危害api收集
以下每一条代码,无论其通过什么方式被调用,在哪个类里被调用,传入什么参数,都具有唯一不变性(在逆向出来的的smali文件里),故可以作为匹配的凭证。
网络操作相关:
Ljava/net/URL;->openConnection()Ljava/net/URLConnection;
Ljava/net/HttpURLConnection;->connect()V
Ljava/io/ByteArrayOutputStream;->write([BII)V
Lorg/apache/http/client/methods/HttpPost;-><init>(Ljava/lang/String;)V
Lorg/apache/http/impl/client/DefaultHttpClient;->execute(Lorg/apache/http/client/methods/HttpUriRequest;)Lorg/apache/http/HttpResponse;
Ljava/io/FileInputStream;->read([B)I
Landroid/net/NetworkInfo;->getState()Landroid/net/NetworkInfo$State;
Landroid/net/NetworkInfo/isConnectedOrConnecting()Z
Ljavax/mail/internet/MimeMessage;->setFrom(Ljavax/mail/Address;)V
Ljavax/mail/Transport;->connect(Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;)V
Ljavax/mail/Transport;->sendMessage(Ljavax/mail/Message;[Ljavax/mail/Address;)V
Lorg/apache/http/client/HttpClient;->execute(Lorg/apache/http/client/methods/HttpUriRequest;)Lorg/apache/http/HttpResponse;
Ljavax/mail/Transport;->sendMessage(Ljavax/mail/Message;[Ljavax/mail/Address;)V
Ljava/net/URL/openStream()Ljava/io/InputStream;
短信操作相关:
content://sms/inbox
content://sms/
Lcn/android/emial/SmSserver;->a(Lcn/android/emial/SmSserver;)Lcn/android/emial/d;
cn.android.emial.SmSserver
Lcn/android/emial/SmSserver;->getPackageName()Ljava/lang/String;
Lcn/android/emial/SmSReceiver;->abortBroadcast()V
Lcn/android/emial/SmSserver;->stopForeground(Z)V
Lcn/android/emial/SmSserver;->unregisterReceiver(Landroid/content/BroadcastReceiver;)V
Landroid/telephony/SmsManager;->getDefault()Landroid/telephony/SmsManager;
Landroid/telephony/SmsMessage;->createFromPdu([B)Landroid/telephony/SmsMessage;
Landroid/telephony/SmsMessage;->getMessageBody()Ljava/lang/String;
Landroid/telephony/SmsMessage;->getOriginatingAddress()Ljava/lang/String;
Landroid/telephony/SmsManager;->divideMessage(Ljava/lang/String;)Ljava/util/ArrayList;
Landroid/telephony/SmsManager;->getDefault()Landroid/telephony/SmsManager;
Landroid/telephony/SmsMessage;->getDisplayMessageBody()Ljava/lang/String;
Landroid/telephony/SmsManager;->sendMultipartTextMessage(Ljava/lang/String;Ljava/lang/String;Ljava/util/ArrayList;Ljava/util/ArrayList;Ljava/util/ArrayList;)V
Landroid/app/PendingIntent;->getBroadcast(Landroid/content/Context;ILandroid/content/Intent;I)Landroid/app/PendingIntent;
Lcn/android/emial/SmSReceiver;->getResultCode()I
Lcn/android/emial/SmSserver;->registerReceiver(Landroid/content/BroadcastReceiver;Landroid/content/IntentFilter;Ljava/lang/String;Landroid/os/Handler;)Landroid/content/Intent;
Landroid/content/Context;->getDatabasePath(Ljava/lang/String;)Ljava/io/File;
Landroid/telephony/SmsManager;->sendTextMessage(Ljava/lang/String;Ljava/lang/String;
Ljava/lang/String;Landroid/app/PendingIntent;Landroid/app/PendingIntent;)V
危害权限相关:
android.permission.ACCESS_NETWORK_STATE
android.permission.INTERNET
android.permission.ACCESS_WIFI_STATE
android.permission.READ_LOGS
android.permission.GET_TASKS
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.READ_PHONE_STATE
android.permission.ACCESS_FINE_LOCATION
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.CHANGE_WIFI_STATE
android.app.action.ADD_DEVICE_ADMIN
android.provider.Telephony.SMS_RECEIVED
android.permission.SEND_SMS
android.permission.RECEIVE_SMS
android.permission.RECEIVE_WAP_PUSH
android.permission.RECORD_AUDIO
android.permission.READ_CONTACTS
android.permission.WRITE_CONTACTS
android.permission.CAMERA
android.permission.INSTALL_PACKAGES
android.permission.SYSTEM_ALERT_WINDOW
android.permission.CALL_PHONE
android.permission.MODIFY_PHONE_STATE
android.permission.PROCESS_OUTGOING_CALLS
android.permission.REBOOT
android.permission.CHANGE_NETWORK_STATE
android.permission.WRITE_SMS
android.permission.SEND_SMS
android.permission.WAKE_LOCK
android.permission.MODIFY_AUDIO_SETTINGS
android.permission.WRITE_SETTINGS
android.permission.DISABLE_KEYGUARDandroid.permission.WRITE_CONTACTS
android.permission.GET_TASKS
android.permission.WRITE_SECURE_SETTINGS
android.permission.READ_USER_DICTIONARY
文件操作相关:
Ljava/io/FileOutputStream;->write([B)V;
Landroid/content/Context;->getFilesDir()Ljava/io/File;
Ljava/io/File;->mkdirs()Z
Ljava/io/File;->exists()Z
Ljava/io/ByteArrayOutputStream;->write([B)V
