Django path exceptions after fresh install

EXPLANATION OF THE ISSUE

Hi,

Thanks for your contributions to the security community!

I am having some troubles getting up and running with MobSF. It installs and runs fine, but when trying to visit the webpage (http://127.0.0.1:8000) after a fresh install, there seems to be a problem with the Django server.

There are a lot of django.core.exceptions.SuspiciousFileOperation exceptions, as seen in the console output below.

STEPS TO REPRODUCE THE ISSUE

Install Python 3.7
Install Java SE 11.0.1 (LTS) (link from wiki)
Install OpenSSL 1.1.1
Clone

git clone https://github.com/MobSF/Mobile-Security-Framework-MobSF.git
Change directory

cd Mobile-Security-Framework-MobSF
Install

setup.bat
Reboot
Migrate

python manage.py migrate

Run. Only initial output


C:\Apps\Mobile-Security-Framework-MobSF (master -> origin)
(venv) λ run.bat
Performing system checks...

__  __       _    ____  _____         _   ___
|  \/  | ___ | |__/ ___||  ___| __   _/ | / _ \
| |\/| |/ _ \| '_ \___ \| |_    \ \ / / || | | |
| |  | | (_) | |_) |__) |  _|    \ V /| || |_| |
|_|  |_|\___/|_.__/____/|_|       \_/ |_(_)___/

Mobile Security Framework v1.0.2 Beta

REST API Key: 399a4dda6b471fe68bd69fbdf6e2267d37909293389da193e786fdb08217f361 OS: Windows Platform: Windows-10-10.0.16299-SP0

[INFO] Finding JDK Location in Windows....

[INFO] Oracle Java JDK is installed! [INFO] MobSF Basic Environment Check [INFO] Checking for Update. [INFO] No updates available. System check identified no issues (0 silenced). October 23, 2018 - 09:41:59 Django version 2.1.2, using settings 'MobSF.settings' Starting development server at http://127.0.0.1:8000/ Quit the server with CTRL-BREAK.


