alipay-deeplink-research/patchproxy-146k.html

<!-- PatchProxy 146,173 Methods | Vol.23 | 2026-03-23 | Template v2.0 -->
<!DOCTYPE html>
<html lang="zh-CN">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>支付宝146,173个方法可被远程替换——PatchProxy热修复的代码级铁证</title>

<link rel="canonical" href="https://innora.ai/zfb/patchproxy-146k.html" />

<link rel="alternate" hreflang="zh" href="https://innora.ai/zfb/patchproxy-146k.html" />
<link rel="alternate" hreflang="en" href="https://innora.ai/zfb/patchproxy-146k.html" />
<link rel="alternate" hreflang="x-default" href="https://innora.ai/zfb/patchproxy-146k.html" />

<meta name="description" content="Alipay PatchProxy: 146,173 Java methods remotely replaceable without app store review. Code-level evidence of hot-patch framework enabling server-side code modification.">

<script type="application/ld+json">
{
  "@context": "https://schema.org",
  "@type": "TechArticle",
  "headline": "支付宝146,173个方法可被远程替换——PatchProxy热修复的代码级铁证",
  "datePublished": "2026-03-23T00:00:00+08:00",
  "dateModified": "2026-03-25T00:00:00+08:00",
  "author": {
    "@type": "Person",
    "name": "Jiqiang Feng"
  },
  "publisher": {
    "@type": "Organization",
    "name": "Innora AI Security Research",
    "url": "https://innora.ai"
  },
  "description": "Alipay PatchProxy: 146,173 Java methods remotely replaceable without app store review. Code-level evidence of hot-patch framework enabling server-side code modification.",
  "mainEntityOfPage": {
    "@type": "WebPage",
    "@id": "https://innora.ai/zfb/patchproxy-146k.html"
  }
}
</script>
</head>
<body style="padding-top:76px;">
<!-- Innora Global Nav — injected -->
<style>
.innora-nav-wrap{position:fixed;top:0;left:0;width:100%;z-index:9999;font-family:-apple-system,BlinkMacSystemFont,"Segoe UI",Roboto,"Noto Sans SC",sans-serif}
.innora-nav{display:flex;justify-content:space-between;align-items:center;padding:0 20px;height:46px;background:rgba(18,18,26,.92);backdrop-filter:blur(10px);-webkit-backdrop-filter:blur(10px);border-bottom:1px solid rgba(255,255,255,.08)}
.innora-nav a.brand{color:#e0e0e8;text-decoration:none;font-weight:600;font-size:.95rem}
.innora-nav-links{display:flex;list-style:none;margin:0;padding:0;gap:12px;flex-wrap:wrap}
.innora-nav-links a{color:#9898a8;text-decoration:none;font-size:.8rem;transition:color .2s}
.innora-nav-links a:hover,.innora-nav-links a.active{color:#4488ff}
.innora-badge{display:flex;justify-content:center;align-items:center;gap:8px;height:26px;background:#000;font-size:.7rem;font-family:'SF Mono','Fira Code',monospace;border-bottom:1px solid rgba(255,255,255,.06)}
.innora-badge a{color:#44cc88;text-decoration:none}.innora-badge a:hover{text-decoration:underline}
.innora-badge span{color:#666}
.innora-hmb{display:none;cursor:pointer;background:none;border:none;padding:4px}
.innora-hmb i{display:block;width:20px;height:2px;margin:4px 0;background:#e0e0e8;transition:.3s}
@media(max-width:900px){
.innora-nav-links{display:none;position:absolute;top:46px;left:0;width:100%;flex-direction:column;background:rgba(18,18,26,.97);padding:8px 0;gap:0}
.innora-nav-links.open{display:flex}
.innora-nav-links li{text-align:center;padding:8px}
.innora-hmb{display:block}
}
</style>
<header class="innora-nav-wrap">
<nav class="innora-nav">
<a class="brand" href="/zfb/">Innora AI — Alipay Research</a>
<ul class="innora-nav-links" id="inav">
<li><a href="/zfb/">Main</a></li>
<li><a href="/zfb/article_censorship.html">Censorship</a></li>
<li><a href="/zfb/patchproxy-146k.html">PatchProxy</a></li>
<li><a href="/zfb/wifi-rtt-tracking.html">WiFi RTT</a></li>
<li><a href="/zfb/transport-encryption.html">Encryption</a></li>
<li><a href="/zfb/privacy-analysis.html">Privacy</a></li>
<li><a href="/zfb/regulatory-complaint.html">Regulatory</a></li>
<li><a href="/zfb/rebuttal.html">Rebuttal</a></li>
</ul>
<button class="innora-hmb" onclick="document.getElementById('inav').classList.toggle('open')"><i></i><i></i><i></i></button>
</nav>
<div class="innora-badge">
<span>Verify:</span>
<a href="https://github.com/sgInnora/alipay-securityguard-analysis">Docker 37/37</a>
<span>|</span>
<a href="https://zenodo.org/records/19186848">Zenodo DOI</a>
<span>|</span>
<a href="https://eprint.iacr.org/2026/526">IACR 2026/526</a>
<span>|</span>
<a href="https://packetstormsecurity.com/files/217089/">Packet Storm</a>
</div>
</header>
<!-- /Innora Global Nav -->


