search

MobSF / Mobile-Security-Framework-MobSF

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.
https://opensecurity.in
GNU General Public License v3.0
16.68k stars 3.16k forks source link

"ANDROID_8_0_LEVEL" is substituted where "minSdkVersion" should be substituted. #2343

Closed watanabemk closed 3 months ago

watanabemk commented 4 months ago

Target file: https://github.com/MobSF/Mobile-Security-Framework-MobSF/blob/master/mobsf/StaticAnalyzer/views/android/manifest_analysis.py Applicable line:

# Android Task Hijacking or StrandHogg 1.0
try:
    target_sdk = int(man_data_dic['target_sdk'])
except Exception:
    target_sdk = ANDROID_8_0_LEVEL     ←★This line
if (target_sdk < ANDROID_9_0_LEVEL
        and launchmode == 'singleTask'):
    ret_list.append(('task_hijacking', (item,), (target_sdk,)))

basis: Androiddocument android:targetSdkVersion An integer designating the API level that the application targets. If not set, the default value equals that given to minSdkVersion. solution: Based on the above, it is expected that by assigning "ANDROID_LEVEL" that corresponds to "minSdkVersion" to the variable "target_sdk", detection will be made in accordance with the actual situation.

github-actions[bot] commented 4 months ago

👋 @watanabemk Issues is only for reporting a bug/feature request. For limited support, questions, and discussions, please join MobSF Slack channel Please include all the requested and relevant information when opening a bug report. Improper reports will be closed without any response.

ajinabraham commented 4 months ago

More context: https://mobsf.slack.com/archives/C0QMLNKMF/p1707273779008299

Related: https://github.com/MobSF/mobsfscan/issues/78