文件信息
文件名 bsxxd_157427.apk文件大小 233.39MB
MD5值 d6d0fba64b9edbe63239207ed5c6c59c
SHA1值 def326ef1d539b46167ea91659ba7e79abaea676
SHA256值 32b92dcae54d7416ec8ba1958d3d5c5797abc5110507cdbec5b715086a94813f
APK信息
APK名称 伯索云学堂包名 com.plaso.yxt
主活动 com.plaso.student.lib.login.Login
安卓版本名称 5.39.310
域名线索
域名 | 查询域名 | ip | 地区 | 查询地区 |
---|---|---|---|---|
up4-intl.ucweb.com | 157.185.188.1 | Canada - Ontario | ||
192.168.1.32 | 192.168.1.32 | - - - | ||
openmobile.qq.com | 60.28.215.27 | China - Tianjin | ||
render.alipay.com | 125.38.11.193 | China - Tianjin | ||
www.office.microsoft.com | 52.109.120.88 | Hong Kong - Hong Kong | ||
xml.org | 104.239.240.11 | United States of America - Texas | ||
data-dre.push.dbankcloud.com | 80.158.49.244 | Germany - Schleswig-Holstein | ||
cfg.imtt.qq.com | 60.29.240.17 | China - Tianjin | ||
tongbu.eduyun.cn | 没有ip信息 | 没有地区信息 | ||
www.youtube.com | 172.217.163.46 | United States of America - California | ||
r.office.microsoft.com | 52.109.0.141 | United States of America - California | ||
ip.plaso.cn | 120.55.234.100 | China - Zhejiang | ||
woodpecker.uc.cn | 116.132.219.154 | China - Hebei | ||
wappaygw.alipay.com | 125.39.135.206 | China - Tianjin | ||
itest.hxonline.cn | 47.98.193.253 | China - Zhejiang | ||
mdc.html5.qq.com | 60.29.240.122 | China - Tianjin | ||
download.plaso.cn | 119.249.53.111 | China - Hebei | ||
b.hxonline.cn | 47.114.218.108 | China - Zhejiang | ||
s.s.s | 没有ip信息 | 没有地区信息 | ||
m.alipay.com | 203.209.245.74 | China - Zhejiang | ||
data-dra.push.dbankcloud.com | 119.8.163.189 | Singapore - Singapore | ||
up4.ucweb.com | 116.132.217.241 | China - Hebei | ||
v.polyv.net | 47.115.33.221 | China - Guangdong | ||
ftestai.infi.cn | 47.98.193.253 | China - Zhejiang | ||
ccs.umeng.com | 110.253.189.138 | China - Hebei | ||
grs.dbankcloud.eu | 没有ip信息 | 没有地区信息 | ||
dev.hxonline.cn | 47.98.193.253 | China - Zhejiang | ||
developer.android.com | 142.251.42.238 | United States of America - California | ||
applog.uc.cn | 116.132.216.227 | China - Hebei | ||
grs.dbankcloud.cn | 121.36.116.8 | China - Beijing | ||
testlog.plaso.cn | 188.131.209.42 | China - Beijing | ||
c-adash.m.taobao.com | 59.82.39.12 | China - Shanghai | ||
mcgw.alipay.com | 125.39.135.206 | China - Tianjin | ||
cgi.qplus.com | 没有ip信息 | 没有地区信息 | ||
alogsus.umeng.com | 223.109.148.141 | China - Jiangsu | ||
h.trace.qq.com | 113.56.189.162 | China - Hubei | ||
usa.hxonline.cn | 没有ip信息 | 没有地区信息 | ||
bai.infi.cn | 47.96.144.151 | China - Zhejiang | ||
officeredir.microsoft.com | 52.109.0.141 | United States of America - California | ||
www.plaso.cn | 188.131.209.42 | China - Beijing | ||
mpush-api.aliyun.com | 140.205.160.128 | China - Zhejiang | ||
s.s | 没有ip信息 | 没有地区信息 | ||
sss.umeng.com | 59.82.31.210 | China - Zhejiang | ||
alogus.umeng.com | 223.109.148.176 | China - Jiangsu | ||
mobilegw.alipay.com | 203.209.250.2 | China - Zhejiang | ||
www.w3.org | 104.18.22.19 | United States of America - California | ||
