search

MobSF / Mobile-Security-Framework-MobSF

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.
https://opensecurity.in
GNU General Public License v3.0
17.28k stars 3.22k forks source link

'NoneType' object is not subscriptable #1595

Closed ppofp closed 3 years ago

ppofp commented 3 years ago

[ERROR] 16/Nov/2020 17:57:05 - Fetching from DB Traceback (most recent call last):
File "Mobile-Security-Framework-MobSF/StaticAnalyzer/views/android/db_interaction.py", line 54, in get_context_from_db_entry
'binary_analysis': python_list(db_entry[0].BINARY_ANALYSIS),
File "Mobile-Security-Framework-MobSF/MobSF/utils.py", line 229, in python_list
return ast.literal_eval(value)
File "/usr/lib/python3.8/ast.py", line 59, in literal_eval
node_or_string = parse(node_or_string, mode='eval')
File "/usr/lib/python3.8/ast.py", line 47, in parse
return compile(source, filename, mode, flags,
File "", line 1
[{'name': 'lib/armeabi/libtfcard.so', 'nx': {'is_nx': True, 'severity': 'info', 'description': 'The shared object has NX bit set. This marks a memory page non-executable making attacker injected shellcode non-executable.'}, 'pie': {'is_pie': 'Dynamic Shared Object (DSO)', 'severity': 'info', 'description': 'The shared object is build with -fPIC flag which enables Position independent code. This makes Return Oriented Programming (ROP) attacks much more difficult to execute reliably.'}, 'stack_canary': {'has_canary': True, 'severity': 'info', 'description': 'This shared object has a stack canary value added to the stack so that it will be overwritten by a stack buffer that overflows the return address. This allows detection of overflows by verifying the integrity of the canary before function return.'}, 'relocation_readonly': {'relro': 'Full RELRO', 'severity': 'high', 'description': 'This shared object does not have RELRO enabled. The entire GOT (.got and .got.plt both) are writable. Without this compiler flag, buffer overflows on a global variable can overwrite GOT entries. Use the option -z,relro,-z,now to enable full RELRO and only -z,relro to enable partial RELRO.'}, 'rpath': {'rpath': <lief.ELF.DynamicEntryRpath object at 0x7f398e31d8f0>, 'severity': 'high', 'description': 'The shared object has RPATH set. In certain cases an attacker can abuse this feature to run arbitrary shared objects for code execution and privilege escalation. The only time a shared library in should set RPATH is if it is linked to private shared libraries in the same package. Remove the compiler option -rpath to remove RPATH.'}, 'runpath': {'runpath': False, 'severity': 'info', 'description': 'The shared object does not have RUNPATH set.'}, 'fortify': {'is_fortified': False, 'severity': 'warning', 'description': "The shared object does not have any fortified functions. Fortified functions provides buffer overflow checks against glibc's commons insecure functions like strcpy, gets etc. Use the compiler option -D_FORTIFY_SOURCE=2 to fority functions."}, 'symbol': {'is_stripped': True, 'severity': 'info', 'description': 'Symbols are stripped.'}}, {'name': 'lib/armeabi/libjniapi.so', 'nx': {'is_nx': True, 'severity': 'info', 'description': 'The shared object has NX bit set. This marks a memory page non-executable making attacker injected shellcode non-executable.'}, 'pie': {'is_pie': 'Dynamic Shared Object (DSO)', 'severity': 'info', 'description': 'The shared object is build with -fPIC flag which enables Position independent code. This makes Return Oriented Programming (ROP) attacks much more difficult to execute reliably.'}, 'stack_canary': {'has_canary': True, 'severity': 'info', 'description': 'This shared object has a stack canary value added to the stack so that it will be overwritten by a stack buffer that overflows the return address. This allows detection of overflows by verifying the integrity of the canary before function return.'}, 'relocation_readonly': {'relro': 'Full RELRO', 'severity': 'high', 'description': 'This shared object does not have RELRO enabled. The entire GOT (.got and .got.plt both) are writable. Without this compiler flag, buffer overflows on a global variable can overwrite GOT entries. Use the option -z,relro,-z,now to enable full RELRO and only -z,relro to enable partial RELRO.'}, 'rpath': {'rpath': False, 'severity': 'info', 'description': 'The shared object does not have run-time search path or RPATH set.'}, 'runpath': {'runpath': False, 'severity': 'info', 'description': 'The shared object does not have RUNPATH set.'}, 'fortify': {'is_fortified': False, 'severity': 'warning', 'description': "The shared object does not have any fortified functions. Fortified functions provides buffer overflow checks against glibc's commons insecure functions like strcpy, gets etc. Use the compiler option -D_FORTIFY_SOURCE=2 to fority functions."