安全分析报告:
安全分数
安全分数 42/100
风险评级
等级
- A
- B
- C
- F
严重性分布 (%)
隐私风险
2
用户/设备跟踪器
调研结果
高危
2
中危
12
信息
2
安全
0
关注
0
高危 如果一个应用程序使用WebView.loadDataWithBaseURL方法来加载一个网页到WebView,那么这个应用程序可能会遭受跨站脚本攻击
如果一个应用程序使用WebView.loadDataWithBaseURL方法来加载一个网页到WebView,那么这个应用程序可能会遭受跨站脚本攻击 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x05h-Testing-Platform-Interaction.md#static-analysis-7 Files: com/goder/busquerysystemtrain/RouteInputActivity.java, line(s) 2763,29 com/goder/busquerysystemtrain/nearby/AdaptorNearbyFoamTree.java, line(s) 66,9
高危 已启用远程WebView调试
已启用远程WebView调试 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x04c-Tampering-and-Reverse-Engineering.md#debugging-and-tracing Files: com/goder/busquerysystemtrain/traininfo/TrainMapActivity.java, line(s) 261,22,23
中危 应用程序已启用明文网络流量
[android:usesCleartextTraffic=true] 应用程序打算使用明文网络流量,例如明文HTTP,FTP协议,DownloadManager和MediaPlayer。针对API级别27或更低的应用程序,默认值为“true”。针对API级别28或更高的应用程序,默认值为“false”。避免使用明文流量的主要原因是缺乏机密性,真实性和防篡改保护;网络攻击者可以窃听传输的数据,并且可以在不被检测到的情况下修改它。
中危 应用程序数据可以被备份
[android:allowBackup=true] 这个标志允许任何人通过adb备份你的应用程序数据。它允许已经启用了USB调试的用户从设备上复制应用程序数据。
中危 Service (androidx.work.impl.background.systemjob.SystemJobService) 受权限保护, 但是应该检查权限的保护级别。
Permission: android.permission.BIND_JOB_SERVICE [android:exported=true] 发现一个 Service被共享给了设备上的其他应用程序,因此让它可以被设备上的任何其他应用程序访问。它受到一个在分析的应用程序中没有定义的权限的保护。因此,应该在定义它的地方检查权限的保护级别。如果它被设置为普通或危险,一个恶意应用程序可以请求并获得这个权限,并与该组件交互。如果它被设置为签名,只有使用相同证书签名的应用程序才能获得这个权限。
中危 Broadcast Receiver (androidx.work.impl.diagnostics.DiagnosticsReceiver) 受权限保护, 但是应该检查权限的保护级别。
Permission: android.permission.DUMP [android:exported=true] 发现一个 Broadcast Receiver被共享给了设备上的其他应用程序,因此让它可以被设备上的任何其他应用程序访问。它受到一个在分析的应用程序中没有定义的权限的保护。因此,应该在定义它的地方检查权限的保护级别。如果它被设置为普通或危险,一个恶意应用程序可以请求并获得这个权限,并与该组件交互。如果它被设置为签名,只有使用相同证书签名的应用程序才能获得这个权限。
中危 文件可能包含硬编码的敏感信息,如用户名、密码、密钥等
文件可能包含硬编码的敏感信息,如用户名、密码、密钥等 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x05d-Testing-Data-Storage.md#checking-memory-for-sensitive-data-mstg-storage-10 Files: com/goder/busquery/googledirection/QueryDirection.java, line(s) 56 com/goder/busquery/prepareData/C0017ag.java, line(s) 115 com/goder/busquery/prepareData/C0021ak.java, line(s) 942,942,1416,1022,784,452,631,1486,1023 com/goder/busquery/prepareData/C0031au.java, line(s) 349 com/goder/busquery/prepareData/C0044ag.java, line(s) 322 com/goder/busquery/prepareData/C0048ak.java, line(s) 1466,1466,1940,1546,847,457,1370,636,2010,1547 com/goder/busquery/prepareData/C0058au.java, line(s) 404 com/goder/busquery/prepareData/C0076ck.java, line(s) 627,168 com/goder/busquery/prepareData/C0080co.java, line(s) 115 com/goder/busquery/prepareData/C0081cp.java, line(s) 100 com/goder/busquery/prepareData/C0103ck.java, line(s) 1866,381 com/goder/busquery/prepareData/C0107co.java, line(s) 378 com/goder/busquery/prepareData/C0108cp.java, line(s) 101 com/goder/busquery/prepareData/C0126m.java, line(s) 224,312 com/goder/busquery/prepareData/C0153m.java, line(s) 225,313 com/goder/busquery/prepareData/aJ.java, line(s) 775 com/goder/busquery/prepareData/aR.java, line(s) 351 com/goder/busquery/prepareData/bD.java, line(s) 458
中危 不安全的Web视图实现。可能存在WebView任意代码执行漏洞