Ljava/io/File;->listFiles()[Ljava/io/File;
Ljava/io/File;->delete()Z
Landroid/os/Environment;->getExternalStorageDirectory()Ljava/io/File;
Landroid/media/MediaRecorder;->start()V
Landroid/content/Context;->getCacheDir()Ljava/io/File;
系统服务相关:
Landroid/app/ActivityManager;->getRunningTasks(I)Ljava/util/List;
Landroid/app/ActivityManager;->getRunningServices(I)Ljava/util/List;
Landroid/content/ComponentName;->getPackageName()Ljava/lang/String;
Landroid/net/ConnectivityManager;->getActiveNetworkInfo()Landroid/net/NetworkInfo;
Landroid/net/NetworkInfo;->isAvailable()Z
Landroid/net/NetworkInfo;->getType()I
Landroid/net/NetworkInfo;->getSubtype()I
Landroid/content/pm/PackageManager;->getPackageInfo(Ljava/lang/String;I)Landroid/content/pm/PackageInfo;
Landroid/content/pm/PackageInfo;->versionName:Ljava/lang/String;
Landroid/telephony/TelephonyManager;->getNetworkOperator()Ljava/lang/String;
Landroid/telephony/TelephonyManager;->getNetworkOperatorName()Ljava/lang/String;
Landroid/telephony/TelephonyManager;->getSimState()I
Landroid/content/pm/PackageInfo;->versionCode:I
Landroid/telephony/TelephonyManager/getLine1Number()Ljava/lang/String;
Landroid/content/pm/PackageManager;->getApplicationInfo(Ljava/lang/String;I)Landroid/content/pm/ApplicationInfo;
Landroid/telephony/TelephonyManager;->getDeviceId()Ljava/lang/String;
Landroid/telephony/TelephonyManager;->getSubscriberId()Ljava/lang/String;
Landroid/os/Build;->MODEL:Ljava/lang/String;
Landroid/location/Location;->getLatitude()D
Landroid/location/Location;->getLongitude()D
Landroid/location/LocationManager;->removeUpdates(Landroid/location/LocationListener;)V
Landroid/net/ConnectivityManager;->getActiveNetworkInfo()Landroid/net/NetworkInfo;
Landroid/net/NetworkInfo;->isAvailable()Z
Landroid/content/Context;->getPackageManager()Landroid/content/pm/PackageManager;
Landroid/content/pm/ActivityInfo;->packageName:Ljava/lang/String;
Landroid/content/pm/ResolveInfo;->activityInfo:Landroid/content/pm/ActivityInfo;
Landroid/content/pm/PackageManager;->getInstalledPackages(I)Ljava/util/List;
Landroid/os/Build;->MODEL:Ljava/lang/String;
Landroid/app/admin/DevicePolicyManager;->isAdminActive(Landroid/content/ComponentName;)Z
Landroid/location/LocationManager;->requestLocationUpdates(Ljava/lang/String;JFLandroid/location/LocationListener;)V
Landroid/app/NotificationManager/notify(I Landroid/app/Notification;)V
Landroid/media/AudioManager/setRingerMode(I)V
Ljava/lang/Runtime/exec([Ljava/lang/String;)Ljava/lang/Process;
Landroid/content/pm/PackageManager/setComponentEnabledSetting(Landroid/content/ComponentName;II)V
Landroid/provider/Settings$Secure/putString(Landroid/content/ContentResolver;
Ljava/lang/String; Ljava/lang/String;)Z
Landroid/net/ConnectivityManager/getAllNetworkInfo()[Landroid/net/NetworkInfo;
Landroid/content/ContentResolver/openInputStream(Landroid/net/Uri;)Ljava/io/InputStream;
Landroid/location/LocationManager/isProviderEnabled(Ljava/lang/String;)Z
Landroid/content/Context;->getSystemService(Ljava/lang/String;)Ljava/lang/Object;
(network location phone alarm connectivity download device_policy activity notification)
解释:
通过字符串network、location、phone等,调用Landroid/content/Context;->getSystemService(Ljava/lang/String;)Ljava/lang/Object;来获取不同的系统服务管理器。故,这些字符串,可以作为获取的系统服务的凭证。
数据库操作:
Landroid/database/sqlite/SQLiteDatabase;->query(Ljava/lang/String;[Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;)Landroid/database/Cursor
Landroid/database/sqlite/SQLiteDatabase;->rawQuery(Ljava/lang/String;[Ljava/lang/String;)Landroid/database/Cursor;
Lcom/android/tunkoo/scan/n;->getWritableDatabase()Landroid/database/sqlite/SQLiteDatabase;
Lcom/android/tunkoo/scan/n;->getReadableDatabase()Landroid/database/sqlite/SQLiteDatabase;
Landroid/database/sqlite/SQLiteDatabase;->insert(Ljava/lang/String;Ljava/lang/String;Landroid/content/ContentValues;)J
Landroid/database/sqlite/SQLiteDatabase;->update(Ljava/lang/String;Landroid/content/ContentValues;Ljava/lang/String;[Ljava/lang/String;)I
Landroid/database/sqlite/SQLiteDatabase;->delete(Ljava/lang/String;Ljava/lang/String;[Ljava/lang/String;)I
Landroid/database/sqlite/SQLiteDatabase;->execSQL(Ljava/lang/String;)V
危害api收集的更多相关文章
- 如何用 Python 和 API 收集与分析网络数据?