}, 'symbol': {'is_stripped': True, 'severity': 'info', 'description': 'Symbols are stripped.'}}, {'name': 'lib/armeabi/libanyofficesdk.so', 'nx': {'is_nx': True, 'severity': 'info', 'description': 'The shared object has NX bit set. This marks a memory page non-executable making attacker injected shellcode non-executable.'}, 'pie': {'is_pie': 'Dynamic Shared Object (DSO)', 'severity': 'info', 'description': 'The shared object is build with -fPIC flag which enables Position independent code. This makes Return Oriented Programming (ROP) attacks much more difficult to execute reliably.'}, 'stack_canary': {'has_canary': True, 'severity': 'info', 'description': 'This shared object has a stack canary value added to the stack so that it will be overwritten by a stack buffer that overflows the return address. This allows detection of overflows by verifying the integrity of the canary before function return.'}, 'relocation_readonly': {'relro': 'Full RELRO', 'severity': 'high', 'description': 'This shared object does not have RELRO enabled. The entire GOT (.got and .got.plt both) are writable. Without this compiler flag, buffer overflows on a global variable can overwrite GOT entries. Use the option -z,relro,-z,now to enable full RELRO and only -z,relro to enable partial RELRO.'}, 'rpath': {'rpath': <lief.ELF.DynamicEntryRpath object at 0x7f39941cfdb0>, 'severity': 'high', 'description': 'The shared object has RPATH set. In certain cases an attacker can abuse this feature to run arbitrary shared objects for code execution and privilege escalation. The only time a shared library in should set RPATH is if it is linked to private shared libraries in the same package. Remove the compiler option -rpath to remove RPATH.'}, 'runpath': {'runpath': False, 'severity': 'info', 'description': 'The shared object does not have RUNPATH set.'}, 'fortify': {'is_fortified': False, 'severity': 'warning', 'description': "The shared object does not have any fortified functions. Fortified functions provides buffer overflow checks against glibc's commons insecure functions like strcpy, gets etc. Use the compiler option -D_FORTIFY_SOURCE=2 to fority functions."}, 'symbol': {'is_stripped': True, 'severity': 'info', 'description': 'Symbols are stripped.'}}, {'name': 'lib/armeabi/libindoor.so', 'nx': {'is_nx': True, 'severity': 'info', 'description': 'The shared object has NX bit set. This marks a memory page non-executable making attacker injected shellcode non-executable.'}, 'pie': {'is_pie': False, 'severity': 'high', 'description': 'The shared object is built without Position Independent Code flag. In order to prevent an attacker from reliably jumping to, for example, a particular exploited function in memory, Address space layout randomization (ASLR) randomly arranges the address space positions of key data areas of a process, including the base of the executable and the positions of the stack,heap and libraries. Use compiler option -fPIC to enable Position Independent Code.'}, 'stack_canary': {'has_canary': True, 'severity': 'info', 'description': 'This shared object has a stack canary value added to the stack so that it will be overwritten by a stack buffer that overflows the return address. This allows detection of overflows by verifying the integrity of the canary before function return.'}, 'relocation_readonly': {'relro': 'Full RELRO', 'severity': 'high', 'description': 'This shared object does not have RELRO enabled. The entire GOT (.got and .got.plt both) are writable. Without this compiler flag, buffer overflows on a global variable can overwrite GOT entries. Use the option -z,relro,-z,now to enable full RELRO and only -z,relro to enable partial RELRO.'}, 'rpath': {'rpath': False, 'severity': 'info', 'description': 'The shared object does not have run-time search path or RPATH set.'}, 'runpath': {'runpath': False, 'severity': 'info', 'description': 'The shared object does not have RUNPATH set.'}, 'fortify': {'is_fortified': False, 'severity': 'warning', 'description': "The shared object does not have any fortified functions. Fortified functions provides buffer overflow checks against glibc's commons insecure functions like strcpy, gets etc. Use the compiler option -D_FORTIFY_SOURCE=2 to fority functions."}, 'symbol': {'is_stripped': True, 'severity': 'info', 'description': 'Symbols are stripped.'}}, {'name': 'lib/armeabi/libsvnapi.so', 'nx': {'is_nx': True, 'severity': 'info', 'description': 'The shared object has NX bit set. This marks a memory page non-executable making attacker injected shellcode non-executable.'