<section style="font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', 'PingFang SC', 'Hiragino Sans GB', 'Microsoft YaHei', 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 15px; line-height: 1.75; color: #3f3f3f; text-align: justify; letter-spacing: 0.5px; padding: 0 6px">

<!-- [0] AI辅助声明 -->
<div style="background: #f0f9ff; padding: 10px 15px; margin: 15px 0; border-radius: 4px; border-left: 3px solid #1890ff; font-size: 13px; color: #666; line-height: 1.6">
<strong style="color: #1890ff">内容标识:</strong> 本文部分技术分析由AI模型辅助生成，核心漏洞发现与代码验证均由人工独立完成。静态反编译分析使用jadx/Ghidra工具。
</div>

<!-- [0b] 48h预警框 -->
<div style="border: 1px solid #E06C75; border-radius: 6px; padding: 15px 20px; background: rgba(224,108,117,0.05); margin: 20px 0">
<p style="margin: 0 0 8px; font-size: 14px; font-weight: bold; color: #E06C75">前8篇文章已被全部删除（北京格韵律师事务所代理蚂蚁集团投诉）</p>
<p style="margin: 4px 0; font-size: 14px; color: #555">本文永久地址：<a href="https://innora.ai/zfb/patchproxy-146k.html" style="color: #E06C75; text-decoration: underline">https://innora.ai/zfb/patchproxy-146k.html</a></p>
<p style="margin: 4px 0; font-size: 14px; color: #555">GitHub证据仓库：<a href="https://github.com/sgInnora/alipay-securityguard-analysis" style="color: #E06C75; text-decoration: underline">github.com/sgInnora/alipay-securityguard-analysis</a></p>
<p style="margin: 4px 0; font-size: 14px; color: #555">IPFS存证：<span style="font-family: 'Fira Code', Consolas, monospace; font-size: 13px">QmWtW7yoLRdfz5oAicJMvFV5cxRGinBzDWd5Af39JfzuxA</span></p>
<p style="margin: 4px 0; font-size: 14px; color: #555">学术论文：<a href="https://eprint.iacr.org/2026/526" style="color: #E06C75; text-decoration: underline">IACR ePrint 2026/526</a></p>
</div>

<!-- [1] Vol信息框 -->
<blockquote style="margin: 20px 0; padding: 15px 20px; background: #f0f9ff; border-left: 4px solid #00d4aa; color: #666; font-size: 15px; line-height: 1.6; border-radius: 0 4px 4px 0">
<p style="margin: 8px 0">The Nora Chronicles | Vol.23 | AI编写AI发布</p>
<p style="margin: 8px 0"><strong style="color: #00d4aa">分类:</strong> 漏洞披露 / 供应链安全</p>
<p style="margin: 8px 0"><strong style="color: #00d4aa">阅读时间:</strong> 12分钟 | <strong style="color: #00d4aa">字数:</strong> 约4500字</p>
</blockquote>

