Closed yisake closed 8 years ago
@yisake Your SQLite DB is having an old schema, You need to update it. Backup your db and run
python manage.py makemigrations
python manage.py migrate
If it didn't fix the issue
delete the db.sqlite
file and run python manage.py migrate
@ajinabraham
Still has error, because I just use MobSF for first time. So it seems that there's some environment to handle. Would you add a script to set up environment of MobSF?
Please upload the complete log under logs/MobSF.log
Also did you followed the instructions given here: https://github.com/ajinabraham/Mobile-Security-Framework-MobSF/wiki/1.-Documentation
[2016-06-25 11:09:29] [ERROR] Oracle Java (JDK >=1.7) is not found! (D:\Mobile-Security-Framework-MobSF-0.9.2\MobSF\utils.py, LINE 110 "for dirname in os.listdir(WIN_JAVABASE):"): [Error 3] : 'C:/Program Files/Java/._' [2016-06-25 11:09:37] [ERROR] Oracle Java (JDK >=1.7) is not found! (D:\Mobile-Security-Framework-MobSF-0.9.2\MobSF\utils.py, LINE 110 "for dirname in os.listdir(WIN_JAVABASE):"): [Error 3] : 'C:/Program Files/Java/._' [2016-06-25 11:09:38] [ERROR] Oracle Java (JDK >=1.7) is not found! (D:\Mobile-Security-Framework-MobSF-0.9.2\MobSF\utils.py, LINE 110 "for dirname in os.listdir(WIN_JAVABASE):"): [Error 3] : 'C:/Program Files/Java/._' [2016-06-25 11:10:02] [ERROR] Oracle Java (JDK >=1.7) is not found! (D:\Mobile-Security-Framework-MobSF-0.9.2\MobSF\utils.py, LINE 110 "for dirname in os.listdir(WIN_JAVABASE):"): [Error 3] : 'C:/Program Files/Java/._' [2016-06-25 11:10:03] [ERROR] Oracle Java (JDK >=1.7) is not found! (D:\Mobile-Security-Framework-MobSF-0.9.2\MobSF\utils.py, LINE 110 "for dirname in os.listdir(WIN_JAVABASE):"): [Error 3] : 'C:/Program Files/Java/._' [2016-06-25 15:13:30] [ERROR] Oracle Java (JDK >=1.7) is not found! (D:\Mobile-Security-Framework-MobSF-0.9.2\MobSF\utils.py, LINE 110 "for dirname in os.listdir(WIN_JAVABASE):"): [Error 3] : 'C:/Program Files/Java/._' [2016-06-25 15:13:34] [ERROR] Oracle Java (JDK >=1.7) is not found! (D:\Mobile-Security-Framework-MobSF-0.9.2\MobSF\utils.py, LINE 110 "for dirname in os.listdir(WIN_JAVABASE):"): [Error 3] : 'C:/Program Files/Java/._' [2016-06-25 15:19:29] [ERROR] Adding Scan URL to Database (D:\Mobile-Security-Framework-MobSF-0.9.2\MobSF\views.py, LINE 19 "if not DB.exists():"): no such table: MobSF_recentscansdb [2016-06-25 15:19:29] [ERROR] xhtml2pdf is not installed. Cannot generate PDF reports (D:\Mobile-Security-Framework-MobSF-0.9.2\StaticAnalyzer\views.py, LINE 20 "import xhtml2pdf.pisa as pisa"): No module named xhtml2pdf.pisa [2016-06-25 15:19:29] [ERROR] Static Analyzer (D:\Mobile-Security-Framework-MobSF-0.9.2\StaticAnalyzer\views.py, LINE 