0

高危漏洞

4

中危漏洞

1

低危漏洞

3

警告

文件名 app-release.apk
上传者 test
文件大小 5.0376539230347MB
MD5 a72dcdc8f20d888f90eaa9df9743eac0
包名 com.transn.taxation
Main Activity com.transn.taxation.SplashActivity
Min SDK 22
Target SDK 29

权限列表

# 名称 说明 提示
0 android.permission.RECORD_AUDIO 允许应用程序访问录音路径。 注意
1 android.permission.ACCESS_NETWORK_STATE 允许应用程序查看所有网络的状态。 提示
2 android.permission.CAMERA 允许应用程序使用相机拍照,这样应用程序可随时收集进入相机镜头的图像。 提示
3 android.permission.INTERNET 允许程序访问网络. 提示
4 android.permission.WRITE_EXTERNAL_STORAGE 允许应用程序写入SD卡。 提示

四大组件

组件名称

com.transn.taxation.MainActivity
com.transn.taxation.login.LoginActivity
com.transn.taxation.record.InformationRecordingActivity
com.transn.taxation.taxpayer.TaxpayerInformationActivity
com.transn.taxation.taxpayer.CommonRecordVideoTaskActivity
com.transn.taxation.mine.AccountAndSafeActivity
com.transn.taxation.mine.PswSettingActivity
com.transn.taxation.mine.NotificationActivity
com.transn.taxation.mine.HelpCenterActivity
com.transn.taxation.upload.UpLoadActivity
com.transn.taxation.taxpayer.PreviewActivity
com.transn.taxation.taxpayer.ViedeoPlayActivity
com.transn.taxation.taxpayer.PicturePlayActivity
com.transn.taxation.taxpayer.Mp3PlayActivity
com.transn.taxation.taxpayer.PreviewMainActivity
com.transn.taxation.SplashActivity
com.leon.lfilepickerlibrary.ui.LFilePickerActivity
com.mingyuechunqiu.recordermanager.feature.main.container.RecordVideoActivity
pub.devrel.easypermissions.AppSettingsDialogHolderActivity

com.transn.taxation.upload.UpLoadService

androidx.core.content.FileProvider
com.iceteck.silicompressorr.provider.GenericFileProvider

第三方库

# 库名 介绍
0 com.bumptech.glide An image loading and caching library for Android focused on smooth scrolling
1 com.google.gson A Java serialization library that can convert Java Objects into JSON and back.
2 okhttp3 An HTTP+SPDY client for Android and Java applications.

静态扫描发现风险点

风险等级 风险名称

中危

检测到当前标志被设置成true或没设置,这会导致adb调试备份允许恶意攻击者复制应用程序数据,造成数据泄露。

中危

检测到debug模式被打开。如果该项被打开,app存在被恶意程序调试的风险,可能导致泄露敏感信息等问题,建议关闭debug模式。

中危

该app需要移除大部分日志打印代码。
经扫描该包仍存在大量打日志代码,共发现230处打日志代码.(此处扫描的日志打印代码,是指调用android.util.Log.* 打印的.)
详情如下:

位置: classes.dex
androidx.media.MediaBrowserServiceCompat$n$e;->run()V==>android.util.Log;->w(Ljava/lang/String; Ljava/lang/String;)I
com.test.t8;->w(Landroidx/fragment/app/Fragment;)V==>android.util.Log;->v(Ljava/lang/String; Ljava/lang/String;)I
androidx.constraintlayout.widget.ConstraintHelper;->a(Ljava/lang/String;)V==>android.util.Log;->w(Ljava/lang/String; Ljava/lang/String;)I
androidx.media.MediaBrowserServiceCompat$n$h;->run()V==>android.util.Log;->w(Ljava/lang/String; Ljava/lang/String;)I
cn.jzvd.Jzvd;->c(I I)V==>android.util.Log;->i(Ljava/lang/String; Ljava/lang/String;)I
com.test.ff;->c()Landroid/graphics/Bitmap;==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
androidx.swiperefreshlayout.widget.SwipeRefreshLayout;->onInterceptTouchEvent(Landroid/view/MotionEvent;)Z==>android.util.Log;->e(Ljava/lang/String; Ljava/lang/String;)I
cn.jzvd.Jzvd$a;->onAudioFocusChange(I)V==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
androidx.appcompat.app.AppCompatViewInflater;->themifyContext(Landroid/content/Context; Landroid/util/AttributeSet; Z Z)Landroid/content/Context;==>android.util.Log;->i(Ljava/lang/String; Ljava/lang/String;)I
androidx.appcompat.widget.AppCompatSpinner$c;->b(I)V==>android.util.Log;->e(Ljava/lang/String; Ljava/lang/String;)I
com.test.ca$a;->d()V==>android.util.Log;->v(Ljava/lang/String; Ljava/lang/String;)I
androidx.recyclerview.widget.GridLayoutManager;->a(Landroidx/recyclerview/widget/RecyclerView$v; Landroidx/recyclerview/widget/RecyclerView$z; I)I==>android.util.Log;->w(Ljava/lang/String; Ljava/lang/String;)I
cn.jzvd.Jzvd;->n()V==>android.util.Log;->i(Ljava/lang/String; Ljava/lang/String;)I
com.test.lk;->b(Lcom/test/ph; Landroid/graphics/Bitmap; I I)Landroid/graphics/Bitmap;==>android.util.Log;->v(Ljava/lang/String; Ljava/lang/String;)I
androidx.fragment.app.FragmentActivity;->onActivityResult(I I Landroid/content/Intent;)V==>android.util.Log;->w(Ljava/lang/String; Ljava/lang/String;)I
androidx.media.MediaBrowserServiceCompat$n$c;->run()V==>android.util.Log;->w(Ljava/lang/String; Ljava/lang/String;)I
com.youth.banner.Banner;->setImageList(Ljava/util/List;)V==>android.util.Log;->e(Ljava/lang/String; Ljava/lang/String;)I
androidx.media.MediaBrowserServiceCompat$n$i;->run()V==>android.util.Log;->w(Ljava/lang/String; Ljava/lang/String;)I
com.test.di;->a(Lcom/test/mf;)Ljava/io/File;==>android.util.Log;->v(Ljava/lang/String; Ljava/lang/String;)I
com.test.dv;->g(Ljava/lang/String;)V==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.test.bk;->a(Lcom/bumptech/glide/load/ImageHeaderParser$ImageType; Ljava/io/InputStream; Lcom/test/bk$b; Lcom/test/ph; Lcom/test/ak; I I I I I Landroid/graphics/BitmapFactory$Options;)V==>android.util.Log;->v(Ljava/lang/String; Ljava/lang/String;)I
com.test.t8;->c(I)V==>android.util.Log;->v(Ljava/lang/String; Ljava/lang/String;)I
androidx.fragment.app.FragmentActivity;->onCreate(Landroid/os/Bundle;)V==>android.util.Log;->w(Ljava/lang/String; Ljava/lang/String;)I
com.test.kh;->b(Ljava/lang/Object;)V==>android.util.Log;->v(Ljava/lang/String; Ljava/lang/String;)I
cn.jzvd.Jzvd;->z()Z==>android.util.Log;->i(Ljava/lang/String; Ljava/lang/String;)I
com.test.e4;->a(Lcom/test/e4$b; Landroid/content/res/TypedArray;)V==>android.util.Log;->e(Ljava/lang/String; Ljava/lang/String;)I
androidx.appcompat.widget.ListPopupWindow;->()V==>android.util.Log;->i(Ljava/lang/String; Ljava/lang/String;)I
androidx.media.MediaBrowserServiceCompat$a;->a(Ljava/util/List;)V==>android.util.Log;->w(Ljava/lang/String; Ljava/lang/String;)I
com.test.t8;->b(Landroidx/fragment/app/Fragment;)V==>android.util.Log;->v(Ljava/lang/String; Ljava/lang/String;)I
com.test.sl$a;->onReceive(Landroid/content/Context; Landroid/content/Intent;)V==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.test.vw;->a(I Ljava/lang/String; Ljava/lang/String;)V==>android.util.Log;->w(Ljava/lang/String; Ljava/lang/String;)I
cn.jzvd.Jzvd;->C()V==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.transn.taxation.rxbus.RxEventDecoConsumer;->onReceiveEvent(Ljava/lang/Object;)V==>android.util.Log;->v(Ljava/lang/String; Ljava/lang/String;)I
cn.jzvd.Jzvd;->a()V==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.test.vg;->a(Ljava/lang/String; J Lcom/test/mf;)V==>android.util.Log;->v(Ljava/lang/String; Ljava/lang/String;)I
com.test.t8;->a(I Lcom/test/m8;)V==>android.util.Log;->v(Ljava/lang/String; Ljava/lang/String;)I
com.test.zj;->a(Lcom/test/zj$c; Lcom/test/mh;)I==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.test.xk;->a(Ljava/nio/ByteBuffer; I I Lcom/test/ef; Lcom/test/of;)Lcom/test/bl;==>android.util.Log;->v(Ljava/lang/String; Ljava/lang/String;)I