office.com | 13.107.6.156 | United States of America - Washington | ||
tbsrecovery.imtt.qq.com | 61.181.204.91 | China - Tianjin | ||
schemas.microsoft.com | 13.107.246.74 | United States of America - Washington | ||
github.com | 20.205.243.166 | Singapore - Singapore | ||
devlog.plaso.cn | 47.98.193.253 | China - Zhejiang | ||
ulogs.umeng.com | 223.109.148.179 | China - Jiangsu | ||
sdk.talkingdata.com | 116.196.91.180 | China - Beijing | ||
oss-cn-.aliyuncs.comor | 没有ip信息 | 没有地区信息 | ||
schemas.android.com | 没有ip信息 | 没有地区信息 | ||
jquery.org | 104.17.20.100 | United States of America - California | ||
zhibodownload.eduyun.cn | 没有ip信息 | 没有地区信息 | ||
wpk-auth.ucweb.com | 157.185.188.1 | Canada - Ontario | ||
tbs.imtt.qq.com | 116.136.170.207 | China - Nei Mongol | ||
play.google.com | 142.251.43.14 | United States of America - California | ||
yangguan.plaso.cn | 120.55.234.100 | China - Zhejiang | ||
audid.umeng.com | 36.143.252.104 | China - Beijing | ||
www.smpte-ra.org | 52.20.185.129 | United States of America - Virginia | ||
imgcache.qq.com | 61.49.23.182 | China - Beijing | ||
resolver.msg.xiaomi.net | 111.202.1.252 | China - Beijing | ||
metrics2.data.hicloud.com | 80.158.2.190 | Germany - Schleswig-Holstein | ||
dev.plaso.cn | 47.98.193.253 | China - Zhejiang | ||
ulogs.umengcloud.com | 223.109.148.179 | China - Jiangsu | ||
data-drcn.push.dbankcloud.com | 121.36.117.8 | China - Beijing | ||
mclient.alipay.com | 125.39.135.57 | China - Tianjin | ||
developer.umeng.com | 59.82.60.43 | China - Zhejiang | ||
long.open.weixin.qq.com | 112.65.193.170 | China - Shanghai | ||
wwwr.hxonline.cn | 124.163.197.229 | China - Shanxi | ||
offmsg.umeng.com | 59.82.60.44 | China - Zhejiang | ||
players.youku.com | 106.11.43.107 | China - Beijing | ||
getbootstrap.com | 104.22.58.100 | United States of America - California | ||
metrics5.data.hicloud.com | 159.138.203.215 | Russian Federation - Sverdlovskaya oblast' | ||
open.weixin.qq.com | 140.207.58.67 | China - Shanghai | ||
metrics-dra.dt.hicloud.com | 94.74.88.100 | Singapore - Singapore | ||
zhibodevapp.eduyun.cn | 116.62.181.233 | China - Zhejiang | ||
cgi.connect.qq.com | 60.28.215.27 | China - Tianjin | ||
www.macromedia.com | 124.216.0.168 | Korea (Republic of) - Ulsan-gwangyeoksi | ||
log.tbs.qq.com | 124.95.231.218 | China - Liaoning | ||
itestlog.plaso.cn | 47.98.193.253 | China - Zhejiang | ||
vod.cn-shanghai.aliyuncs.com | 106.15.83.32 | China - Zhejiang | ||
mobilegw.alipaydev.com | 110.75.132.131 | China - Zhejiang | ||
mqqad.html5.qq.com | 0.0.0.1 | - - - | ||
www.mozilla.org | 108.157.254.156 | United States of America - Washington | ||
pms.mb.qq.com | 60.29.240.17 | China - Tianjin | ||
wwwr.plaso.cn | 121.17.123.103 | China - Hebei | ||
pslog.umeng.com | 59.82.29.163 | China - Zhejiang | ||
testai.infi.cn | 47.98.193.253 | China - Zhejiang | ||
trails.robotpen.cn | 47.94.89.70 | China - Zhejiang | ||
loggw-exsdk.alipay.com | 110.76.3.2 | China - Zhejiang | ||