}, 'pie': {'is_pie': 'Dynamic Shared Object (DSO)', 'severity': 'info', 'description': 'The shared object is build with -fPIC flag which enables Position independent code. This makes Return Oriented Programming (ROP) attacks much more difficult to execute reliably.'}, 'stack_canary': {'has_canary': True, 'severity': 'info', 'description': 'This shared object has a stack canary value added to the stack so that it will be overwritten by a stack buffer that overflows the return address. This allows detection of overflows by verifying the integrity of the canary before function return.'}, 'relocation_readonly': {'relro': 'Full RELRO', 'severity': 'high', 'description': 'This shared object does not have RELRO enabled. The entire GOT (.got and .got.plt both) are writable. Without this compiler flag, buffer overflows on a global variable can overwrite GOT entries. Use the option -z,relro,-z,now to enable full RELRO and only -z,relro to enable partial RELRO.'}, 'rpath': {'rpath': <lief.ELF.DynamicEntryRpath object at 0x7f398e4af470>, 'severity': 'high', 'description': 'The shared object has RPATH set. In certain cases an attacker can abuse this feature to run arbitrary shared objects for code execution and privilege escalation. The only time a shared library in should set RPATH is if it is linked to private shared libraries in the same package. Remove the compiler option -rpath to remove RPATH.'}, 'runpath': {'runpath': False, 'severity': 'info', 'description': 'The shared object does not have RUNPATH set.'}, 'fortify': {'is_fortified': False, 'severity': 'warning', 'description': "The shared object does not have any fortified functions. Fortified functions provides buffer overflow checks against glibc's commons insecure functions like strcpy, gets etc. Use the compiler option -D_FORTIFY_SOURCE=2 to fority functions."}, 'symbol': {'is_stripped': True, 'severity': 'info', 'description': 'Symbols are stripped.'}}, {'name': 'lib/armeabi/libLoaderRiskStub.so', 'nx': {'is_nx': True, 'severity': 'info', 'description': 'The shared object has NX bit set. This marks a memory page non-executable making attacker injected shellcode non-executable.'}, 'pie': {'is_pie': False, 'severity': 'high', 'description': 'The shared object is built without Position Independent Code flag. In order to prevent an attacker from reliably jumping to, for example, a particular exploited function in memory, Address space layout randomization (ASLR) randomly arranges the address space positions of key data areas of a process, including the base of the executable and the positions of the stack,heap and libraries. Use compiler option -fPIC to enable Position Independent Code.'}, 'stack_canary': {'has_canary': True, 'severity': 'info', 'description': 'This shared object has a stack canary value added to the stack so that it will be overwritten by a stack buffer that overflows the return address. This allows detection of overflows by verifying the integrity of the canary before function return.'}, 'relocation_readonly': {'relro': 'Full RELRO', 'severity': 'high', 'description': 'This shared object does not have RELRO enabled. The entire GOT (.got and .got.plt both) are writable. Without this compiler flag, buffer overflows on a global variable can overwrite GOT entries. Use the option -z,relro,-z,now to enable full RELRO and only -z,relro to enable partial RELRO.'}, 'rpath': {'rpath': False, 'severity': 'info', 'description': 'The shared object does not have run-time search path or RPATH set.'}, 'runpath': {'runpath': False, 'severity': 'info', 'description': 'The shared object does not have RUNPATH set.'}, 'fortify': {'is_fortified': False, 'severity': 'warning', 'description': "The shared object does not have any fortified functions. Fortified functions provides buffer overflow checks against glibc's commons insecure functions like strcpy, gets etc. Use the compiler option -D_FORTIFY_SOURCE=2 to fority functions."}, 'symbol': {'is_stripped': True, 'severity': 'info', 'description': 'Symbols are stripped.'}}, {'name': 'lib/armeabi/libBankCardScanSDK.so', 'nx': {'is_nx': True, 'severity': 'info', 'description': 'The shared object has NX bit set. This marks a memory page non-executable making attacker injected shellcode non-executable.'}, 'pie': {'is_pie': 'Dynamic Shared Object (DSO)', 'severity': 'info', 'description': 'The shared object is build with -fPIC flag which enables Position independent code. This makes Return Oriented Programming (ROP) attacks much more difficult to execute reliably.'}, 'stack_canary': {'has_canary': True, 'severity': 'info', 'description': 'This shared object has a stack canary value added to the stack so that it will be overwritten by a stack buffer that overflows the return address. This allows detection of overflows by verifying the integrity of the canary before function return.'