不安全的Web视图实现。可能存在WebView任意代码执行漏洞 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x05h-Testing-Platform-Interaction.md#testing-javascript-execution-in-webviews-mstg-platform-5 Files: com/goder/busquerysystemtrain/RouteInputActivity.java, line(s) 2762,2761 com/goder/busquerysystemtrain/nearby/AdaptorNearbyFoamTree.java, line(s) 65,64 com/goder/busquerysystemtrain/traininfo/TrainMapActivity.java, line(s) 259,260,242,251
中危 应用程序可以读取/写入外部存储器,任何应用程序都可以读取写入外部存储器的数据
应用程序可以读取/写入外部存储器,任何应用程序都可以读取写入外部存储器的数据 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x05d-Testing-Data-Storage.md#external-storage Files: com/goder/busquerysystemtrain/Config.java, line(s) 527,531 com/goder/busquerysystemtrain/adaptor/SelectMusic.java, line(s) 225,320 com/goder/busquerysystemtrain/recentinfo/FavoriteStop.java, line(s) 885
中危 IP地址泄露
IP地址泄露 Files: com/goder/busquery/prepareData/C0047bj.java, line(s) 63 com/goder/busquery/prepareData/C0074bj.java, line(s) 66 com/goder/busquery/prepareData/C0119f.java, line(s) 38 com/goder/busquery/prepareData/C0146f.java, line(s) 39 com/goder/busquery/prepareData/DownloadEstimateTime.java, line(s) 906 com/goder/busquery/prepareData/U.java, line(s) 12 com/goder/busquery/prepareData/bI.java, line(s) 67 com/goder/busquery/prepareData/cL.java, line(s) 248 com/goder/busquery/prepareData/dX.java, line(s) 20 com/goder/busquery/train/k.java, line(s) 21
中危 SHA-1是已知存在哈希冲突的弱哈希
SHA-1是已知存在哈希冲突的弱哈希 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x04g-Testing-Cryptography.md#identifying-insecure-andor-deprecated-cryptographic-algorithms-mstg-crypto-4 Files: com/goder/busquery/util/b.java, line(s) 17
中危 MD5是已知存在哈希冲突的弱哈希
MD5是已知存在哈希冲突的弱哈希 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x04g-Testing-Cryptography.md#identifying-insecure-andor-deprecated-cryptographic-algorithms-mstg-crypto-4 Files: com/goder/busquery/prepareData/aJ.java, line(s) 315
中危 应用程序包含隐私跟踪程序
此应用程序有多个2隐私跟踪程序。跟踪器可以跟踪设备或用户,是终端用户的隐私问题。
中危 此应用可能包含硬编码机密信息
从应用程序中识别出以下机密确保这些不是机密或私人信息 AdMob广告平台的=> "com.google.android.gms.ads.APPLICATION_ID" : "@string/ads_appid" 凭证信息=> "com.google.android.geo.API_KEY" : "AIzaSyBvVMm6LYH1-jEliwhZbk_TNPD667OddFo" r7w8z8x5n9v4g7j8y7q7k9s9a2d9q9c5v/a8m1c5s1w2x9l9o2z6g4o AgInzzaaSeyfAzTwetSe2lym0qUxrkDjNuNtpr0bExuwieCtgexx7kjgQuljSbgyhnQqxj3x6uxlMh dHt2cgPwaXUQpsN0l8HJAepPcV6sucMBAOD1 B1464EF0-9C7C-4A6F-ABF7-6BDF32847E68 x7u8f8i5v9q4p7r8b7v7w9g9o2u9h9a5n/p4k6p0k0g9v6y7r1j3k3x 03ab2b0d-5885-4027-ae19-e1d6cbccd013 8cca547158b5fd7c4e0f346b43720e40 AzIbzvabSrygCjlw8qSoZgWmPz5jlwRookpefbkmlnhbrcBgxt0zDl9nBnjkby0nFoScAd2hKvmxgw u7r8g8l5y9x4v7n8h7k7s9j9i2w9a9x5x/f4b9j6u0n4n0c5h6p6e3y 7ddfcf3b-bab3-43a3-bcb0-92f496c86f79 795e7761157f4fdc8e5899635a87c192 k7t8i8v5c9v4g7e8b7g7z9s9o2s9o9h5j/x2s7f2x4m1v6a6d0i3a2z 4f22263f69671d7f49726c3011333e527368211f d1524354-e69d-4cb3-a790-56a89db22bf2 0daad6e6-0632-44f5-bd25-5e1de1e9146f b470b66f-cf1c-43dc-b329-ff4684c05f02 2b1e4d8d442641bb9a4d9a4c64fb0ab1 v7l8l8u5l9o4k7x8n7t7a9u9y2x9o9e5b/c4t2g2b3t4m3z5f2r6i1y 6ad4d3a0-a1f1-4ecf-bfb7-387e0503194c dbd232bedeb64830855beed1f2b88831 11A505D6EDE5B677E740E3B3A f2f82f78256e4c7db8deb75868a1e74f 93d3be35-bf43-4b68-a044-1b3177fddc4e 4d58704d-076f-43c3-a93c-3da068ed6c0e BD72596B81BE2266C871A0750 5b986ec0-4f5c-4b8c-9c62-0556caa29f12 076a294663a34eae15f8974ec0676b85 c73faaa38dfe420bb23ee9138d99a2be 