iOS基于Schema协议实现应用识别(金融风控业务,高风险应用,安装多头等软件识别)
1.schema判断是否安装了某app
①.判断代码
//schema协议前缀
NSString *schema = "wemeet://";
NSURL *url = [NSURL URLWithString:schema];
//判断应用是否安装
bool installed = [[UIApplication sharedApplication] canOpenURL:url];②.在info.plist文件新增配置
新增key:LSApplicationQueriesSchemes Type:Array。
新增items,配置需要识别的app schema参数。
2.如何获取AppStore上某个App的Schema配置列表
①在Mac OSX中安装Apple Configurator 2软件,打开软件并在apple账号
②准备一台iPhone,该设备上登录的账号和Apple Configurator 2登录的账号保持一致,并手机连接到电脑上。
③打开iPhone设备上的AppStore app,搜索你所需的app,点击安装按钮,等app安装成功后再进行下一步。
④在Apple Configurator 2软件的所有设备面板中双击选中设备,点击添加->在搜索栏输入刚在iPhone设备中下载的App->搜索到后点击选中App->点击添加按钮。
⑤下载后会询问iPhone中已经存在该app的提示信息,注意这一步非常重要,弹出对话框后不要对对话框做任何操作,进入下一步。
⑥打开finder(访达),按快捷键shift+command+G,在弹出前往文件夹对话框中输入内容~/Library/Group Containers/K36BKF7T3D.group.com.apple.configurator/Library/Caches/Assets/TemporaryItems/MobileApps,再敲下回车。进入文件夹可以看到刚才下载的app的安装包。
⑦解压ipa文件找到info.plist文件并找到schema配置列表
将要
.ipa文件的扩展名改成.zip解压文件,然后进入Payload文件夹->右击XXX文件->选择查看包内容->找到info.plist文件,用文本编辑器打开该文件,找到CFBundleURLTypes配置项,配置项下就是schema列表。
我写了一个快速查看.ipaSchema内容的Java程序,如下:
依赖
<dependency>
<groupId>com.googlecode.plist</groupId>
<artifactId>dd-plist</artifactId>
<version>1.23</version>
<scope>test</scope>
</dependency>ParseIpaTests.java
public class ParseIpaTests {
public static void main(String[] args) {
String path = "/Users/pengjianbo/Library/Group Containers/K36BKF7T3D.group.com.apple.configurator/Library/Caches/Assets/TemporaryItems/MobileApps";
File file = new File(path);
if (file.exists()) {
File[] files = file.listFiles();
if (files == null || files.length == 0) {
return;
}
File dir = files[0];
File[] files2 = dir.listFiles();
if (files2 == null || files2.length == 0) {
return;
}
for (File file1 : files2) {
if(!file1.isDirectory()){
continue;
}
File[] files3 = file1.listFiles();
if (files3 == null || files3.length == 0) {
return;
}
for (File f : files3) {
if (!StringUtils.endsWith(f.getAbsolutePath(), ".ipa")) {
continue;
}
IpaService.getIpaInfoMap(f.toString());
}
}
}
}
}IpaDao.java
public class IpaDao {
private static final int buffer = 2048;
/**
* 解压Zip文件
* @param ipaPath 文件目录
* @throws IOException
*/
public static File unZip(String ipaPath) throws IOException {
int count = -1;
File file = null;
InputStream is = null;
FileOutputStream fos = null;
BufferedOutputStream bos = null;
ZipFile zipFile = null;
File result = null;
String savepath = "";
savepath = ipaPath.substring(0, ipaPath.lastIndexOf(".")) + File.separator;
File existsSavePath = new File(savepath); // 创建保存目录
if(existsSavePath.exists()){
existsSavePath.delete();
}
existsSavePath.mkdir();
zipFile = new ZipFile(ipaPath); // 解决中文乱码问题
Enumeration<?> entries = zipFile.entries();
while (entries.hasMoreElements()) {
byte buf[] = new byte[buffer];
ZipEntry entry = (ZipEntry) entries.nextElement();