com.transn.taxation.widgt.qmui.QMUIBasePopup;->c()V==>android.util.Log;->i(Ljava/lang/String; Ljava/lang/String;)I
androidx.media.session.MediaButtonReceiver;->a(Landroid/content/Context;)Landroid/content/ComponentName;==>android.util.Log;->w(Ljava/lang/String; Ljava/lang/String;)I
com.youth.banner.Banner$b$a;->onClick(Landroid/view/View;)V==>android.util.Log;->e(Ljava/lang/String; Ljava/lang/String;)I
androidx.media.MediaBrowserServiceCompat$n$f;->run()V==>android.util.Log;->w(Ljava/lang/String; Ljava/lang/String;)I
com.test.w1;->b(Ljava/lang/String;)Landroid/graphics/drawable/Drawable;==>android.util.Log;->w(Ljava/lang/String; Ljava/lang/String;)I
com.test.xk;->a(Lcom/test/df; I I)I==>android.util.Log;->v(Ljava/lang/String; Ljava/lang/String;)I
androidx.fragment.app.BackStackState;->a(Lcom/test/t8;)Lcom/test/m8;==>android.util.Log;->v(Ljava/lang/String; Ljava/lang/String;)I
com.transn.taxation.widgt.qmui.QMUIBasePopup$RootView;->onMeasure(I I)V==>android.util.Log;->i(Ljava/lang/String; Ljava/lang/String;)I
androidx.appcompat.widget.MenuPopupWindow;->d(Z)V==>android.util.Log;->i(Ljava/lang/String; Ljava/lang/String;)I
com.test.n;->b()Z==>android.util.Log;->i(Ljava/lang/String; Ljava/lang/String;)I
com.test.t8;->a(Landroid/os/Parcelable;)V==>android.util.Log;->v(Ljava/lang/String; Ljava/lang/String;)I
com.test.bx;->a(Ljava/lang/String; Ljava/lang/String; I J J Ljava/util/ArrayList;)J==>android.util.Log;->e(Ljava/lang/String; Ljava/lang/String;)I
com.transn.taxation.rxbus.RxBus;->getDecoFlowable(Ljava/lang/Class;)Lcom/test/hy;==>android.util.Log;->v(Ljava/lang/String; Ljava/lang/String;)I
com.test.t8;->r(Landroidx/fragment/app/Fragment;)V==>android.util.Log;->v(Ljava/lang/String; Ljava/lang/String;)I
com.test.bm;->b(Lcom/test/tm;)V==>android.util.Log;->v(Ljava/lang/String; Ljava/lang/String;)I
com.test.t8;->a(Ljava/lang/RuntimeException;)V==>android.util.Log;->e(Ljava/lang/String; Ljava/lang/String;)I
com.test.lk;->c(Lcom/test/ph; Landroid/graphics/Bitmap; I I)Landroid/graphics/Bitmap;==>android.util.Log;->v(Ljava/lang/String; Ljava/lang/String;)I
androidx.appcompat.widget.SearchView;->n()V==>android.util.Log;->w(Ljava/lang/String; Ljava/lang/String;)I
com.androidkun.xtablayout.XTabLayout;->getTabMinWidth()I==>android.util.Log;->w(Ljava/lang/String; Ljava/lang/String;)I
com.test.gk;->a()Z==>android.util.Log;->w(Ljava/lang/String; Ljava/lang/String;)I
androidx.recyclerview.widget.RecyclerView;->setScrollingTouchSlop(I)V==>android.util.Log;->w(Ljava/lang/String; Ljava/lang/String;)I
androidx.recyclerview.widget.RecyclerView;->onTouchEvent(Landroid/view/MotionEvent;)Z==>android.util.Log;->e(Ljava/lang/String; Ljava/lang/String;)I
androidx.appcompat.app.AppCompatDelegateImpl;->d()V==>android.util.Log;->i(Ljava/lang/String; Ljava/lang/String;)I
androidx.core.widget.NestedScrollView;->onInterceptTouchEvent(Landroid/view/MotionEvent;)Z==>android.util.Log;->e(Ljava/lang/String; Ljava/lang/String;)I
cn.jzvd.Jzvd;->i()V==>android.util.Log;->i(Ljava/lang/String; Ljava/lang/String;)I
com.test.jn$a;->a(I I I)I==>android.util.Log;->i(Ljava/lang/String; Ljava/lang/String;)I
com.test.t8;->s(Landroidx/fragment/app/Fragment;)V==>android.util.Log;->v(Ljava/lang/String; Ljava/lang/String;)I
com.test.g2;->a(Landroid/view/View; I I Z Landroid/view/WindowManager$LayoutParams;)V==>android.util.Log;->e(Ljava/lang/String; Ljava/lang/String;)I
androidx.recyclerview.widget.RecyclerView;->h(I)V==>android.util.Log;->e(Ljava/lang/String; Ljava/lang/String;)I
com.test.c8;->a(Ljava/lang/String;)Ljava/lang/reflect/Field;==>android.util.Log;->e(Ljava/lang/String; Ljava/lang/String;)I
com.test.dv;->a([Ljava/lang/String; [I [Z)V==>android.util.Log;->e(Ljava/lang/String; Ljava/lang/String;)I
androidx.appcompat.app.AppCompatDelegateImpl;->e(I Landroid/view/KeyEvent;)Z==>android.util.Log;->w(Ljava/lang/String; Ljava/lang/String;)I
androidx.core.widget.NestedScrollView;->onTouchEvent(Landroid/view/MotionEvent;)Z==>android.util.Log;->e(Ljava/lang/String; Ljava/lang/String;)I
cn.jzvd.Jzvd;->l()V==>android.util.Log;->i(Ljava/lang/String; Ljava/lang/String;)I
androidx.media.session.MediaButtonReceiver;->onReceive(Landroid/content/Context; Landroid/content/Intent;)V==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.test.z4$b;->a(Landroid/graphics/Path; F F F F F F F Z Z)V==>android.util.Log;->w(Ljava/lang/String; Ljava/lang/String;)I
cn.jzvd.Jzvd;->onStopTrackingTouch(Landroid/widget/SeekBar;)V==>android.util.Log;->i(Ljava/lang/String; Ljava/lang/String;)I
com.transn.taxation.rxbus.RxBus;->getFlowable(Ljava/lang/Class;)Lcom/test/hy;==>android.util.Log;->v(Ljava/lang/String; Ljava/lang/String;)I
