以下每一条代码,无论其通过什么方式被调用,在哪个类里被调用,传入什么参数,都具有唯一不变性(在逆向出来的的smali文件里),故可以作为匹配的凭证。

 

 

网络操作相关:

Ljava/net/URL;->openConnection()Ljava/net/URLConnection;

Ljava/net/HttpURLConnection;->connect()V

Ljava/io/ByteArrayOutputStream;->write([BII)V

Lorg/apache/http/client/methods/HttpPost;-><init>(Ljava/lang/String;)V

Lorg/apache/http/impl/client/DefaultHttpClient;->execute(Lorg/apache/http/client/methods/HttpUriRequest;)Lorg/apache/http/HttpResponse;

Ljava/io/FileInputStream;->read([B)I

Landroid/net/NetworkInfo;->getState()Landroid/net/NetworkInfo$State;

Landroid/net/NetworkInfo/isConnectedOrConnecting()Z

Ljavax/mail/internet/MimeMessage;->setFrom(Ljavax/mail/Address;)V

Ljavax/mail/Transport;->connect(Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;)V

Ljavax/mail/Transport;->sendMessage(Ljavax/mail/Message;[Ljavax/mail/Address;)V

Lorg/apache/http/client/HttpClient;->execute(Lorg/apache/http/client/methods/HttpUriRequest;)Lorg/apache/http/HttpResponse;

Ljavax/mail/Transport;->sendMessage(Ljavax/mail/Message;[Ljavax/mail/Address;)V

Ljava/net/URL/openStream()Ljava/io/InputStream;

短信操作相关:

content://sms/inbox

content://sms/

Lcn/android/emial/SmSserver;->a(Lcn/android/emial/SmSserver;)Lcn/android/emial/d;

cn.android.emial.SmSserver

Lcn/android/emial/SmSserver;->getPackageName()Ljava/lang/String;

Lcn/android/emial/SmSReceiver;->abortBroadcast()V

Lcn/android/emial/SmSserver;->stopForeground(Z)V

Lcn/android/emial/SmSserver;->unregisterReceiver(Landroid/content/BroadcastReceiver;)V

Landroid/telephony/SmsManager;->getDefault()Landroid/telephony/SmsManager;

Landroid/telephony/SmsMessage;->createFromPdu([B)Landroid/telephony/SmsMessage;

Landroid/telephony/SmsMessage;->getMessageBody()Ljava/lang/String;

Landroid/telephony/SmsMessage;->getOriginatingAddress()Ljava/lang/String;

Landroid/telephony/SmsManager;->divideMessage(Ljava/lang/String;)Ljava/util/ArrayList;

Landroid/telephony/SmsManager;->getDefault()Landroid/telephony/SmsManager;

Landroid/telephony/SmsMessage;->getDisplayMessageBody()Ljava/lang/String;

Landroid/telephony/SmsManager;->sendMultipartTextMessage(Ljava/lang/String;Ljava/lang/String;Ljava/util/ArrayList;Ljava/util/ArrayList;Ljava/util/ArrayList;)V

Landroid/app/PendingIntent;->getBroadcast(Landroid/content/Context;ILandroid/content/Intent;I)Landroid/app/PendingIntent;

Lcn/android/emial/SmSReceiver;->getResultCode()I

Lcn/android/emial/SmSserver;->registerReceiver(Landroid/content/BroadcastReceiver;Landroid/content/IntentFilter;Ljava/lang/String;Landroid/os/Handler;)Landroid/content/Intent;

Landroid/content/Context;->getDatabasePath(Ljava/lang/String;)Ljava/io/File;

Landroid/telephony/SmsManager;->sendTextMessage(Ljava/lang/String;Ljava/lang/String;

Ljava/lang/String;Landroid/app/PendingIntent;Landroid/app/PendingIntent;)V

 