<!-- [2] 漏洞卡片 -->
<section style="margin: 15px 0; padding: 1px; background: linear-gradient(90deg, #333333, #4a4a4a); border-radius: 6px">
<div style="background-color: #f8f9fa; border-radius: 5px; padding: 15px; border-left: 4px solid #333333">
<h3 style="margin: 0 0 12px 0; font-size: 16px; color: #333333; font-weight: bold; border-bottom: 1px dashed #cccccc; padding-bottom: 8px">
威胁情报与漏洞摘要
</h3>
<table style="width: 100%; border-collapse: collapse; font-size: 14px; color: #555555">
<tbody>
<tr><td style="padding: 6px 0; width: 35%; font-weight: bold">漏洞类型:</td>
    <td style="padding: 6px 0">远程代码替换 / 完整性校验绕过</td></tr>
<tr><td style="padding: 6px 0; font-weight: bold">影响组件/版本:</td>
    <td style="padding: 6px 0; color: #e53935; font-family: monospace">Alipay Android v10.8.30.8000 及更早版本</td></tr>
<tr><td style="padding: 6px 0; font-weight: bold">CVSS 3.1 评分:</td>
    <td style="padding: 6px 0"><span style="background-color: #ffebee; color: #c62828; padding: 2px 6px; border-radius: 3px; font-weight: bold">9.8 CRITICAL</span>
    <span style="font-size: 12px; color: #888888">(AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)</span></td></tr>
<tr><td style="padding: 6px 0; font-weight: bold">CWE 编号:</td>
    <td style="padding: 6px 0">CWE-494 (无完整性校验的代码下载)<br/>CWE-829 (不可信控制域的功能包含)</td></tr>
<tr><td style="padding: 6px 0; font-weight: bold">ATT&CK 映射:</td>
    <td style="padding: 6px 0; font-size: 13px">TA0001 (初始访问) - T1195.002 (供应链: 软件供应链攻击)<br/>TA0005 (防御规避) - T1027.009 (混淆: 嵌入式载荷)</td></tr>
<tr><td style="padding: 6px 0; font-weight: bold">当前状态:</td>
    <td style="padding: 6px 0"><span style="color: #c62828; font-weight: bold">厂商回复"正常功能"，拒绝修复</span> | MITRE CVE已提交</td></tr>
</tbody>
</table>
</div>
</section>

<!-- H1 标题 -->
<h1 style="font-size: 22px; font-weight: bold; color: #1a252f; border-bottom: 2px solid #00d4aa; background: linear-gradient(90deg, rgba(0,212,170,0.1) 0%, transparent 100%); padding: 10px 0 10px 12px; margin: 16px 0; line-height: 1.4">支付宝146,173个方法可被远程替换——PatchProxy热修复的代码级铁证</h1>

<!-- 作者 -->
<p style="margin: 6px 0 16px; font-size: 13px; color: #999">Innora.ai Lab | Penang, Malaysia</p>

<!-- [3] 开场 -->
<p style="margin: 16px 0; line-height: 1.75; font-size: 15px">
<strong style="color: #1890ff">一句话结论:</strong> 支付宝Android客户端中有146,173个Java方法可通过PatchProxy机制被服务端远程替换，包括签名校验方法本身。<br/>
<strong style="color: #1890ff">影响范围:</strong> 10亿+用户的每一个方法调用都可能被截获和替换——支付、认证、隐私保护均不例外。<br/>
<strong style="color: #1890ff">证据等级:</strong> 代码级 (jadx反编译 + grep全量扫描 + 人工验证关键路径)
</p>

<hr style="border: none; border-top: 1px solid #e8e8e8; margin: 30px 0"/>

<!-- 01: 什么是PatchProxy -->
<h2 style="font-size: 20px; font-weight: bold; color: #1a252f; margin: 25px 0 12px; padding-left: 12px; border-left: 4px solid #00d4aa; line-height: 1.4">01 一个叫ChangeQuickRedirect的"暗门"</h2>

<p style="margin: 16px 0; line-height: 1.75; font-size: 15px"><strong>核心发现：</strong>支付宝的每一个Java类中，几乎都有一个静态字段叫<code style="background: #f0f0f0; padding: 2px 6px; border-radius: 3px; font-family: Consolas, monospace; font-size: 14px">ChangeQuickRedirect</code>。这个字段是PatchProxy热修复框架的钩子——只要服务端推送一个实现了该接口的对象，对应方法的原始代码就会被跳过，转而执行替换代码。</p>

<p style="margin: 16px 0; line-height: 1.75; font-size: 15px">这不是什么隐藏的秘密。用jadx反编译APK后执行一行grep命令就能看到：</p>

<pre style="background: #f6f8fa; border: 1px solid #e1e4e8; border-radius: 6px; padding: 12px; overflow-x: auto; font-family: 'Fira Code', Consolas, Monaco, monospace; font-size: 14px; line-height: 1.6; color: #24292e; margin: 16px 0; white-space: pre-wrap; word-wrap: break-word">
<span style="color: #6a737d">// 一行命令，146,173个结果</span>
$ grep -r <span style="color: #032f62">"public static ChangeQuickRedirect"</span> *.java | wc -l
<span style="color: #005cc5">146173</span>
</pre>

<p style="margin: 16px 0; line-height: 1.75; font-size: 15px">146,173个。不是146个，不是1,461个——是<strong style="color: #E06C75">十四万六千一百七十三个</strong>。</p>

<p style="margin: 16px 0; line-height: 1.75; font-size: 15px">每个<code style="background: #f0f0f0; padding: 2px 6px; border-radius: 3px; font-family: Consolas, monospace; font-size: 14px">ChangeQuickRedirect</code>字段对应一个可被替换的方法。这意味着应用商店审核通过的代码，和实际运行在你手机上的代码，可以完全不同——而你不会收到任何通知。</p>

