开发者如果自己的签名证书泄露也可能发生(1)、(2)条所提到的风险

参考资料:
http://docs.anysdk.com/AndroidSign
http://blog.csdn.net/jiangwei0910410003/article/details/50402000?spm=a313e.7916648.0.0.Nbaf0K
http://www.ruanyifeng.com/blog/2011/08/what_is_a_digital_signature.html?spm=a313e.7916648.0.0.Nbaf0K
http://jaq.alibaba.com/community/art/show?articleid=457

低危

非debug包,需要通过打包平台proguard脚本,移除大部分系统输出代码。
经扫描该包仍存在大量系统输出代码,共发现1处系统输出代码.(此处扫描的系统输出代码,是指调用System.out.print*输出的,本应在打包平台移除的系统输出代码.)
各个bundle系统输出代码详情如下:

位置: classes.dex
com.bumptech.glide.disklrucache.DiskLruCache;

警告

检测到1处addFlags使用Intent.FLAG_ACTIVITY_NEW_TASK。

位置: classes.dex
com.google.zxing.decode.CaptureActivityHandler;->handleMessage

APP创建Intent传递数据到其他Activity,如果创建的Activity不是在同一个Task中打开,就很可能被其他的Activity劫持读取到Intent内容,跨Task的Activity通过Intent传递敏感信息是不安全的。建议:
尽量避免使用包含FLAG_ACTIVITY_NEW_TASK标志的Intent来传递敏感信息。

参考资料:
http://wolfeye.baidu.com/blog/intent-data-leak

警告

检测到4处使用了加解密算法。密钥处理不当可能会导致信息泄露。

位置: classes.dex
okio.ByteString;->hmac(Ljava.lang.String; Lokio.ByteString;)Lokio.ByteString;
okio.HashingSource;->(Lokio.Source; Lokio.ByteString; Ljava.lang.String;)V
okio.Buffer;->hmac(Ljava.lang.String; Lokio.ByteString;)Lokio.ByteString;
okio.HashingSink;->(Lokio.Sink; Lokio.ByteString; Ljava.lang.String;)V

参考案例:
http://www.wooyun.org/bugs/wooyun-2010-0105766
http://www.wooyun.org/bugs/wooyun-2015-0162907
http://www.wooyun.org/bugs/wooyun-2010-0187287

参考资料:
http://drops.wooyun.org/tips/15870
https://developer.android.com/training/articles/keystore.html


动态扫描发现风险点

风险等级 风险名称

服务端分析

风险等级 风险名称

警告

检测到?处XSS漏洞。
开发中...

警告

检测到?处XSS跨站漏洞。
开发中...

应用证书