ftest.hxonline.cn | 没有ip信息 | 没有地区信息 | ||
res.wx.qq.com | 61.54.94.215 | China - Henan | ||
go2.microsoft.com | 116.92.245.203 | Hong Kong - Hong Kong | ||
appgallery.cloud.huawei.com | 49.4.35.16 | China - Guangdong | ||
usaai.plaso.cn | 120.55.234.100 | China - Zhejiang | ||
debugtbs.qq.com | 60.29.240.122 | China - Tianjin | ||
avatar.robotpen.cn | 218.25.106.79 | China - Liaoning | ||
usa-plaso.oss-cn-hangzhou.aliyuncs.com | 118.31.219.201 | China - Zhejiang | ||
metrics5.dt.dbankcloud.ru | 159.138.203.215 | Russian Federation - Sverdlovskaya oblast' | ||
xml.apache.org | 151.101.2.132 | United States of America - California | ||
developer.mozilla.org | 34.111.97.67 | United States of America - Missouri | ||
appsupport.qq.com | 60.28.215.27 | China - Tianjin | ||
debugx5.qq.com | 60.29.240.122 | China - Tianjin | ||
b.plaso.cn | 47.114.218.108 | China - Zhejiang | ||
log.plaso.cn | 47.111.29.123 | China - Zhejiang | ||
test.plaso.cn | 188.131.209.42 | China - Beijing | ||
grs.dbankcloud.asia | 119.8.176.197 | Singapore - Singapore | ||
utoken.umeng.com | 223.109.148.139 | China - Jiangsu | ||
school.ppwrite.com | 47.94.89.70 | China - Zhejiang | ||
office.microsoft.com | 52.109.120.88 | Hong Kong - Hong Kong | ||
zhibohome.eduyun.cn | 114.215.217.174 | China - Zhejiang | ||
grs.platform.dbankcloud.ru | 没有ip信息 | 没有地区信息 | ||
ai.infi.cn | 42.193.74.177 | China - Beijing | ||
test.hxonline.cn | 188.131.209.42 | China - Beijing | ||
oss-cn-hangzhou.aliyuncs.com | 118.31.219.248 | China - Zhejiang | ||
www.hxonline.cn | 没有ip信息 | 没有地区信息 | ||
itestai.infi.cn | 47.98.193.253 | China - Zhejiang | ||
data-drru.push.dbankcloud.com | 159.138.202.31 | Russian Federation - Sverdlovskaya oblast' | ||
203.107.1.1 | 203.107.1.1 | China - Zhejiang | ||
adash.m.taobao.com | 59.82.39.14 | China - Shanghai | ||
b.username | 没有ip信息 | 没有地区信息 | ||
schemas.xmlsoap.org | 13.107.213.74 | United States of America - Washington | ||
ftestlog.plaso.cn | 188.131.209.42 | China - Beijing | ||
www.apache.org | 151.101.2.132 | United States of America - California | ||
itest.plaso.cn | 47.98.193.253 | China - Zhejiang | ||
image.cnamedomain.com | 没有ip信息 | 没有地区信息 | ||
blog.plaso.cn | 47.114.218.108 | China - Zhejiang | ||
docs.agora.io | 42.59.4.93 | China - Liaoning | ||
metrics1.data.hicloud.com | 111.202.17.12 | China - Beijing | ||
grs.dbankcloud.com | 113.201.107.90 | China - Shaanxi | ||
jic.talkingdata.com | 114.67.241.135 | China - Beijing | ||
usa.plaso.cn | 120.55.234.100 | China - Zhejiang | ||
ai-cdn.infi.cn | 125.38.11.215 | China - Tianjin | ||
file-plaso.oss-cn-hangzhou.aliyuncs.com | 124.160.145.3 | China - Zhejiang | ||
cn.register.xmpush.xiaomi.com | 111.202.1.240 | China - Beijing | ||
h5.m.taobao.com | 221.195.63.176 | China - Hebei | ||
xmlpull.org | 185.199.111.153 | United States of America - Pennsylvania | ||
gjapplog.ucweb.com | 157.185.189.158 | Canada - Ontario | ||