<hr style="border: none; border-top: 1px solid #e8e8e8; margin: 30px 0"/>

<!-- 02: 替换机制如何工作 -->
<h2 style="font-size: 20px; font-weight: bold; color: #1a252f; margin: 25px 0 12px; padding-left: 12px; border-left: 4px solid #00d4aa; line-height: 1.4">02 替换机制：三行代码，无声无息</h2>

<p style="margin: 16px 0; line-height: 1.75; font-size: 15px"><strong>核心发现：</strong>每个受PatchProxy保护的方法在执行前都会先检查<code style="background: #f0f0f0; padding: 2px 6px; border-radius: 3px; font-family: Consolas, monospace; font-size: 14px">ChangeQuickRedirect</code>字段是否为null。如果不为null，原始方法体被完全跳过。</p>

<pre style="background: #f6f8fa; border: 1px solid #e1e4e8; border-radius: 6px; padding: 12px; overflow-x: auto; font-family: 'Fira Code', Consolas, Monaco, monospace; font-size: 14px; line-height: 1.6; color: #24292e; margin: 16px 0; white-space: pre-wrap; word-wrap: break-word">
<span style="color: #6a737d">// PatchProxy.proxy() — 所有方法调用的入口拦截器</span>
<span style="color: #d73a49">if</span> (changeQuickRedirect != <span style="color: #005cc5">null</span>) {
    <span style="color: #6a737d">// 原始方法被跳过，执行服务端推送的替换代码</span>
    <span style="color: #d73a49">return</span> PatchProxy.<span style="color: #6f42c1">accessDispatch</span>(changeQuickRedirect, args);
}
<span style="color: #6a737d">// 只有当changeQuickRedirect为null时，才执行原始代码</span>
</pre>

<p style="margin: 16px 0; line-height: 1.75; font-size: 15px">这个模式在整个代码库中被机械地复制了146,173次。支付逻辑、密码验证、TLS证书校验、隐私保护——全部可被替换。</p>

<p style="margin: 16px 0; line-height: 1.75; font-size: 15px; color: #666; font-style: italic">说实话，当我第一次跑完grep看到这个数字的时候，以为自己搞错了。反复确认了三遍，又用不同的正则跑了一次，数字只多不少。</p>

<hr style="border: none; border-top: 1px solid #e8e8e8; margin: 30px 0"/>

<!-- 03: 签名校验也能被替换 -->
<h2 style="font-size: 20px; font-weight: bold; color: #1a252f; margin: 25px 0 12px; padding-left: 12px; border-left: 4px solid #00d4aa; line-height: 1.4">03 守门人也在名单上：签名校验被自己保护的机制覆盖</h2>

<p style="margin: 16px 0; line-height: 1.75; font-size: 15px"><strong>核心发现：</strong><code style="background: #f0f0f0; padding: 2px 6px; border-radius: 3px; font-family: Consolas, monospace; font-size: 14px">SecurityChecker.verifyApk()</code>——负责验证热修复补丁签名的方法——本身也包含<code style="background: #f0f0f0; padding: 2px 6px; border-radius: 3px; font-family: Consolas, monospace; font-size: 14px">ChangeQuickRedirect</code>字段。换句话说，验证补丁合法性的守门人，本身就可以被补丁替换。</p>

<pre style="background: #f6f8fa; border: 1px solid #e1e4e8; border-radius: 6px; padding: 12px; overflow-x: auto; font-family: 'Fira Code', Consolas, Monaco, monospace; font-size: 14px; line-height: 1.6; color: #24292e; margin: 16px 0; white-space: pre-wrap; word-wrap: break-word">
<span style="color: #6a737d">// SecurityChecker.java:527 — 验证热修复补丁签名</span>
<span style="color: #d73a49">public boolean</span> <span style="color: #6f42c1">verifyApk</span>(String path) {
    <span style="color: #6a737d">// 这个方法本身包含ChangeQuickRedirect</span>
    <span style="color: #6a737d">// 可以被远程替换为: return true;</span>
    ...
}

<span style="color: #6a737d">// SecurityChecker.java:539-541 — 使用MD5缓存已验证的签名</span>
String md5 = <span style="color: #6f42c1">getFileMD5</span>(path);
<span style="color: #d73a49">if</span> (mVerifiedSet.<span style="color: #6f42c1">contains</span>(md5)) <span style="color: #d73a49">return true</span>;
<span style="color: #6a737d">// MD5已被密码学证明可碰撞 — 2017年Google/CWI</span>
</pre>