2aa4f5ac49884f4b86c66e0b73671cd4 p7k8j8j5q9h4z7w8y7x7a9t9c2p9t9y5q/k3w2d4r2g4c6r1x4i6c8l 57175ddc3eeb4a09ba8548011550603f XofZRhewrFcE3Xdn6W7yPZlAvsU b7q8r8j5j9t4e7o8g7d7h9s9a2c9w9r5s/l3p2e4a9d5k7t4y6r3m8p AoIhzearShyaDlukQfbjLokkPaLxxuWbaaSwhhKjjmufDaKzUuYfAdigDs6hccbplz5o3zSg3qiyQz 186db382-cfdd-471f-818c-3d407da85a0b 57c0d57eea5849b89c2b8f7ba73c0ceb hqdxGjOYNLnEpUt60cQz1123K1KpKtXE1XPx u7n8q8p5z9r4q7s8a7e7b9w9o2q9a9y5z/c3o4p5t9w6h6i1i6d6u9t f7o8t8p5e9n4i7n8w7k7y9c9n2e9f9l5l/f8m8h2q5m3r6g3u1q9e5k 70c303c4-006e-4de9-989f-4930f70de9a4 76b81f92d48a41a4a98ea0c33d8df80a 09e2e5460ac5ba36842fa3ce0278199f 69f39edfdd4949d8afe77eb6020861db a2b4ea0e-5041-4fba-810f-2fefb7fec397 i7x8s8o5w9w4q7x8s7e7x9f9z2c9u9v5h/n3u4d7y3g6d5y4h8h6t9k q7w8p8b5h9d4i7n8v7v7n9q9s2z9n9r5i/c1k7j0y0q5l0v8p4g6a3x 9t5ecc2oaleh1s7ads8cbbfp4xaq2g2n9a3n0g9c2mefbv8y5wfh4o2ubt0w4y3i ee73fdc1db154a7d91b29292e3e17a6a s7l8d8h5u9l4t7e8f7m7d9y9s2h9t9e5x/m4w1p0s3m2c0e8g1d0f3z 8066a3f49221421186f69213f945eb27 750C394CA7BA12C236E97C440 9fe61a28-ed32-454d-b7bb-3792a5e0a746 mvmbhixFazftkvdMsSaea4tnrRlRywmKi5vEs 5712a903-4124-43a2-b13d-5cd2845396c3 07b0f0a149014b10845f739e5636e953 42653400-BE5E-4C87-B4AE-EBECFA10ABD6 fdb27a99ca1e483d9a5600d1bf171222 fb922c3cd13045fe9c0008add04d28a1 9f2e0e8d028d4b8db769618f4aa1ad34 o7m8e8f5f9j4q7g8t7l7z9s9v2b9b9w5t/y9d7h0a2u1t0c0r0y6u9d rF9qDLfcJs6Wx2EleGxBl4kZ7wbRrsiN90XiEltb bab86cc2394046d1a3e3219d13f71423 AwIeziamSxynDj4oiooxuuLgvuWb5pvywmFsSohp3j5b8cgg3lZmfjsqMqYe8dQt1uDc1vCaOunhQs 63fb2d80fefabcc756045cad2ddcaf25 y7f8i8m5i9v4v7p8m7q7g9h9z2u9b9l5t/x6t9c9w7u0r5v2t8s0p0b 70928c988071ba1717c3030bd3ea669d bd906b29-9006-40ed-8bd7-67597c2577fc 80ee89842c724230808663788d024613 170cbebb78014eecbd82ca19ca576a5b AzIozoaxSgysBbbzseacexIehseucpbjSdjlbdlrdpIh4j1kcd5vIy7lAhLe ae77ab07-5087-42c7-94a3-2dd2cfa1fcd1 778f09c1889c40d400429ef8dc7d6181 AvIbzbasSiydCdcbrsdnGv9gSj0d8sUjEklkzhiephPhqyGwYsSjmmyuaj7y1a7oLu3aLtqhEwSaQw j7q8z8l5o9t4g7w8f7f7d9z9e2j9c9z5i/k7b1t3m5p0f4q7k3h1s0z bLhcbvumnHwKs9iVyYtTcknEmBiMp E09B35A5-A738-48CC-B0F5-570B67AD9C78 g7v8p8i5e9l4y7y8y7c7f9j9q2l9e9l5x/m4y8x6v5z3a7u1d6w6p7u 951BCEB2-CE49-4E5A-A2BC-AECC2084D340 r7t8p8r5w9u4i7i8r7a7h9g9q2q9y9f5z/w4d5w5q3i0t7l8l0v1e6y d7i8h8p5w9k4t7f8o7x7j9c9u2y9r9r5b/c5a7q0x3p9p8l9v7v6g0j fpcmyTcGeFfhoJohbWxspgy4lPdEfaxtgHtLervHu4tGq 94420527-c702-49b5-a0ad-59011ec08b11 8b35bc50db98b8091ecbb1a36457f86a 27b5cc4a9171494db4338f0740bded38 0h8rcy6y5w9f7x3z9bduaw2a4f6w6gbs8zezfe2i0z5veaeu7k8r0kbrboel5oah 65c1093b-0c34-41cf-8f0e-f11318766298 AzIxzqabSzycClIdYn6g9p4w0uudbi9pkpeg1nngqk2vetVz 914713b52790404f9e303a8d3e8264ed f121564fba144bbdb8223047f1abb415 ce7bb935a7884bf5bcf1ab8df8ddc715 EN5xbh3tccet3k5e9n7r8j5c1j1w1m0o0f0n1hcdfe6w2k4b8m7t2ocy8c0zfqaebzebcf3n9t4l0h7u8r9lck8i9vdh7objct6seuawcn4jcn1xab m7c8b8p5n9e4p7x8o7t7s9u9a2q9q9b5u/y4d9q9i3a2e3h5z2p6e0h oxwQXl0MBqEejS8drl6Bjk3Df0eJhSM4oHVx yLOS8Pg5AGwAllUmUPXhObKkADworCW1guh5 c7r8g8p5v9g4t7i8o7f7z9r9k2j9v9w5y/r5m8w3p2n9h1h4j1r7x3e 4880ee6534640734073a2d867430b5e7 o7p8n8x5s9a4h7q8i7z7t9h9z2x9b9u5n/v3o6e0x3h4j9x0c5u5a4l eoaf4lbh6yccem8a3a6z6b7e4s0gbh5y9s7m4g3s7n2obtfdfa4x3tap9f7d3k3z b9d062410fb146488c5c421fb951d2e1 387a42e5850282cf618588099ccc4979 u7r8i8e5u9k4b7h8b7n7j9f9n2w9x9y5d/v5k4f0o2c6e7b7l8a3o2z 