移动应用安全检测报告:
安全基线评分
安全基线评分 45/100
综合风险等级
风险等级评定
- A
- B
- C
- F
漏洞与安全项分布(%)
隐私风险
2
检测到的第三方跟踪器数量
检测结果分布
高危安全漏洞
5
中危安全漏洞
17
安全提示信息
3
已通过安全项
2
重点安全关注
0
高危安全漏洞 基本配置配置为信任用户安装的证书。
Scope: *
高危安全漏洞 域配置不安全地配置为允许明文流量到达范围内的这些域。
Scope: ehtracker.org
高危安全漏洞 Activity (com.hippo.ehviewer.ui.splash.SplashActivity) 易受 StrandHogg 2.0 攻击
检测到 Activity 存在 StrandHogg 2.0 任务劫持漏洞。攻击者可将恶意 Activity 置于易受攻击应用的任务栈顶部,使应用极易成为钓鱼攻击目标。可通过将启动模式设置为 "singleInstance" 并将 taskAffinity 设为空(taskAffinity=""),或将应用的 target SDK 版本(28)升级至 29 及以上,从平台层面修复该漏洞。
高危安全漏洞 Activity (com.hippo.ehviewer.ui.MainActivity) 易受 StrandHogg 2.0 攻击
检测到 Activity 存在 StrandHogg 2.0 任务劫持漏洞。攻击者可将恶意 Activity 置于易受攻击应用的任务栈顶部,使应用极易成为钓鱼攻击目标。可通过将启动模式设置为 "singleInstance" 并将 taskAffinity 设为空(taskAffinity=""),或将应用的 target SDK 版本(28)升级至 29 及以上,从平台层面修复该漏洞。
高危安全漏洞 Activity (com.hippo.ehviewer.ui.GalleryActivity) 易受 StrandHogg 2.0 攻击
检测到 Activity 存在 StrandHogg 2.0 任务劫持漏洞。攻击者可将恶意 Activity 置于易受攻击应用的任务栈顶部,使应用极易成为钓鱼攻击目标。可通过将启动模式设置为 "singleInstance" 并将 taskAffinity 设为空(taskAffinity=""),或将应用的 target SDK 版本(28)升级至 29 及以上,从平台层面修复该漏洞。
中危安全漏洞 基本配置配置为信任系统证书。
Scope: *
中危安全漏洞 应用已启用明文网络流量
[android:usesCleartextTraffic=true] 应用允许明文网络流量(如 HTTP、FTP 协议、DownloadManager、MediaPlayer 等)。API 级别 27 及以下默认启用,28 及以上默认禁用。明文流量缺乏机密性、完整性和真实性保护,攻击者可窃听或篡改传输数据。建议关闭明文流量,仅使用加密协议。
中危安全漏洞 应用数据允许备份
[android:allowBackup=true] 该标志允许通过 adb 工具备份应用数据。启用 USB 调试的用户可直接复制应用数据,存在数据泄露风险。
中危安全漏洞 Activity (com.hippo.ehviewer.ui.MainActivity) 未受保护。
[android:exported=true] 检测到 Activity 已导出,未受任何权限保护,任意应用均可访问。
中危安全漏洞 Activity (com.hippo.ehviewer.ui.GalleryActivity) 未受保护。
[android:exported=true] 检测到 Activity 已导出,未受任何权限保护,任意应用均可访问。
中危安全漏洞 Broadcast Receiver (androidx.profileinstaller.ProfileInstallReceiver) 受权限保护,但应检查权限保护级别。
Permission: android.permission.DUMP [android:exported=true] 检测到 Broadcast Receiver 已导出并受未在本应用定义的权限保护。请在权限定义处核查其保护级别。若为 normal 或 dangerous,恶意应用可申请并与组件交互;若为 signature,仅同证书签名应用可访问。
中危安全漏洞 IP地址泄露
IP地址泄露 Files: com/cloudinject/customview/C0020.java, line(s) 496 com/cloudinject/customview/C0026.java, line(s) 496 com/hippo/ehviewer/BuildConfig.java, line(s) 10 com/hippo/ehviewer/client/EhHosts.java, line(s) 29,29,38,33,34,35,35,35,35,29,29,29,29,29,29,29,38,38,38,40,38,39,40,38,38,38,40,38,39,40,38,38,38,40,38,39,40,33,34,33,34,31,32,32,30,30 com/hippo/ehviewer/ui/wifi/WiFiServerActivity.java, line(s) 134 mirrorb/android/app/job/C0029.java, line(s) 122 mirrorb/android/app/job/C0032.java, line(s) 377 mirrorb/android/app/job/C0068.java, line(s) 122 mirrorb/android/app/job/C0071.java, line(s) 377 mirrorb/android/app/role/C0035.java, line(s) 592 mirrorb/android/app/role/C0074.java, line(s) 592 mirrorb/android/app/servertransaction/C0038.java, line(s) 126 