1.1.1.1.apk分析结果

温馨提示：APP静态检测会有结果不完整的现象，如有疑问或建议，可加入我们的微信群讨论

APP图标

下载APP

文件信息

文件名 base.apk
文件大小 5.51MB
MD5值 10fa1e548a1859247b75e2321021d618
SHA1值 257f3ba89e13cd023ff8e1e5aaca8adc2e16827e
SHA256值 c67327f9dda523ac8c63594415aed7dbdfec0b40be43f748f52c3976b10b7920

APK信息

APK名称 1.1.1.1
包名 com.cloudflare.onedotonedotonedotone
主活动 com.cloudflare.app.presentation.main.SplashActivity
安卓版本名称 6.29

域名线索 34 条

查看

URL线索 51 条

查看

邮箱线索 3 条

查看

手机号线索 1 条

查看

域名线索

域名	ip	地区
www.googleadservices.com	58.254.137.230	China - Guangdong
connectivity.cloudflareclient.com	162.159.137.65	United States of America - California
junit.org	104.20.35.83	United States of America - California
reports.crashlytics.com	没有ip信息	没有地区信息
play.google.com	93.46.8.90	Italy - Lombardia
www.slf4j.org	159.100.250.151	Switzerland - Zurich
cloudflare-dns.com	104.16.248.249	United States of America - California
www.apache.org	151.101.2.132	United States of America - California
twitter.com	199.59.149.232	United States of America - California
www.facebook.com	174.37.243.85	United States of America - District of Columbia
www.google.com	104.244.43.208	United States of America - California
plus.google.com	31.13.87.33	Taiwan (Province of China) - Taipei
firebase.google.com	172.217.160.78	United States of America - California
one.one.one.one	1.0.0.1	United States of America - California
www.zendesk.com	104.18.20.26	United States of America - California
app-measurement.com	58.254.149.225	China - Guangdong
api.cloudflareclient.com	104.19.237.24	United States of America - California
goo.gl	142.251.42.238	United States of America - California
google.com	93.46.8.90	Italy - Lombardia
www.cloudflare.com	104.16.124.96	United States of America - California
firebase-settings.crashlytics.com	58.254.149.162	China - Guangdong
cp.cloudflare.com	104.16.133.229	United States of America - California
zero-trust-client.cloudflareclient.com	162.159.137.105	United States of America - California
engage.cloudflareclient.com	162.159.192.1	United States of America - California
update.crashlytics.com	58.254.137.226	China - Guangdong
warp.plus	151.101.1.195	United States of America - California
onedot.zendesk.com	104.16.55.111	United States of America - California
tools.android.com	172.217.163.51	United States of America - California
project-8285292058764338105.firebaseio.com	35.201.97.85	United States of America - Missouri
github.com	20.205.243.166	Singapore - Singapore
schemas.android.com	没有ip信息	没有地区信息
kotlinlang.org	13.249.160.64	Japan - Tokyo
pagead2.googlesyndication.com	58.254.137.230	China - Guangdong
developer.android.com	142.251.42.238	United States of America - California