www.aiwenyun.cn | 42.193.74.177 | China - Beijing | ||
msg.umengcloud.com | 124.239.14.132 | China - Hebei | ||
hw.plaso.cn | 120.55.234.100 | China - Zhejiang | ||
player.youku.com | 106.11.43.246 | China - Beijing | ||
devai.infi.cn | 47.98.193.253 | China - Zhejiang | ||
plbslog.umeng.com | 36.156.202.68 | China - Jiangsu | ||
ftest.plaso.cn | 188.131.209.42 | China - Beijing |
URL线索
邮箱线索
邮箱地址 | 所在文件 |
---|---|
xxx@email.elided |
com/tencent/liteav/base/PiiElider.java |
请输入有效的邮箱地址如abc@123.com |
Mogua Engine V1 |
abc@123.com |
Mogua Engine V1 |
wacerror@microsoft.com |
Mogua Engine V2 |
service@officeweb365.com |
Mogua Engine V2 |
手机线索
手机号 | 所在文件 |
---|---|
15778800000 |
org/joda/time/chrono/BasicFixedMonthChronology.java |
15778476000 |
org/joda/time/chrono/GregorianChronology.java |
15778800000 |
org/joda/time/chrono/JulianChronology.java |
15308640144 |
org/joda/time/chrono/IslamicChronology.java |
签名证书
APK已签名
v1 签名: True
v2 签名: True
v3 签名: False
找到 1 个唯一证书
主题: O=plaso, OU=plaso, CN=plaso
签名算法: rsassa_pkcs1v15
有效期自: 2021-03-06 06:20:13+00:00
有效期至: 2048-07-21 06:20:13+00:00
发行人: O=plaso, OU=plaso, CN=plaso
序列号: 0x1fbeca48
哈希算法: sha256
md5值: 4703427eae6963054652c1286d58455e
sha1值: 26ebee22682c5eb64132d2628da31ee5bfbdf317
sha256值: 6e54647826e1c5312c7ea59b134e8642a09266171d5d93e565997968a4f9dc99
sha512值: 7e5252664b8222cf4579dcb492c5e27bb78a27edcc315dc53a3b9d1576eb1317cda7ec7fb98fc1556711138e9d21c3ef5ba6298adf693590fe4bb3b26e9656b1
公钥算法: rsa
密钥长度: 2048
指纹: 47e6d201ee3af4c965e9ed46372630b11bec9968cea648627e622ee8b7b626a9
硬编码敏感信息
"ams_appKey" : "29322251"
"ams_appSecret" : "ca3f9e4aa57b0fa411d81d69ee3d3b6c"
"class_key" : "班级邀请码"
"dialog_content_input_user" : "请输入用户名"
"dialog_content_no_user" : "用户名或密码错误,请重新填写"
"dialog_content_reset_pwd_err" : "密码重置失败,请重试"
"dialog_content_reset_pwd_succ" : "密码重置成功,请登录邮箱修改密码"
"enter_aigin_pwd" : "请再次输入新密码"
"enter_origin_pwd" : "请输入原密码"
"find_pwd" : "可用于找回密码服务"
"findpwd_url" : ""
"forget_pwd" : "忘记密码"
"group_resetpwd_fail" : "重置失败"
"group_resetpwd_student" : "重置密码"
"group_resetpwd_succ" : "重置成功"
"input_pwd" : "请输入密码"
"input_six_pwd" : "密码长度须为6-20位,建议包含数字和大小写字母"
"limit_pwd" : "4-20位数字字母组合"
"limit_username" : "用户名只能包含数字,字母,下划线,点号, 最多16个字符。"
"modify_pwd" : "修改密码"
"modify_username" : "修改姓名"
"nb_user" : "我的"
"origin_pwd" : "原密码"
"origin_pwd_err" : "原密码错误"
"originpwd_wrong" : "原密码不正确,请重新输入"
"password" : "密码"
"pwd_ignore" : "忽略"
"pwd_length_err" : "密码长度不能小于4"
"pwd_length_err_long" : "密码长度不能大于20"
"pwd_safetip" : "为保证您的账户安全,请修改默认密码"
"pwd_suggestion" : "注: 密码长度6~20位,建议包含数字和大小写字母"
"pwd_updte_succeed" : "密码更新成功,请保护你的密码"
"reset_pwd" : "重置密码"
"reset_pwd_and_copy" : "重置并复制密码"
"reset_pwd_copy_info_format" : "您的用户名是%s 密码是%s 请妥善保管,为了您的账号安全,请及时修改密码。"
"reset_pwd_success" : "重置并复制密码成功"
"rest_pwd_fail" : "重置并复制密码失败"
"token_tip" : "对不起,本次请求受限制"
"user_name" : "用户名"
"class_key" : "class code"
"dialog_content_input_user" : "Please enter the username"
"dialog_content_no_user" : "Incorrect user ID or password. Please try again."