String filename = entry.getName();
boolean ismkdir = false;
// 检查此文件是否带有文件夹
if (filename.lastIndexOf("/") != -1) {
ismkdir = true;
}
filename = savepath + filename;
// 如果是文件夹先创建
if (entry.isDirectory()) {
file = new File(filename);
file.mkdirs();
continue;
}
file = new File(filename);
// 如果是文件夹先创建
if (!file.exists()) {
if (ismkdir) {
new File(filename.substring(0, filename.lastIndexOf("/"))).mkdirs(); // 目录先创建
}
}
file.createNewFile(); // 创建文件
//判断文件名字
if(filename.endsWith(".app/Info.plist")) {
result = new File(filename);
}
is = zipFile.getInputStream(entry);
fos = new FileOutputStream(file);
bos = new BufferedOutputStream(fos, buffer);
while ((count = is.read(buf)) > -1) {
bos.write(buf, 0, count);
}
bos.flush();
bos.close();
fos.close();
is.close();
}
zipFile.close();
try {
if (bos != null) {
bos.close();
}
if (fos != null) {
fos.close();
}
if (is != null) {
is.close();
}
if (zipFile != null) {
zipFile.close();
}
} catch (Exception e) {
e.printStackTrace();
}
return result;
}
}IpaService.java
public class IpaService {
/**
* 1.生成info.plist文件的键值对
*
* @param ipa 输入api文件的路径
* @return map Info.plist文件中的信息转为键值对 .api文件---->.zip文件---->返回Info.plist
*/
public static String getIpaInfoMap(String ipaPath) {
try {
File Infofile = IpaDao.unZip(ipaPath);
// 解析路径中的文件,封装到map集合
NSDictionary parse = (NSDictionary) PropertyListParser.parse(Infofile);
try {
NSString CFBundleDisplayName = (NSString) parse.get("CFBundleDisplayName");
if(CFBundleDisplayName == null){
CFBundleDisplayName = (NSString) parse.get("CFBundleName");
}
System.out.println("CFBundleDisplayName=" + CFBundleDisplayName.getContent());
NSArray urlTypes = (NSArray) parse.get("CFBundleURLTypes");
if (urlTypes == null) {
return null;
}
for (NSObject nsObject : urlTypes.getArray()) {
NSDictionary dictionary = (NSDictionary) nsObject;
NSArray nsArray = (NSArray) dictionary.get("CFBundleURLSchemes");
if (nsArray == null) {
return null;
}
for (NSObject object : nsArray.getArray()) {
NSString nsStr = (NSString) object;
System.out.println("CFBundleURLSchemes=" + nsStr.getContent());
}
}
}catch (Throwable e){
e.printStackTrace();
}
String infoPlist = digui(parse, -1);
return infoPlist;
} catch (Exception e) {
JPanel panel = new JPanel();
JOptionPane.showMessageDialog(panel, "文件类型不支持", "提示", JOptionPane.WARNING_MESSAGE);
}
return null;
}
/**
* 2.递归方法
*
* @param sb
* @return
*/
public static String digui(NSDictionary parse, int count) {
++count;
StringBuffer sb = new StringBuffer();
for (Map.Entry<String, NSObject> entry : parse.entrySet()) {
// 获取文档键对应的值
String object = entry.getValue().toString();
// 获取文档键
String key = entry.getKey();
// 1.判断是否是其他类型
if (object.contains("NSArray") || object.contains("NSDictionary")) {
// 1.1数组类型判断
if (object.contains("NSArray")) {
NSObject[] array = ((NSArray) parse.get(key)).getArray();