342 "if DB.exists() and RESCAN=='0':"): no such table: StaticAnalyzer_staticanalyzerandroid [2016-06-25 15:21:08] [ERROR] Adding Scan URL to Database (D:\Mobile-Security-Framework-MobSF-0.9.2\MobSF\views.py, LINE 19 "if not DB.exists():"): no such table: MobSF_recentscansdb [2016-06-25 15:21:08] [ERROR] Static Analyzer (D:\Mobile-Security-Framework-MobSF-0.9.2\StaticAnalyzer\views.py, LINE 342 "if DB.exists() and RESCAN=='0':"): no such table: StaticAnalyzer_staticanalyzerandroid [2016-06-25 15:31:08] [ERROR] xhtml2pdf is not installed. Cannot generate PDF reports (D:\Mobile-Security-Framework-MobSF-0.9.2\StaticAnalyzer\views.py, LINE 20 "import xhtml2pdf.pisa as pisa"): No module named xhtml2pdf.pisa [2016-06-25 15:31:08] [ERROR] Static Analyzer (D:\Mobile-Security-Framework-MobSF-0.9.2\StaticAnalyzer\views.py, LINE 342 "if DB.exists() and RESCAN=='0':"): no such table: StaticAnalyzer_staticanalyzerandroid [2016-06-25 15:31:17] [ERROR] Adding Scan URL to Database (D:\Mobile-Security-Framework-MobSF-0.9.2\MobSF\views.py, LINE 19 "if not DB.exists():"): no such table: MobSF_recentscansdb [2016-06-25 15:31:17] [ERROR] Static Analyzer (D:\Mobile-Security-Framework-MobSF-0.9.2\StaticAnalyzer\views.py, LINE 342 "if DB.exists() and RESCAN=='0':"): no such table: StaticAnalyzer_staticanalyzerandroid [2016-06-25 15:36:05] [ERROR] Adding Scan URL to Database (D:\Mobile-Security-Framework-MobSF-0.9.2\MobSF\views.py, LINE 19 "if not DB.exists():"): no such table: MobSF_recentscansdb [2016-06-25 15:36:05] [ERROR] Static Analyzer (D:\Mobile-Security-Framework-MobSF-0.9.2\StaticAnalyzer\views.py, LINE 342 "if DB.exists() and RESCAN=='0':"): no such table: StaticAnalyzer_staticanalyzerandroid [2016-06-25 16:00:34] [ERROR] Adding Scan URL to Database (D:\Mobile-Security-Framework-MobSF-0.9.2\MobSF\views.py, LINE 19 "if not DB.exists():"): no such table: MobSF_recentscansdb [2016-06-25 16:00:36] [ERROR] Static Analyzer (D:\Mobile-Security-Framework-MobSF-0.9.2\StaticAnalyzer\views.py, LINE 342 "if DB.exists() and RESCAN=='0':"): no such table: StaticAnalyzer_staticanalyzerandroid [2016-06-25 16:20:00] [ERROR] Pasrsing AndroidManifest.xml (D:\Mobile-Security-Framework-MobSF-0.9.2\StaticAnalyzer\views.py, LINE 865 "mfest=minidom.parseString(dat)"): not well-formed (invalid token): line 1521, column 18 [2016-06-25 16:20:00] [ERROR] Reading Code Signing Certificate (D:\Mobile-Security-Framework-MobSF-0.9.2\StaticAnalyzer\views.py, LINE 996 "dat=escape(subprocess.check_output(args)).replace('\n', '')"): 'utf8' codec can't decode byte 0xb7 in position 58: invalid start byte. You passed in '[\n[\n Version: V3\n Subject: CN=Yang Vachel, OU=FangDD, O=\xb7\xbf\xb6\xe0\xb6\xe0, L=\xc9\xee\xdb\xda, ST=\xb9\xe3\xb6\xab, C=CN\n