mirrorb/android/app/servertransaction/C0077.java, line(s) 126 mirrorb/android/bluetooth/C0042.java, line(s) 310 mirrorb/android/bluetooth/C0081.java, line(s) 310 mirrorb/android/graphics/drawable/C0045.java, line(s) 117 mirrorb/android/graphics/drawable/C0084.java, line(s) 117 mirrorb/android/hardware/display/C0046.java, line(s) 431 mirrorb/android/hardware/display/C0085.java, line(s) 431 mirrorb/android/media/session/C0048.java, line(s) 556 mirrorb/android/media/session/C0087.java, line(s) 556 mirrorb/android/net/wifi/C0053.java, line(s) 131 mirrorb/android/net/wifi/C0092.java, line(s) 131 mirrorb/android/os/storage/C0057.java, line(s) 602 mirrorb/android/os/storage/C0096.java, line(s) 602 mirrorb/android/providers/C0059.java, line(s) 376 mirrorb/android/providers/C0098.java, line(s) 376 mirrorb/android/rms/C0063.java, line(s) 365 mirrorb/android/rms/C0064.java, line(s) 373 mirrorb/android/rms/C0102.java, line(s) 365 mirrorb/android/rms/C0103.java, line(s) 373 mirrorb/android/security/net/config/C0065.java, line(s) 193 mirrorb/android/security/net/config/C0104.java, line(s) 193 mirrorb/android/service/persistentdata/C0067.java, line(s) 187,263 mirrorb/android/service/persistentdata/C0068.java, line(s) 314 mirrorb/android/service/persistentdata/C0106.java, line(s) 187,263 mirrorb/android/service/persistentdata/C0107.java, line(s) 314 mirrorb/android/view/accessibility/C0072.java, line(s) 317 mirrorb/android/view/accessibility/C0111.java, line(s) 317 mirrorb/android/webkit/C0073.java, line(s) 606 mirrorb/android/webkit/C0074.java, line(s) 153 mirrorb/android/webkit/C0112.java, line(s) 606 mirrorb/android/webkit/C0113.java, line(s) 153 mirrorb/java/io/C0091.java, line(s) 141 mirrorb/java/io/C0130.java, line(s) 141
中危安全漏洞 应用程序使用SQLite数据库并执行原始SQL查询。原始SQL查询中不受信任的用户输入可能会导致SQL注入。敏感信息也应加密并写入数据库
应用程序使用SQLite数据库并执行原始SQL查询。原始SQL查询中不受信任的用户输入可能会导致SQL注入。敏感信息也应加密并写入数据库 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x04h-Testing-Code-Quality.md#injection-flaws-mstg-arch-2-and-mstg-platform-2 Files: com/hippo/database/MSQLiteOpenHelper.java, line(s) 4,5,28 com/hippo/ehviewer/EhDB.java, line(s) 4,5,73,74,75,76,82,83,85,86,87,88,90,91,92,93,94,95,96,97 com/hippo/ehviewer/Hosts.java, line(s) 6,7,35,47,76 com/hippo/ehviewer/dao/BlackListDao.java, line(s) 4,38,39,46 com/hippo/ehviewer/dao/BookmarksBao.java, line(s) 4,43,50 com/hippo/ehviewer/dao/DownloadDirnameDao.java, line(s) 4,32,39 com/hippo/ehviewer/dao/DownloadLabelDao.java, line(s) 4,35,42 com/hippo/ehviewer/dao/DownloadsDao.java, line(s) 4,47,54 com/hippo/ehviewer/dao/FilterDao.java, line(s) 4,35,42 com/hippo/ehviewer/dao/GalleryTagsDao.java, line(s) 4,48,55 com/hippo/ehviewer/dao/HistoryDao.java, line(s) 