com.test.uh;->b(I)V==>android.util.Log;->v(Ljava/lang/String; Ljava/lang/String;)I
androidx.recyclerview.widget.RecyclerView;->a(J Landroidx/recyclerview/widget/RecyclerView$c0; Landroidx/recyclerview/widget/RecyclerView$c0;)V==>android.util.Log;->e(Ljava/lang/String; Ljava/lang/String;)I
com.test.d5;->c()Z==>android.util.Log;->w(Ljava/lang/String; Ljava/lang/String;)I
com.test.vh;->c(I I Landroid/graphics/Bitmap$Config;)Landroid/graphics/Bitmap;==>android.util.Log;->v(Ljava/lang/String; Ljava/lang/String;)I
com.test.w4;->a(Landroid/content/Context; Landroid/content/res/Resources; Landroid/util/TypedValue; I I Lcom/test/w4$a; Landroid/os/Handler; Z)Landroid/graphics/Typeface;==>android.util.Log;->e(Ljava/lang/String; Ljava/lang/String;)I
com.test.zj;->b(Lcom/test/zj$c;)I==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
androidx.appcompat.widget.AppCompatSpinner$c;->c(I)V==>android.util.Log;->e(Ljava/lang/String; Ljava/lang/String;)I
androidx.media.MediaBrowserServiceCompat$n$d;->run()V==>android.util.Log;->w(Ljava/lang/String; Ljava/lang/String;)I
com.test.ck;->b(Lcom/test/ph; Landroid/graphics/drawable/Drawable; I I)Landroid/graphics/Bitmap;==>android.util.Log;->w(Ljava/lang/String; Ljava/lang/String;)I
com.test.i2;->b(Landroid/view/View;)V==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
androidx.recyclerview.widget.RecyclerView;->scrollTo(I I)V==>android.util.Log;->w(Ljava/lang/String; Ljava/lang/String;)I
com.test.qt;->release()V==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
cn.jzvd.Jzvd;->x()V==>android.util.Log;->i(Ljava/lang/String; Ljava/lang/String;)I
com.test.f7;->a(Landroid/view/ViewConfiguration; Landroid/content/Context;)F==>android.util.Log;->i(Ljava/lang/String; Ljava/lang/String;)I
com.test.pc0;->b(Ljava/lang/String; Ljava/lang/String; Ljava/lang/String; I I [Ljava/lang/String;)V==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
androidx.recyclerview.widget.RecyclerView;->a(I I Landroid/view/animation/Interpolator;)V==>android.util.Log;->e(Ljava/lang/String; Ljava/lang/String;)I
com.test.uh;->a(Lcom/test/uh$a; Ljava/lang/Class;)Ljava/lang/Object;==>android.util.Log;->v(Ljava/lang/String; Ljava/lang/String;)I
com.test.d2;->o()V==>android.util.Log;->i(Ljava/lang/String; Ljava/lang/String;)I
com.test.e4;->a(Lcom/test/e4$b; Landroid/content/res/TypedArray;)V==>android.util.Log;->w(Ljava/lang/String; Ljava/lang/String;)I
com.test.f7;->()V==>android.util.Log;->i(Ljava/lang/String; Ljava/lang/String;)I
com.test.i2;->()V==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.test.tw;->c(Ljava/lang/String;)Ljava/lang/String;==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.test.m4;->a(Landroid/app/Activity;)Landroid/content/Intent;==>android.util.Log;->e(Ljava/lang/String; Ljava/lang/String;)I
com.test.ee;->a(Landroid/content/Context; Ljava/lang/Object; J)V==>android.util.Log;->i(Ljava/lang/String; Ljava/lang/String;)I
cn.jzvd.Jzvd;->onClick(Landroid/view/View;)V==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.test.u8;->b(Landroidx/fragment/app/Fragment;)V==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
androidx.fragment.app.FragmentActivity;->onRequestPermissionsResult(I [Ljava/lang/String; [I)V==>android.util.Log;->w(Ljava/lang/String; Ljava/lang/String;)I
com.test.f2;->c()V==>android.util.Log;->e(Ljava/lang/String; Ljava/lang/String;)I
com.transn.taxation.rxbus.RxEventDecoConsumer;->onReceiveFail(Ljava/lang/String;)V==>android.util.Log;->e(Ljava/lang/String; Ljava/lang/String;)I
com.test.vh;->a(J)V==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
androidx.appcompat.widget.AppCompatSpinner$c;->a(I)V==>android.util.Log;->e(Ljava/lang/String; Ljava/lang/String;)I
cn.jzvd.Jzvd;->y()V==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
androidx.recyclerview.widget.RecyclerView;->onInterceptTouchEvent(Landroid/view/MotionEvent;)Z==>android.util.Log;->e(Ljava/lang/String; Ljava/lang/String;)I
androidx.media.MediaBrowserServiceCompat$n$a;->run()V==>android.util.Log;->w(Ljava/lang/String; Ljava/lang/String;)I
com.test.p6;->a(Landroid/view/MenuItem; Lcom/test/k6;)Landroid/view/MenuItem;==>android.util.Log;->w(Ljava/lang/String; Ljava/lang/String;)I
com.test.bk;->a(Lcom/bumptech/glide/load/ImageHeaderParser$ImageType; Ljava/io/InputStream; Lcom/test/bk$b; Lcom/test/ph; Lcom/test/ak; I I I I I Landroid/graphics/BitmapFactory$Options;)V==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
androidx.viewpager.widget.ViewPager;->a(I)Z==>android.util.Log;->e(Ljava/lang/String; Ljava/lang/String;)I