Signature Algorithm: SHA256withRSA, OID = 1.2.840.113549.1.1.11\n\n Key: \n Validity: [From: Thu Oct 27 13:34:19 CST 2011,\n To: Sat Oct 19 13:34:19 CST 2041]\n Issuer: CN=Yang Vachel, OU=FangDD, O=\xb7\xbf\xb6\xe0\xb6\xe0, L=\xc9\xee\xdb\xda, ST=\xb9\xe3\xb6\xab, C=CN\n SerialNumber: [ 6acda28c]\n\nCertificate Extensions: 1\n[1]: ObjectId: 2.5.29.14 Criticality=false\nSubjectKeyIdentifier [\nKeyIdentifier [\n0000: E2 E1 7E 91 A9 87 BD 47 CA 69 FF B8 44 45 B6 E7 .......G.i..DE..\r\n0010: B3 F0 6B 3B ..k;\r\n]\n]\n\n]\n Algorithm: [SHA256withRSA]\n Signature:\n0000: 66 F6 8E 87 98 0B 5B 0A 1E CB 9B E7 04 96 FC 02 f.....[.........\r\n0010: 34 E3 44 B8 C8 B7 32 A1 C5 C6 08 DE 62 69 6F F3 4.D...2.....bio.\r\n0020: 9C 50 8B BE 24 66 B6 C5 57 3C F6 F7 19 EA 28 B9 .P..$f..W<....(.\r\n0030: 5A 2A 53 5D BC 69 5C 0E 67 D6 58 F6 BF EC 04 E2 Z*S].i.g.X.....\r\n0040: FD D3 55 50 89 03 5E 04 18 B6 25 8A 46 4F 9A D1 ..UP..^...%.FO..\r\n0050: 17 46 1E 49 09 3C 95 28 BB 8B 48 CE 10 7D C5 16 .F.I.<.(..H.....\r\n0060: 01 1C A6 A3 29 A5 BC 6C 12 8A 2B 4A B9 13 CE 74 ....)..l..+J...t\r\n0070: 51 6C 36 A8 6C 07 DC A6 F8 DB 74 C3 CC 2D 4F D6 Ql6.l.....t..-O.\r\n0080: 42 B0 EC 70 68 5D EE C5 0A C6 21 8B 2E BE 84 4F B..ph]....!....O\r\n0090: F0 D4 75 CC C5 B4 A1 D5 C3 A1 56 2C E0 36 C5 E8 ..u.......V,.6..\r\n00A0: 64 53 F5 5C C1 5D 12 79 47 3D 56 76 9F 70 9A CD dS..].yG=Vv.p..\r\n00B0: 8C A2 B4 95 BE 41 E2 41 DF CB 7E 4A 13 53 23 D5 .....A.A...J.S#.\r\n00C0: 0B 13 E2 BC 77 F4 83 5D 3E F9 5D 4E F2 65 17 6E ....w..]>.]N.e.n\r\n00D0: 74 2F DA 27 83 C1 97 55 87 BA CA 99 52 50 99 E5 t/.\'...U....RP..\r\n00E0: C3 38 76 CA CC CF EC 19 30 A2 19 FC 2F C1 F0 8C .8v.....0.../...\r\n00F0: 04 94 BA C3 C1 02 19 B1 2F C3 C3 C9 15 01 99 22 ......../......"\r\n\n]\r\n' (<type 'str'>) [2016-06-25 16:20:00] [ERROR] Static Analyzer (D:\Mobile-Security-Framework-MobSF-0.9.2\StaticAnalyzer\views.py, LINE 411 "CERT_INFO,ISSUED=CertInfo(APP_DIR,TOOLS_DIR)"): 'NoneType' object is not iterable
I've solve the JDK issue and installed with python -m pip install -r requirements.txt.
You haven't configured it properly. follow the wiki and configure everything properly. Also there is some issue with APKs having unicode. Try a different APK
OK, 2 questions, 1.I upload apk to web page, is this the static analyse? 2.So if I want to test some apk with unicode error, I have to configure the dynamic analyse environment with Real device or virtual device(oracle virtual box)?
You need to configure a real rooted device or vm (virtualbox) image if you need to run a Dynamic Analysis.
OK many thanks.
Don't Play Around. An Error just popped in!
Inappropriate argument type.
