文件信息
文件名 Nomad VPN Pro v4.0.8.apk文件大小 11.92MB
MD5值 cdb43dae190a717806b663abb0266fcd
SHA1值 bf419a825b6a1187a3808946ad2dd0ab7167a7b3
SHA256值 71f01e5fca58a192adae714f34b82d314b13d2c968c2a3dd6d4336aee50695b2
APK信息
APK名称 Nomad VPN包名 com.rg.nomadvpn
主活动 com.rg.nomadvpn.MainActivity
安卓版本名称 4.0.8 (426)
域名线索
| 域名 | 查询域名 | ip | 地区 | 查询地区 |
|---|---|---|---|---|
| openvpn.net | 197.4.4.12 | Tunisia - Jendouba | ||
| ns.adobe.com | 没有ip信息 | 没有地区信息 | ||
| play.google.com | 8.7.198.46 | United States of America - Louisiana | ||
| estonia2.nomad.twc1.net | 95.164.118.41 | United States of America - New Jersey | ||
| germany2.nomad.twc1.net | 5.182.87.46 | Russian Federation - Moskovskaya oblast' | ||
| hongkong2.nomad.twc1.net | 213.159.70.33 | Russian Federation - Sankt-Peterburg | ||
| canada2.nomad.twc1.net | 没有ip信息 | 没有地区信息 | ||
| usa2.nomad.twc1.net | 138.124.60.58 | Switzerland - Zurich | ||
| goo.gl | 142.250.69.174 | United States of America - California | ||
| moldova2.nomad.twc1.net | 没有ip信息 | 没有地区信息 | ||
| austria2.nomad.twc1.net | 77.239.101.184 | United Kingdom of Great Britain and Northern Ireland - England | ||
| leakcheck.io | 104.26.15.183 | United States of America - California | ||
| lithuania2.nomad.twc1.net | 45.12.136.178 | United States of America - California | ||
| nomadvpn.ru | 185.199.109.153 | United States of America - Pennsylvania | ||
| finland2.nomad.twc1.net | 91.184.243.35 | Poland - - | ||
| greece2.nomad.twc1.net | 没有ip信息 | 没有地区信息 | ||
| community.openvpn.net | 49.2.123.56 | Australia - New South Wales | ||
| poland2.nomad.twc1.net | 94.131.96.210 | Poland - Mazowieckie | ||
| sweden2.nomad.twc1.net | 77.239.120.24 | United Kingdom of Great Britain and Northern Ireland - England | ||
| github.com | 20.205.243.166 | Singapore - Singapore | ||
| 10.0.2.2 | 10.0.2.2 | - - - | ||
| belgium2.nomad.twc1.net | 95.164.62.169 | Belgium - Brussels Hoofdstedelijk Gewest | ||
| t.me | 149.154.167.99 | United Kingdom of Great Britain and Northern Ireland - England | ||
| schemas.android.com | 没有ip信息 | 没有地区信息 | ||
| issuetracker.google.com | 142.250.217.78 | United States of America - California | ||
| japan2.nomad.twc1.net | 45.12.134.63 | United States of America - Colorado | ||
| italy2.nomad.twc1.net | 没有ip信息 | 没有地区信息 | ||
| schemas.microsoft.com | 13.107.253.49 | Germany - Hessen | ||
| xposed.info | 45.55.233.97 | United States of America - New Jersey | ||
| kazakhstan2.nomad.twc1.net | 没有ip信息 | 没有地区信息 | ||
| denmark2.nomad.twc1.net | 95.164.85.46 | Denmark - Hovedstaden | ||
| france2.nomad.twc1.net | 46.226.166.105 | Russian Federation - Sverdlovskaya oblast' | ||
| mobile.yandexadexchange.net | 213.180.193.198 | Russian Federation - Moskva | ||
| exoplayer.dev | 185.199.108.153 | United States of America - Pennsylvania | ||
| spain2.nomad.twc1.net | 176.120.74.137 | Russian Federation - Permskiy kray | ||
| czechia2.nomad.twc1.net | 45.12.109.76 | United States of America - California | ||
| romania2.nomad.twc1.net | 没有ip信息 | 没有地区信息 | ||
| armenia2.nomad.twc1.net | 91.132.132.31 | Greece - Attiki | ||
| latvia2.nomad.twc1.net | 45.142.213.224 | Latvia - Riga | ||
| turkey2.nomad.twc1.net | 45.89.52.95 | Turkey - Izmir | ||
| balancer.nomad.twc1.net | 188.225.79.143 | Russian Federation - Sankt-Peterburg | ||
| appmetrica.io | 213.180.204.242 | Russian Federation - Moskva | ||
| android.googlesource.com | 142.251.188.82 | United States of America - California | ||
| greatbritain2.nomad.twc1.net | 没有ip信息 | 没有地区信息 | ||
| brazil2.nomad.twc1.net | 45.82.245.62 | United States of America - Ohio | ||
| xml.org | 104.239.142.8 | United States of America - Texas | ||
| hungary2.nomad.twc1.net | 没有ip信息 | 没有地区信息 | ||
| switzerland2.nomad.twc1.net | 没有ip信息 | 没有地区信息 | ||
| netherlands2.nomad.twc1.net | 176.124.203.13 | Netherlands - Noord-Holland | ||
| www.w3.org | 104.18.23.19 | United States of America - California | ||
| repo.xposed.info | 45.55.233.97 | United States of America - New Jersey | ||
| crowdin.net | 44.215.191.137 | United States of America - Virginia | ||