URL线索

URL信息	Url所在文件
https://play.google.com/store/account/subscriptions?sku=plus.warp.1m&package=com.cloudflare.onedotonedotonedotone	defpackage/o.java
https://connectivity.cloudflareclient.com/cdn-cgi/trace	com/cloudflare/app/presentation/feedback/SubmitFeedbackInterstitialActivity.java
https://connectivity.cloudflareclient.com/cdn-cgi/trace	com/cloudflare/app/presentation/settings/diagnostics/DiagnosticsActivity.java
https://cp.cloudflare.com	com/cloudflare/app/vpnservice/detectors/CaptivePortalDetector.java
https://engage.cloudflareclient.com	com/cloudflare/app/vpnservice/detectors/CaptivePortalDetector.java
https://one.one.one.one/?interest=learn-more	d/a/a/a/b/b.java
https://twitter.com/intent/tweet?text=	d/a/a/a/b/c/j.java
https://www.facebook.com/sharer/sharer.php?u=	d/a/a/a/b/c/i.java
https://github.com/square/moshi	d/a/a/a/c/i0/d.java
https://github.com/tbruyelle/RxPermissions	d/a/a/a/c/i0/d.java
https://github.com/square/retrofit	d/a/a/a/c/i0/d.java
https://github.com/ReactiveX/RxAndroid	d/a/a/a/c/i0/d.java
https://developer.android.com/topic/libraries/architecture/workmanager	d/a/a/a/c/i0/d.java
https://github.com/cloudflare/boringtun	d/a/a/a/c/i0/d.java
https://github.com/FutureMind/liverelay	d/a/a/a/c/i0/d.java
https://github.com/FutureMind/daggerutils	d/a/a/a/c/i0/d.java
https://github.com/FutureMind/prefs-delegates	d/a/a/a/c/i0/d.java
https://github.com/JetBrains/kotlin	d/a/a/a/c/i0/d.java
http://www.apache.org/licenses/LICENSE-2.0\n\nUnless	d/a/a/a/c/i0/d.java
https://github.com/ReactiveX/RxJava/	d/a/a/a/c/i0/d.java
https://github.com/google/dagger/blob/master/LICENSE.txt	d/a/a/a/c/i0/d.java
https://github.com/square/okhttp/blob/master/LICENSE.txt	d/a/a/a/c/i0/d.java
https://junit.org/junit4/license.html	d/a/a/a/c/i0/d.java
https://github.com/mockito/mockito	d/a/a/a/c/i0/d.java
https://github.com/nhaarman/mockito-kotlin	d/a/a/a/c/i0/d.java
https://github.com/gmazzo/okhttp-client-mock	d/a/a/a/c/i0/d.java
https://github.com/JakeWharton/timber	d/a/a/a/c/i0/d.java
https://github.com/JakeWharton/ThreeTenABP	d/a/a/a/c/i0/d.java
https://github.com/Jigsaw-Code/Intra	d/a/a/a/c/i0/d.java
http://www.apache.org/licenses/LICENSE-2.0\n\n	d/a/a/a/c/i0/d.java
https://github.com/romandanylyk/PageIndicatorView	d/a/a/a/c/i0/d.java
https://github.com/romandanylyk/PageIndicatorView/issues/141	d/a/a/a/c/i0/d.java
https://github.com/fengyouchao/sockslib	d/a/a/a/c/i0/d.java
https://github.com/ambrop72/badvpn/wiki/Tun2socks	d/a/a/a/c/i0/d.java
https://github.com/arturbosch/detekt	d/a/a/a/c/i0/d.java
https://github.com/twofortyfouram/android-plugin-client-sdk-for-locale	d/a/a/a/c/i0/d.java
https://github.com/firebase/firebase-android-sdk	d/a/a/a/c/i0/d.java
https://developer.android.com/jetpack/androidx	d/a/a/a/c/i0/d.java
https://kotlinlang.org/	d/a/a/a/c/i0/d.java
http://developer.android.com/tools/extras/support-library.html	d/a/a/a/c/i0/d.java
http://tools.android.com/	d/a/a/a/c/i0/d.java
https://developer.android.com/topic/libraries/architecture/index.html	d/a/a/a/c/i0/d.java
https://github.com/trello/RxLifecycle	d/a/a/a/c/i0/d.java
https://github.com/ThreeTen/threetenbp	d/a/a/a/c/i0/d.java
https://github.com/llew2011/HuaWeiVerifier	d/a/a/a/c/i0/d.java
https://www.cloudflare.com/ko-kr/application/privacypolicy/	d/a/a/a/e/e.java
https://www.cloudflare.com/ko-kr/application/privacypolicy/application-consent/	d/a/a/a/e/f.java