androidx.recyclerview.widget.RecyclerView;->scrollBy(I I)V==>android.util.Log;->e(Ljava/lang/String; Ljava/lang/String;)I
com.test.zj;->a(Lcom/test/zj$b;)I==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.test.b0$b;->b(Landroid/util/AttributeSet;)V==>android.util.Log;->w(Ljava/lang/String; Ljava/lang/String;)I
com.test.kc;->a()V==>android.util.Log;->i(Ljava/lang/String; Ljava/lang/String;)I
com.test.vh;->c(I I Landroid/graphics/Bitmap$Config;)Landroid/graphics/Bitmap;==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
cn.jzvd.Jzvd;->j()V==>android.util.Log;->i(Ljava/lang/String; Ljava/lang/String;)I
com.test.nv;->a(Lcom/test/q80$a;)Lcom/test/y80;==>android.util.Log;->i(Ljava/lang/String; Ljava/lang/String;)I
com.test.t8;->o(Landroidx/fragment/app/Fragment;)V==>android.util.Log;->v(Ljava/lang/String; Ljava/lang/String;)I
com.test.sg;->a(Ljava/lang/String; J Ljava/lang/String;)V==>android.util.Log;->v(Ljava/lang/String; Ljava/lang/String;)I
com.test.t8;->b(Lcom/test/m8;)I==>android.util.Log;->v(Ljava/lang/String; Ljava/lang/String;)I
com.test.jn$a$a;->onPreDraw()Z==>android.util.Log;->v(Ljava/lang/String; Ljava/lang/String;)I
com.test.l1;->b(Ljava/lang/CharSequence; Landroid/text/Layout$Alignment; I I)Landroid/text/StaticLayout;==>android.util.Log;->w(Ljava/lang/String; Ljava/lang/String;)I
com.test.vw;->a(I Ljava/lang/String; Ljava/lang/String;)V==>android.util.Log;->v(Ljava/lang/String; Ljava/lang/String;)I
cn.jzvd.Jzvd;->onClick(Landroid/view/View;)V==>android.util.Log;->i(Ljava/lang/String; Ljava/lang/String;)I
com.test.b0$b;->a(Landroid/view/MenuItem;)V==>android.util.Log;->w(Ljava/lang/String; Ljava/lang/String;)I
com.test.g5;->a(Ljava/io/File; Ljava/io/InputStream;)Z==>android.util.Log;->e(Ljava/lang/String; Ljava/lang/String;)I
com.test.fc;->a(Landroid/view/ViewGroup; Z)V==>android.util.Log;->i(Ljava/lang/String; Ljava/lang/String;)I
androidx.coordinatorlayout.widget.CoordinatorLayout;->d(Landroid/view/View;)Landroidx/coordinatorlayout/widget/CoordinatorLayout$f;==>android.util.Log;->e(Ljava/lang/String; Ljava/lang/String;)I
cn.jzvd.Jzvd;->p()V==>android.util.Log;->i(Ljava/lang/String; Ljava/lang/String;)I
cn.jzvd.Jzvd;->b(I I)V==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.test.hi;->(Lcom/test/hi$a;)V==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
androidx.constraintlayout.widget.ConstraintLayout$a;->(Landroid/content/Context; Landroid/util/AttributeSet;)V==>android.util.Log;->e(Ljava/lang/String; Ljava/lang/String;)I
androidx.constraintlayout.widget.Constraints;->a(Landroid/util/AttributeSet;)V==>android.util.Log;->v(Ljava/lang/String; Ljava/lang/String;)I
com.test.zl;->handleMessage(Landroid/os/Message;)Z==>android.util.Log;->w(Ljava/lang/String; Ljava/lang/String;)I
com.test.zm;->a(Ljava/lang/String;)V==>android.util.Log;->v(Ljava/lang/String; Ljava/lang/String;)I
com.test.t8;->F()Landroid/os/Parcelable;==>android.util.Log;->v(Ljava/lang/String; Ljava/lang/String;)I
com.test.t8;->a(Landroidx/fragment/app/Fragment; I I I Z)V==>android.util.Log;->v(Ljava/lang/String; Ljava/lang/String;)I
com.test.oe;->a(Landroid/content/Context; Lcom/test/pe;)V==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
androidx.viewpager.widget.ViewPager;->setOffscreenPageLimit(I)V==>android.util.Log;->w(Ljava/lang/String; Ljava/lang/String;)I
androidx.media.MediaBrowserServiceCompat$a;->a(Ljava/util/List;)V==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.test.di;->a(Lcom/test/mf; Lcom/test/zh$b;)V==>android.util.Log;->v(Ljava/lang/String; Ljava/lang/String;)I
androidx.slidingpanelayout.widget.SlidingPaneLayout;->onMeasure(I I)V==>android.util.Log;->e(Ljava/lang/String; Ljava/lang/String;)I
com.transn.taxation.rxbus.RxBus;->post(Lcom/transn/taxation/rxbus/RxEvent;)V==>android.util.Log;->v(Ljava/lang/String; Ljava/lang/String;)I
androidx.appcompat.widget.AppCompatSpinner$c;->a(Landroid/graphics/drawable/Drawable;)V==>android.util.Log;->e(Ljava/lang/String; Ljava/lang/String;)I
com.test.c5;->a()Z==>android.util.Log;->w(Ljava/lang/String; Ljava/lang/String;)I
com.transn.taxation.widgt.SlideButton;->onSizeChanged(I I I I)V==>android.util.Log;->i(Ljava/lang/String; Ljava/lang/String;)I
androidx.recyclerview.widget.RecyclerView;->e()V==>android.util.Log;->e(Ljava/lang/String; Ljava/lang/String;)I
com.test.c6;->k()V==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.test.im;->a()Ljava/util/List;==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.test.t1;->a(Landroid/graphics/drawable/Drawable; Lcom/test/a2; [I)V==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.test.vw;->a(I Ljava/lang/String; Ljava/lang/String;)V==>android.util.Log;->i(Ljava/lang/String; Ljava/lang/String;)I