4,43,50 com/hippo/ehviewer/dao/LocalFavoritesDao.java, line(s) 4,42,49 com/hippo/ehviewer/dao/QuickSearchDao.java, line(s) 4,41,48 com/hippo/ehviewer/widget/SearchDatabase.java, line(s) 7,8,47 com/hippo/network/CookieDatabase.java, line(s) 6,7,8,79 com/hippo/util/SqlUtils.java, line(s) 5,24 org/greenrobot/greendao/AbstractDao.java, line(s) 6,7,109,113,135,360,494 org/greenrobot/greendao/DbUtils.java, line(s) 6,15,50 org/greenrobot/greendao/database/StandardDatabase.java, line(s) 5,15,16
中危安全漏洞 SHA-1是已知存在哈希冲突的弱哈希
SHA-1是已知存在哈希冲突的弱哈希 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x04g-Testing-Cryptography.md#identifying-insecure-andor-deprecated-cryptographic-algorithms-mstg-crypto-4 Files: com/hippo/ehviewer/client/EhTagDatabase.java, line(s) 176 com/hippo/util/PackageUtils.java, line(s) 30
中危安全漏洞 应用程序使用不安全的随机数生成器
应用程序使用不安全的随机数生成器 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x04g-Testing-Cryptography.md#weak-random-number-generators Files: com/hippo/ehviewer/client/EhHosts.java, line(s) 15 com/hippo/ehviewer/ui/scene/topList/EhTopListScene.java, line(s) 35 com/hippo/lib/yorozuya/MathUtils.java, line(s) 4 com/hippo/yorozuya/MathUtils.java, line(s) 3 mirrorb/android/providers/C0058.java, line(s) 61 mirrorb/android/providers/C0097.java, line(s) 61 org/greenrobot/greendao/test/DbTest.java, line(s) 7 org/jsoup/helper/DataUtil.java, line(s) 16
中危安全漏洞 文件可能包含硬编码的敏感信息,如用户名、密码、密钥等
文件可能包含硬编码的敏感信息,如用户名、密码、密钥等 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x05d-Testing-Data-Storage.md#checking-memory-for-sensitive-data-mstg-storage-10 Files: com/hippo/ehviewer/client/EhConfig.java, line(s) 77 com/hippo/ehviewer/client/wifi/ConnectThread.java, line(s) 24,25,26,30 com/hippo/ehviewer/ui/scene/GalleryCommentsScene.java, line(s) 72 org/jsoup/helper/W3CDom.java, line(s) 205 org/jsoup/nodes/DocumentType.java, line(s) 11,12,14
中危安全漏洞 应用程序可以读取/写入外部存储器,任何应用程序都可以读取写入外部存储器的数据
应用程序可以读取/写入外部存储器,任何应用程序都可以读取写入外部存储器的数据 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x05d-Testing-Data-Storage.md#external-storage Files: cd/C0015.java, line(s) 230 cd/C0021.java, line(s) 230 com/hippo/content/FileProvider.java, line(s) 171 com/hippo/ehviewer/AppConfig.java, line(s) 31,32 com/hippo/ehviewer/download/DownloadTorrentManager.java, line(s) 73 com/hippo/ehviewer/ui/scene/gallery/detail/GalleryDetailScene.java, line(s) 2143 com/hippo/widget/DirExplorer.java, line(s) 70,71
中危安全漏洞 应用程序创建临时文件。敏感信息永远不应该被写进临时文件
应用程序创建临时文件。敏感信息永远不应该被写进临时文件 Files: com/hippo/ehviewer/AppConfig.java, line(s) 119 com/hippo/ehviewer/ui/MainActivity.java, line(s) 223 com/hippo/ehviewer/ui/scene/gallery/detail/GalleryDetailScene.java, line(s) 1175 com/hippo/ehviewer/widget/ImageSearchLayout.java, line(s) 104