}, 'relocation_readonly': {'relro': 'Full RELRO', 'severity': 'high', 'description': 'This shared object does not have RELRO enabled. The entire GOT (.got and .got.plt both) are writable. Without this compiler flag, buffer overflows on a global variable can overwrite GOT entries. Use the option -z,relro,-z,now to enable full RELRO and only -z,relro to enable partial RELRO.'}, 'rpath': {'rpath': False, 'severity': 'info', 'description': 'The shared object does not have run-time search path or RPATH set.'}, 'runpath': {'runpath': False, 'severity': 'info', 'description': 'The shared object does not have RUNPATH set.'}, 'fortify': {'is_fortified': False, 'severity': 'warning', 'description': "The shared object does not have any fortified functions. Fortified functions provides buffer overflow checks against glibc's commons insecure functions like strcpy, gets etc. Use the compiler option -D_FORTIFY_SOURCE=2 to fority functions."}, 'symbol': {'is_stripped': True, 'severity': 'info', 'description': 'Symbols are stripped.'}}, {'name': 'lib/armeabi/libLog4Android.so', 'nx': {'is_nx': True, 'severity': 'info', 'description': 'The shared object has NX bit set. This marks a memory page non-executable making attacker injected shellcode non-executable.'}, 'pie': {'is_pie': 'Dynamic Shared Object (DSO)', 'severity': 'info', 'description': 'The shared object is build with -fPIC flag which enables Position independent code. This makes Return Oriented Programming (ROP) attacks much more difficult to execute reliably.'}, 'stack_canary': {'has_canary': True, 'severity': 'info', 'description': 'This shared object has a stack canary value added to the stack so that it will be overwritten by a stack buffer that overflows the return address. This allows detection of overflows by verifying the integrity of the canary before function return.'}, 'relocation_readonly': {'relro': 'Full RELRO', 'severity': 'high', 'description': 'This shared object does not have RELRO enabled. The entire GOT (.got and .got.plt both) are writable. Without this compiler flag, buffer overflows on a global variable can overwrite GOT entries. Use the option -z,relro,-z,now to enable full RELRO and only -z,relro to enable partial RELRO.'}, 'rpath': {'rpath': False, 'severity': 'info', 'description': 'The shared object does not have run-time search path or RPATH set.'}, 'runpath': {'runpath': False, 'severity': 'info', 'description': 'The shared object does not have RUNPATH set.'}, 'fortify': {'is_fortified': False, 'severity': 'warning', 'description': "The shared object does not have any fortified functions. Fortified functions provides buffer overflow checks against glibc's commons insecure functions like strcpy, gets etc. Use the compiler option -D_FORTIFY_SOURCE=2 to fority functions."}, 'symbol': {'is_stripped': True, 'severity': 'info', 'description': 'Symbols are stripped.'}}, {'name': 'lib/armeabi/libIDCardScan.so', 'nx': {'is_nx': True, 'severity': 'info', 'description': 'The shared object has NX bit set. This marks a memory page non-executable making attacker injected shellcode non-executable.'}, 'pie': {'is_pie': 'Dynamic Shared Object (DSO)', 'severity': 'info', 'description': 'The shared object is build with -fPIC flag which enables Position independent code. This makes Return Oriented Programming (ROP) attacks much more difficult to execute reliably.'}, 'stack_canary': {'has_canary': True, 'severity': 'info', 'description': 'This shared object has a stack canary value added to the stack so that it will be overwritten by a stack buffer that overflows the return address. This allows detection of overflows by verifying the integrity of the canary before function return.'}, 'relocation_readonly': {'relro': 'Full RELRO', 'severity': 'high', 'description': 'This shared object does not have RELRO enabled. The entire GOT (.got and .got.plt both) are writable. Without this compiler flag, buffer overflows on a global variable can overwrite GOT entries. Use the option -z,relro,-z,now to enable full RELRO and only -z,relro to enable partial RELRO.'}, 'rpath': {'rpath': False, 'severity': 'info', 'description': 'The shared object does not have run-time search path or RPATH set.'}, 'runpath': {'runpath': False, 'severity': 'info', 'description': 'The shared object does not have RUNPATH set.'}, 'fortify': {'is_fortified': False, 'severity': 'warning', 'description': "The shared object does not have any fortified functions. Fortified functions provides buffer overflow checks against glibc's commons insecure functions like strcpy, gets etc. Use the compiler option -D_FORTIFY_SOURCE=2 to fority functions."}, 'symbol': {'is_stripped': True, 'severity': 'info', 'description': 'Symbols are stripped.'