https://connectivity.cloudflareclient.com/cdn-cgi/trace	d/a/a/b/a/p.java
https://engage.cloudflareclient.com/cdn-cgi/trace	d/a/a/b/a/s.java
https://one.one.one.one/ref?referrer=	d/a/a/b/a/j1/b.java
https://warp.plus	d/a/a/b/a/j1/b.java
https://onedot.zendesk.com	d/a/a/b/h/f/a.java
https://connectivity.cloudflareclient.com/cdn-cgi/trace	d/a/a/b/j/g.java
https://connectivity.cloudflareclient.com/cdn-cgi/trace	d/a/a/b/j/k.java
https://connectivity.cloudflareclient.com/cdn-cgi/trace	d/a/a/b/l/e.java
https://[	d/a/a/b/l/e.java
https://connectivity.cloudflareclient.com/cdn-cgi/trace	d/a/a/b/m/e.java
https://zero-trust-client.cloudflareclient.com	d/a/a/c/f/e.java
https://cp.cloudflare.com	d/a/a/d/l/c.java
http://cp.cloudflare.com	d/a/a/d/l/i.java
http://cp.cloudflare.com	d/a/a/d/l/d.java
https://connectivity.cloudflareclient.com/cdn-cgi/trace	d/a/a/d/r/f/i.java
https://connectivity.cloudflareclient.com/cdn-cgi/trace	d/a/a/d/r/g/a.java
https://connectivity.cloudflareclient.com/cdn-cgi/trace	d/a/a/d/r/i/d.java
https://api.cloudflareclient.com	d/a/a/h/t4.java
https://pagead2.googlesyndication.com/pagead/gen_204?id=gmob-apps	d/d/a/c/a/a/b.java
https://plus.google.com/	d/d/a/c/e/m/d0.java
https://goo.gl/J1sWQy	d/d/a/c/h/g/h.java
https://app-measurement.com/a	d/d/a/c/h/g/m9.java
https://google.com/search?	d/d/a/c/i/b/a7.java
https://www.googleadservices.com/pagead/conversion/app/deeplink?id_type=adid&sdk_version=%s&rdid=%s&bundleid=%s&retry=%s	d/d/a/c/i/b/d6.java
https://firebase.google.com/support/guides/disable-analytics	d/d/a/c/i/b/m3.java
https://www.google.com	d/d/a/c/i/b/x9.java
https://goo.gl/NAOOOI.	d/d/a/c/i/b/x9.java
https://goo.gl/NAOOOI	d/d/a/c/i/b/x9.java
https://app-measurement.com/a	d/d/a/c/i/b/s.java
https://firebase-settings.crashlytics.com/spi/v2/platforms/android/gmp/%s/settings	d/d/c/g/b.java
https://update.crashlytics.com/spi/v1/platforms/android/apps	d/d/c/g/d/t/g.java
https://update.crashlytics.com/spi/v1/platforms/android/apps/%s	d/d/c/g/d/t/g.java
https://reports.crashlytics.com/spi/v1/platforms/android/apps/%s/reports	d/d/c/g/d/t/g.java
https://reports.crashlytics.com/sdk-api/v1/platforms/android/apps/%s/minidumps	d/d/c/g/d/t/g.java
https://firebase.google.com/support/privacy/init-options.	d/d/c/o/f.java
https://www.cloudflare.com/application/privacypolicy/	g0/a/a/b/a.java
https://www.cloudflare.com/application/terms/	g0/a/a/b/a.java
https://cloudflare-dns.com/dns-query?name=	g0/a/a/b/a.java
http://schemas.android.com/apk/res/android	g0/a/a/b/a.java
https://github.com/ReactiveX/RxJava/wiki/Error-Handling	io/reactivex/exceptions/OnErrorNotImplementedException.java
https://github.com/ReactiveX/RxJava/wiki/What's-different-in-2.0	io/reactivex/exceptions/UndeliverableException.java
https://github.com/ReactiveX/RxJava/wiki/Plugins	k0/a/a.java
https://github.com/ReactiveX/RxJava/wiki/Plugins	k0/a/m.java
https://github.com/ReactiveX/RxJava/wiki/Plugins	k0/a/r.java
https://github.com/ReactiveX/RxJava/wiki/Plugins	k0/a/h.java
https://github.com/ReactiveX/RxJava/wiki/Plugins	k0/a/w.java
http://www.slf4j.org/codes.html	o0/c/c.java
http://tools.android.com/tech-docs/new-build-system/user-guide/manifest-merger\nIf	r0/a/k0.java
https://www.zendesk.com/embeddables	zendesk/support/SupportSdkSettings.java
https://project-8285292058764338105.firebaseio.com	Mogua Engine V1