com.transn.taxation.rxbus.RxEventConsumer;->onReceiveFail(Ljava/lang/String;)V==>android.util.Log;->e(Ljava/lang/String; Ljava/lang/String;)I
com.test.k6;->a(Lcom/test/k6$b;)V==>android.util.Log;->w(Ljava/lang/String; Ljava/lang/String;)I
androidx.coordinatorlayout.widget.CoordinatorLayout;->a(I)I==>android.util.Log;->e(Ljava/lang/String; Ljava/lang/String;)I
cn.jzvd.Jzvd;->onTouch(Landroid/view/View; Landroid/view/MotionEvent;)Z==>android.util.Log;->i(Ljava/lang/String; Ljava/lang/String;)I
cn.jzvd.Jzvd;->onStartTrackingTouch(Landroid/widget/SeekBar;)V==>android.util.Log;->i(Ljava/lang/String; Ljava/lang/String;)I
com.test.vh;->a(Landroid/graphics/Bitmap;)V==>android.util.Log;->v(Ljava/lang/String; Ljava/lang/String;)I
com.test.bk;->a(I I Ljava/lang/String; Landroid/graphics/BitmapFactory$Options; Landroid/graphics/Bitmap; I I J)V==>android.util.Log;->v(Ljava/lang/String; Ljava/lang/String;)I
androidx.recyclerview.widget.GridLayoutManager;->b(Landroidx/recyclerview/widget/RecyclerView$v; Landroidx/recyclerview/widget/RecyclerView$z; I)I==>android.util.Log;->w(Ljava/lang/String; Ljava/lang/String;)I
com.test.tl;->a(Landroid/content/Context; Lcom/test/ql$a;)Lcom/test/ql;==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.test.c8;->a(Ljava/lang/reflect/Field; Landroid/widget/TextView;)I==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.test.fc;->a(Landroid/animation/LayoutTransition;)V==>android.util.Log;->i(Ljava/lang/String; Ljava/lang/String;)I
cn.jzvd.Jzvd;->q()V==>android.util.Log;->i(Ljava/lang/String; Ljava/lang/String;)I
androidx.media.MediaBrowserServiceCompat$q;->handleMessage(Landroid/os/Message;)V==>android.util.Log;->w(Ljava/lang/String; Ljava/lang/String;)I
com.transn.taxation.rxbus.RxBus;->post(Ljava/lang/Object;)V==>android.util.Log;->v(Ljava/lang/String; Ljava/lang/String;)I
com.test.l8;->e(I)Z==>android.util.Log;->e(Ljava/lang/String; Ljava/lang/String;)I
cn.jzvd.Jzvd;->o()V==>android.util.Log;->i(Ljava/lang/String; Ljava/lang/String;)I
com.test.oe;->i()Lcom/test/me;==>android.util.Log;->w(Ljava/lang/String; Ljava/lang/String;)I
com.test.t8;->a(Landroidx/fragment/app/Fragment;)V==>android.util.Log;->v(Ljava/lang/String; Ljava/lang/String;)I
androidx.recyclerview.widget.RecyclerView$c0;->a(Z)V==>android.util.Log;->e(Ljava/lang/String; Ljava/lang/String;)I
androidx.swiperefreshlayout.widget.SwipeRefreshLayout;->onTouchEvent(Landroid/view/MotionEvent;)Z==>android.util.Log;->e(Ljava/lang/String; Ljava/lang/String;)I
com.test.bx;->a(Ljava/lang/String; Ljava/lang/String; I)Ljava/util/ArrayList;==>android.util.Log;->e(Ljava/lang/String; Ljava/lang/String;)I
com.test.t8;->m(Landroidx/fragment/app/Fragment;)V==>android.util.Log;->v(Ljava/lang/String; Ljava/lang/String;)I
com.test.t8;->a(Landroidx/fragment/app/Fragment; I I I Z)V==>android.util.Log;->w(Ljava/lang/String; Ljava/lang/String;)I
com.test.m8;->a(I)V==>android.util.Log;->v(Ljava/lang/String; Ljava/lang/String;)I
com.test.vh;->a(J)V==>android.util.Log;->w(Ljava/lang/String; Ljava/lang/String;)I
com.test.w1;->a(Landroid/net/Uri;)Landroid/graphics/drawable/Drawable;==>android.util.Log;->w(Ljava/lang/String; Ljava/lang/String;)I
com.test.bg;->a(Ljava/net/HttpURLConnection;)Ljava/io/InputStream;==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.test.vh;->a(I)V==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.test.ca$a;->a(Z)Lcom/test/da;==>android.util.Log;->v(Ljava/lang/String; Ljava/lang/String;)I
com.test.u8;->b()V==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.test.o4;->a(Landroid/content/ComponentName;)Lcom/test/o4;==>android.util.Log;->e(Ljava/lang/String; Ljava/lang/String;)I
com.test.vw;->a(Ljava/lang/String; Ljava/lang/String;)V==>android.util.Log;->i(Ljava/lang/String; Ljava/lang/String;)I
com.test.vw;->a(I Ljava/lang/String; Ljava/lang/String;)V==>android.util.Log;->e(Ljava/lang/String; Ljava/lang/String;)I
cn.jzvd.Jzvd;->a(I I)V==>android.util.Log;->e(Ljava/lang/String; Ljava/lang/String;)I
androidx.appcompat.app.AppCompatDelegateImpl;->k(I)I==>android.util.Log;->i(Ljava/lang/String; Ljava/lang/String;)I
com.test.bk;->a(Ljava/io/InputStream; Landroid/graphics/BitmapFactory$Options; Lcom/test/ak; Lcom/test/hf; Z I I Z Lcom/test/bk$b;)Landroid/graphics/Bitmap;==>android.util.Log;->v(Ljava/lang/String; Ljava/lang/String;)I
androidx.appcompat.widget.ListPopupWindow;->h()I==>android.util.Log;->e(Ljava/lang/String; Ljava/lang/String;)I
com.test.zm;->a(Lcom/test/gh; Ljava/lang/Object; Lcom/test/gf;)V==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