}}, {'name': 'lib/armeabi/libVerifyUtil.so', 'nx': {'is_nx': True, 'severity': 'info', 'description': 'The shared object has NX bit set. This marks a memory page non-executable making attacker injected shellcode non-executable.'}, 'pie': {'is_pie': False, 'severity': 'high', 'description': 'The shared object is built without Position Independent Code flag. In order to prevent an attacker from reliably jumping to, for example, a particular exploited function in memory, Address space layout randomization (ASLR) randomly arranges the address space positions of key data areas of a process, including the base of the executable and the positions of the stack,heap and libraries. Use compiler option -fPIC to enable Position Independent Code.'}, 'stack_canary': {'has_canary': True, 'severity': 'info', 'description': 'This shared object has a stack canary value added to the stack so that it will be overwritten by a stack buffer that overflows the return address. This allows detection of overflows by verifying the integrity of the canary before function return.'}, 'relocation_readonly': {'relro': 'Full RELRO', 'severity': 'high', 'description': 'This shared object does not have RELRO enabled. The entire GOT (.got and .got.plt both) are writable. Without this compiler flag, buffer overflows on a global variable can overwrite GOT entries. Use the option -z,relro,-z,now to enable full RELRO and only -z,relro to enable partial RELRO.'}, 'rpath': {'rpath': False, 'severity': 'info', 'description': 'The shared object does not have run-time search path or RPATH set.'}, 'runpath': {'runpath': False, 'severity': 'info', 'description': 'The shared object does not have RUNPATH set.'}, 'fortify': {'is_fortified': False, 'severity': 'warning', 'description': "The shared object does not have any fortified functions. Fortified functions provides buffer overflow checks against glibc's commons insecure functions like strcpy, gets etc. Use the compiler option -D_FORTIFY_SOURCE=2 to fority functions."}, 'symbol': {'is_stripped': True, 'severity': 'info', 'description': 'Symbols are stripped.'}}, {'name': 'lib/armeabi/liblocSDK7b.so', 'nx': {'is_nx': True, 'severity': 'info', 'description': 'The shared object has NX bit set. This marks a memory page non-executable making attacker injected shellcode non-executable.'}, 'pie': {'is_pie': 'Dynamic Shared Object (DSO)', 'severity': 'info', 'description': 'The shared object is build with -fPIC flag which enables Position independent code. This makes Return Oriented Programming (ROP) attacks much more difficult to execute reliably.'}, 'stack_canary': {'has_canary': True, 'severity': 'info', 'description': 'This shared object has a stack canary value added to the stack so that it will be overwritten by a stack buffer that overflows the return address. This allows detection of overflows by verifying the integrity of the canary before function return.'}, 'relocation_readonly': {'relro': 'Full RELRO', 'severity': 'high', 'description': 'This shared object does not have RELRO enabled. The entire GOT (.got and .got.plt both) are writable. Without this compiler flag, buffer overflows on a global variable can overwrite GOT entries. Use the option -z,relro,-z,now to enable full RELRO and only -z,relro to enable partial RELRO.'}, 'rpath': {'rpath': False, 'severity': 'info', 'description': 'The shared object does not have run-time search path or RPATH set.'}, 'runpath': {'runpath': False, 'severity': 'info', 'description': 'The shared object does not have RUNPATH set.'}, 'fortify': {'is_fortified': False, 'severity': 'warning', 'description': "The shared object does not have any fortified functions. Fortified functions provides buffer overflow checks against glibc's commons insecure functions like strcpy, gets etc. Use the compiler option -D_FORTIFY_SOURCE=2 to fority functions."}, 'symbol': {'is_stripped': True, 'severity': 'info', 'description': 'Symbols are stripped.'}}, {'name': 'lib/armeabi/libst_finance.so', 'nx': {'is_nx': True, 'severity': 'info', 'description': 'The shared object has NX bit set. This marks a memory page non-executable making attacker injected shellcode non-executable.'}, 'pie': {'is_pie': 'Dynamic Shared Object (DSO)', 'severity': 'info', 'description': 'The shared object is build with -fPIC flag which enables Position independent code. This makes Return Oriented Programming (ROP) attacks much more difficult to execute reliably.'}, 'stack_canary': {'has_canary': False, 'severity': 'high', 'description': 'This shared object does not have a stack canary value added to the stack. Stack canraies are used to detect and prevent exploits from overwriting return address. Use the option -fstack-protector-all to enable stack canaries.'