邮箱线索

邮箱地址	所在文件
this@warpinviteactivity.resources	com/cloudflare/app/presentation/warp/invite/WarpInviteActivity.java
ambrop7@gmail.com	d/a/a/a/c/i0/d.java
u0013android@android.com0	d/d/a/c/e/a0.java
u0013android@android.com	d/d/a/c/e/a0.java

手机线索

手机号	所在文件
15552000000	d/d/a/c/i/b/a6.java

代码反编译

AndroidManifest配置查看

Java源代码查看 -- 下载

APK文件会员可下载

签名证书

APK已签名
v1 签名: True
v2 签名: True
v3 签名: True
找到 1 个唯一证书
主题: C=US, ST=California, L=Mountain View, O=Google Inc., OU=Android, CN=Android
签名算法: rsassa_pkcs1v15
有效期自: 2018-11-10 15:25:04+00:00
有效期至: 2048-11-10 15:25:04+00:00
发行人: C=US, ST=California, L=Mountain View, O=Google Inc., OU=Android, CN=Android
序列号: 0x202c2e13a12115dda689a57dbd1a7ce2f954d8a4
哈希算法: sha256
md5值: bc9e633a528d32929a33282fde6f4cac
sha1值: 3a595e52dd381bcee86a82a089c9bdc78fd459bf
sha256值: 273a3a5e09dc720d3b3945162e724d9a69b21fc542bed7457f115966b145e8bc
sha512值: 692aa22ad095f813d07cf5c4d4f2b20c60b78bfcddde8f6e22615c10f0a94a775d67c1e822d8aae2726769d676ea4d55b03a052b2dde75ea7585384ecc04d976
公钥算法: rsa
密钥长度: 4096
指纹: 9a3e8dabac1547839155dcff7fb75e5404160824669a69cd5df364a07dd65438

硬编码敏感信息

"account_team_re_auth" : "Re-Authenticate Session"
"diagnostics_public_key" : "Public key"
"dns_queries_are_not_private" : "Your DNS queries are not private."
"dns_queries_are_private" : "Your DNS queries are private and faster."
"firebase_database_url" : "https://project-8285292058764338105.firebaseio.com"
"generate_posture_only_certificate" : "Generate Posture Only Certificate"
"google_api_key" : "AIzaSyD8EGrWU54WutcvV_JdaK5w5IlTFsxU7Nc"
"google_crash_reporting_api_key" : "AIzaSyD8EGrWU54WutcvV_JdaK5w5IlTFsxU7Nc"
"key" : "Key"
"license_key" : "License key"
"missing_certificate" : "Unable to connect"
"notification_authenticate_body" : "Your administrator has requested you re-authenticate to continue accessing a network resource"
"notification_authenticate_title" : "Authentication requested"
"posture_only_enter_passphrase_for_certificate" : "Enter Passphrase for certificate"
"posture_only_generating_certificate" : "Generating Certificate"
"posture_only_storing_certificate" : "Storing Certificate"
"posture_only_success_generating_certificate" : "Please install the certificate stored at Downloads folder under Files app. You can also request a new certificate for Device Posture Information from our app."
"re_auth_successful" : "Re-Authentication is successful"
"re_auth_unsuccessful" : "Error occurred while re-authenticating. Please try again later"
"restriction_auth_client_id" : "Auth Client ID"
"restriction_auth_client_secret" : "Auth Client Secret"
"share_license_key" : "Share license key"
"warp_disconnected_internet_not_private" : "Your Internet is not private."
"your_internet_is_faster_private" : "Your Internet is private."

加壳分析

会员可查看

第三方插件

会员可查看

危险动作

向手机申请的权限	是否危险	类型	详细情况
com.cloudflare.onedotonedotonedotone.permission.ACCESS_EXPORTED_ACTIVITY	未知		调用了未知的操作
android.permission.INTERNET	正常	互联网接入	允许应用程序创建网络套接字
android.permission.ACCESS_NETWORK_STATE	正常	查看网络状态	允许应用程序查看所有网络的状态
android.permission.WRITE_EXTERNAL_STORAGE	危险	读取/修改/删除外部存储内容	允许应用程序写入外部存储
android.permission.RECEIVE_BOOT_COMPLETED	正常	开机时自动启动	允许应用程序在系统完成启动后立即启动。这可能会使启动手机需要更长的时间,并允许应用程序通过始终运行来减慢整个手机的速度
android.permission.FOREGROUND_SERVICE	正常		允许常规应用程序使用 Service.startForeground。
android.permission.ACCESS_WIFI_STATE	正常	查看Wi-Fi状态	允许应用程序查看有关 Wi-Fi 状态的信息
android.permission.POST_NOTIFICATIONS	未知		调用了未知的操作
android.permission.ACCESS_COARSE_LOCATION	危险	粗定位	访问粗略位置源,例如移动网络数据库,以确定大概的电话位置（如果可用）。恶意应用程序可以使用它来确定您的大致位置
android.permission.READ_EXTERNAL_STORAGE	危险	读取外部存储器内容	允许应用程序从外部存储读取
com.android.vending.BILLING	未知		调用了未知的操作
android.permission.WAKE_LOCK	正常	防止手机睡眠	允许应用程序防止手机进入睡眠状态
com.google.android.c2dm.permission.RECEIVE	合法	C2DM 权限	云到设备消息传递的权限
com.google.android.finsky.permission.BIND_GET_INSTALL_REFERRER_SERVICE	未知		调用了未知的操作