Closed RubenPauwelsUniWeb closed 4 months ago
đź‘‹ @RubenPauwelsUniWeb Issues is only for reporting a bug/feature request. For limited support, questions, and discussions, please join MobSF Slack channel Please include all the requested and relevant information when opening a bug report. Improper reports will be closed without any response.
This looks like an issue in a third party, androguard
. You might want to report it upstream.
Test carried out on 03/18/2024 Version: v3.9.5 Beta
Error persists, follow log.
[ERROR] 18/Mar/2024 12:20:48 - res1 must be zero! [ERROR] 18/Mar/2024 12:20:48 - Internal Server Error: /static_analyzer/9181a2f943285c469eb07916da7f962d/ [INFO] 18/Mar/2024 12:20:48 - Scan Hash: 9181a2f943285c469eb07916da7f962d [INFO] 18/Mar/2024 12:20:48 - Starting Analysis on: Aplicativo.apk [INFO] 18/Mar/2024 12:20:48 - Generating Hashes [INFO] 18/Mar/2024 12:20:48 - Unzipping [INFO] 18/Mar/2024 12:20:49 - APK Extracted [INFO] 18/Mar/2024 12:20:49 - Getting Hardcoded Certificates/Keystores [INFO] 18/Mar/2024 12:20:49 - Getting AndroidManifest.xml from APK [INFO] 18/Mar/2024 12:20:49 - Parsing AndroidManifest.xml [INFO] 18/Mar/2024 12:20:49 - Parsing APK with androguard [ERROR] 18/Mar/2024 12:20:49 - Error Performing Static Analysis Traceback (most recent call last): File "/usr/local/lib/python3.10/dist-packages/androguard/core/bytecodes/apk.py", line 1556, in get_android_resources return self.arsc["resources.arsc"] KeyError: 'resources.arsc'
During handling of the above exception, another exception occurred:
Traceback (most recent call last): File "/home/mobsf/Mobile-Security-Framework-MobSF/mobsf/StaticAnalyzer/views/android/static_analyzer.py", line 199, in static_analyzer app_dic['real_name'] = get_app_name( File "/home/mobsf/Mobile-Security-Framework-MobSF/mobsf/StaticAnalyzer/views/android/app.py", line 28, in get_app_name return a.get_app_name() File "/usr/local/lib/python3.10/dist-packages/androguard/core/bytecodes/apk.py", line 476, in get_app_name res_parser = self.get_android_resources() File "/usr/local/lib/python3.10/dist-packages/androguard/core/bytecodes/apk.py", line 1562, in get_android_resources self.arsc["resources.arsc"] = ARSCParser(self.zip.read("resources.arsc")) File "/usr/local/lib/python3.10/dist-packages/androguard/core/bytecodes/axml/init.py", line 1321, in init self.packages[package_name].append(ARSCResTypeSpec(self.buff, pc)) File "/usr/local/lib/python3.10/dist-packages/androguard/core/bytecodes/axml/init.py", line 2181, in init raise ResParserError("res1 must be zero!") androguard.core.bytecodes.axml.ResParserError: res1 must be zero! [ERROR] 18/Mar/2024 12:20:49 - res1 must be zero!
This is fixed in latest master branch, but not available in the docker image yet. The docker builds are failing due to pyQT dependency issue for ARM arch. You could build an image locally or use the code from latest master to fix this.
ENVIRONMENT
EXPLANATION OF THE ISSUE
When I try to upload an APK for static analysis I get the following error:
STEPS TO REPRODUCE THE ISSUE
docker run -it --rm -p 8000:8000 opensecurity/mobile-security-framework-mobsf:latest
LOG FILE
debug.log