中危安全漏洞 不安全的Web视图实现。可能存在WebView任意代码执行漏洞
不安全的Web视图实现。可能存在WebView任意代码执行漏洞 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x05h-Testing-Platform-Interaction.md#testing-javascript-execution-in-webviews-mstg-platform-5 Files: com/hippo/android/recaptcha/RecaptchaV1Task.java, line(s) 34,33
中危安全漏洞 MD5是已知存在哈希冲突的弱哈希
MD5是已知存在哈希冲突的弱哈希 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x04g-Testing-Cryptography.md#identifying-insecure-andor-deprecated-cryptographic-algorithms-mstg-crypto-4 Files: com/hippo/beerbelly/SimpleDiskCache.java, line(s) 41
中危安全漏洞 应用程序包含隐私跟踪程序
此应用程序有多个2隐私跟踪程序。跟踪器可以跟踪设备或用户,是终端用户的隐私问题。
中危安全漏洞 此应用可能包含硬编码机密信息
从应用程序中识别出以下机密确保这些不是机密或私人信息 "key_posted" : "Publicado" "settings_about_author" : "Entwickler" "key_title" : "Titel" "key_visible" : "Sichtbar?" "google_crash_reporting_api_key" : "AIzaSyDIOHaCpY6XWdBnzznycasyg4T3q8pGHZs" "com.google.firebase.crashlytics.mapping_file_id" : "00000000000000000000000000000000" "key_url" : "Url" "username" : "Benutzername" "key_token" : "Token" "username" : "Usuario" "key_size" : "Size" "key_pages" : "Pages" "key_category" : "Kategorie" "header_key" : "Key" "username" : "Username" "key_posted" : "Posted" "google_app_id" : "1:902803992147:android:17f3d7271db705d396e0a6" "google_api_key" : "AIzaSyDIOHaCpY6XWdBnzznycasyg4T3q8pGHZs" "key_category" : "Category" "key_favorited" : "Favorited" "key_torrents" : "Torrents" "key_language" : "Idioma" "key_language" : "Sprache" "key_rating" : "Bewertung" "key_pages" : "Seiten" "header_key" : "Clave" "password" : "Kennwort" "key_rating" : "Rating" "key_favorited" : "Favorito" "key_title" : "Titre" "key_posted" : "Hochladungsdatum" "key_parent" : "Elternteil" "key_language" : "Language" "key_visible" : "Visible" "key_gid" : "GID" "key_thumb" : "Vorschau" "key_language" : "Langue" "key_thumb" : "Miniatura" "key_gid" : "Gid" "key_url" : "URL" "key_torrent_url" : "Torrent" "key_rating" : "Notation" "key_parent" : "Parent" "firebase_database_url" : "https://comxjsehviewer.firebaseio.com" "key_token" : "Clave" "key_title" : "Title" "password" : "Password" "settings_about_author" : "Author" "settings_about_author" : "Autor" "key_uploader" : "Uploader" "key_size" : "Taille" "key_thumb" : "Thumb" "key_parent" : "Padre" WebKitFormBoundaryU7CgQs9WnqlZYKs6 0df18c17d79aca1b65c8a70136f788ca871f646a86e5939bf879610ad6834f895f2057262991f4bc d577377e4c1a566df58500c2056b7152 5oKo55qE5pSv5oyB5piv5oiR5pu05paw55qE5pyA5aSn5Yqo5Yqb77yM5oKo5Y+v5Lul5oiq5Zu+5ZCO5Zyo5b6u5L+h5oiW5pSv5LuY5a6d5Lit5omr5o+P5LqM57u056CB5o+Q5L6b546w6YeR5pSv5oyB77yM5Lmf5Y+v5Lul6YCa6L+H6YKu5Lu25YWI5L2c6ICF5o+Q5Ye65oKo5oOz6KaB55qE5paw5Yqf6IO95oiW55uu5YmN5piv5LiN5aW955So55qE5Yqf6IO977yM5oiR5Lya5LiA5LiA5Zue5aSN5bm25YGa5Ye65oSf6LCi44CCKCDigKLMgCDPiSDigKLMgSAp4pyn 71cfeaed8cbdee2e0000242d50cf1f9f