cn.jzvd.Jzvd;->r()V==>android.util.Log;->i(Ljava/lang/String; Ljava/lang/String;)I
com.test.vw;->a(I Ljava/lang/String; Ljava/lang/String;)V==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.test.pp;->b(Landroid/graphics/drawable/DrawableContainer; Landroid/graphics/drawable/Drawable$ConstantState;)Z==>android.util.Log;->e(Ljava/lang/String; Ljava/lang/String;)I
com.test.t8;->n(Landroidx/fragment/app/Fragment;)V==>android.util.Log;->v(Ljava/lang/String; Ljava/lang/String;)I
com.test.w1;->a(Landroid/content/ComponentName;)Landroid/graphics/drawable/Drawable;==>android.util.Log;->w(Ljava/lang/String; Ljava/lang/String;)I
com.test.ca$a;->c()V==>android.util.Log;->v(Ljava/lang/String; Ljava/lang/String;)I
com.test.jc0;->a(Landroid/content/Context; [Ljava/lang/String;)Z==>android.util.Log;->w(Ljava/lang/String; Ljava/lang/String;)I
com.test.vh;->a()V==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.test.m8;->a(Ljava/util/ArrayList; Ljava/util/ArrayList;)Z==>android.util.Log;->v(Ljava/lang/String; Ljava/lang/String;)I
com.test.t8;->j(Landroidx/fragment/app/Fragment;)V==>android.util.Log;->v(Ljava/lang/String; Ljava/lang/String;)I
com.androidkun.xtablayout.XTabLayout$i;->a(Landroid/widget/TextView; Landroid/widget/ImageView;)V==>android.util.Log;->w(Ljava/lang/String; Ljava/lang/String;)I
com.test.d2;->m()V==>android.util.Log;->i(Ljava/lang/String; Ljava/lang/String;)I
com.test.im;->a()Ljava/util/List;==>android.util.Log;->v(Ljava/lang/String; Ljava/lang/String;)I
com.test.bg;->a(Lcom/test/te; Lcom/test/vf$a;)V==>android.util.Log;->v(Ljava/lang/String; Ljava/lang/String;)I
com.test.o1;->d(Landroid/graphics/drawable/Drawable;)Landroid/graphics/Rect;==>android.util.Log;->e(Ljava/lang/String; Ljava/lang/String;)I
androidx.fragment.app.FragmentState;->a(Ljava/lang/ClassLoader; Lcom/test/q8;)Landroidx/fragment/app/Fragment;==>android.util.Log;->v(Ljava/lang/String; Ljava/lang/String;)I
com.androidkun.xtablayout.XTabLayout;->onMeasure(I I)V==>android.util.Log;->w(Ljava/lang/String; Ljava/lang/String;)I
com.test.t8;->onCreateView(Landroid/view/View; Ljava/lang/String; Landroid/content/Context; Landroid/util/AttributeSet;)Landroid/view/View;==>android.util.Log;->v(Ljava/lang/String; Ljava/lang/String;)I
com.test.m8;->a(Z)I==>android.util.Log;->v(Ljava/lang/String; Ljava/lang/String;)I
cn.jzvd.Jzvd;->m()V==>android.util.Log;->i(Ljava/lang/String; Ljava/lang/String;)I
androidx.appcompat.widget.ListPopupWindow;->c(Z)V==>android.util.Log;->i(Ljava/lang/String; Ljava/lang/String;)I
androidx.media.MediaBrowserServiceCompat$n$a;->run()V==>android.util.Log;->i(Ljava/lang/String; Ljava/lang/String;)I
androidx.appcompat.widget.ListPopupWindow;->a(Landroid/view/View; I Z)I==>android.util.Log;->i(Ljava/lang/String; Ljava/lang/String;)I
com.test.t8;->d(Landroidx/fragment/app/Fragment;)V==>android.util.Log;->v(Ljava/lang/String; Ljava/lang/String;)I
androidx.appcompat.widget.MenuPopupWindow;->()V==>android.util.Log;->i(Ljava/lang/String; Ljava/lang/String;)I
androidx.recyclerview.widget.RecyclerView;->f(I I)Z==>android.util.Log;->e(Ljava/lang/String; Ljava/lang/String;)I
com.test.vh;->c()V==>android.util.Log;->v(Ljava/lang/String; Ljava/lang/String;)I
com.test.w1;->b(Landroid/database/Cursor;)V==>android.util.Log;->w(Ljava/lang/String; Ljava/lang/String;)I
com.test.tj;->a(Lcom/test/gh; Ljava/io/File; Lcom/test/of;)Z==>android.util.Log;->v(Ljava/lang/String; Ljava/lang/String;)I
com.test.ao$e;->a()Ljava/lang/Object;==>android.util.Log;->v(Ljava/lang/String; Ljava/lang/String;)I
com.youth.banner.Banner;->c()V==>android.util.Log;->e(Ljava/lang/String; Ljava/lang/String;)I
com.transn.taxation.rxbus.RxEventConsumer;->onReceiveEvent(Ljava/lang/Object;)V==>android.util.Log;->v(Ljava/lang/String; Ljava/lang/String;)I
com.test.rc0;->b(Ljava/lang/String; Ljava/lang/String; Ljava/lang/String; I I [Ljava/lang/String;)V==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
com.test.t8;->a(Landroidx/fragment/app/Fragment; Z)V==>android.util.Log;->v(Ljava/lang/String; Ljava/lang/String;)I
com.test.zj;->a(Lcom/test/zj$c; [B I)I==>android.util.Log;->d(Ljava/lang/String; Ljava/lang/String;)I
cn.jzvd.JZTextureView;->onMeasure(I I)V==>android.util.Log;->i(Ljava/lang/String; Ljava/lang/String;)I
androidx.recyclerview.widget.GridLayoutManager;->c(Landroidx/recyclerview/widget/RecyclerView$v; Landroidx/recyclerview/widget/RecyclerView$z; I)I==>android.util.Log;->w(Ljava/lang/String; Ljava/lang/String;)I
androidx.recyclerview.widget.RecyclerView$o;->e(Landroidx/recyclerview/widget/RecyclerView$v; Landroidx/recyclerview/widget/RecyclerView$z;)V==>android.util.Log;->e(Ljava/lang/String; Ljava/lang/String;)I