330df44e-ca1d-4f6c-b790-37507a71b04a AlIwzkawSkyzBhVzFpKkxzYfSzyfifVtfjXanm8mFpEoveGx 006a40dbd1a9f10658c0376b1f779c87 p5Jd0ciCtYnCQeUywhXAOVmvMdlV7W7mH0q0 3f58191783e1496abca437f9adbf8461 9d15cb90e3fc49719ac62589cc0875f9 527dd12b814943658d31f2a9b4b6e07f 2935c9adeb1b4c21be3db52571794b3e AqIlzlaxSxygBirfhexySmgiwuguYasr1fdd9qyw1p0wzmqjCjMdvg0zyi8trbnseebeZzAn0x4sAm AyIkzbalSjybCyWm1lko4qzx0swfaglvOfDtAlnzYfSqarmqCfowIystSlXl0pwu9ubjGmEyWgyz0a c7y8l8s5t9t4e7r8z7c7y9v9e2k9m9h5j/e6n1k4o7p1r9j3j2n6q9v 07F7CCB3-ED00-43C4-966D-08E9DAB24E95 69556954-9bd1-45d1-9ebd-86ee8eb1bc48 8e5ddda2-be8c-4d6c-88d5-692ee654fff5 AnIezgaqSzywAbptqbyznfJa2dlzMsntFxDiSzTkxbLrRdBxnkUvobYenpDv2klgNlLsmt 5b4c2017-670a-474d-855d-05610063690a ArImzmajSjywDp4vAtFtBqxxqkNrte1oKuCceztsFqJgxlru2hdd3zVbEl7lzwwhizSmfm2gZrkiwh MrQjAyxqAiDhYbAgYsgmBfhmAmGkIiAkZcQwAp3hAfCw0yAgZeQlAe5tAdDxMeAfMhguAatvAzDbQkAlYrwoBnjgArGeYcAeLiQgAb5lAzGvQjAvMlApAqxtAyCu0lAqYbQnAe0dAcDrMjAqMxQqAjyrAyDoAyAsNjgwBsisAzDmUuAjMeQeAgyaAnGiMpAg 799a60825d2444ef0ad54013dbb569ae6 5d7d1d786f52b37ef3bdac6ace8c9acb 3bdbdc8fc1494093b2e64c9bdc40e9b2 5B5E62AB-77FB-4F61-A224-DB11EE6C945A 26b5773f-8565-4fa9-b638-7d46e748048b d99358ee98474f1eb019f537b2270b4d 008ed7cf-2340-4bc4-89b0-e258a5573be2 8f0fe43e-da3b-4a10-bd8e-4cfd54e30eb3 e597c192-92a4-4436-b4c0-6c4b2980db59 n7s8b8v5z9l4d7n8z7h7e9b9c2t9u9l5b/l3m5r8e6u3f4b0x9k6i9z an6h0adb8l7i4iabbier5m4k4ydpauaz9s6vczew5p4aas4qfp6t5d8z2b6aegco 8802fbd4-2a79-4333-9ebc-14c1b893e007 02ad3c5e50d24945b556cf1421b2c542 4f2b14db-0f9c-4c0e-a8cf-b9299a9c273d f71734f4913242a5a14a8fd1610da220 4cabeb5d-f234-4cdc-a724-0f5fac90b1de c94c8522c80f42b1987c8f065d913506 dd89f2ea-f269-4a64-8088-6fdf632ae8b8 a9aee1b8-5b27-48d7-848d-d54e3b981fd7
信息 应用程序记录日志信息,不得记录敏感信息
应用程序记录日志信息,不得记录敏感信息 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x05d-Testing-Data-Storage.md#logs Files: com/goder/busquery/apiai/ApiAiId.java, line(s) 29,34,45,50,57,62,67,72,77,82,87,92,97,104 com/goder/busquery/apiai/ApiAiInfoToDB.java, line(s) 68 com/goder/busquery/apiai/ApiAiRequest.java, line(s) 75 com/goder/busquery/apiai/DBBusInfoToApiAi.java, line(s) 36,55,63,71,90 com/goder/busquery/apiai/SynonymProcessing.java, line(s) 59,60,61 com/goder/busquery/dbinfo/EstimateTimeInfo.java, line(s) 485,488,530,537 com/goder/busquery/googledirection/QueryDirection.java, line(s) 120,121,123 com/goder/busquery/googledirection/a.java, line(s) 40 com/goder/busquery/googleplace/NearbyAPI.java, line(s) 267,271,272,724,727,735,747,749,758,760,762,768,775 com/goder/busquery/googleplace/PlaceAPI.java, line(s) 117 com/goder/busquery/googleplace/StreetViewAPI.java, line(s) 23 com/goder/busquery/googleplace/g.java, line(s) 29,30 com/goder/busquery/prepareData/C0010a.java, line(s) 41,62,133,329,334,359,384,399,420 com/goder/busquery/prepareData/C0013ac.java, line(s) 890,1049,1244,1581,1623,1805,2060,2206,2407,2411,2415,2419,2423,2427,433,439,497,499,572,575,664,1031,1039,1080,1090,1267,1598,1701,1741,1864,1918,2104,2237,2398,2403 com/goder/busquery/prepareData/C0017ag.java, line(s) 59,80,83,131,152,155 com/goder/busquery/prepareData/C0020aj.java, line(s) 64,70,125 com/goder/busquery/prepareData/C0021ak.java, line(s) 