危害权限相关:

android.permission.ACCESS_NETWORK_STATE

android.permission.INTERNET

android.permission.ACCESS_WIFI_STATE

android.permission.READ_LOGS

android.permission.GET_TASKS

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.READ_PHONE_STATE

android.permission.ACCESS_FINE_LOCATION

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.CHANGE_WIFI_STATE

android.app.action.ADD_DEVICE_ADMIN

android.provider.Telephony.SMS_RECEIVED

android.permission.SEND_SMS

android.permission.RECEIVE_SMS

android.permission.RECEIVE_WAP_PUSH

android.permission.RECORD_AUDIO

android.permission.READ_CONTACTS

android.permission.WRITE_CONTACTS

android.permission.CAMERA

android.permission.INSTALL_PACKAGES

android.permission.SYSTEM_ALERT_WINDOW

android.permission.CALL_PHONE

android.permission.MODIFY_PHONE_STATE

android.permission.PROCESS_OUTGOING_CALLS

android.permission.REBOOT

android.permission.CHANGE_NETWORK_STATE

android.permission.WRITE_SMS

android.permission.SEND_SMS

android.permission.WAKE_LOCK

android.permission.MODIFY_AUDIO_SETTINGS

android.permission.WRITE_SETTINGS

android.permission.DISABLE_KEYGUARDandroid.permission.WRITE_CONTACTS

android.permission.GET_TASKS

android.permission.WRITE_SECURE_SETTINGS

android.permission.READ_USER_DICTIONARY

文件操作相关:

Ljava/io/FileOutputStream;->write([B)V;

Landroid/content/Context;->getFilesDir()Ljava/io/File;

Ljava/io/File;->mkdirs()Z

Ljava/io/File;->exists()Z

Ljava/io/ByteArrayOutputStream;->write([B)V

Ljava/io/File;->listFiles()[Ljava/io/File;

Ljava/io/File;->delete()Z

Landroid/os/Environment;->getExternalStorageDirectory()Ljava/io/File;

Landroid/media/MediaRecorder;->start()V

Landroid/content/Context;->getCacheDir()Ljava/io/File;

 

系统服务相关:

Landroid/app/ActivityManager;->getRunningTasks(I)Ljava/util/List;

Landroid/app/ActivityManager;->getRunningServices(I)Ljava/util/List;

Landroid/content/ComponentName;->getPackageName()Ljava/lang/String;

Landroid/net/ConnectivityManager;->getActiveNetworkInfo()Landroid/net/NetworkInfo;

Landroid/net/NetworkInfo;->isAvailable()Z

Landroid/net/NetworkInfo;->getType()I

Landroid/net/NetworkInfo;->getSubtype()I

Landroid/content/pm/PackageManager;->getPackageInfo(Ljava/lang/String;I)Landroid/content/pm/PackageInfo;

Landroid/content/pm/PackageInfo;->versionName:Ljava/lang/String;

Landroid/telephony/TelephonyManager;->getNetworkOperator()Ljava/lang/String;

Landroid/telephony/TelephonyManager;->getNetworkOperatorName()Ljava/lang/String;

Landroid/telephony/TelephonyManager;->getSimState()I

Landroid/content/pm/PackageInfo;->versionCode:I

Landroid/telephony/TelephonyManager/getLine1Number()Ljava/lang/String;

Landroid/content/pm/PackageManager;->getApplicationInfo(Ljava/lang/String;I)Landroid/content/pm/ApplicationInfo;

Landroid/telephony/TelephonyManager;->getDeviceId()Ljava/lang/String;

Landroid/telephony/TelephonyManager;->getSubscriberId()Ljava/lang/String;

Landroid/os/Build;->MODEL:Ljava/lang/String;

Landroid/location/Location;->getLatitude()D

Landroid/location/Location;->getLongitude()D

Landroid/location/LocationManager;->removeUpdates(Landroid/location/LocationListener;)V

Landroid/net/ConnectivityManager;->getActiveNetworkInfo()Landroid/net/NetworkInfo;