}, 'relocation_readonly': {'relro': 'Full RELRO', 'severity': 'high', 'description': 'This shared object does not have RELRO enabled. The entire GOT (.got and .got.plt both) are writable. Without this compiler flag, buffer overflows on a global variable can overwrite GOT entries. Use the option -z,relro,-z,now to enable full RELRO and only -z,relro to enable partial RELRO.'}, 'rpath': {'rpath': False, 'severity': 'info', 'description': 'The shared object does not have run-time search path or RPATH set.'}, 'runpath': {'runpath': False, 'severity': 'info', 'description': 'The shared object does not have RUNPATH set.'}, 'fortify': {'is_fortified': False, 'severity': 'warning', 'description': "The shared object does not have any fortified functions. Fortified functions provides buffer overflow checks against glibc's commons insecure functions like strcpy, gets etc. Use the compiler option -D_FORTIFY_SOURCE=2 to fority functions."}, 'symbol': {'is_stripped': True, 'severity': 'info', 'description': 'Symbols are stripped.'}}, {'name': 'lib/armeabi/libsvnrms.so', 'nx': {'is_nx': True, 'severity': 'info', 'description': 'The shared object has NX bit set. This marks a memory page non-executable making attacker injected shellcode non-executable.'}, 'pie': {'is_pie': 'Dynamic Shared Object (DSO)', 'severity': 'info', 'description': 'The shared object is build with -fPIC flag which enables Position independent code. This makes Return Oriented Programming (ROP) attacks much more difficult to execute reliably.'}, 'stack_canary': {'has_canary': True, 'severity': 'info', 'description': 'This shared object has a stack canary value added to the stack so that it will be overwritten by a stack buffer that overflows the return address. This allows detection of overflows by verifying the integrity of the canary before function return.'}, 'relocation_readonly': {'relro': 'Full RELRO', 'severity': 'high', 'description': 'This shared object does not have RELRO enabled. The entire GOT (.got and .got.plt both) are writable. Without this compiler flag, buffer overflows on a global variable can overwrite GOT entries. Use the option -z,relro,-z,now to enable full RELRO and only -z,relro to enable partial RELRO.'}, 'rpath': {'rpath': <lief.ELF.DynamicEntryRpath object at 0x7f398e6f5d70>, 'severity': 'high', 'description': 'The shared object has RPATH set. In certain cases an attacker can abuse this feature to run arbitrary shared objects for code execution and privilege escalation. The only time a shared library in should set RPATH is if it is linked to private shared libraries in the same package. Remove the compiler option -rpath to remove RPATH.'}, 'runpath': {'runpath': False, 'severity': 'info', 'description': 'The shared object does not have RUNPATH set.'}, 'fortify': {'is_fortified': False, 'severity': 'warning', 'description': "The shared object does not have any fortified functions. Fortified functions provides buffer overflow checks against glibc's commons insecure functions like strcpy, gets etc. Use the compiler option -D_FORTIFY_SOURCE=2 to fority functions."}, 'symbol': {'is_stripped': True, 'severity': 'info', 'description': 'Symbols are stripped.'}}, {'name': 'lib/armeabi/liblightCryptNDK.so', 'nx': {'is_nx': True, 'severity': 'info', 'description': 'The shared object has NX bit set. This marks a memory page non-executable making attacker injected shellcode non-executable.'}, 'pie': {'is_pie': False, 'severity': 'high', 'description': 'The shared object is built without Position Independent Code flag. In order to prevent an attacker from reliably jumping to, for example, a particular exploited function in memory, Address space layout randomization (ASLR) randomly arranges the address space positions of key data areas of a process, including the base of the executable and the positions of the stack,heap and libraries. Use compiler option -fPIC to enable Position Independent Code.'}, 'stack_canary': {'has_canary': True, 'severity': 'info', 'description': 'This shared object has a stack canary value added to the stack so that it will be overwritten by a stack buffer that overflows the return address. This allows detection of overflows by verifying the integrity of the canary before function return.'}, 'relocation_readonly': {'relro': 'Full RELRO', 'severity': 'high', 'description': 'This shared object does not have RELRO enabled. The entire GOT (.got and .got.plt both) are writable. Without this compiler flag, buffer overflows on a global variable can overwrite GOT entries. Use the option -z,relro,-z,now to enable full RELRO and only -z,relro to enable partial RELRO.'}, 'rpath': {'rpath': False, 'severity': 'info', 'description': 'The shared object does not have run-time search path or RPATH set.'