// 1.1.1先添加主键
for (int i = 0; i < count; i++) {
sb.append("\t");
}
sb.append(key + ":" + "\r\n");
// 1.1.2判断值类型
for (int i = 0; i < array.length; i++) {
//如果是字典类型,继续递归
if (array[i].toString().contains("NSDictionary")) {
NSDictionary parse3 = (NSDictionary) array[i];
String digui2 = digui(parse3, count);
sb.append(digui2);
}
//如果是数值,直接添加
else {
for (int j = 0; j < count; j++) {
sb.append("\t");
}
sb.append("\t" + array[i] + "\r\n");
}
}
}
//1.2字典类型判断
else {
for (int i = 0; i < count; i++) {
sb.append("\t");
}
sb.append(key + ":" + "\r\n");
NSDictionary parse2 = (NSDictionary) parse.get(key);
String digui3 = digui(parse2, count);
sb.append(digui3);
}
}
// 2.如果是键值对类型直接添加
else {
for (int i = 0; i < count; i++) {
sb.append("\t");
}
sb.append(key + ":" + parse.get(key) + "\r\n");
}
}
return sb.toString();
}
}schema列表(金融借贷、高风险应用)
- 金融借贷
| 应用名称 | Schema | 应用名称 | Schema |
|---|---|---|---|
| 柚卡 | hnzycfctqh | 连连来钱 | wx12a20f8d38242e27或LSApplicationQueriesSchemes |
| 拍拍贷 | loan.ppdai.com | 秒贷款 | wxed7adf75b1686f8d |
| 榕树贷 | brbanyanrxq | 捷信金融 | capp或capppro |
| 省呗 | shansmycredit | 洋钱罐借款 | zebra |
| 招联金融 | muapp或mucfcapp | 小赢分期 | xyfq |
| 新浪金融 | sinajr | 拉卡拉 | lkl |
| 你我贷 | jiaxuedai | 好分期 | hfqdl |
| 平安好贷 | pahd | 哈银消金 | hrbbapp |
| 有钱花 | duxiaomanloan | 幸福花 | hcfc-url |
| 360借条 | qihooloan | 维信闪贷 | vblotloan |
| 安逸花 | msxfayh或ayh | 蒙商消费金融 | com.baoyin.credit |
| 分期乐 | fenqile | 中邮钱包 | zywallet |
| 小米贷款 | miloan | 众安小贷 | zaloan |
| 中原消费金融 | hnzycfc | 虫虫借钱 | tcfclient |
| 携程金融 | CtripFinanceIphone或CtripFinancephone | 戒易花 | alipay20200908jiyihua |
| 榕易有钱 | brbanyan | 喜鹊快贷 | yddapp |
| 度小满金融 | duxiaomanwallet或dxmwallet | 万达普惠 | wandaph或wandapuhui |
| 够花 | Gouhua | 融360贷款 | R360BigApp |
| 还呗 | huanbei或eloan | 大地时贷 | wx990b73cc7f6f7b58 |
| 来分期 | laifenqi | 秒借钱包 | daikuangou |
| 微贷借款 | CreditLoan | 金山金融 | com.kingsoft.finance.ios |
| 时光分期 | shiguangfenqi | 功夫贷 | gongfudai |
| 宜人贷借款 | dkzs或yrdweb | 微博钱包 | weiboqb |
| 小米借条 | miloanx | 短借 | wx8c159bc0ea6b0167 |
| 小马花花 | msxfxmhh或msxfxmhh.msxf.com | 携程借款 | CtripJdIphone或CtripJdphone |
| 摇钱花 | xywallet | 好来贷 | com.jinqiao.app.fsb |
| 360信用钱包 | qihooloanxyqb | 无域借贷款 | wx78c5ff4e90635095 |
| 万卡 | wanka | 运呗 | yunbei |
| 新浪分期 | xlfq或XLFQby | 借钱花 | mycardpro或cardniu |
| 豆豆钱 | doudoumoneyschem | 安逸花极速版 | ayhlite |
| 备胎信用 | btcredit | 融360贷款 | R360BigApp |
| 人人贷借款 | rrdloan | 有钱花极速版 | duxiaomanloanlite |
| 魔借 | drm-borrower或dianrong-speedloan | 苏宁金融 | SuningEfubao或com.suning.jr |
| 海尔消费金融 | haiercashhf或haiercashlx | 极融借款 | geerong |
| 小闪分期 | com.weishangtech.kskd | 随借 | wx23183233650713f6 |
| 省呗 | smycredit | 团贷网借款 | tuandailoan |
| 马上金融 | msxfapp或msxfFinance | 晋享钱包 | jxqb |
| 天星金融 | mifi | 顺丰金融 | sfpay |
| 万达贷 | wdp或wdsd | 小花钱包 | xhqball |
| 360分期贷 | qihooloanfenqidai | 你我贷 | niwodai |
| 榕树借条 | brbanyanrxq | 杭银金融 | hyxfapp或HyxfApp |