135,709,762,809,926,1036,1428,82,133,352,378,382,403,434,456,523,558,590,718,842,865,868,1167,1171,1183,1206,1209,1316 com/goder/busquery/prepareData/C0029as.java, line(s) 28 com/goder/busquery/prepareData/C0031au.java, line(s) 359,161,195,403,424,427,505,509 com/goder/busquery/prepareData/C0035ay.java, line(s) 230,388,408,496,1035,1455,1505,1561,1665,1671,362,428,457,480,483,614,767,864,865,866,1058,1083,1108,1144,1166,1226,1248,1414,1418,1433,1469,1497,1558,1563,1570,1574,1651,1662,1674 com/goder/busquery/prepareData/C0037a.java, line(s) 44,65,663,697,893,898,923,948,963,984 com/goder/busquery/prepareData/C0040ac.java, line(s) 1489,2531,3426,3619,4066,4400,4832,6525,7368,8274,8675,9571,9667,10116,10665,10707,10912,11519,12028,12350,13052,13735,13914,14720,14921,14925,14929,14933,14937,14941,182,312,654,660,718,720,793,796,885,1045,1421,1588,2309,2928,3408,3416,3457,3467,3671,4089,4306,4640,5105,5662,6482,6629,7250,7335,7466,8214,8235,8289,8577,8604,8701,9018,9471,9500,9589,9898,9921,9932,9945,9955,9959,10107,10128,10682,10785,10929,11454,11481,11543,11742,11957,11975,12002,12286,13082,13539,13593,13925,14618,14751,14912,14917 com/goder/busquery/prepareData/C0044ag.java, line(s) 68,89,92,160,288,338,359,362 com/goder/busquery/prepareData/C0047aj.java, line(s) 65,71,126 com/goder/busquery/prepareData/C0047bj.java, line(s) 728,737,924,1006,1043,1097,1184,1440,1619,2379,2394,2411,2915,3177,3207,3315,165,166,301,313,340,341,361,362,435,438,508,539,542,563,566,591,595,643,649,650,660,703,716,724,743,744,745,746,816,968,1003,1343,1382,1432,1585,1731,1787,1802,1826,1829,1860,1881,1884,1996,2120,2144,2169,2172,2282,2283,2286,2484,2829,2912,2913,3150,3286,3288,3290,3384,3386,3388 com/goder/busquery/prepareData/C0048ak.java, line(s) 140,714,748,825,872,1450,1560,1952,87,138,357,383,387,408,439,461,528,563,595,723,905,928,931,1061,1286,1691,1695,1707,1730,1733,1840 com/goder/busquery/prepareData/C0056as.java, line(s) 28 com/goder/busquery/prepareData/C0058au.java, line(s) 414,164,198,341,360,363,458,479,482,560,564 com/goder/busquery/prepareData/C0062ay.java, line(s) 233,432,655,1365,1385,1473,2079,2499,2549,2605,2881,2987,3006,3012,3367,3546,3552,1339,1405,1434,1457,1460,1591,1744,1841,1842,1843,2102,2127,2152,2188,2210,2270,2292,2458,2462,2477,2513,2541,2602,2607,2614,2618,2953,2956,2961,3001,3003,3005,3532,3543,3555 com/goder/busquery/prepareData/C0065cC.java, line(s) 179,286,683,91,120,152,173,176,196,228,264,276,284,297,303,640,674,798,818,948,990,1209 com/goder/busquery/prepareData/C0066ca.java, line(s) 74,83,434,50,62,70,89,90,91,95,96,97,266,329,476,483,635,776,782,830,837,853,854,856 com/goder/busquery/prepareData/C0074bj.java, line(s) 518,949,958,1145,1227,1264,1318,1405,1661,1944,2204,2211,2296,4141,4156,4173,4677,4939,4969,5077,5285,5302,168,169,304,316,343,344,364,365,438,441,449,479,502,516,729,760,763,784,787,812,816,864,870,871,881,924,937,945,964,965,966,967,1037,1189,1224,1564,1603,1653,1811,2214,2215,2216,2217,2218,2262,2408,2464,2479,2503,2506,2537,2558,2561,2717,3152,3237,3372,3436,3572,3595,3611,3617,3620,3623,3647,3648,3650,3653,3664,3667,3758,3882,3906,3931,3934,4044,4045,4048,4246,4591,4674,4675,4912,5048,5050,5052,5146,5148,5150,5198,5272 