## CONSOLE OUTPUT
The following appears after visiting `http://127.0.0.1:8000`.

... [23/Oct/2018 09:42:16] "GET / HTTP/1.1" 200 7723 Traceback (most recent call last): Traceback (most recent call last): File "C:\Users\mfaerevaag\AppData\Local\Programs\Python\Python37\Lib\wsgiref\handlers.py", line 137, in run self.result = application(self.environ, self.start_response) File "C:\Users\mfaerevaag\AppData\Local\Programs\Python\Python37\Lib\wsgiref\handlers.py", line 137, in run self.result = application(self.environ, self.start_response) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\contrib\staticfiles\handlers.py", line 66, in call return super().call(environ, start_response) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\contrib\staticfiles\handlers.py", line 66, in call return super().call(environ, start_response) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\core\handlers\wsgi.py", line 142, in call response = self.get_response(request) Traceback (most recent call last): Traceback (most recent call last): Traceback (most recent call last): File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\core\handlers\wsgi.py", line 142, in call response = self.get_response(request) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\contrib\staticfiles\handlers.py", line 58, in get_response return self.serve(request) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\contrib\staticfiles\handlers.py", line 51, in serve return serve(request, self.file_path(request.path), insecure=True) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\contrib\staticfiles\views.py", line 33, in serve absolute_path = finders.find(normalized_path) File "C:\Users\mfaerevaag\AppData\Local\Programs\Python\Python37\Lib\wsgiref\handlers.py", line 137, in run self.result = application(self.environ, self.start_response) File "C:\Users\mfaerevaag\AppData\Local\Programs\Python\Python37\Lib\wsgiref\handlers.py", line 137, in run self.result = application(self.environ, self.start_response) File "C:\Users\mfaerevaag\AppData\Local\Programs\Python\Python37\Lib\wsgiref\handlers.py", line 137, in run self.result = application(self.environ, self.start_response) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\contrib\staticfiles\handlers.py", line 66, in call return super().call(environ, start_response) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\contrib\staticfiles\handlers.py", line 66, in call return super().call(environ, start_response) Traceback (most recent call last): File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\contrib\staticfiles\handlers.py", line 58, in get_response return self.serve(request) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\contrib\staticfiles\finders.py", line 263, in find result = finder.find(path, all=all) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\contrib\staticfiles\handlers.py", line 66, in call return super().call(environ, start_response) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\core\handlers\wsgi.py", line 142, in call response = self.get_response(request) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\core\handlers\wsgi.py", line 142, in call response = self.get_response(request) File "C:\Users\mfaerevaag\AppData\Local\Programs\Python\Python37\Lib\wsgiref\handlers.py", line 137, in run self.result = application(self.environ, self.start_response) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\contrib\staticfiles\handlers.py", line 51, in serve return serve(request, self.file_path(request.path), insecure=True) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\contrib\staticfiles\finders.py", line 98, in find matched_path = self.find_location(root, path, prefix) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\core\handlers\wsgi.py", line 142, in call response = self.get_response(request) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\contrib\staticfiles\handlers.py", line 58, in get_response return self.serve(request) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\contrib\staticfiles\handlers.py", line 58, in get_response return self.serve(request) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\contrib\staticfiles\handlers.py", line 66, in call return super().call(environ, start_response) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\contrib\staticfiles\views.py", line 33, in serve absolute_path = finders.find(normalized_path) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\contrib\staticfiles\finders.py", line 115, in find_location path = safe_join(root, path) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\contrib\staticfiles\handlers.py", line 58, in get_response return self.serve(request) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\contrib\staticfiles\handlers.py", line 51, in serve return serve(request, self.file_path(request.path), insecure=True) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\contrib\staticfiles\handlers.py", line 51, in serve return serve(request, self.file_path(request.path), insecure=True) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\core\handlers\wsgi.py", line 142, in call response = self.get_response(request) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\contrib\staticfiles\finders.py", line 263, in find result = finder.find(path, all=all) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\utils_os.py", line 49, in safe_join 'component ({})'.format(final_path, base_path)) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\contrib\staticfiles\handlers.py", line 51, in serve return serve(request, self.file_path(request.path), insecure=True) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\contrib\staticfiles\views.py", line 33, in serve absolute_path = finders.find(normalized_path) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\contrib\staticfiles\views.py", line 