Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.
* [SECURITY] Fixes an LFI reported by @0x33c0unt - A crafted APK resource with icon name containing arbitrary path will get copied by MobSF as the icon file to the download directory which is available under `/download/` route. Fixed by https://github.com/MobSF/Mobile-Security-Framework-MobSF/commit/a58f8a8c0aa49e1581d97e19e8e2255ca96cd838
* Fixes #2324 , Bug in parsing DSA Public Key parameters for fingerprint calculation.
* Update dependencies
Checklist for PR
[x] Run MobSF unit tests and lint tox -e lint,test
[x] Tested Working on Linux, Mac, Windows, and Docker
[x] Add unit test for any new Web API (Refer: StaticAnalyzer/tests.py)
👋 @ajinabraham
Thank you for sending this pull request ❤️.
Please make sure you have followed our contribution guidelines. We will review it as soon as possible
Describe the Pull Request
Checklist for PR
tox -e lint,test
StaticAnalyzer/tests.py
)Additional Comments (if any)