}, 'runpath': {'runpath': False, 'severity': 'info', 'description': 'The shared object does not have RUNPATH set.'}, 'fortify': {'is_fortified': False, 'severity': 'warning', 'description': "The shared object does not have any fortified functions. Fortified functions provides buffer overflow checks against glibc's commons insecure functions like strcpy, gets etc. Use the compiler option -D_FORTIFY_SOURCE=2 to fority functions."}, 'symbol': {'is_stripped': True, 'severity': 'info', 'description': 'Symbols are stripped.'}}, {'name': 'lib/armeabi/liblocSDK7.so', 'nx': {'is_nx': True, 'severity': 'info', 'description': 'The shared object has NX bit set. This marks a memory page non-executable making attacker injected shellcode non-executable.'}, 'pie': {'is_pie': 'Dynamic Shared Object (DSO)', 'severity': 'info', 'description': 'The shared object is build with -fPIC flag which enables Position independent code. This makes Return Oriented Programming (ROP) attacks much more difficult to execute reliably.'}, 'stack_canary': {'has_canary': True, 'severity': 'info', 'description': 'This shared object has a stack canary value added to the stack so that it will be overwritten by a stack buffer that overflows the return address. This allows detection of overflows by verifying the integrity of the canary before function return.'}, 'relocation_readonly': {'relro': 'Full RELRO', 'severity': 'high', 'description': 'This shared object does not have RELRO enabled. The entire GOT (.got and .got.plt both) are writable. Without this compiler flag, buffer overflows on a global variable can overwrite GOT entries. Use the option -z,relro,-z,now to enable full RELRO and only -z,relro to enable partial RELRO.'}, 'rpath': {'rpath': False, 'severity': 'info', 'description': 'The shared object does not have run-time search path or RPATH set.'}, 'runpath': {'runpath': False, 'severity': 'info', 'description': 'The shared object does not have RUNPATH set.'}, 'fortify': {'is_fortified': False, 'severity': 'warning', 'description': "The shared object does not have any fortified functions. Fortified functions provides buffer overflow checks against glibc's commons insecure functions like strcpy, gets etc. Use the compiler option -D_FORTIFY_SOURCE=2 to fority functions."}, 'symbol': {'is_stripped': True, 'severity': 'info', 'description': 'Symbols are stripped.'}}, {'name': 'lib/armeabi/libcvfinance_api_liveness_standard.so', 'nx': {'is_nx': True, 'severity': 'info', 'description': 'The shared object has NX bit set. This marks a memory page non-executable making attacker injected shellcode non-executable.'}, 'pie': {'is_pie': 'Dynamic Shared Object (DSO)', 'severity': 'info', 'description': 'The shared object is build with -fPIC flag which enables Position independent code. This makes Return Oriented Programming (ROP) attacks much more difficult to execute reliably.'}, 'stack_canary': {'has_canary': False, 'severity': 'high', 'description': 'This shared object does not have a stack canary value added to the stack. Stack canraies are used to detect and prevent exploits from overwriting return address. Use the option -fstack-protector-all to enable stack canaries.'}, 'relocation_readonly': {'relro': 'Full RELRO', 'severity': 'high', 'description': 'This shared object does not have RELRO enabled. The entire GOT (.got and .got.plt both) are writable. Without this compiler flag, buffer overflows on a global variable can overwrite GOT entries. Use the option -z,relro,-z,now to enable full RELRO and only -z,relro to enable partial RELRO.'}, 'rpath': {'rpath': False, 'severity': 'info', 'description': 'The shared object does not have run-time search path or RPATH set.'}, 'runpath': {'runpath': False, 'severity': 'info', 'description': 'The shared object does not have RUNPATH set.'}, 'fortify': {'is_fortified': False, 'severity': 'warning', 'description': "The shared object does not have any fortified functions. Fortified functions provides buffer overflow checks against glibc's commons insecure functions like strcpy, gets etc. Use the compiler option -D_FORTIFY_SOURCE=2 to fority functions."}, 'symbol': {'is_stripped': True, 'severity': 'info', 'description': 'Symbols are stripped.'}}]
^
SyntaxError: invalid syntax
[ERROR] 16/Nov/2020 17:57:05 - Error Performing Static Analysis Traceback (most recent call last):
File "Mobile-Security-Framework-MobSF/StaticAnalyzer/views/android/static_analyzer.py", line 270, in static_analyzer
'security_score'] = score(context['code_analysis'])
TypeError: 'NoneType' object is not subscriptable
[ERROR] 16/Nov/2020 17:57:05 - 'NoneType' object is not subscriptable [ERROR] 16/Nov/2020 17:57:06 - Internal Server Error: /static_analyzer/

