Sec*_*Occ 9 security android apk
当我尝试验证时,如果.apk(andriod应用程序)已签名,我会看到以下错误.
我不确定这个错误究竟意味着什么?
这会引起任何安全问题吗?
root@kali:~/Downloads# apksigner verify --verbose magni_v1.2.8_apkpure.com.apk
Verifies
Verified using v1 scheme (JAR signing): true
Verified using v2 scheme (APK Signature Scheme v2): true
Number of signers: 1
WARNING: META-INF/android.arch.core_runtime.version not protected by signature. Unauthorized modifications to this JAR entry will not be detected. Delete or move the entry outside of META-INF/.
WARNING: META-INF/android.arch.lifecycle_livedata-core.version not protected by signature. Unauthorized modifications to this JAR entry will not be detected. Delete or move the entry outside of META-INF/.
WARNING: META-INF/android.arch.lifecycle_runtime.version not protected by signature. Unauthorized modifications to this JAR entry will not be detected. Delete or move the entry outside of META-INF/.
WARNING: META-INF/android.arch.lifecycle_viewmodel.version not protected by signature. Unauthorized modifications to this JAR entry will not be detected. Delete or move the entry outside of META-INF/.
WARNING: META-INF/com.android.support_support-compat.version not protected by signature. Unauthorized modifications to this JAR entry will not be detected. Delete or move the entry outside of META-INF/.
WARNING: META-INF/com.android.support_support-core-ui.version not protected by signature. Unauthorized modifications to this JAR entry will not be detected. Delete or move the entry outside of META-INF/.
WARNING: META-INF/com.android.support_support-core-utils.version not protected by signature. Unauthorized modifications to this JAR entry will not be detected. Delete or move the entry outside of META-INF/.
WARNING: META-INF/com.android.support_support-fragment.version not protected by signature. Unauthorized modifications to this JAR entry will not be detected. Delete or move the entry outside of META-INF/.
WARNING: META-INF/com.android.support_support-media-compat.version not protected by signature. Unauthorized modifications to this JAR entry will not be detected. Delete or move the entry outside of META-INF/.
WARNING: META-INF/com.android.support_support-v4.version not protected by signature. Unauthorized modifications to this JAR entry will not be detected. Delete or move the entry outside of META-INF/.
WARNING: META-INF/rxjava.properties not protected by signature. Unauthorized modifications to this JAR entry will not be detected. Delete or move the entry outside of META-INF/.
谢谢
Pie*_*rre 13
APK的签名保证如果文件在签名后在APK中更改,则无法在Android设备上安装(签名将无效).
APK的签名存储在APK的META-INF目录中,这意味着如果其他一些文件存储在META-INF目录中,则签名不会覆盖它们.您看到的警告会显示APK中某些文件,这些文件位于META-INF目录中,不受签名保护.
实际上,这些文件并不重要,它们主要是您所依赖的库的版本,因此即使有人修改了这些文件,也不会对您的应用产生任何影响.这就是为什么它只是一个警告:你的APK中的那些文件可以由其他人修改,同时仍假装APK由你签名,但这些文件并不重要.
这在APK中很常见,所以我不担心.
| 归档时间: |
|
| 查看次数: |
1808 次 |
| 最近记录: |