安全提示信息 此应用程序将数据复制到剪贴板。敏感数据不应复制到剪贴板,因为其他应用程序可以访问它
此应用程序将数据复制到剪贴板。敏感数据不应复制到剪贴板,因为其他应用程序可以访问它 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x04b-Mobile-App-Security-Testing.md#clipboard Files: com/hippo/ehviewer/preference/IdentityCookiePreference.java, line(s) 4,49 com/hippo/ehviewer/ui/fragment/AboutFragment.java, line(s) 4,144 com/hippo/ehviewer/ui/scene/GalleryCommentsScene.java, line(s) 5,333 com/hippo/ehviewer/ui/scene/GalleryInfoScene.java, line(s) 4,165 com/hippo/ehviewer/ui/scene/gallery/list/GalleryListSceneDialog.java, line(s) 4,168,169 com/hippo/ehviewer/util/ClipboardUtil.java, line(s) 4,40,48,84 com/hippo/util/AppHelper.java, line(s) 6,170,173
安全提示信息 应用程序记录日志信息,不得记录敏感信息
应用程序记录日志信息,不得记录敏感信息 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x05d-Testing-Data-Storage.md#logs Files: com/acsbendi/requestinspectorwebview/RequestInspectorJavaScriptInterface.java, line(s) 268,265,270,281,292 com/acsbendi/requestinspectorwebview/RequestInspectorWebViewClient.java, line(s) 59,66 com/github/amlcurran/showcaseview/ShowcaseAreaCalculator.java, line(s) 22 com/github/amlcurran/showcaseview/targets/ActionBarViewWrapper.java, line(s) 34,37,48,51,83 com/github/ybq/android/spinkit/animation/SpriteAnimatorBuilder.java, line(s) 146 com/h6ah4i/android/widget/advrecyclerview/animator/GeneralItemAnimator.java, line(s) 40,47,54,81,144 com/h6ah4i/android/widget/advrecyclerview/animator/impl/ItemAddAnimationManager.java, line(s) 29,37 com/h6ah4i/android/widget/advrecyclerview/animator/impl/ItemChangeAnimationManager.java, line(s) 23,31 com/h6ah4i/android/widget/advrecyclerview/animator/impl/ItemMoveAnimationManager.java, line(s) 29,37 com/h6ah4i/android/widget/advrecyclerview/animator/impl/ItemRemoveAnimationManager.java, line(s) 29,37 com/h6ah4i/android/widget/advrecyclerview/draggable/DraggableItemWrapperAdapter.java, line(s) 70 com/h6ah4i/android/widget/advrecyclerview/draggable/RecyclerViewDragDropManager.java, line(s) 1244 com/hippo/beerbelly/BeerBelly.java, line(s) 52 com/hippo/beerbelly/DiskLruCache.java, line(s) 108 com/hippo/beerbelly/SimpleDiskCache.java, line(s) 93,116,123 com/hippo/conaco/Conaco.java, line(s) 87,88,115 com/hippo/conaco/ConacoTask.java, line(s) 168,188 com/hippo/drawable/BitmapPool.java, line(s) 39 com/hippo/drawable/UnikeryDrawable.java, line(s) 130 com/hippo/ehviewer/Settings.java, line(s) 310,323,336,349,362,375 com/hippo/ehviewer/client/EhEngine.java, line(s) 144,227,289,324,363,410,451,495,529,561,614,673,707,741,775,809,853,901,945,976,1020,1080,1088,1131,1173,1207,1239,1274,1338,1382 