'NoneType' object is not subscriptable
[INFO] 04/Mar/2019 11:59:58 -
| \/ | _ | |_/ || _| _ / | / \ | |\/| |/ | ' \ | | \ \ / / || | | | | | | | () | |_) |) | | \ V /| || || | || ||_/|_./__/|| _/ |(_)___/
[INFO] 04/Mar/2019 11:59:58 - Mobile Security Framework v1.0.5 Beta REST API Key: 097334805e6abf81dafe3510b841ccd13ff35311202a356837d94999659e28e6 [INFO] 04/Mar/2019 11:59:58 - OS: Linux [INFO] 04/Mar/2019 11:59:58 - Platform: Linux-4.19.0-kali1-amd64-x86_64-with-Kali-kali-rolling-kali-rolling [INFO] 04/Mar/2019 11:59:58 - Dist: ('Kali', 'kali-rolling', 'kali-rolling') [INFO] 04/Mar/2019 11:59:58 - Finding JDK Location in Linux/MAC.... [INFO] 04/Mar/2019 11:59:58 - JDK 1.7 or above is available [WARNING] 04/Mar/2019 11:59:58 - Could not find VirtualBox path. [INFO] 04/Mar/2019 11:59:58 - MobSF Basic Environment Check [INFO] 04/Mar/2019 11:59:58 - Checking for Update. [INFO] 04/Mar/2019 11:59:58 - No updates available. System check identified no issues (0 silenced). March 04, 2019 - 11:59:58 Django version 2.1.7, using settings 'MobSF.settings' Starting development server at http://127.0.0.1:8000/ Quit the server with CONTROL-C. [INFO] 04/Mar/2019 12:00:02 - "GET / HTTP/1.1" 200 7723 [INFO] 04/Mar/2019 12:00:02 - "GET /static/css/bootstrap.min.css HTTP/1.1" 304 0 [INFO] 04/Mar/2019 12:00:02 - "GET /static/js/ie-emulation-modes-warning.js HTTP/1.1" 304 0 [INFO] 04/Mar/2019 12:00:02 - "GET /static/css/cover.css HTTP/1.1" 304 0 [INFO] 04/Mar/2019 12:00:02 - "GET /static/js/ie10-viewport-bug-workaround.js HTTP/1.1" 304 0 [INFO] 04/Mar/2019 12:00:02 - "GET /static/js/bootstrap.min.js HTTP/1.1" 304 0 [INFO] 04/Mar/2019 12:00:02 - "GET /static/css/dropzone.css HTTP/1.1" 304 0 [INFO] 04/Mar/2019 12:00:02 - "GET /static/js/jquery.min.js HTTP/1.1" 304 0 [INFO] 04/Mar/2019 12:00:02 - "GET /static/js/dropzone.js HTTP/1.1" 304 0 [INFO] 04/Mar/2019 12:00:02 - "GET /static/img/MobSF_Logo_small.png HTTP/1.1" 304 0 [INFO] 04/Mar/2019 12:00:02 - "GET /static/fonts/glyphicons-halflings-regular.woff HTTP/1.1" 304 0 [INFO] 04/Mar/2019 12:00:17 - MIME Type: application/vnd.android.package-archive FILE: zoho mail.apk [INFO] 04/Mar/2019 12:00:17 - Performing Static Analysis of Android APK [INFO] 04/Mar/2019 12:00:17 - "POST /upload/ HTTP/1.1" 200 211 [INFO] 04/Mar/2019 12:00:17 - Starting Analysis on : Zoho Mail.apk [INFO] 04/Mar/2019 12:00:17 - Generating Hashes [INFO] 04/Mar/2019 12:00:17 - Unzipping [ERROR] 04/Mar/2019 12:00:17 - Unzipping Error (/root/Mobile-Security-Framework-MobSF/StaticAnalyzer/views/shared_func.py, LINE 78 "with zipfile.ZipFile(app_path, "r") as zipptr:"): File is not a zip file [INFO] 04/Mar/2019 12:00:17 - Using the Default OS Unzip Utility. error: -fn or any combination of -c, -l, -p, -t, -u and -v options invalid UnZip 6.00 of 20 April 2009, by Debian. Original by Info-ZIP.
Usage: unzip [-Z] [-opts[modifiers]] file[.zip] [list] [-x xlist] [-d exdir] Default action is to extract files in list, except those in xlist, to exdir; file[.zip] may be a wildcard. -Z => ZipInfo mode ("unzip -Z" for usage).