中危

检测到9条敏感明文信息,建议移除。

位置: classes.dex
'data:image' used in: Lcom/test/qi$c$a;->a(Ljava/lang/String;)Ljava/io/InputStream;
'data:image' used in: Lcom/test/qi;->a(Ljava/lang/Object;)Z
'file:///android_asset/' used in: Lcom/test/mi;->()V
'http://39.108.103.111:80' used in: Lcom/test/sv;->c()Lcom/transn/taxation/httpcore/api/TaxationFileApi;
'http://39.108.103.111:80' used in: Lcom/test/sv;->d()V
'http://schemas.android.com/apk/res-auto' used in: Lcom/test/bp;->a(Landroid/util/AttributeSet; I I)V
'http://schemas.android.com/apk/res/android' used in: Lcom/test/x4;->a(Lorg/xmlpull/v1/XmlPullParser; Ljava/lang/String;)Z
'http://schemas.android.com/apk/res/android' used in: Lcom/google/android/material/chip/Chip;->a(Landroid/util/AttributeSet;)V
'https://me.iol8.com/' used in: Lcom/test/sv;->d()V

低危

非debug包,需要通过打包平台proguard脚本,移除大部分系统输出代码。
经扫描该包仍存在大量系统输出代码,共发现3处系统输出代码.(此处扫描的系统输出代码,是指调用System.out.print*输出的,本应在打包平台移除的系统输出代码.)
各个bundle系统输出代码详情如下:

位置: classes.dex
com.test.ez$c;
com.test.ye;
com.test.t3;

警告

检测到3处addFlags使用Intent.FLAG_ACTIVITY_NEW_TASK。

位置: classes.dex
androidx.appcompat.widget.SearchView;->
androidx.appcompat.widget.SearchView;->a
com.test.o4;->a

APP创建Intent传递数据到其他Activity,如果创建的Activity不是在同一个Task中打开,就很可能被其他的Activity劫持读取到Intent内容,跨Task的Activity通过Intent传递敏感信息是不安全的。建议:
尽量避免使用包含FLAG_ACTIVITY_NEW_TASK标志的Intent来传递敏感信息。

参考资料:
http://wolfeye.baidu.com/blog/intent-data-leak

警告

检测到2处provider的grantUriPermissions设置为true。
androidx.core.content.FileProvider
com.iceteck.silicompressorr.provider.GenericFileProvider


grant-uri-permission若设置为true,可被其它程序员通过uri访问到content provider的内容,容易造成信息泄露。

参考资料:
https://security.tencent.com/index.php/blog/msg/6

警告

检测到1处使用了加解密算法。密钥处理不当可能会导致信息泄露。

位置: classes.dex
com.test.ax$a;->a(Ljava.lang.String; Ljava.lang.String; Ljava.lang.String; Ljava.lang.String; Ljava.lang.String; Ljava.lang.String;)Ljava.lang.String;

参考案例:
http://www.wooyun.org/bugs/wooyun-2010-0105766
http://www.wooyun.org/bugs/wooyun-2015-0162907
http://www.wooyun.org/bugs/wooyun-2010-0187287

参考资料:
http://drops.wooyun.org/tips/15870
https://developer.android.com/training/articles/keystore.html


动态扫描发现风险点

风险等级 风险名称

服务端分析

风险等级 风险名称

警告

检测到?处XSS漏洞。
开发中...

警告

检测到?处XSS跨站漏洞。
开发中...

应用证书