"dialog_content_reset_pwd_err" : "Password reset failed, please try again"
"dialog_content_reset_pwd_succ" : "The password reset is successful, please log in to change the password in the mailbox"
"enter_aigin_pwd" : "confirm new password"
"enter_origin_pwd" : "Current password"
"find_pwd" : "To retrieve password service"
"findpwd_url" : ""
"forget_pwd" : "Forgot password"
"group_resetpwd_fail" : "reset failed"
"group_resetpwd_student" : "Reset pwd"
"group_resetpwd_succ" : "Reset success"
"input_pwd" : "Enter your password"
"input_six_pwd" : "Password has to be 6–20 digits in length,it is recommended to include numbers and upper and lower case letters."
"limit_pwd" : "4-20 alphanumeric"
"limit_username" : "Usernames can only contain numbers, letters, underscores, periods, and a maximum of 16 characters."
"modify_pwd" : "Change Password "
"modify_username" : "Modify name"
"nb_user" : "Profile"
"origin_pwd" : "Original password"
"origin_pwd_err" : "The original password is incorrect"
"originpwd_wrong" : "The original password is incorrect, please enter again."
"password" : "Password"
"pwd_ignore" : "Ignore"
"pwd_length_err" : "password length can not be less than 4"
"pwd_length_err_long" : "password length can not be greater than 20"
"pwd_safetip" : "To ensure the security of your account, please change the default password."
"pwd_suggestion" : "Note: the password is 6-20 digits long, and it is recommended to include numbers and upper and lower case letters."
"pwd_updte_succeed" : "Password updated successfully, please protect your password"
"reset_pwd" : "Reset password"
"reset_pwd_and_copy" : "Reset and copy PWD"
"reset_pwd_copy_info_format" : "Your username is %s password is %s Please keep it safe.To ensure the security of your account,please change the password in time."
"reset_pwd_success" : "Password resetted and copied"
"rest_pwd_fail" : "Password resetted and copied failed"
"token_tip" : "Sorry,this request has been limited."
"user_name" : "username"
加壳分析
第三方插件
危险动作
向手机申请的权限 | 是否危险 | 类型 | 详细情况 |
---|---|---|---|
android.permission.ACCESS_NETWORK_STATE | 正常 | 查看网络状态 | 允许应用程序查看所有网络的状态 |
android.permission.INTERNET | 正常 | 互联网接入 | 允许应用程序创建网络套接字 |
android.permission.ACCESS_WIFI_STATE | 正常 | 查看Wi-Fi状态 | 允许应用程序查看有关 Wi-Fi 状态的信息 |
android.permission.RECORD_AUDIO | 危险 | 录音 | 允许应用程序访问音频记录路径 |
android.permission.MODIFY_AUDIO_SETTINGS | 正常 | 更改您的音频设置 | 允许应用程序修改全局音频设置,例如音量和路由 |