ajinabraham commented 3 years ago

Please share the APK that caused this problem

kaze-nomamani commented 3 years ago

I have the same issue when I use com.instagram.android_168.0.0.0.106 for static_analyzer.

ninjadummyhaxor commented 3 years ago

Thanks for looking into this!

This is happening to me today as well. Yesterday it was working fine. I am unable to scan any .apk I throw at it. I made sure the signatures are signed, seems like when it is trying to save to the db after/during static analysis, python crashes.

srockytfl commented 3 years ago

Hi. I have the same issue with my apk, but I can't share it. Any update on this issue?

srockytfl commented 3 years ago

Hi, I have this logs, how can I fix that? Thank you. logs_mobsf.txt

kzoltan1 commented 3 years ago

Same issue here with internal application.

ajinabraham commented 3 years ago

Please update to 3.2.0 for the fix.

ajinabraham commented 3 years ago

Looks like this is not completely fixed.

APK to reproduce

https://apkpure.com/smart-lights-wi-fi/us.legrand.ambient.

[INFO] 12/Jan/2021 22:42:27 - Starting Analysis on : Smart Lights Wi Fi_v2.7.0.33_apkpure.com.apk
[INFO] 12/Jan/2021 22:42:27 - Analysis is already Done. Fetching data from the DB...
[ERROR] 12/Jan/2021 22:42:27 - Fetching from DB
Traceback (most recent call last):
  File "/Users/xxx/Code/Mobile-Security-Framework-MobSF/StaticAnalyzer/views/android/db_interaction.py", line 54, in get_context_from_db_entry
    'binary_analysis': python_list(db_entry[0].BINARY_ANALYSIS),
  File "/Users/xxx/Code/Mobile-Security-Framework-MobSF/MobSF/utils.py", line 232, in python_list
    return ast.literal_eval(value)
  File "/Library/Frameworks/Python.framework/Versions/3.7/lib/python3.7/ast.py", line 46, in literal_eval
    node_or_string = parse(node_or_string, mode='eval')
  File "/Library/Frameworks/Python.framework/Versions/3.7/lib/python3.7/ast.py", line 35, in parse
    return compile(source, filename, mode, PyCF_ONLY_AST)
  File "<unknown>", line 1
....
erflow checks against glibc's commons insecure functions like strcpy, gets etc. Use the compiler option -D_FORTIFY_SOURCE=2 to fority functions."}, 'symbol': {'is_stripped': True, 'severity': 'info', 'description': 'Symbols are stripped.'}}]

                                                                                                                                                                                                           ^
SyntaxError: invalid syntax
[ERROR] 12/Jan/2021 22:42:27 - Error Performing Static Analysis
Traceback (most recent call last):
  File "/Users/xxx/Code/Mobile-Security-Framework-MobSF/StaticAnalyzer/views/android/static_analyzer.py", line 270, in static_analyzer
    'security_score'] = score(context['code_analysis'])
TypeError: 'NoneType' object is not subscriptable
[ERROR] 12/Jan/2021 22:42:27 - 'NoneType' object is not subscriptable
[ERROR] 12/Jan/2021 22:42:27 - Internal Server Error: /static_analyzer/