以下每一条代码,无论其通过什么方式被调用,在哪个类里被调用,传入什么参数,都具有唯一不变性(在逆向出来的的smali文件里),故可以作为匹配的凭证。

 

 

网络操作相关:

Ljava/net/URL;->openConnection()Ljava/net/URLConnection;

Ljava/net/HttpURLConnection;->connect()V

Ljava/io/ByteArrayOutputStream;->write([BII)V

Lorg/apache/http/client/methods/HttpPost;-><init>(Ljava/lang/String;)V

Lorg/apache/http/impl/client/DefaultHttpClient;->execute(Lorg/apache/http/client/methods/HttpUriRequest;)Lorg/apache/http/HttpResponse;

Ljava/io/FileInputStream;->read([B)I

Landroid/net/NetworkInfo;->getState()Landroid/net/NetworkInfo$State;

Landroid/net/NetworkInfo/isConnectedOrConnecting()Z

Ljavax/mail/internet/MimeMessage;->setFrom(Ljavax/mail/Address;)V

Ljavax/mail/Transport;->connect(Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;)V

Ljavax/mail/Transport;->sendMessage(Ljavax/mail/Message;[Ljavax/mail/Address;)V

Lorg/apache/http/client/HttpClient;->execute(Lorg/apache/http/client/methods/HttpUriRequest;)Lorg/apache/http/HttpResponse;

Ljavax/mail/Transport;->sendMessage(Ljavax/mail/Message;[Ljavax/mail/Address;)V

Ljava/net/URL/openStream()Ljava/io/InputStream;

短信操作相关:

content://sms/inbox

content://sms/

Lcn/android/emial/SmSserver;->a(Lcn/android/emial/SmSserver;)Lcn/android/emial/d;

cn.android.emial.SmSserver

Lcn/android/emial/SmSserver;->getPackageName()Ljava/lang/String;

Lcn/android/emial/SmSReceiver;->abortBroadcast()V

Lcn/android/emial/SmSserver;->stopForeground(Z)V

Lcn/android/emial/SmSserver;->unregisterReceiver(Landroid/content/BroadcastReceiver;)V

Landroid/telephony/SmsManager;->getDefault()Landroid/telephony/SmsManager;

Landroid/telephony/SmsMessage;->createFromPdu([B)Landroid/telephony/SmsMessage;

Landroid/telephony/SmsMessage;->getMessageBody()Ljava/lang/String;

Landroid/telephony/SmsMessage;->getOriginatingAddress()Ljava/lang/String;

Landroid/telephony/SmsManager;->divideMessage(Ljava/lang/String;)Ljava/util/ArrayList;

Landroid/telephony/SmsManager;->getDefault()Landroid/telephony/SmsManager;

Landroid/telephony/SmsMessage;->getDisplayMessageBody()Ljava/lang/String;

Landroid/telephony/SmsManager;->sendMultipartTextMessage(Ljava/lang/String;Ljava/lang/String;Ljava/util/ArrayList;Ljava/util/ArrayList;Ljava/util/ArrayList;)V

Landroid/app/PendingIntent;->getBroadcast(Landroid/content/Context;ILandroid/content/Intent;I)Landroid/app/PendingIntent;

Lcn/android/emial/SmSReceiver;->getResultCode()I

Lcn/android/emial/SmSserver;->registerReceiver(Landroid/content/BroadcastReceiver;Landroid/content/IntentFilter;Ljava/lang/String;Landroid/os/Handler;)Landroid/content/Intent;

Landroid/content/Context;->getDatabasePath(Ljava/lang/String;)Ljava/io/File;

Landroid/telephony/SmsManager;->sendTextMessage(Ljava/lang/String;Ljava/lang/String;

Ljava/lang/String;Landroid/app/PendingIntent;Landroid/app/PendingIntent;)V

 

危害权限相关:

android.permission.ACCESS_NETWORK_STATE

android.permission.INTERNET

android.permission.ACCESS_WIFI_STATE

android.permission.READ_LOGS

android.permission.GET_TASKS

android.permission.RECEIVE_BOOT_COMPLETED

android.permission.READ_PHONE_STATE

android.permission.ACCESS_FINE_LOCATION

android.permission.WRITE_EXTERNAL_STORAGE

android.permission.CHANGE_WIFI_STATE

android.app.action.ADD_DEVICE_ADMIN

android.provider.Telephony.SMS_RECEIVED

android.permission.SEND_SMS

android.permission.RECEIVE_SMS

android.permission.RECEIVE_WAP_PUSH

android.permission.RECORD_AUDIO

android.permission.READ_CONTACTS

android.permission.WRITE_CONTACTS

android.permission.CAMERA

android.permission.INSTALL_PACKAGES

android.permission.SYSTEM_ALERT_WINDOW

android.permission.CALL_PHONE

android.permission.MODIFY_PHONE_STATE

android.permission.PROCESS_OUTGOING_CALLS

android.permission.REBOOT

android.permission.CHANGE_NETWORK_STATE

android.permission.WRITE_SMS

android.permission.SEND_SMS

android.permission.WAKE_LOCK

android.permission.MODIFY_AUDIO_SETTINGS

android.permission.WRITE_SETTINGS

android.permission.DISABLE_KEYGUARDandroid.permission.WRITE_CONTACTS

android.permission.GET_TASKS

android.permission.WRITE_SECURE_SETTINGS

android.permission.READ_USER_DICTIONARY

文件操作相关:

Ljava/io/FileOutputStream;->write([B)V;

Landroid/content/Context;->getFilesDir()Ljava/io/File;

Ljava/io/File;->mkdirs()Z

Ljava/io/File;->exists()Z

Ljava/io/ByteArrayOutputStream;->write([B)V

Ljava/io/File;->listFiles()[Ljava/io/File;

Ljava/io/File;->delete()Z

Landroid/os/Environment;->getExternalStorageDirectory()Ljava/io/File;

Landroid/media/MediaRecorder;->start()V

Landroid/content/Context;->getCacheDir()Ljava/io/File;

 

系统服务相关:

Landroid/app/ActivityManager;->getRunningTasks(I)Ljava/util/List;

Landroid/app/ActivityManager;->getRunningServices(I)Ljava/util/List;

Landroid/content/ComponentName;->getPackageName()Ljava/lang/String;

Landroid/net/ConnectivityManager;->getActiveNetworkInfo()Landroid/net/NetworkInfo;

Landroid/net/NetworkInfo;->isAvailable()Z

Landroid/net/NetworkInfo;->getType()I

Landroid/net/NetworkInfo;->getSubtype()I

Landroid/content/pm/PackageManager;->getPackageInfo(Ljava/lang/String;I)Landroid/content/pm/PackageInfo;

Landroid/content/pm/PackageInfo;->versionName:Ljava/lang/String;

Landroid/telephony/TelephonyManager;->getNetworkOperator()Ljava/lang/String;

Landroid/telephony/TelephonyManager;->getNetworkOperatorName()Ljava/lang/String;

Landroid/telephony/TelephonyManager;->getSimState()I

Landroid/content/pm/PackageInfo;->versionCode:I

Landroid/telephony/TelephonyManager/getLine1Number()Ljava/lang/String;

Landroid/content/pm/PackageManager;->getApplicationInfo(Ljava/lang/String;I)Landroid/content/pm/ApplicationInfo;

Landroid/telephony/TelephonyManager;->getDeviceId()Ljava/lang/String;

Landroid/telephony/TelephonyManager;->getSubscriberId()Ljava/lang/String;

Landroid/os/Build;->MODEL:Ljava/lang/String;

Landroid/location/Location;->getLatitude()D

Landroid/location/Location;->getLongitude()D

Landroid/location/LocationManager;->removeUpdates(Landroid/location/LocationListener;)V

Landroid/net/ConnectivityManager;->getActiveNetworkInfo()Landroid/net/NetworkInfo;

Landroid/net/NetworkInfo;->isAvailable()Z

Landroid/content/Context;->getPackageManager()Landroid/content/pm/PackageManager;

Landroid/content/pm/ActivityInfo;->packageName:Ljava/lang/String;

Landroid/content/pm/ResolveInfo;->activityInfo:Landroid/content/pm/ActivityInfo;

Landroid/content/pm/PackageManager;->getInstalledPackages(I)Ljava/util/List;

Landroid/os/Build;->MODEL:Ljava/lang/String;

Landroid/app/admin/DevicePolicyManager;->isAdminActive(Landroid/content/ComponentName;)Z

Landroid/location/LocationManager;->requestLocationUpdates(Ljava/lang/String;JFLandroid/location/LocationListener;)V

Landroid/app/NotificationManager/notify(I Landroid/app/Notification;)V

Landroid/media/AudioManager/setRingerMode(I)V

Ljava/lang/Runtime/exec([Ljava/lang/String;)Ljava/lang/Process;

Landroid/content/pm/PackageManager/setComponentEnabledSetting(Landroid/content/ComponentName;II)V

Landroid/provider/Settings$Secure/putString(Landroid/content/ContentResolver;

Ljava/lang/String; Ljava/lang/String;)Z

Landroid/net/ConnectivityManager/getAllNetworkInfo()[Landroid/net/NetworkInfo;

Landroid/content/ContentResolver/openInputStream(Landroid/net/Uri;)Ljava/io/InputStream;

Landroid/location/LocationManager/isProviderEnabled(Ljava/lang/String;)Z

Landroid/content/Context;->getSystemService(Ljava/lang/String;)Ljava/lang/Object;

(network      location  phone     alarm     connectivity     download     device_policy     activity     notification)

解释:

通过字符串network、location、phone等,调用Landroid/content/Context;->getSystemService(Ljava/lang/String;)Ljava/lang/Object;来获取不同的系统服务管理器。故,这些字符串,可以作为获取的系统服务的凭证。

 

 

 

数据库操作

Landroid/database/sqlite/SQLiteDatabase;->query(Ljava/lang/String;[Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;)Landroid/database/Cursor