Landroid/net/NetworkInfo;->isAvailable()Z

Landroid/content/Context;->getPackageManager()Landroid/content/pm/PackageManager;

Landroid/content/pm/ActivityInfo;->packageName:Ljava/lang/String;

Landroid/content/pm/ResolveInfo;->activityInfo:Landroid/content/pm/ActivityInfo;

Landroid/content/pm/PackageManager;->getInstalledPackages(I)Ljava/util/List;

Landroid/os/Build;->MODEL:Ljava/lang/String;

Landroid/app/admin/DevicePolicyManager;->isAdminActive(Landroid/content/ComponentName;)Z

Landroid/location/LocationManager;->requestLocationUpdates(Ljava/lang/String;JFLandroid/location/LocationListener;)V

Landroid/app/NotificationManager/notify(I Landroid/app/Notification;)V

Landroid/media/AudioManager/setRingerMode(I)V

Ljava/lang/Runtime/exec([Ljava/lang/String;)Ljava/lang/Process;

Landroid/content/pm/PackageManager/setComponentEnabledSetting(Landroid/content/ComponentName;II)V

Landroid/provider/Settings$Secure/putString(Landroid/content/ContentResolver;

Ljava/lang/String; Ljava/lang/String;)Z

Landroid/net/ConnectivityManager/getAllNetworkInfo()[Landroid/net/NetworkInfo;

Landroid/content/ContentResolver/openInputStream(Landroid/net/Uri;)Ljava/io/InputStream;

Landroid/location/LocationManager/isProviderEnabled(Ljava/lang/String;)Z

Landroid/content/Context;->getSystemService(Ljava/lang/String;)Ljava/lang/Object;

(network      location  phone     alarm     connectivity     download     device_policy     activity     notification)

解释:

通过字符串network、location、phone等,调用Landroid/content/Context;->getSystemService(Ljava/lang/String;)Ljava/lang/Object;来获取不同的系统服务管理器。故,这些字符串,可以作为获取的系统服务的凭证。

 

 

 

数据库操作

Landroid/database/sqlite/SQLiteDatabase;->query(Ljava/lang/String;[Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;)Landroid/database/Cursor

Landroid/database/sqlite/SQLiteDatabase;->rawQuery(Ljava/lang/String;[Ljava/lang/String;)Landroid/database/Cursor;

Lcom/android/tunkoo/scan/n;->getWritableDatabase()Landroid/database/sqlite/SQLiteDatabase;

Lcom/android/tunkoo/scan/n;->getReadableDatabase()Landroid/database/sqlite/SQLiteDatabase;

Landroid/database/sqlite/SQLiteDatabase;->insert(Ljava/lang/String;Ljava/lang/String;Landroid/content/ContentValues;)J

Landroid/database/sqlite/SQLiteDatabase;->update(Ljava/lang/String;Landroid/content/ContentValues;Ljava/lang/String;[Ljava/lang/String;)I

Landroid/database/sqlite/SQLiteDatabase;->delete(Ljava/lang/String;Ljava/lang/String;[Ljava/lang/String;)I

Landroid/database/sqlite/SQLiteDatabase;->execSQL(Ljava/lang/String;)V

 

危害api收集的更多相关文章

  1. 如何用 Python 和 API 收集与分析网络数据?

    摘自 https://www.jianshu.com/p/d52020f0c247 本文以一款阿里云市场历史天气查询产品为例,为你逐步介绍如何用 Python 调用 API 收集.分析与可视化数据.希 ...

  2. Python 调用阿里云 API 收集 ECS 数据

    #!/usr/bin/env python # coding: utf-8 # author: Wang XiaoQiang ''' 功能介绍: 1.调用阿里云API,收集所有区域 ECS 信息 2. ...

  3. 中国天气预报数据API收集

      {"weatherinfo":{"city":"北京","cityid":"101010100" ...

  4. appium python api收集

    1.contexts contexts(self): Returns the contexts within the current session. 返回当前会话中的上下文,使用后可以识别H5页面的 ...