com/goder/busquery/prepareData/C0076ck.java, line(s) 535,543,604,606,73,82,90,94,190,281,302,305,382,407,428,431,633,656,679 com/goder/busquery/prepareData/C0080co.java, line(s) 36,34 com/goder/busquery/prepareData/C0081cp.java, line(s) 41,88,94,103,127 com/goder/busquery/prepareData/C0085ct.java, line(s) 726,969,380,421,425,445,452,462,496,564,574,719,741,834,866,982,1046,1064,1069,1075,1077,1240,1244,1280,1283,1287,1288,1337,1449 com/goder/busquery/prepareData/C0092cC.java, line(s) 182,289,686,94,123,155,176,179,199,231,267,279,287,300,306,643,677,801,821,951,993,1135,1145,1823 com/goder/busquery/prepareData/C0093ca.java, line(s) 84,93,225,441,834,1009,1158,60,72,80,99,100,101,105,106,107,178,212,666,729,876,883,964,1043,1163,1406,1493,1494,2258,2399,2405,2453,2460,2476,2477,2479 com/goder/busquery/prepareData/C0093da.java, line(s) 102,126,167,169,243,267,280,308 com/goder/busquery/prepareData/C0098df.java, line(s) 631,698,749,753,942,119,170,181,205,233,256,278,281,363,387,394,540,562,565 com/goder/busquery/prepareData/C0102dj.java, line(s) 152,174,177,246,268,271 com/goder/busquery/prepareData/C0103ck.java, line(s) 1774,1782,1843,1845,78,87,95,99,302,403,433,475,704,725,728,793,816,821,940,1301,1326,1347,1350,1497,1560,1623,1872,1895,1918 com/goder/busquery/prepareData/C0107co.java, line(s) 51,49,155,179,202 com/goder/busquery/prepareData/C0108cp.java, line(s) 42,89,95,104,128 com/goder/busquery/prepareData/C0109dr.java, line(s) 343,345,588,621,628,812,837,846,863,1113,1117,1133,1144,1207,1461,1580,1581,1612 com/goder/busquery/prepareData/C0112ct.java, line(s) 2433,2833,351,1135,1991,1995,2015,2022,2032,2066,2134,2183,2200,2232,2258,2266,2281,2426,2448,2666,2698,2846,2999,3017,3022,3028,3030,3193,3197,3233,3236,3240,3241,3399,3511 com/goder/busquery/prepareData/C0118e.java, line(s) 55,101,188,204,319,398,407,409,508 com/goder/busquery/prepareData/C0119f.java, line(s) 263,428,722,740,813,832,989,1059,1065,1078,1126,1241 com/goder/busquery/prepareData/C0120da.java, line(s) 104,128,169,171,245,269,282,310 com/goder/busquery/prepareData/C0125df.java, line(s) 633,700,751,755,944,121,172,183,207,235,258,280,283,365,389,396,542,564,567 com/goder/busquery/prepareData/C0125l.java, line(s) 26,133,152,154,165 com/goder/busquery/prepareData/C0126m.java, line(s) 156,227,232,315,321,349,350,351,416,423,424,425,426,644,125,145,223,246,305,310,419,448,563,633,823,824,869,870,882,883,886 com/goder/busquery/prepareData/C0128o.java, line(s) 34,40,114 com/goder/busquery/prepareData/C0129dj.java, line(s) 533,158,180,183,249,273,280,431,453,456 com/goder/busquery/prepareData/C0133t.java, line(s) 54,43,64,85,97 com/goder/busquery/prepareData/C0136dr.java, line(s) 426,1251,1260,307,406,483,766,768,1011,1044,1051,1150,1216,1249,1365,1390,1399,1416,1932,1936,1952,1963,2026,2104,2215,2434,2553,2554,2585 com/goder/busquery/prepareData/C0139z.java, line(s) 160,523,534,544,553 com/goder/busquery/prepareData/C0145e.java, line(s) 55,101,188,204,319,398,407,409,508 com/goder/busquery/prepareData/C0146f.java, line(s) 294,650,704,998,1016,1089,1108,1265,1335,1341,1354,1402,1517 com/goder/busquery/prepareData/C0152l.java, line(s) 26,133,152,154,165 com/goder/busquery/prepareData/C0153m.java, line(s) 