33, in serve absolute_path = finders.find(normalized_path) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\contrib\staticfiles\handlers.py", line 58, in get_response return self.serve(request) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\contrib\staticfiles\finders.py", line 98, in find matched_path = self.find_location(root, path, prefix) django.core.exceptions.SuspiciousFileOperation: The joined path (C:\Apps\Mobile-Security-Framework-MobSF\static\css\dropzone.css) is located outside of the base path component (C:\Apps\Mobile-Security-Framework-MobSF\static) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\contrib\staticfiles\views.py", line 33, in serve absolute_path = finders.find(normalized_path) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\contrib\staticfiles\finders.py", line 263, in find result = finder.find(path, all=all) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\contrib\staticfiles\finders.py", line 263, in find result = finder.find(path, all=all) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\contrib\staticfiles\finders.py", line 263, in find result = finder.find(path, all=all) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\contrib\staticfiles\finders.py", line 98, in find matched_path = self.find_location(root, path, prefix) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\contrib\staticfiles\handlers.py", line 51, in serve return serve(request, self.file_path(request.path), insecure=True) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\contrib\staticfiles\finders.py", line 98, in find matched_path = self.find_location(root, path, prefix) [23/Oct/2018 09:42:17] "GET /static/css/dropzone.css HTTP/1.1" 500 59 File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\contrib\staticfiles\finders.py", line 115, in find_location path = safe_join(root, path) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\contrib\staticfiles\finders.py", line 115, in find_location path = safe_join(root, path) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\contrib\staticfiles\views.py", line 33, in serve absolute_path = finders.find(normalized_path) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\contrib\staticfiles\finders.py", line 98, in find matched_path = self.find_location(root, path, prefix) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\utils_os.py", line 49, in safe_join 'component ({})'.format(final_path, base_path)) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\contrib\staticfiles\finders.py", line 263, in find result = finder.find(path, all=all) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\contrib\staticfiles\finders.py", line 115, in find_location path = safe_join(root, path) django.core.exceptions.SuspiciousFileOperation: The joined path (C:\Apps\Mobile-Security-Framework-MobSF\static\css\cover.css) is located outside of the base path component (C:\Apps\Mobile-Security-Framework-MobSF\static) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\contrib\staticfiles\finders.py", line 98, in find matched_path = self.find_location(root, path, prefix) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\utils_os.py", line 49, in safe_join 'component ({})'.format(final_path, base_path)) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\utils_os.py", line 49, in safe_join 'component ({})'.format(final_path, base_path)) django.core.exceptions.SuspiciousFileOperation: The joined path (C:\Apps\Mobile-Security-Framework-MobSF\static\css\bootstrap.min.css) is located outside of the base path component (C:\Apps\Mobile-Security-Framework-MobSF\static) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\contrib\staticfiles\finders.py", line 115, in find_location path = safe_join(root, path) [23/Oct/2018 09:42:17] "GET /static/css/cover.css HTTP/1.1" 500 59 django.core.exceptions.SuspiciousFileOperation: The joined path (C:\Apps\Mobile-Security-Framework-MobSF\static\js\ie-emulation-modes-warning.js) is located outside of the base path component (C:\Apps\Mobile-Security-Framework-MobSF\static) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\utils_os.py", line 49, in safe_join 'component ({})'.format(final_path, base_path)) [23/Oct/2018 09:42:17] "GET /static/css/bootstrap.min.css HTTP/1.1" 500 59 File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\contrib\staticfiles\finders.py", line 115, in find_location path = safe_join(root, path) django.core.exceptions.SuspiciousFileOperation: The joined path (C:\Apps\Mobile-Security-Framework-MobSF\static\js\jquery.min.js) is located outside of the base path component (C:\Apps\Mobile-Security-Framework-MobSF\static) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\utils_os.py", line 49, in safe_join 'component ({})'.format(final_path, base_path)) [23/Oct/2018 09:42:17] "GET /static/js/ie-emulation-modes-warning.js HTTP/1.1" 500 59 django.core.exceptions.SuspiciousFileOperation: The joined path (C:\Apps\Mobile-Security-Framework-MobSF\static\js\dropzone.js) is located outside of the base path component (C:\Apps\Mobile-Security-Framework-MobSF\static) [23/Oct/2018 09:42:17] "GET /static/js/jquery.min.js HTTP/1.1" 500 59 [23/Oct/2018 09:42:17] "GET /static/js/dropzone.js HTTP/1.1" 500 59 Traceback (most recent call last): File "C:\Users\mfaerevaag\AppData\Local\Programs\Python\Python37\Lib\wsgiref\handlers.py", line 137, in run self.result = application(self.environ, self.start_response) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\contrib\staticfiles\handlers.py", line 66, in call return super().call(environ, start_response) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\core\handlers\wsgi.py", line 142, in call response = self.get_response(request) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\contrib\staticfiles\handlers.py", line 58, in get_response return