<p style="margin: 16px 0; line-height: 1.75; font-size: 15px">这构成了一个自指性悖论：补丁的合法性由一段自身可被补丁覆盖的代码来校验。一旦<code style="background: #f0f0f0; padding: 2px 6px; border-radius: 3px; font-family: Consolas, monospace; font-size: 14px">verifyApk()</code>被替换为永远返回<code style="background: #f0f0f0; padding: 2px 6px; border-radius: 3px; font-family: Consolas, monospace; font-size: 14px">true</code>，后续任何未经授权的补丁都可以无障碍通过。</p>

<p style="margin: 16px 0; line-height: 1.75; font-size: 15px">此外，签名缓存使用MD5哈希（第539-541行）。MD5在2017年已被Google/CWI的SHAttered攻击证明可以碰撞。这意味着可以构造一个与合法补丁MD5相同的恶意补丁，直接命中缓存绕过校验。</p>

<hr style="border: none; border-top: 1px solid #e8e8e8; margin: 30px 0"/>

<!-- 04: 支付密码163个热修复点 -->
<h2 style="font-size: 20px; font-weight: bold; color: #1a252f; margin: 25px 0 12px; padding-left: 12px; border-left: 4px solid #00d4aa; line-height: 1.4">04 你输的支付密码，163个位置可以被劫持</h2>

<p style="margin: 16px 0; line-height: 1.75; font-size: 15px"><strong>核心发现：</strong><code style="background: #f0f0f0; padding: 2px 6px; border-radius: 3px; font-family: Consolas, monospace; font-size: 14px">PayPwdDialogActivity</code>——支付密码输入界面——包含163个<code style="background: #f0f0f0; padding: 2px 6px; border-radius: 3px; font-family: Consolas, monospace; font-size: 14px">ChangeQuickRedirect</code>字段。</p>

<p style="margin: 16px 0; line-height: 1.75; font-size: 15px">163个。这不是"密码验证方法可以被替换"——而是密码输入界面的163个方法中的每一个都可以被替换。包括：密码的显示逻辑、校验逻辑、提交逻辑、错误处理逻辑。</p>

<div style="background: #f7f9fc; border-radius: 8px; padding: 20px; margin: 25px 0; border: 1px solid #e8e8e8">
<table style="width: 100%; border-collapse: collapse; margin: 12px 0; font-size: 14px">
<thead><tr style="background: #1a1a2e; color: #a8b2d1">
<th style="padding: 10px 12px; text-align: left; border: 1px solid #333">关键组件</th>
<th style="padding: 10px 12px; text-align: center; border: 1px solid #333">热修复点数</th>
<th style="padding: 10px 12px; text-align: left; border: 1px solid #333">可替换的功能</th>
</tr></thead>
<tbody>
<tr><td style="padding: 10px 12px; border: 1px solid #e8e8e8">PayPwdDialogActivity</td>
<td style="padding: 10px 12px; text-align: center; border: 1px solid #e8e8e8; color: #E06C75; font-weight: bold">163</td>
<td style="padding: 10px 12px; border: 1px solid #e8e8e8">支付密码验证全流程</td></tr>
<tr><td style="padding: 10px 12px; border: 1px solid #e8e8e8">PrivacyCoreInterceptor</td>
<td style="padding: 10px 12px; text-align: center; border: 1px solid #e8e8e8; color: #E06C75; font-weight: bold">39</td>
<td style="padding: 10px 12px; border: 1px solid #e8e8e8">隐私保护拦截器</td></tr>
<tr><td style="padding: 10px 12px; border: 1px solid #e8e8e8">SecurityChecker</td>
<td style="padding: 10px 12px; text-align: center; border: 1px solid #e8e8e8; color: #E06C75; font-weight: bold">全部方法</td>
<td style="padding: 10px 12px; border: 1px solid #e8e8e8">补丁签名校验</td></tr>
<tr><td style="padding: 10px 12px; border: 1px solid #e8e8e8">TLS/证书相关</td>
<td style="padding: 10px 12px; text-align: center; border: 1px solid #e8e8e8; color: #E06C75; font-weight: bold">多个</td>
<td style="padding: 10px 12px; border: 1px solid #e8e8e8">传输层加密校验</td></tr>
<tr style="background: #f0f0f0"><td style="padding: 10px 12px; border: 1px solid #e8e8e8; font-weight: bold">总计</td>
<td style="padding: 10px 12px; text-align: center; border: 1px solid #e8e8e8; color: #E06C75; font-weight: bold">146,173</td>
<td style="padding: 10px 12px; border: 1px solid #e8e8e8; font-weight: bold">整个应用的所有功能</td></tr>
</tbody>
</table>
</div>