157,228,233,316,322,401,410,411,412,477,484,485,486,487,705,737,767,126,146,224,247,306,311,362,393,480,509,624,694,807,828,829,834,837,839,844,859,860,862,863,869,871,1058,1059,1104,1105,1117,1118,1121 com/goder/busquery/prepareData/C0155o.java, line(s) 37,43,161 com/goder/busquery/prepareData/C0160t.java, line(s) 54,43,64,85,97 com/goder/busquery/prepareData/C0166z.java, line(s) 551,968,984,1361,1377,1512,1523,1533,1542 com/goder/busquery/prepareData/CallableC0045bh.java, line(s) 47 com/goder/busquery/prepareData/CallableC0072bh.java, line(s) 47 com/goder/busquery/prepareData/DownloadEstimateTime.java, line(s) 497,504,860,1364,1524,102,124,144,237,304,379,397,404,408,423,430,454,468,489,836,837,857,864,865,915,922,930,937,941,948,1054,1309,1311,1359,1361,1369,1381,1392,1413,1442,1451,1455,1456,1457,1473,1508,1528,1724 com/goder/busquery/prepareData/E.java, line(s) 428,453,171,177,214,254,395,398,446,602,603,617 com/goder/busquery/prepareData/GetParkingLot.java, line(s) 464,641,94,115,118,134,155,158,283,307 com/goder/busquery/prepareData/GetTpeNtpTrafficImageData.java, line(s) 239,376,385,769,771,345,358,371,454,554,580,599,796 com/goder/busquery/prepareData/GetWillingtonBusData.java, line(s) 170,175,197,745,146,279,294,315,318,366,387,390,624,626,636,637,638,640,641,726 com/goder/busquery/prepareData/H.java, line(s) 119,127,147,177,430,569,633,694 com/goder/busquery/prepareData/R.java, line(s) 74,102,105,132,159,162,181,199,201 com/goder/busquery/prepareData/V.java, line(s) 82,125,213,221,281,45,55,59,76,101,108,130,135,173,206,253,264,312,399,459,470 com/goder/busquery/prepareData/Y.java, line(s) 59,81,125,145 com/goder/busquery/prepareData/aJ.java, line(s) 251,539,595,832,890,1088,1154,116,141,249,290,292,293,604,625,720,741,744,899,908,931,989,1010,1013,1097,1176 com/goder/busquery/prepareData/aR.java, line(s) 321,340,370,391,497,545,560,618,621,623,630,631,633,635,667,673,797,1059 com/goder/busquery/prepareData/aX.java, line(s) 1680,1731,1877,1912,2318,2329,173,188,198,211,1605,1663,1669,1950,1956,1957,1958,1959,1960,1961,1986,1987,2117,2240,2241,2242,2253,2256,2320,2381,2513,2581,2583,2584,2590,2594,2607 com/goder/busquery/prepareData/bC.java, line(s) 26 com/goder/busquery/prepareData/bD.java, line(s) 65,69,95,120,124,195,268,291,295,325,431 com/goder/busquery/prepareData/bF.java, line(s) 109,98,99,103,132,173,245,363,448,490,565,588,591,619,636 com/goder/busquery/prepareData/bI.java, line(s) 562,209,222,231,242,298,300,310,313,315,316,372,420,442,462,481,511,531,597,600,617,760,834 com/goder/busquery/prepareData/bO.java, line(s) 164,181,202,205,243,264,267,366 com/goder/busquery/prepareData/bS.java, line(s) 123,203,487,84,232,242,263,266,295,334,443,448,499 com/goder/busquery/prepareData/bY.java, line(s) 114,125,193,281,293,357 com/goder/busquery/prepareData/cH.java, line(s) 122,64,71,101,364,385,388,410,514 com/goder/busquery/prepareData/cL.java, line(s) 157,207,260,284,319,343,361,386,411 com/goder/busquery/prepareData/cM.java, line(s) 229,514,783,362,428,453,523,966,987,990,1107 com/goder/busquery/prepareData/cW.java, line(s) 72,85,195,199,227,235,396,417,420 com/goder/busquery/prepareData/dA.java, line(s) 25 com/goder/busquery/prepareData/dC.java, line(s) 