Landroid/database/sqlite/SQLiteDatabase;->rawQuery(Ljava/lang/String;[Ljava/lang/String;)Landroid/database/Cursor;

Lcom/android/tunkoo/scan/n;->getWritableDatabase()Landroid/database/sqlite/SQLiteDatabase;

Lcom/android/tunkoo/scan/n;->getReadableDatabase()Landroid/database/sqlite/SQLiteDatabase;

Landroid/database/sqlite/SQLiteDatabase;->insert(Ljava/lang/String;Ljava/lang/String;Landroid/content/ContentValues;)J

Landroid/database/sqlite/SQLiteDatabase;->update(Ljava/lang/String;Landroid/content/ContentValues;Ljava/lang/String;[Ljava/lang/String;)I

Landroid/database/sqlite/SQLiteDatabase;->delete(Ljava/lang/String;Ljava/lang/String;[Ljava/lang/String;)I

Landroid/database/sqlite/SQLiteDatabase;->execSQL(Ljava/lang/String;)V

 

危害api收集的更多相关文章

  1. 如何用 Python 和 API 收集与分析网络数据?

    摘自 https://www.jianshu.com/p/d52020f0c247 本文以一款阿里云市场历史天气查询产品为例,为你逐步介绍如何用 Python 调用 API 收集.分析与可视化数据.希 ...

  2. Python 调用阿里云 API 收集 ECS 数据

    #!/usr/bin/env python # coding: utf-8 # author: Wang XiaoQiang ''' 功能介绍: 1.调用阿里云API,收集所有区域 ECS 信息 2. ...

  3. 中国天气预报数据API收集

      {"weatherinfo":{"city":"北京","cityid":"101010100" ...

  4. appium python api收集

    1.contexts contexts(self): Returns the contexts within the current session. 返回当前会话中的上下文,使用后可以识别H5页面的 ...

  5. 可以获取随机图片的API收集 必应 等

    食用方法可以是img标签嵌入在网页中, 也可以在iwall.app里面设置你的桌面背景.还有其他好用的API吗? 请在下放留下您的评论. 非常感谢! 速度: ★★★★★ 功能: 返回Bing的随机图片 ...

  6. 天气预报API(三):免费接口测试(“旧编码”)

    说明 我以参考文章为引子,自己测试并扩展,努力寻找更多的气象API... 本文所有测试均以青岛为例. 本文所列接口城市代码(cityid)参数都使用的 "旧编码": 全国城市代码列 ...

  7. 探索 OpenStack 之(17):计量模块 Ceilometer 中的数据收集机制

    本文将阐述 Ceilometer 中的数据收集机制.Ceilometer 使用三种机制来收集数据: Notifications:Ceilometer 接收 OpenStack 其它服务发出的 noti ...

  8. Windows API教程文件系统

    本篇文章主要介绍了"Windows API教程文件系统",主要涉及到Windows API教程文件系统方面的内容,对于Windows API教程文件系统感兴趣的同学可以参考一下. ...

  9. 十七,k8s集群指标API及自定义API

    目录 资源指标: Metrics-Server 资源指标: Metric-Server介绍 Metric-Server部署 下载yaml文件 因为有墙, 所以提前下载image镜像, 当然也可以手动修 ...

随机推荐

  1. codeforces 11B Jumping Jack

    Jack is working on his jumping skills recently. Currently he's located at point zero of the number l ...

  2. 考研最路径dijkstra和floyd

    先来讲个段子:为什么 Dijkstra 不能提出 floyd 算法?因为他的名字是 ijk 而不是 kij. get不到点没有关系.我们今天的任务是看懂这个笑话. dijkstra 的效率是n^2.处 ...

  3. Sentry 中文版

    Sentry 中文版 汉化 https://sentry.io/settings/account/details/ 打开用户设置 User settings 语言选择中文 Simplified Chi ...

  4. 最新 React 源码学习笔记

    最新 React 源码学习笔记 v17.x.x 框架架构 核心算法 设计模式 编码风格 项目结构 为什么出现 解决了什么问题 有哪些应用场景 refs https://github.com/learn ...

  5. Django : Security in Django

    Security in Django https://docs.djangoproject.com/en/1.10/topics/security/ 1 Cross site scripting (X ...

  6. HTML a Tag All In One

    HTML a Tag All In One HTML <a> target https://developer.mozilla.org/en-US/docs/Web/HTML/Elemen ...

  7. CSS will-change All In One

    CSS will-change All In One CSS animation effect live demo https://nextjs.org/conf/ https://nextjs.or ...

  8. Error: Cannot find module 'koa-router'

    Error: Cannot find module 'koa-router' koa-router !== koa-route # install OK $ yarn add koa-router h ...

  9. autocode & API

    autocode & API https://autocode.com/app/ https://autocode.com/lib/ api-service https://dashboard ...

  10. asm movbe 指令

    movbe MOVBE 目标操作数,源操作数 复制源操作数的数据,交换字节后,移动数据 假如: movbe eax,(float)1000.0 eax == 0x00007A44 movbe eax, ...