| 国美金融 | mylc或gmfinstall | 苏宁消费金融 | sncfc或sncfcrxf |
| 还呗-还享借 | hbcash | 中银消费金融 | boccfc |
| 平安普惠 | PAYiDai | 平安消费金融 | pacfc |
| 新橙优品 | xincheng | 长银消费金融 | LoanRouter |
| 花鸭借钱 | ppxiaodai或leading.huayajieqian.com | 华融消费金融 | hrcfc |
| 人品贷极速版 | en51rpd | 阳光消费 | ygxf |
| 民生易贷 | msyd或MSYiDai | 金美信金融 | wx58b7be61ba0c7dee |
| 备好贷 | btloan | 尚诚消费金融 | shangcheng |
| 安心花 | wx017de833e85e4969 | 盛银消费金融 | cn.com.syxfjr.ios |
| 平安贷款 | pinganbankloan | 好哒白条 | wx49abd2e0bb9054c6 |
| 招联好期贷 | hqd | 信而富 | crfMarket |
| 度小满金融Lite | bwapp或baiduwallet或dxmwallet | 鑫梦享 | wx4dc5cf62862e49d2 |
| 分期乐借钱 | fenqileBorrow | 易开花 | bobcfc |
| 国美易卡 | gomeyk | 消邦 | hyxbapp |
| 快易花 | wdkyh | KOO钱包 | koou |
| U钱包 | drm-uloan | 小鱼福卡 | fishcard |
| 任意花 | easymoney | 融易分期 | ryfq |
| 羊小咩 | xyqb | 空手到 | icfapp |
| 宜享花 | yixianghua | 易启分期 | hengshenhuo |
| 维信卡卡贷 | kkcreditSchem | 嗨袋 | hubeicfcApp |
| 浪小花 | wb898990797 | 畅行花 | comchangxinghuacxh |
| 榕树贷款 | brbanyan | 桔多多 | juzifenqi |
| 58好借 | JRHaoJie | 云联掌柜 | ylzg |
| 百信银行 | bxbank | 分期易 | qmwalle1Enterprise |
- 高风险(VPN/赌博/改机/等)
| 应用名称 | Schema | 应用名称 | Schema |
|---|---|---|---|
| dream gaming | dgcom | Cydia | cydia |
| 轻蜂 | QingFeng | Melon VPN | mvpn |
| 蓝鲸 | LanJing | VPN | fb2402988699750088 |
| 快滚加速器 | wx3fc209ff51356358 | VPN Master | fb198196255460714 |
| 豌豆代理 | peaScheme | VPN | vpn |
| 羚羊加速器 | lingyang | Aloha | alohabrowser |
| SpeedCN | wx8e8fc8f4aacfc4ac | ProtonVPN | protonvpn |
| 雷霆加速器 | ixf | PowerVPN | fb2497899243660498 |
| 雄鹰加速器 | XiongYing | SkyBlueVPN | fb1125906797743109 |
| Ad Blocker | VRNGuard | UltraVPN | hexatech |
| 爱加速 | wx3405e18bc8a44f32 | Kiwi VPN | fb496564300896313 |
| PandaVPN | PandaProSchemes | VPN-Speed | vpnspeed |
| VPN Vault | avvpn | VPN | fb565441297335453 |
| VPN Master | masterVPN | VPN Point | fb460872174508891 |
| Turbo VPN | turboVPN | Daily VPN | open-dailyvpn |
| VPN – Super Unlimited Proxy | fb828149437372042 | SkyVPN | skyvpn |
| Betternet | betternet | VPNHUB | com.appatomic.vpnhub |
| Free VPN | fb1075780229101015 | VPN – Unlimited Best VPN Proxy | fb365179700576422 |
| NordVPN | nordvpn | SillyDuckVPN | shayavpn |
| X-VPN | fb314076509753471 | Hotspot VPN - VPN Proxy Master | fb1556715627872273 |
| ArmorVPN | fb2802590519990758 | PandaVPN | PandaLiteSchemes |
| ExpressVPN | expressvpn | Windscribe | com.windscribe |
| Quark VPN | ss | Storm Vpn | fb2805514809729562 |
| Atlas VPN | ATLASVPN | iTopVpn | fb5467826609957522 |
| VPN 360 | vpn360 | VPN | fb716550731879004 |
| Psiphon | psiphon | VPN | fb424636185280544 |
| Secure VPN | fb1035581440282875 | VyprVPN | vyprvpn |
| Jet VPN | jetvpn | RayVPN | vpnext |
| VPN Panther | fb2512983252125630 | TorVPN | vpntorbrowser |
版权属于:版权归 bbmax.cc 所有,转载请注明出处
本文链接:https://www.bbmax.cc/index.php/archives/101/
转载时须注明出处及本声明
2 条评论
有个APP安全需求,还考虑接个私活?
谢谢分享~~