SUMMARY
ISSUES SEVERITY
MANIFEST SCANNER
NA
NA
NA
VULNERABILITIES
Weak Crypto Algorithms
MEDIUM
sources/remotelogger/C16865hW.java
STRINGS
facebook oauth
MEDIUM
resources/res/values/strings.xml
ASSETS
url
LOW
resources/res/values-th/strings.xml
0 CRITICAL severity MANIFEST issues present
0 HIGH severity MANIFEST issues present
0 MEDIUM severity MANIFEST issues present
0 LOW severity MANIFEST issues present
0 INFO severity MANIFEST issues present
0 RESILIENCE severity MANIFEST issues present
0 CRITICAL severity VULNERABILITIES issues present
0 HIGH severity VULNERABILITIES issues present
41 MEDIUM severity VULNERABILITIES issues present
18 LOW severity VULNERABILITIES issues present
61 INFO severity VULNERABILITIES issues present
0 RESILIENCE severity VULNERABILITIES issues present
0 CRITICAL severity STRINGS issues present
0 HIGH severity STRINGS issues present
32 MEDIUM severity STRINGS issues present
270 LOW severity STRINGS issues present
0 INFO severity STRINGS issues present
0 RESILIENCE severity STRINGS issues present
0 CRITICAL severity ASSETS issues present
0 HIGH severity ASSETS issues present
49 MEDIUM severity ASSETS issues present
2973 LOW severity ASSETS issues present
0 INFO severity ASSETS issues present
0 RESILIENCE severity ASSETS issues present
ISSUES
Weak Crypto Algorithms - 6 issues
Weak Crypto Algorithm - AES with weak ECB - 2 issues
Non-parameterized SQL Query - 4 issues
Possible Object Deserialization - 3 issues
CBC Padding Oracle Attack Possible - 2 issues
Accept Self Signed Certificate - 13 issues
Insecure Pending Intent - 2 issues
WebView ignores SSL errors - 4 issues
Insecure Activity Start - 3 issues
Insecure Random Used - 61 issues
Frida server detection by app - 3 issues
Remote WebView debugging enabled - 1 issues
WebView javascript enabled - 3 issues
Check for rooted device by app - 4 issues
Storage of sensitive information in Shared Preferences - 9 issues
MALWARES
0
MALWARES
APKiD
11
APKiD
STRINGS
Facebook Oauth - 1 matches
JSON Web Token - 1 matches
Google API Key - 3 matches
Generic API Key - 1 matches
Facebook Client Token - 1 matches
Possible Secret Detected - 29 matches
ASSETS
URL - 1071 matches
Hostname - 123 matches
Filename - 248 matches
REST API - 647 matches
File path - 718 matches
Relative Endpoint - 7 matches
PERMISSIONS SUMMARY
Permissions
Count
Safe
14
Risky
13
Dangerous
1
ASSETS WORDCLOUD
www.gojek.com - 12 count
www.go-jek.com - 4 count
gate-integration.go-life.co.id - 4 count
gate.go-life.co.id - 4 count
i.gojekapi.com - 34 count
lelogama.go-jek.com - 2 count
d2qvdgz8wl1t4k.cloudfront.net - 2 count
consumer-app-23d4b.firebaseio.com - 1 count
gofood.link - 1 count
api.gojekapi.com - 2 count
gojek.com - 1 count
api-cons.go-life.co.id - 1 count
customer.gopayapi.com - 1 count
merchants-gws-app.gopayapi.com - 1 count
goplay.onelink.me - 1 count
TRACKERS
6
TRACKERS
THIRD PARTY LIBRARIES
85
THIRD PARTY LIBRARIES
CONTACT
Website
Email
HIDE REPORT
Are you the developer or owner of this app? Choose to keep your report private from BeVigil's Search for 30 days.