No Result in Android API & Code Analysis Section

[mohittyagi11]

EXPLANATION OF THE ISSUE

I Ran static analysis on an APK and with the results, I was not able to see any Android API, Code Issues, No URLs, No Emails and No Strings.

I suspected the output and check for any errors on the console. Only Error is using "String from apk", and as per previous issues, it just breaks on few apks.

STEPS TO REPRODUCE THE ISSUE

1. Uploaded APK
2. Ran Static analysis

CONSOLE OUTPUT

Mobile Security Framework v0.9.5.5 Beta

REST API Key: 758b006df883fb7e3d3e835b5ea65ec0a0dc1764f635284c4fe63b362053ebfc
OS: Linux
Platform: Linux-3.16.0-4-amd64-x86_64-with-debian-8.4
Dist: ('debian', '8.4', '')

[INFO] Finding JDK Location in Linux/MAC....

[INFO] JDK 1.7 or above is available

[INFO] Checking for Update.

[INFO] No updates available.
System check identified no issues (0 silenced).
February 14, 2018 - 08:07:37
Django version 1.11.7, using settings 'MobSF.settings'
Starting development server at http://127.0.0.1:8000/
Quit the server with CONTROL-C.
[14/Feb/2018 08:07:42] "GET / HTTP/1.1" 200 7727
[14/Feb/2018 08:07:46] "GET /recent_scans/ HTTP/1.1" 200 8465
[14/Feb/2018 08:07:46] "GET /static/fonts/fontawesome-webfont.woff?v=4.4.0 HTTP/1.1" 304 0
[INFO] Starting Analysis on : local.apk

[INFO] Analysis is already Done. Fetching data from the DB...
[INFO] VirusTotal: Check for existing report
[INFO] MobSF: VirusTotal Scan not performed as file upload is disabled in settings.py. To enable file upload, set VT_UPLOAD to True.
[14/Feb/2018 08:07:53] "GET /StaticAnalyzer/?name=local.apk&type=apk&checksum=d52689680ac36d28bb2f6fd2d83ed35e HTTP/1.1" 200 128798
[14/Feb/2018 08:07:53] "GET /download/d52689680ac36d28bb2f6fd2d83ed35e-icon.png HTTP/1.1" 200 2348
[INFO] Starting Analysis on : local.apk
[INFO] Generating Hashes
[INFO] Unzipping
[INFO] Getting Hardcoded Certificates/Keystores
[INFO] APK Extracted
[INFO] Getting Manifest from Binary
[INFO] AXML -> XML
[INFO] Parsing AndroidManifest.xml
[INFO] Fetching icon path
[INFO] Extracting Manifest Data
[INFO] Manifest Analysis Started
[INFO] Static Android Binary Analysis Started
[INFO] Static Android Resourse Analysis Started
[INFO] Reading Code Signing Certificate
[INFO] APKiD Analysis on Dex file
[INFO] DEX -> JAR
[INFO] Using JAR converter - dex2jar
dex2jar /home/android/Desktop/Mobile-Security-Framework-MobSF/uploads/d52689680ac36d28bb2f6fd2d83ed35e/classes.dex -> /home/android/Desktop/Mobile-Security-Framework-MobSF/uploads/d52689680ac36d28bb2f6fd2d83ed35e/classes.jar
[INFO] DEX -> SMALI
[INFO] JAR -> JAVA
Processing /home/android/Desktop/Mobile-Security-Framework-MobSF/uploads/d52689680ac36d28bb2f6fd2d83ed35e/classes.jar (use silent to silence)
Processing com.google.android.gms.internal.zzaug
Processing com.google.android.gms.internal.zzatb
Processing com.google.android.gms.internal.zzatc
Processing com.google.android.gms.internal.zzatd
Processing com.google.android.gms.internal.zzate
Processing com.google.android.gms.internal.zzauh
Processing com.google.android.gms.internal.zzatf
Processing com.google.android.gms.internal.zzatg
Processing com.google.android.gms.internal.zzath
Processing com.google.android.gms.internal.zzati
Processing com.google.android.gms.internal.zzatj
Processing com.google.android.gms.internal.zzatk
Processing com.google.android.gms.internal.zzatl
Processing com.google.android.gms.internal.zzatm
Processing com.google.android.gms.internal.zzatn
Processing com.google.android.gms.internal.zzato
Processing com.google.android.gms.internal.zzatp
Processing com.google.android.gms.internal.zzatq
Processing com.google.android.gms.internal.zzatr
Processing com.google.android.gms.internal.zzats
Processing com.google.android.gms.internal.zzatt
Processing com.google.android.gms.internal.zzatu
Processing com.google.android.gms.internal.zzatv
Processing com.google.android.gms.internal.zzatw
Processing com.google.android.gms.internal.zzatx
Processing com.google.android.gms.internal.zzaty
Processing com.google.android.gms.internal.zzatz
Processing com.google.android.gms.internal.zzaua
Processing com.google.android.gms.internal.zzaub
Processing com.google.android.gms.internal.zzauc
Processing com.google.android.gms.internal.zzaud
Processing com.google.android.gms.internal.zzaue
Processing com.google.android.gms.internal.zzauf
Processing com.google.android.gms.internal.zzaui
Processing com.google.android.gms.internal.zzauj
Processing com.google.android.gms.internal.zzauk
Processing com.google.android.gms.internal.zzaul
Processing com.google.android.gms.internal.zzaum
Processing com.google.android.gms.internal.zzaun
Processing com.google.android.gms.internal.zzauo
Processing com.google.android.gms.internal.zzaup
Processing com.google.android.gms.internal.zzauq
Processing com.google.android.gms.internal.zzaur
Processing com.google.android.gms.internal.zzaus
Processing com.google.android.gms.internal.zzaut
Processing com.google.android.gms.internal.zzauu
Processing com.google.android.gms.internal.zzauv
Processing com.google.android.gms.internal.zzauw
Processing com.google.android.gms.measurement.AppMeasurement
Processing com.google.firebase.analytics.FirebaseAnalytics
[INFO] Static Android Code Analysis Started
[INFO] Code Analysis Started on - /home/android/Desktop/Mobile-Security-Framework-MobSF/uploads/d52689680ac36d28bb2f6fd2d83ed35e/java_source/
[INFO] Performing Malware Check on extracted Domains
[INFO] Finished Code Analysis, Email and URL Extraction