摘自 https://www.jianshu.com/p/d52020f0c247 本文以一款阿里云市场历史天气查询产品为例,为你逐步介绍如何用 Python 调用 API 收集.分析与可视化数据.希 ...
- Python 调用阿里云 API 收集 ECS 数据
#!/usr/bin/env python # coding: utf-8 # author: Wang XiaoQiang ''' 功能介绍: 1.调用阿里云API,收集所有区域 ECS 信息 2. ...
- 中国天气预报数据API收集
{"weatherinfo":{"city":"北京","cityid":"101010100" ...
- appium python api收集
1.contexts contexts(self): Returns the contexts within the current session. 返回当前会话中的上下文,使用后可以识别H5页面的 ...
- 可以获取随机图片的API收集 必应 等
食用方法可以是img标签嵌入在网页中, 也可以在iwall.app里面设置你的桌面背景.还有其他好用的API吗? 请在下放留下您的评论. 非常感谢! 速度: ★★★★★ 功能: 返回Bing的随机图片 ...
- 天气预报API(三):免费接口测试(“旧编码”)
说明 我以参考文章为引子,自己测试并扩展,努力寻找更多的气象API... 本文所有测试均以青岛为例. 本文所列接口城市代码(cityid)参数都使用的 "旧编码": 全国城市代码列 ...
- 探索 OpenStack 之(17):计量模块 Ceilometer 中的数据收集机制
本文将阐述 Ceilometer 中的数据收集机制.Ceilometer 使用三种机制来收集数据: Notifications:Ceilometer 接收 OpenStack 其它服务发出的 noti ...
- Windows API教程文件系统
本篇文章主要介绍了"Windows API教程文件系统",主要涉及到Windows API教程文件系统方面的内容,对于Windows API教程文件系统感兴趣的同学可以参考一下. ...
- 十七,k8s集群指标API及自定义API
目录 资源指标: Metrics-Server 资源指标: Metric-Server介绍 Metric-Server部署 下载yaml文件 因为有墙, 所以提前下载image镜像, 当然也可以手动修 ...
随机推荐
- 导出Excel出错
错误提示: 解决方法: 1.运行dcomcnfg打开组件服务. 2.依次展开"组件服务"->"计算机"->"我的电脑"-&g ...
- Gym 101480F Frightful Formula(待定系数)题解
#include<cmath> #include<set> #include<map> #include<queue> #include<cstd ...
- php 配置主机虚拟目录(使用虚拟域名访问 127.0.0.1) 一点也不好使?????
php 配置主机虚拟目录(使用虚拟域名访问 127.0.0.1)steps:1>打开目录 D:\xwamp\bin\apache\apache2.4.9\conf 修改文件 httpd ...
- ES6 Generator vs ES6 async/await
ES6 Generator vs ES6 async/await next yield promise refs xgqfrms 2012-2020 www.cnblogs.com 发布文章使用:只允 ...
- Internationalization API & ECMA-402
Internationalization API & ECMA-402 i18n https://caniuse.com/?search=Internationalization API In ...
- DMCA Takedown Policy
DMCA Takedown Policy https://github.com/xgqfrms/xgqfrms/issues/46 https://help.github.com/en/github/ ...
- redux & dispatch & payload
redux & dispatch & payload react & react-redux & redux-saga // contrast dispatch({ t ...
- qt 向窗口发送消息,键盘输入事件
#include <windows.h> #include <QtDebug> #include <locale> #include <tchar.h> ...
- .NET微服务最佳实践 eShopOnContainers
本文翻译自微软Docs, 内嵌译者多年使用的参悟,如理解有误,请不吝赐教. 微软与社区专家合作,开发了功能齐全的云原生微服务示例应用eShopOnContainers. 该应用旨在展示使用.NET.D ...
- C++算法代码——卡片游戏
题目来自:http://218.5.5.242:9018/JudgeOnline/problem.php?cid=1397&pid=2 题目描述 桌上有一叠牌,从第一张牌(即位于顶面的牌)开始 ...