android.permission.WAKE_LOCK | 正常 | 防止手机睡眠 | 允许应用程序防止手机进入睡眠状态 |
android.permission.CAMERA | 危险 | 拍照和录像 | 允许应用程序用相机拍照和录像。这允许应用程序收集相机随时看到的图像 |
android.permission.READ_EXTERNAL_STORAGE | 危险 | 读取外部存储器内容 | 允许应用程序从外部存储读取 |
android.permission.CHANGE_NETWORK_STATE | 正常 | 更改网络连接 | 允许应用程序更改网络连接状态。 |
android.permission.CHANGE_WIFI_STATE | 正常 | 更改Wi-Fi状态 | 允许应用程序连接和断开 Wi-Fi 接入点,并对配置的 Wi-Fi 网络进行更改 |
android.permission.READ_PHONE_STATE | 危险 | 读取电话状态和身份 | 允许应用访问设备的电话功能。具有此权限的应用程序可以确定此电话的电话号码和序列号,呼叫是否处于活动状态,呼叫所连接的号码等 |
android.permission.VIBRATE | 正常 | 可控震源 | 允许应用程序控制振动器 |
android.permission.RECEIVE_BOOT_COMPLETED | 正常 | 开机时自动启动 | 允许应用程序在系统完成启动后立即启动。这可能会使启动手机需要更长的时间,并允许应用程序通过始终运行来减慢整个手机的速度 |
android.permission.REQUEST_INSTALL_PACKAGES | 危险 | 允许应用程序请求安装包。 | 恶意应用程序可以利用它来尝试诱骗用户安装其他恶意软件包。 |
android.permission.BROADCAST_PACKAGE_ADDED | 未知 | 调用了未知的操作 | |
android.permission.BROADCAST_PACKAGE_CHANGED | 未知 | 调用了未知的操作 | |
android.permission.BROADCAST_PACKAGE_INSTALL | 未知 | 调用了未知的操作 | |
android.permission.BROADCAST_PACKAGE_REPLACED | 未知 | 调用了未知的操作 | |
android.permission.GET_ACCOUNTS | 危险 | 列出帐户 | 允许访问账户服务中的账户列表 |
android.permission.WRITE_SETTINGS | 危险 | 修改全局系统设置 | 允许应用程序修改系统设定数据。恶意应用可能会损坏你的系统的配置。 |
android.permission.CALL_PHONE | 危险 | 直接拨打电话号码 | 允许应用程序在没有您干预的情况下拨打电话号码。恶意应用程序可能会导致您的电话账单出现意外呼叫。请注意,这不允许应用程序拨打紧急电话号码 |
com.plaso.P_yxt | 未知 | 调用了未知的操作 | |
android.permission.REORDER_TASKS | 正常 | 重新排序正在运行的应用程序 | 允许应用程序将任务移动到前台和后台。恶意应用程序可以在不受您控制的情况下将自己强加于前 |
android.permission.FOREGROUND_SERVICE | 正常 | 允许常规应用程序使用 Service.startForeground。 | |
com.plaso.yxt.permission.MIPUSH_RECEIVE | 未知 | 调用了未知的操作 | |
com.plaso.yxt.permission.PROCESS_PUSH_MSG | 未知 | 调用了未知的操作 | |
com.plaso.yxt.permission.PUSH_PROVIDER | 未知 | 调用了未知的操作 | |
com.coloros.mcs.permission.RECIEVE_MCS_MESSAGE | 未知 | 调用了未知的操作 | |
com.heytap.mcs.permission.RECIEVE_MCS_MESSAGE | 未知 | 调用了未知的操作 | |
com.vivo.notification.permission.BADGE_ICON | 未知 | 调用了未知的操作 | |
com.hihonor.push.permission.READ_PUSH_NOTIFICATION_INFO | 未知 | 调用了未知的操作 | |
android.permission.WRITE_EXTERNAL_STORAGE | 危险 | 读取/修改/删除外部存储内容 | 允许应用程序写入外部存储 |
android.permission.BLUETOOTH | 正常 | 创建蓝牙连接 | 允许应用程序连接到配对的蓝牙设备 |
android.permission.BLUETOOTH_ADMIN | 正常 | 蓝牙管理 | 允许应用程序发现和配对蓝牙设备。 |
android.permission.GET_TASKS | 危险 | 检索正在运行的应用程序 | 允许应用程序检索有关当前和最近运行的任务的信息。可能允许恶意应用程序发现有关其他应用程序的私人信息 |
android.permission.FLASHLIGHT | 正常 | 控制手电筒 | 允许应用程序控制手电筒 |