[INFO] Generating Java and Smali Downloads
[INFO] Generating Downloads
[INFO] Zipping
[INFO] Zipping
[INFO] Extracting Strings from APK
Exception in thread "main" brut.androlib.AndrolibException: Could not decode arsc file
    at brut.androlib.res.decoder.ARSCDecoder.decode(ARSCDecoder.java:54)
    at brut.androlib.res.AndrolibResources.getResPackagesFromApk(AndrolibResources.java:540)
    at brut.androlib.res.AndrolibResources.loadMainPkg(AndrolibResources.java:76)
    at brut.androlib.res.AndrolibResources.getResTable(AndrolibResources.java:68)
    at strings.StringsXML.run(StringsXML.java:84)
    at strings.StringsXML.main(StringsXML.java:151)
Caused by: java.io.IOException: Expected: 0x001c0001, got: 0x00000000
    at brut.util.ExtDataInput.skipCheckInt(ExtDataInput.java:48)
    at brut.androlib.res.decoder.StringBlock.read(StringBlock.java:43)
    at brut.androlib.res.decoder.ARSCDecoder.readPackage(ARSCDecoder.java:100)
    at brut.androlib.res.decoder.ARSCDecoder.readTable(ARSCDecoder.java:81)
    at brut.androlib.res.decoder.ARSCDecoder.decode(ARSCDecoder.java:49)
    ... 5 more

[INFO] Connecting to Database

[INFO] Updating Database...
[INFO] VirusTotal: Check for existing report
[INFO] MobSF: VirusTotal Scan not performed as file upload is disabled in settings.py. To enable file upload, set VT_UPLOAD to True.
[14/Feb/2018 08:08:51] "GET /StaticAnalyzer/?checksum=d52689680ac36d28bb2f6fd2d83ed35e&name=local.apk&type=apk&rescan=1 HTTP/1.1" 200 128798
[14/Feb/2018 08:08:51] "GET /download/d52689680ac36d28bb2f6fd2d83ed35e-icon.png HTTP/1.1" 200 2348

CONTENTS OF LOG FILES

[2018-02-12 11:10:45]
[ERROR] Cannot Check for updates. (/home/android/Desktop/Mobile-Security-Framework-MobSF/MobSF/utils.py, LINE 62 "response = urllib2.urlopen(github_url)"): <urlopen error [Errno -2] Name or service not known>
[2018-02-14 06:24:17]
[ERROR] This ZIP Format is not supported

If you have issues with API Fuzzer,
Paste the contents of logs/webproxy.log here
(NOT REQUIRED FOR FEATURE REQUEST/ENHANCEMENT)

[superpoussin22]

strings issue will be solved in next MobSF version

[mohittyagi11]

Does the strings issue cause no output in APi and Code Analysis section?

[ajinabraham]

@mohittyagi11 Can you share the apk?

[mohittyagi11]

IndusPay_local.zip

Here.

[ajinabraham]

I just reproduced this. This often can happen when the decompilers or converters we use internally doesn't work well with the APK. I got the source code and api analysis result when I set JAR_CONVERTER='enjarify' in settings.py.

Verified in python3 branch

[Drunkenyts]

Hi @ajinabraham, Same issue I am facing, and my apk is built in kotlin. I am getting no results in Code Analyis section,What should I do?