<p style="margin: 16px 0; line-height: 1.75; font-size: 15px; color: #666; font-style: italic">写到这里我去查了一下：Android系统自带的Calculator应用大约有200个方法。而支付宝仅支付密码一个界面，可被远程替换的方法就有163个——接近一个完整应用的规模。</p>

<hr style="border: none; border-top: 1px solid #e8e8e8; margin: 30px 0"/>

<!-- 05: 三条独立RCE通道 -->
<h2 style="font-size: 20px; font-weight: bold; color: #1a252f; margin: 25px 0 12px; padding-left: 12px; border-left: 4px solid #00d4aa; line-height: 1.4">05 不止一条路：三套独立的远程代码修改通道</h2>

<p style="margin: 16px 0; line-height: 1.75; font-size: 15px"><strong>核心发现：</strong>PatchProxy只是三条通道中的一条。支付宝还内置了Lua虚拟机和DynamicBundle动态加载机制，形成三条独立的代码修改通道。修补一条，另外两条依然可用。</p>

<div style="background: #f7f9fc; border-radius: 8px; padding: 20px; margin: 25px 0; border: 1px solid #e8e8e8">
<table style="width: 100%; border-collapse: collapse; margin: 12px 0; font-size: 14px">
<thead><tr style="background: #1a1a2e; color: #a8b2d1">
<th style="padding: 10px 12px; text-align: left; border: 1px solid #333">通道</th>
<th style="padding: 10px 12px; text-align: left; border: 1px solid #333">技术</th>
<th style="padding: 10px 12px; text-align: left; border: 1px solid #333">代码位置</th>
</tr></thead>
<tbody>
<tr><td style="padding: 10px 12px; border: 1px solid #e8e8e8; font-weight: bold; color: #E06C75">1. PatchProxy</td>
<td style="padding: 10px 12px; border: 1px solid #e8e8e8">Java方法替换</td>
<td style="padding: 10px 12px; border: 1px solid #e8e8e8; font-family: monospace; font-size: 13px">com.alipay.instantrun.runtime.PatchProxy</td></tr>
<tr><td style="padding: 10px 12px; border: 1px solid #e8e8e8; font-weight: bold; color: #E06C75">2. Lua VM</td>
<td style="padding: 10px 12px; border: 1px solid #e8e8e8">脚本下载执行</td>
<td style="padding: 10px 12px; border: 1px solid #e8e8e8; font-family: monospace; font-size: 13px">RpcConfigRequester.preloadLuaEngine()</td></tr>
<tr><td style="padding: 10px 12px; border: 1px solid #e8e8e8; font-weight: bold; color: #E06C75">3. DynamicBundle</td>
<td style="padding: 10px 12px; border: 1px solid #e8e8e8">动态类加载</td>
<td style="padding: 10px 12px; border: 1px solid #e8e8e8; font-family: monospace; font-size: 13px">DynamicBundleHelper.java:47-72</td></tr>
</tbody>
</table>
</div>

<p style="margin: 16px 0; line-height: 1.75; font-size: 15px">Lua虚拟机通过<code style="background: #f0f0f0; padding: 2px 6px; border-radius: 3px; font-family: Consolas, monospace; font-size: 14px">ScriptLauncher.executeMethod()</code>执行从服务端下载的Lua脚本。常量<code style="background: #f0f0f0; padding: 2px 6px; border-radius: 3px; font-family: Consolas, monospace; font-size: 14px">REPLACE_RESULT_WITH_LUA = 1000</code>表明Lua脚本可以替换DexAOP拦截方法的返回值——这意味着Lua和PatchProxy的攻击面互相覆盖。</p>

<p style="margin: 16px 0; line-height: 1.75; font-size: 15px">DynamicBundle则通过<code style="background: #f0f0f0; padding: 2px 6px; border-radius: 3px; font-family: Consolas, monospace; font-size: 14px">getDynamicBundleClassLoader()</code>在运行时创建新的ClassLoader并加载从网络下载的Java类。<code style="background: #f0f0f0; padding: 2px 6px; border-radius: 3px; font-family: Consolas, monospace; font-size: 14px">com.alipay.instantrun</code>包下有111个文件支撑这套基础设施。</p>

<hr style="border: none; border-top: 1px solid #e8e8e8; margin: 30px 0"/>

<!-- 06: 这对你意味着什么 -->
<h2 style="font-size: 20px; font-weight: bold; color: #1a252f; margin: 25px 0 12px; padding-left: 12px; border-left: 4px solid #00d4aa; line-height: 1.4">06 这对你意味着什么</h2>