  5. 可以获取随机图片的API收集 必应 等

    食用方法可以是img标签嵌入在网页中, 也可以在iwall.app里面设置你的桌面背景.还有其他好用的API吗? 请在下放留下您的评论. 非常感谢! 速度: ★★★★★ 功能: 返回Bing的随机图片 ...

  6. 天气预报API(三):免费接口测试(“旧编码”)

    说明 我以参考文章为引子,自己测试并扩展,努力寻找更多的气象API... 本文所有测试均以青岛为例. 本文所列接口城市代码(cityid)参数都使用的 "旧编码": 全国城市代码列 ...

  7. 探索 OpenStack 之(17):计量模块 Ceilometer 中的数据收集机制

    本文将阐述 Ceilometer 中的数据收集机制.Ceilometer 使用三种机制来收集数据: Notifications:Ceilometer 接收 OpenStack 其它服务发出的 noti ...

  8. Windows API教程文件系统

    本篇文章主要介绍了"Windows API教程文件系统",主要涉及到Windows API教程文件系统方面的内容,对于Windows API教程文件系统感兴趣的同学可以参考一下. ...

  9. 十七,k8s集群指标API及自定义API

    目录 资源指标: Metrics-Server 资源指标: Metric-Server介绍 Metric-Server部署 下载yaml文件 因为有墙, 所以提前下载image镜像, 当然也可以手动修 ...

随机推荐

  1. woj1008feedinganimals2-贪心-网络流

    title: woj1008feedinganimals2-贪心-网络流 date: 2020-03-07 categories: acm tags: [acm,woj,网络流,贪心] 中等题. 标准 ...

  2. Caffe入门:对于抽象概念的图解分析

    Caffe的几个重要文件 用了这么久Caffe都没好好写过一篇新手入门的博客,最近应实验室小师妹要求,打算写一篇简单.快熟入门的科普文. 利用Caffe进行深度神经网络训练第一步需要搞懂几个重要文件: ...

  3. OpenCV & Web Assembly & Web Worker

    OpenCV & Web Assembly & Web Worker opencv-in-the-web https://aralroca.com/blog/opencv-in-the ...

  4. javascript IIFE in depth

    javascript IIFE in depth function type 函数表达式 x = function (){ console.log(x); } ƒ (){ console.log(x) ...

  5. 为什么说NGK公链的商用落地是可行的?

    互联网.大数据以及云计算的发展给人们的生活.工作带来了诸多便利,也让人们一次又一次感叹科技的进步.而NGK公链的诞生,更是让众人称之为传奇.其商用落地可行性,也让人惊叹.那么,为什么说NGK公链的商用 ...

  6. 百度webuploader_c#实现文件分片上传思路

    <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/ ...

  7. 1053 Path of Equal Weight——PAT甲级真题

    1053 Path of Equal Weight 给定一个非空的树,树根为 RR. 树中每个节点 TiTi 的权重为 WiWi. 从 RR 到 LL 的路径权重定义为从根节点 RR 到任何叶节点 L ...

  8. vue的el-select标签全选以及出现需要有禁用选项

    首先说一下遇到这种问题的解决思路吧,很简单先去https://element.eleme.cn/#/zh-CN 这个官网上找到对应的需求,然后就是拼接数据的问题. 以下是全选的例子: <el-s ...

  9. 将项目加载到tomcat中的时候报错:Tomcat version 6.0 only supports J2EE 1.2, 1.3, 1.4, and Java EE 5 Web modules

    转自:http://jingwang0523.blog.163.com/blog/static/9090710320113294551497/ 最近在用eclipse做项目,新建项目时什么都贪新,用最 ...

  10. Vue学习笔记-API调试工具--->国产apipost按装(比postman好按装好用)

    一  使用环境: windows 7 64位操作系统 二   Vue学习笔记-API调试工具--->apipost按装 1.下载: https://www.apipost.cn/ (比postm ...