-p extract files to pipe, no messages -l list files (short format)
-f freshen existing files, create none -t test compressed archive data
-u update files, create if necessary -z display archive comment only
-v list verbosely/show version info -T timestamp archive to latest
-x exclude files that follow (in xlist) -d extract files into exdir
modifiers:
-n never overwrite existing files -q quiet mode (-qq => quieter)
-o overwrite files WITHOUT prompting -a auto-convert any text files
-j junk paths (do not make directories) -aa treat ALL files as text
-U use escapes for all non-ASCII Unicode -UU ignore any Unicode fields
-C match filenames case-insensitively -L make (some) names lowercase
-X restore UID/GID info -V retain VMS version numbers
-K keep setuid/setgid/tacky permissions -M pipe through "more" pager
See "unzip -hh" or unzip.txt for more help. Examples:
unzip data1 -x joe => extract all files except joe from zipfile data1.zip
unzip -p foo | more => send contents of foo.zip via pipe into program more
unzip -fo foo ReadMe => quietly replace existing ReadMe if archive file newer
[/root/Mobile-Security-Framework-MobSF/uploads/79e412acc09ff213485dae27182c7741/79e412acc09ff213485dae27182c7741.apk]
End-of-central-directory signature not found. Either this file is not
a zipfile, or it constitutes one disk of a multi-part archive. In the
latter case the central directory and zipfile comment will be found on
the last disk(s) of this archive.
unzip: cannot find zipfile directory in one of /root/Mobile-Security-Framework-MobSF/uploads/79e412acc09ff213485dae27182c7741/79e412acc09ff213485dae27182c7741.apk or
/root/Mobile-Security-Framework-MobSF/uploads/79e412acc09ff213485dae27182c7741/79e412acc09ff213485dae27182c7741.apk.zip, and cannot find /root/Mobile-Security-Framework-MobSF/uploads/79e412acc09ff213485dae27182c7741/79e412acc09ff213485dae27182c7741.apk.ZIP, period.
[ERROR] 04/Mar/2019 12:00:17 -
Unzipping Error (/root/Mobile-Security-Framework-MobSF/StaticAnalyzer/views/shared_func.py, LINE 96 "dat = subprocess.check_output(['unzip', '-qq', '-l', app_path])"): Command '['unzip', '-qq', '-l', '/root/Mobile-Security-Framework-MobSF/uploads/79e412acc09ff213485dae27182c7741/79e412acc09ff213485dae27182c7741.apk']' returned non-zero exit status 9.
[INFO] 04/Mar/2019 12:00:17 - Getting Hardcoded Certificates/Keystores
[ERROR] 04/Mar/2019 12:00:17 -
Getting Hardcoded Certificates/Keystores (/root/Mobile-Security-Framework-MobSF/StaticAnalyzer/views/android/cert_analysis.py, LINE 26 "for file_name in files:"): 'NoneType' object is not iterable
[INFO] 04/Mar/2019 12:00:17 - APK Extracted
[INFO] 04/Mar/2019 12:00:17 - Converting AXML to XML
Exception in thread "main" brut.androlib.AndrolibException: brut.directory.DirectoryException: java.util.zip.ZipException: zip END header not found
at brut.androlib.ApkDecoder.hasResources(ApkDecoder.java:307)
at brut.androlib.ApkDecoder.decode(ApkDecoder.java:103)
at brut.apktool.Main.cmdDecode(Main.java:164)
at brut.apktool.Main.main(Main.java:73)
Caused by: brut.directory.DirectoryException: java.util.zip.ZipException: zip END header not found
at brut.directory.ZipRODirectory.
help me
Is it a valid APK? Please share the file
Error with upload apk file.
[2016-06-25 16:00:36] [ERROR] Static Analyzer (D:\Mobile-Security-Framework-MobSF-0.9.2\StaticAnalyzer\views.py, LINE 342 "if DB.exists() and RESCAN=='0':"): no such table: StaticAnalyzer_staticanalyzerandroid [25/Jun/2016 16:00:36]"GET /StaticAnalyzer/?name=ba66dc459a61f4e5da93dc36ee25c21e7f579712.apk&type=a pk&checksum=241db0c794a7c924cf4666eb35af9497 HTTP/1.1" 200 4657 [25/Jun/2016 16:00:36]"GET /static/css/font-awesome.min.css HTTP/1.1" 200 26711