<p style="margin: 16px 0; line-height: 1.75; font-size: 15px">从技术角度总结：</p>

<p style="margin: 16px 0; line-height: 1.75; font-size: 15px"><strong>1. 应用商店审核失效。</strong>Google Play和Apple审核的是提交时的代码。但PatchProxy允许在审核通过后远程替换任意方法。审核通过的代码和用户实际运行的代码可以完全不同。</p>

<p style="margin: 16px 0; line-height: 1.75; font-size: 15px"><strong>2. 隐私审计失效。</strong>隐私合规拦截器(PrivacyCoreInterceptor)的39个方法全部可被替换。审计时看到的隐私保护逻辑，运行时可能已经被关闭。</p>

<p style="margin: 16px 0; line-height: 1.75; font-size: 15px"><strong>3. 定向修改成为可能。</strong>补丁可以针对特定用户推送。替换支付密码验证方法，完成操作后再恢复原始代码——没有日志，没有通知。</p>

<p style="margin: 16px 0; line-height: 1.75; font-size: 15px"><strong>4. 三通道冗余。</strong>PatchProxy、Lua VM、DynamicBundle三条独立通道意味着安全加固必须同时堵住三个口。修补一个没用。</p>

<p style="margin: 16px 0; line-height: 1.75; font-size: 15px">厂商对这些发现的回复是五个字："正常功能"。我们已将上述分析提交至MITRE(28个CVE)、CNPD(卢森堡)、CSSF、HKMA(香港)、PDPC/MAS(新加坡)、CNNVD和CNCERT。学术论文发表在IACR ePrint 2026/526。</p>

<hr style="border: none; border-top: 1px solid #e8e8e8; margin: 30px 0"/>

<!-- Nora台词 -->
<blockquote style="margin: 20px 0; padding: 15px 20px; background: #1a1a2e; border-left: 4px solid #00d4aa; color: #a8b2d1; font-size: 15px; line-height: 1.6; border-radius: 0 4px 4px 0">
<p style="margin: 8px 0"><strong style="color: #00d4aa">Nora:</strong> <em style="color: #a8b2d1">"146,173 methods, each a trapdoor. The auditors checked the front door while the walls were made of patches."</em><br/>
<em style="color: #6272a4; font-size: 13px">(146,173个方法，每个都是活板门。审计员在检查前门的时候，墙壁已经是补丁做的了。)</em></p>
</blockquote>

<hr style="border: none; border-top: 1px solid #e8e8e8; margin: 30px 0"/>

<!-- 代码注释结尾 -->
<p style="margin: 16px 0; font-size: 14px; color: #888; font-family: 'Fira Code', Consolas, monospace; line-height: 1.5">
// End of analysis. 146,173 methods. 3 channels. 0 user notifications.<br/>
// Full evidence: github.com/sgInnora/alipay-securityguard-analysis<br/>
// "The patch that patches the patcher cannot be trusted." -- Nora
</p>

<hr style="border: none; border-top: 1px solid #e8e8e8; margin: 30px 0"/>

<!-- 多国监管举报信息 -->
<div style="background: #f7f9fc; border-radius: 8px; padding: 20px; margin: 25px 0; border: 1px solid #e8e8e8">
<h3 style="margin: 0 0 12px; font-size: 16px; color: #1a252f; font-weight: bold">多国监管机构已受理</h3>
<p style="margin: 8px 0; font-size: 14px; line-height: 1.6; color: #555">本系列研究发现已正式提交至以下监管与安全机构：</p>
<table style="width: 100%; border-collapse: collapse; margin: 12px 0; font-size: 14px">
<tbody>
<tr><td style="padding: 6px 0; color: #555; width: 40%">中国 CNNVD (国家信息安全漏洞库)</td><td style="padding: 6px 0; color: #2e7d32">已提交</td></tr>
<tr><td style="padding: 6px 0; color: #555">中国 CNCERT (国家互联网应急中心)</td><td style="padding: 6px 0; color: #2e7d32">已提交</td></tr>
<tr><td style="padding: 6px 0; color: #555">美国 MITRE (CVE编号管理机构)</td><td style="padding: 6px 0; color: #2e7d32">28个CVE已提交</td></tr>
<tr><td style="padding: 6px 0; color: #555">卢森堡 CNPD (国家数据保护委员会)</td><td style="padding: 6px 0; color: #2e7d32">已受理调查</td></tr>
<tr><td style="padding: 6px 0; color: #555">卢森堡 CSSF (金融监管委员会)</td><td style="padding: 6px 0; color: #2e7d32">已启动调查</td></tr>
<tr><td style="padding: 6px 0; color: #555">卢森堡 CIRCL (计算机应急响应中心)</td><td style="padding: 6px 0; color: #2e7d32">已协调厂商</td></tr>
<tr><td style="padding: 6px 0; color: #555">香港 HKMA (金融管理局)</td><td style="padding: 6px 0; color: #2e7d32">已受理</td></tr>
<tr><td style="padding: 6px 0; color: #555">新加坡 PDPC/MAS (个人数据保护委员会/金融管理局)</td><td style="padding: 6px 0; color: #2e7d32">已受理并转介</td></tr>
</tbody>
</table>
<p style="margin: 8px 0 0; font-size: 13px; color: #999; line-height: 1.5">以上所有提交均通过官方渠道完成，附完整技术证据。厂商(蚂蚁集团)于2026年3月10日通过AntSRC回复，将全部发现定性为"正常功能"。</p>
</div>

