WIKI

13.9 发送SMS敏感代码检测

(1)描述

检查app是否有调用发送SMS函数

(2)检测方法

检测类型:静态分析

Example Java code:

  SmsManager smsm = SmsManager.getDefault();

  smsm.sendTextMessage("123123", null, "hello", null, null);

  smsm.sendDataMessage("13123", "123", (short) 90, null, null, null);

  smsm.sendMultimediaMessage(this, null, null, null, null);

  

Example Bytecode code:

  invoke-static {}, Landroid/telephony/SmsManager;->getDefault()Landroid/telephony/SmsManager;

 

Landroid/telephony/SmsManager;->sendDataMessage(Ljava/lang/String; Ljava/lang/String; S [B Landroid/app/PendingIntent; Landroid/app/PendingIntent;)V

 

Landroid/telephony/SmsManager;->sendMultipartTextMessage(Ljava/lang/String; Ljava/lang/String; Ljava/util/ArrayList; Ljava/util/ArrayList; Ljava/util/ArrayList;)V

 

Landroid/telephony/SmsManager;->sendTextMessage(Ljava/lang/String; Ljava/lang/String; Ljava/lang/String; Landroid/app/PendingIntent; Landroid/app/PendingIntent;)V

(3)风险等级

提示