26 com/goder/busquery/prepareData/dE.java, line(s) 80,86,210 com/goder/busquery/prepareData/dF.java, line(s) 94,75,90 com/goder/busquery/prepareData/dP.java, line(s) 25,21,88 com/goder/busquery/prepareData/dS.java, line(s) 25,21,76,83 com/goder/busquery/prepareData/dV.java, line(s) 141,163 com/goder/busquery/prepareData/dY.java, line(s) 7,9,12 com/goder/busquery/prepareData/dZ.java, line(s) 27 com/goder/busquery/time/ExtractTimeTag.java, line(s) 10,13 com/goder/busquery/time/TimeNormalizer.java, line(s) 33,45,77,130,131,134,135 com/goder/busquery/train/GetTRAInfo.java, line(s) 1092,1097,1101 com/goder/busquery/train/GetTRAOrderInfo.java, line(s) 37,60,77 com/goder/busquery/train/IntentionParser.java, line(s) 130,133,136,139,142,145,148,151,154,157 com/goder/busquery/train/a.java, line(s) 68,77,38,51,63,361,362,364,367 com/goder/busquery/train/k.java, line(s) 105 com/goder/busquery/util/GPSDistance.java, line(s) 180,224,394,416,421,453,472,479,481,485 com/goder/busquery/util/Util.java, line(s) 113,151,189,232,350,629,747,756,760,771,852,860 com/goder/busquery/util/a.java, line(s) 26,50,65,66,87 com/goder/busquery/util/c.java, line(s) 76,98,100 com/goder/busquery/util/d.java, line(s) 136,154,205 com/goder/busquery/util/k.java, line(s) 102,103,107,109,113,118 com/goder/busquery/util/l.java, line(s) 41,62,65,104,135 com/goder/busquerysystemtrain/ArrivalTimeActivity.java, line(s) 2156 com/goder/busquerysystemtrain/DBResource.java, line(s) 251,282 com/goder/busquerysystemtrain/OnStopSchedule.java, line(s) 68,69 com/goder/busquerysystemtrain/RouteStopActivity.java, line(s) 2910 com/goder/busquerysystemtrain/ShowCarInfoLog.java, line(s) 98,99,100,101,104,388,237,387 com/goder/busquerysystemtrain/ToastCompat.java, line(s) 73 com/goder/busquerysystemtrain/adaptor/AdaptorBusStop.java, line(s) 820,821,822,823,826,3243,3242 com/goder/busquerysystemtrain/adaptor/AdaptorCarLog.java, line(s) 172,173,163 com/goder/busquerysystemtrain/gps/GPSTracker.java, line(s) 115,139,146 com/goder/busquerysystemtrain/nearby/AdaptorNearby.java, line(s) 367 com/goder/busquerysystemtrain/nearby/TouchImageView.java, line(s) 908 com/goder/busquerysystemtrain/service/BusArrivalNotification.java, line(s) 168,189,461,470,481,543,562 com/goder/busquerysystemtrain/service/CarTrackingNotification.java, line(s) 253,277,312,602,611,665,738 com/goder/busquerysystemtrain/service/NotificationActionReceiver2.java, line(s) 22,45,54,62,68,78,87,90 com/goder/busquerysystemtrain/service/TTS.java, line(s) 174 com/goder/busquerysystemtrain/traininfo/TrainMapActivity.java, line(s) 392,393,466 com/goder/busquerysystemtrain/traininfo/TrainOrderLogActivity.java, line(s) 176 com/goder/busquerysystemtrain/traininfo/TrainnoActivity.java, line(s) 649 com/goder/busquerysystemtrain/traininfo/WriteOrderLog.java, line(s) 22 uk/me/jstott/jcoord/Test.java, line(s) 5,7,9,11,12,13,14,16,18,19,20,22,25,26,27,28,30,32,33,34,36,39,40,41,42,44,45,46,48,50,51,52,54,56,57
信息 此应用程序将数据复制到剪贴板。敏感数据不应复制到剪贴板,因为其他应用程序可以访问它
此应用程序将数据复制到剪贴板。敏感数据不应复制到剪贴板,因为其他应用程序可以访问它 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x04b-Mobile-App-Security-Testing.md#clipboard Files: com/goder/busquerysystemtrain/CopyToClipboard.java, line(s) 5,22