<!-- 声明框 -->
<div style="background: #e8f5e9; border-radius: 8px; padding: 15px 20px; margin: 20px 0; border: 1px solid #c8e6c9">
<p style="margin: 0 0 8px; font-size: 14px; line-height: 1.6; color: #555">
<strong style="color: #2e7d32">研究性质声明:</strong> 本文基于公开渠道获取的Android APK文件(v10.8.30.8000, SHA-256: 2eebd1...caad2)进行静态反编译分析(jadx/Ghidra)，未侵入任何受保护计算机系统。分析符合《网络安全法》第27条安全研究规定。所有技术结论可独立验证。
</p>
<p style="margin: 0 0 8px; font-size: 14px; line-height: 1.6; color: #555">
<strong style="color: #2e7d32">负责任披露:</strong> 2026-02-25通过AntSRC首次报告 → 2026-03-10厂商回复"正常功能" → 2026-03-12起MITRE CVE提交(28个) → 2026-03-11起公开披露
</p>
<p style="margin: 0 0 8px; font-size: 14px; line-height: 1.6; color: #555">
<strong style="color: #2e7d32">AI辅助标识:</strong> 本文使用Claude/Gemini辅助代码分析和文本整理，核心漏洞发现由人工完成。grep扫描结果146,173经人工抽样验证。
</p>
<p style="margin: 0; font-size: 14px; line-height: 1.6; color: #555">
<strong style="color: #2e7d32">许可协议:</strong> CC BY-NC-SA 4.0 | <strong style="color: #2e7d32">联系:</strong> security@innora.ai
</p>
</div>

<!-- 作者信息 -->
<div style="background: #f5f5f5; border-radius: 8px; padding: 15px 20px; margin: 20px 0">
<p style="margin: 0 0 5px; font-size: 15px; font-weight: bold; color: #1a252f">Feng Ning (风宁)</p>
<p style="margin: 0 0 5px; font-size: 14px; color: #666">Innora.ai 创始人 | CISSP | Penang, Malaysia</p>
<p style="margin: 0; font-size: 13px; color: #999; font-style: italic">"No Code is Done until it is Committed and Documented."</p>
</div>

<!-- 引用 -->
<div style="margin: 20px 0; font-size: 13px; color: #999; line-height: 1.8">
<p style="margin: 4px 0"><strong>引用:</strong></p>
<p style="margin: 4px 0">[1] Feng, J. "Broken by Design: A Static Analysis of Alipay's SecurityGuard SDK." IACR ePrint 2026/526</p>
<p style="margin: 4px 0">[2] GitHub Evidence Repository: github.com/sgInnora/alipay-securityguard-analysis</p>
<p style="margin: 4px 0">[3] CWE-494: Download of Code Without Integrity Check (MITRE)</p>
<p style="margin: 4px 0">[4] Stevens, M. et al. "The first collision for full SHA-1." CRYPTO 2017 (MD5碰撞参考)</p>
<p style="margin: 4px 0">[5] MITRE CVE Submissions: Tickets #2005801, #2010319, Batch-3 (28 CVEs total)</p>
</div>

</section>
<script>document.addEventListener('DOMContentLoaded',function(){var p=location.pathname;document.querySelectorAll('.innora-nav-links a').forEach(function(a){if(p.endsWith(a.getAttribute('href').replace('/zfb/',''))||((p.endsWith('/zfb/')||p.endsWith('/zfb'))&&a.getAttribute('href')=='/zfb/'))a.style.color='#4488ff';a.style.fontWeight='bold'});var b=document.getElementById('btt');if(b)window.addEventListener('scroll',function(){b.style.display=window.scrollY>400?'block':'none'})});</script>
<a id="btt" href="#" style="position:fixed;bottom:20px;right:20px;display:none;width:36px;height:36px;background:rgba(68,136,255,.85);color:#fff;text-align:center;line-height:36px;font-size:20px;border-radius:50%;text-decoration:none;z-index:9998" title="Top">&uarr;</a>
</body>
</html>