| yandex.ru | 5.255.255.77 | Russian Federation - Moskva | ||
| norway2.nomad.twc1.net | 77.239.113.40 | United Kingdom of Great Britain and Northern Ireland - England | ||
| xmlpull.org | 185.199.109.153 | United States of America - Pennsylvania |
URL线索
邮箱线索
| 邮箱地址 | 所在文件 |
|---|---|
|
u0013android@android.com0 |
T1/k.java |
|
u0013android@android.com |
T1/k.java |
|
ram219219@gmail.com |
com/rg/nomadvpn/ui/leak/LeakFragment.java |
|
android.studio@android.com |
摸瓜V1引擎 |
|
sales@openvpn.net |
lib/arm64-v8a/libopenvpn.so |
|
sales@openvpn.net |
lib/armeabi-v7a/libopenvpn.so |
手机线索
| 手机号 | 所在文件 |
|---|---|
|
17179869184 |
M1/N0.java |
|
17179869184 |
M1/D0.java |
签名证书
APK已签名
v1 签名: True
v2 签名: True
v3 签名: True
找到 1 个唯一证书
主题: C=US, ST=California, L=Mountain View, O=Android, OU=Android, CN=Android, E=android@android.com
签名算法: rsassa_pkcs1v15
有效期自: 2008-02-29 01:33:46+00:00
有效期至: 2035-07-17 01:33:46+00:00
发行人: C=US, ST=California, L=Mountain View, O=Android, OU=Android, CN=Android, E=android@android.com
序列号: 0x936eacbe07f201df
哈希算法: sha1
md5值: e89b158e4bcf988ebd09eb83f5378e87
sha1值: 61ed377e85d386a8dfee6b864bd85b0bfaa5af81
sha256值: a40da80a59d170caa950cf15c18c454d47a39b26989d8b640ecd745ba71bf5dc
sha512值: 5216ccb62004c4534f35c780ad7c582f4ee528371e27d4151f0553325de9ccbe6b34ec4233f5f640703581053abfea303977272d17958704d89b7711292a4569
公钥算法: rsa
密钥长度: 2048
指纹: f9f32662753449dc550fd88f1ed90e94b81adef9389ba16b89a6f3579c112e75硬编码敏感信息
"age_restricted_user" : "Age Restricted User"
"auth_username" : "Username"
"client_no_certificate" : "No Certificate"
"country_turkey" : "Turkey"
"external_authenticator" : "External Authenticator"
"faq_remote_api" : "OpenVPN for Android supports two remote APIs, a sophisticated API using AIDL (remoteEXample in the git repository) and a simple one using Intents. <p>Examples using adb shell and the intents. Replace profilname with your profile name<p><p> adb shell am start-activity -a android.intent.action.MAIN de.blinkt.openvpn/.api.DisconnectVPN<p> adb shell am start-activity -a android.intent.action.MAIN -e de.blinkt.openvpn.api.profileName Blinkt de.blinkt.openvpn/.api.ConnectVPN"
"filter_user" : "User"
"google_api_key" : "AIzaSyB_DhiaPLSmrRqqRH9r3FKTNVbl82EH8vI"
"google_crash_reporting_api_key" : "AIzaSyB_DhiaPLSmrRqqRH9r3FKTNVbl82EH8vI"
"missing_ca_certificate" : "Missing CA certificate"
"no_certificate" : "You must select a certificate"
"packet_auth" : "Packet authentication"
"password" : "Password"
"pkcs12_file_encryption_key" : "PKCS12 File Encryption Key"
"private_key_password" : "Private Key Password"
"save_password" : "Save Password"
"session_ipv4string" : "%1$s - %2$s"
"session_ipv6string" : "%1$s - %3$s, %2$s"
"settings_auth" : "Authentication/Encryption"
"show_password" : "Show password"
"state_auth" : "Authenticating"
"state_auth_failed" : "Authentication failed"
"state_auth_pending" : "Authentication pending"
"state_user_vpn_password" : "Waiting for user VPN password"
"yandex_mobileads_age_restricted_user" : "com.yandex.mobile.ads.AGE_RESTRICTED_USER"
"age_restricted_user" : "Age Restricted User"
"country_turkey" : "Турция"
"filter_user" : "Пользовательские"
加壳分析
第三方插件
危险动作
| 向手机申请的权限 | 是否危险 | 类型 | 详细情况 |
|---|---|---|---|
| android.permission.INTERNET | 正常 | 互联网接入 | 允许应用程序创建网络套接字 |
| android.permission.ACCESS_NETWORK_STATE | 正常 | 查看网络状态 | 允许应用程序查看所有网络的状态 |
| android.permission.ACCESS_WIFI_STATE | 正常 | 查看Wi-Fi状态 | 允许应用程序查看有关 Wi-Fi 状态的信息 |
| android.permission.FOREGROUND_SERVICE | 正常 | 允许常规应用程序使用 Service.startForeground。 | |
| android.permission.FOREGROUND_SERVICE_SPECIAL_USE | 未知 | 调用了未知的操作 | |
| android.permission.POST_NOTIFICATIONS | 未知 | 调用了未知的操作 | |
| android.permission.VIBRATE | 正常 | 可控震源 | 允许应用程序控制振动器 |
| android.permission.FOREGROUND_SERVICE_DATA_SYNC | 未知 | 调用了未知的操作 | |
| android.permission.SCHEDULE_EXACT_ALARM | 正常 | 允许应用程序使用精确的警报调度 API 来执行对时间敏感的后台工作 | |
| android.permission.QUERY_ALL_PACKAGES | 正常 | 允许查询设备上的任何普通应用程序,无论清单声明如何 | |
| android.permission.WAKE_LOCK | 正常 | 防止手机睡眠 | 允许应用程序防止手机进入睡眠状态 |
| com.rg.nomadvpn.DYNAMIC_RECEIVER_NOT_EXPORTED_PERMISSION | 未知 | 调用了未知的操作 |