com/hippo/ehviewer/client/EhFilter.java, line(s) 47,84,104 com/hippo/ehviewer/client/EhUrlOpener.java, line(s) 46 com/hippo/ehviewer/client/data/FavListUrlBuilder.java, line(s) 109 com/hippo/ehviewer/client/parser/EhHomeParser.java, line(s) 26 com/hippo/ehviewer/client/parser/GalleryListParser.java, line(s) 160,189 com/hippo/ehviewer/client/parser/ProfileParser.java, line(s) 28 com/hippo/ehviewer/client/wifi/ConnectThread.java, line(s) 43,110,113 com/hippo/ehviewer/client/wifi/ListenerThread.java, line(s) 35,53,60 com/hippo/ehviewer/dao/DaoMaster.java, line(s) 81,96 com/hippo/ehviewer/download/DownloadManager.java, line(s) 360,374,607,333,491,520,650,724,729,736,969,987,1007,1031 com/hippo/ehviewer/download/DownloadService.java, line(s) 452,465 com/hippo/ehviewer/download/DownloadTorrentManager.java, line(s) 74 com/hippo/ehviewer/gallery/DirGalleryProvider.java, line(s) 213,263 com/hippo/ehviewer/spider/SpiderInfo.java, line(s) 140 com/hippo/ehviewer/spider/SpiderQueen.java, line(s) 704,480,1059,1147 com/hippo/ehviewer/sync/GalleryDetailTagsSyncTask.java, line(s) 33 com/hippo/ehviewer/ui/dialog/ArchiverDownloadDialog.java, line(s) 255,229,231,233,236,238 com/hippo/ehviewer/ui/dialog/UpdateDialog.java, line(s) 279,281,259,261,263,265,271 com/hippo/ehviewer/ui/scene/FavoritesScene.java, line(s) 706 com/hippo/ehviewer/ui/scene/GalleryCommentsScene.java, line(s) 257,736 com/hippo/ehviewer/ui/scene/ThumbSpanHelper.java, line(s) 73,125,144,145,150,151,162,163,168,169,204,205,210,211 com/hippo/ehviewer/ui/scene/download/DownloadsScene.java, line(s) 260 com/hippo/ehviewer/ui/scene/gallery/list/GalleryListScene.java, line(s) 1277 com/hippo/ehviewer/ui/wifi/WiFiClientActivity.java, line(s) 150 com/hippo/ehviewer/ui/wifi/WiFiServerActivity.java, line(s) 370,378,106,353 com/hippo/ehviewer/updater/AppUpdater.java, line(s) 239 com/hippo/ehviewer/widget/ImageSearchLayout.java, line(s) 154 com/hippo/ehviewer/widget/SearchDatabase.java, line(s) 94 com/hippo/lib/glgallery/PagerLayoutManager.java, line(s) 312,318 com/hippo/lib/glgallery/ScrollLayoutManager.java, line(s) 422,426,616,669,676,717,724 com/hippo/lib/glview/glrenderer/BasicTexture.java, line(s) 65 com/hippo/lib/glview/glrenderer/GLES11Canvas.java, line(s) 691 com/hippo/lib/glview/glrenderer/GLES20Canvas.java, line(s) 718,206,207,849,862 com/hippo/lib/glview/glrenderer/NativeTexture.java, line(s) 26 com/hippo/lib/glview/glrenderer/RawTexture.java, line(s) 51 com/hippo/lib/glview/image/ImageWrapper.java, line(s) 24 com/hippo/lib/glview/view/GLRootView.java, line(s) 223,201,431,449,469 com/hippo/lib/glview/view/GLView.java, line(s) 827 com/hippo/network/CookieDatabase.java, line(s) 137,142,148,153,162,167 com/hippo/network/EhSSLSocketFactory.java, line(s) 39,86,88 com/hippo/network/EhSSLSocketFactoryLowSDK.java, line(s) 40 com/hippo/preference/ActivityPreference.java, line(s) 39 com/hippo/refreshlayout/RefreshLayout.java, line(s) 631,672,677,738,794,852,877 com/hippo/ripple/Ripple.java, line(s) 34,47 com/hippo/scene/StageActivity.java, line(s) 95,221,287,292,344,348,296 com/hippo/unifile/DocumentsContractApi19.java, line(s) 84 com/hippo/unifile/DocumentsContractApi21.java, line(s) 26,77 com/hippo/unifile/RawFile.java, line(s) 44,73 com/hippo/unifile/TreeDocumentFile.java, line(s) 39 com/hippo/util/FileUtils.java, line(s) 204 com/hippo/util/PackageUtils.java, line(s) 18,22,44 com/hippo/widget/AvatarImageView.java, line(s) 307 com/hippo/widget/ContentLayout.java, line(s) 260,483 com/hippo/widget/LoadImageView.java, line(s) 302 com/hippo/widget/LoadImageViewNew.java, line(s) 270 org/ccil/cowan/tagsoup/CommandLine.java, line(s) 62,78,85,92,93,98,101,103,105,108,232,233 org/ccil/cowan/tagsoup/jaxp/JAXPTest.java, line(s) 15,21,22,24,25 org/greenrobot/eventbus/Logger.java, line(s) 81,86 org/greenrobot/eventbus/util/ErrorDialogConfig.java, line(s) 34 org/greenrobot/eventbus/util/ErrorDialogManager.java, line(s) 181 org/greenrobot/eventbus/util/ExceptionToResourceMapping.java, line(s) 25 org/greenrobot/greendao/AbstractDao.java, line(s) 273,615 org/greenrobot/greendao/DaoException.java, line(s) 28,29 org/greenrobot/greendao/DaoLog.java, line(s) 35,39,67,15,43,47,27,31,51,55,59,63 org/greenrobot/greendao/DbUtils.java, line(s) 88,30 org/greenrobot/greendao/async/AsyncOperationExecutor.java, line(s) 175,185,197,134 org/greenrobot/greendao/internal/LongHashMap.java, line(s) 132 org/greenrobot/greendao/query/QueryBuilder.java, line(s) 242,245 org/greenrobot/greendao/test/AbstractDaoTest.java, line(s) 55,57,47 org/greenrobot/greendao/test/AbstractDaoTestLongPk.java, line(s) 32,35 org/greenrobot/greendao/test/DbTest.java, line(s) 85
安全提示信息 应用与Firebase数据库通信
该应用与位于 https://comxjsehviewer.firebaseio.com 的 Firebase 数据库进行通信
已通过安全项 此应用程序使用SSL Pinning 来检测或防止安全通信通道中的MITM攻击
此应用程序使用SSL Pinning 来检测或防止安全通信通道中的MITM攻击 https://github.com/OWASP/owasp-mstg/blob/master/Document/0x05g-Testing-Network-Communication.md#testing-custom-certificate-stores-and-certificate-pinning-mstg-network-4 Files: com/hippo/ehviewer/EhApplication.java, line(s) 310,328,370,388,309,315,327,369,375,387,308,308,326,326,368,368,386,386
已通过安全项 Firebase远程配置已禁用
Firebase远程配置URL ( https://firebaseremoteconfig.googleapis.com/v1/projects/902803992147/namespaces/firebase:fetch?key=AIzaSyDIOHaCpY6XWdBnzznycasyg4T3q8pGHZs ) 已禁用。响应内容如下所示:
{
"state": "NO_TEMPLATE"
}