self.serve(request) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\contrib\staticfiles\handlers.py", line 51, in serve return serve(request, self.file_path(request.path), insecure=True) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\contrib\staticfiles\views.py", line 33, in serve absolute_path = finders.find(normalized_path) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\contrib\staticfiles\finders.py", line 263, in find result = finder.find(path, all=all) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\contrib\staticfiles\finders.py", line 98, in find matched_path = self.find_location(root, path, prefix) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\contrib\staticfiles\finders.py", line 115, in find_location path = safe_join(root, path) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\utils_os.py", line 49, in safe_join 'component ({})'.format(final_path, base_path)) django.core.exceptions.SuspiciousFileOperation: The joined path (C:\Apps\Mobile-Security-Framework-MobSF\static\js\bootstrap.min.js) is located outside of the base path component (C:\Apps\Mobile-Security-Framework-MobSF\static) [23/Oct/2018 09:42:17] "GET /static/js/bootstrap.min.js HTTP/1.1" 500 59 Traceback (most recent call last): Traceback (most recent call last): File "C:\Users\mfaerevaag\AppData\Local\Programs\Python\Python37\Lib\wsgiref\handlers.py", line 137, in run self.result = application(self.environ, self.start_response) File "C:\Users\mfaerevaag\AppData\Local\Programs\Python\Python37\Lib\wsgiref\handlers.py", line 137, in run self.result = application(self.environ, self.start_response) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\contrib\staticfiles\handlers.py", line 66, in call return super().call(environ, start_response) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\contrib\staticfiles\handlers.py", line 66, in call return super().call(environ, start_response) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\core\handlers\wsgi.py", line 142, in call response = self.get_response(request) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\core\handlers\wsgi.py", line 142, in call response = self.get_response(request) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\contrib\staticfiles\handlers.py", line 58, in get_response return self.serve(request) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\contrib\staticfiles\handlers.py", line 51, in serve return serve(request, self.file_path(request.path), insecure=True) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\contrib\staticfiles\views.py", line 33, in serve absolute_path = finders.find(normalized_path) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\contrib\staticfiles\finders.py", line 263, in find result = finder.find(path, all=all) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\contrib\staticfiles\handlers.py", line 58, in get_response return self.serve(request) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\contrib\staticfiles\handlers.py", line 51, in serve return serve(request, self.file_path(request.path), insecure=True) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\contrib\staticfiles\finders.py", line 98, in find matched_path = self.find_location(root, path, prefix) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\contrib\staticfiles\views.py", line 33, in serve absolute_path = finders.find(normalized_path) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\contrib\staticfiles\finders.py", line 115, in find_location path = safe_join(root, path) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\contrib\staticfiles\finders.py", line 263, in find result = finder.find(path, all=all) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\utils_os.py", line 49, in safe_join 'component ({})'.format(final_path, base_path)) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\contrib\staticfiles\finders.py", line 98, in find matched_path = self.find_location(root, path, prefix) django.core.exceptions.SuspiciousFileOperation: The joined path (C:\Apps\Mobile-Security-Framework-MobSF\static\img\MobSF_Logo_small.png) is located outside of the base path component (C:\Apps\Mobile-Security-Framework-MobSF\static) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\contrib\staticfiles\finders.py", line 115, in find_location path = safe_join(root, path) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\utils_os.py", line 49, in safe_join 'component ({})'.format(final_path, base_path)) django.core.exceptions.SuspiciousFileOperation: The joined path (C:\Apps\Mobile-Security-Framework-MobSF\static\js\ie10-viewport-bug-workaround.js) is located outside of the base path component (C:\Apps\Mobile-Security-Framework-MobSF\static) [23/Oct/2018 09:42:17] "GET /static/img/MobSF_Logo_small.png HTTP/1.1" 500 59 [23/Oct/2018 09:42:17] "GET /static/js/ie10-viewport-bug-workaround.js HTTP/1.1" 500 59 Traceback (most recent call last): File "C:\Users\mfaerevaag\AppData\Local\Programs\Python\Python37\Lib\wsgiref\handlers.py", line 137, in run self.result = application(self.environ, self.start_response) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\contrib\staticfiles\handlers.py", line 66, in call return super().call(environ, start_response) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\core\handlers\wsgi.py", line 142, in call response = self.get_response(request) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\contrib\staticfiles\handlers.py", line 58, in get_response return self.serve(request) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\contrib\staticfiles\handlers.py", line 51, in serve return serve(request, self.file_path(request.path), insecure=True) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\contrib\staticfiles\views.py", line 33, in serve absolute_path = finders.find(normalized_path) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\contrib\staticfiles\finders.py", line 263, in find result = finder.find(path, all=all) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\contrib\staticfiles\finders.py", line 98, in find matched_path = self.find_location(root, path, prefix) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\contrib\staticfiles\finders.py", line 115, in find_location path = safe_join(root, path) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\utils_os.py", line 49, in safe_join 'component ({})'.format(final_path, base_path)) django.core.exceptions.SuspiciousFileOperation: The joined path (C:\Apps\Mobile-Security-Framework-MobSF\static\js\jquery.min.js) is located outside of the base path component (C:\Apps\Mobile-Security-Framework-MobSF\static) [23/Oct/2018 09:42:17] "GET /static/js/jquery.min.js HTTP/1.1" 500 59 Traceback (most recent call last): File "C:\Users\mfaerevaag\AppData\Local\Programs\Python\Python37\Lib\wsgiref\handlers.py", line 137, in run self.result = application(self.environ, self.start_response) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\contrib\staticfiles\handlers.py", line 66, in call return super().call(environ, start_response) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\core\handlers\wsgi.py", line 142, in call response = self.get_response(request) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\contrib\staticfiles\handlers.py", line 58, in get_response return self.serve(request) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\contrib\staticfiles\handlers.py", line 51, in serve return serve(request, self.file_path(request.path), insecure=True) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\contrib\staticfiles\views.py", line 33, in serve absolute_path = finders.find(normalized_path) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\contrib\staticfiles\finders.py", line 263, in find result = finder.find(path, all=all) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\contrib\staticfiles\finders.py", line 98, in find matched_path = self.find_location(root, path, prefix) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\contrib\staticfiles\finders.py", line 115, in find_location path = safe_join(root, path) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\utils_os.py", line 49, in safe_join 'component ({})'.format(final_path, base_path)) django.core.exceptions.SuspiciousFileOperation: The joined path (C:\Apps\Mobile-Security-Framework-MobSF\static\js\dropzone.js) is located outside of the base path component (C:\Apps\Mobile-Security-Framework-MobSF\static) [23/Oct/2018 09:42:17] "GET /static/js/dropzone.js HTTP/1.1" 500 59 Traceback (most recent call last): File "C:\Users\mfaerevaag\AppData\Local\Programs\Python\Python37\Lib\wsgiref\handlers.py", line 137, in run self.result = application(self.environ, self.start_response) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\contrib\staticfiles\handlers.py", line 66, in call return super().call(environ, start_response) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\core\handlers\wsgi.py", line 142, in call response = self.get_response(request) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\contrib\staticfiles\handlers.py", line 58, in get_response return self.serve(request) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\contrib\staticfiles\handlers.py", line 51, in serve return serve(request, self.file_path(request.path), insecure=True) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\contrib\staticfiles\views.py", line 33, in serve absolute_path = finders.find(normalized_path) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\contrib\staticfiles\finders.py", line 263, in find result = finder.find(path, all=all) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\contrib\staticfiles\finders.py", line 98, in find matched_path = self.find_location(root, path, prefix) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\contrib\staticfiles\finders.py", line 115, in find_location path = safe_join(root, path) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\utils_os.py", line 49, in safe_join 'component ({})'.format(final_path, base_path)) django.core.exceptions.SuspiciousFileOperation: The joined path (C:\Apps\Mobile-Security-Framework-MobSF\static\css\dropzone.css) is located outside of the base path component (C:\Apps\Mobile-Security-Framework-MobSF\static) [23/Oct/2018 09:42:17] "GET /static/css/dropzone.css HTTP/1.1" 500 59 Traceback (most recent call last): File "C:\Users\mfaerevaag\AppData\Local\Programs\Python\Python37\Lib\wsgiref\handlers.py", line 137, in run self.result = application(self.environ, self.start_response) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\contrib\staticfiles\handlers.py", line 66, in call return super().call(environ, start_response) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\core\handlers\wsgi.py", line 142, in call response = self.get_response(request) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\contrib\staticfiles\handlers.py", line 58, in get_response return self.serve(request) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\contrib\staticfiles\handlers.py", line 51, in serve return serve(request, self.file_path(request.path), insecure=True) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\contrib\staticfiles\views.py", line 33, in serve absolute_path = finders.find(normalized_path) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\contrib\staticfiles\finders.py", line 263, in find result = finder.find(path, all=all) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\contrib\staticfiles\finders.py", line 98, in find matched_path = self.find_location(root, path, prefix) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\contrib\staticfiles\finders.py", line 115, in find_location path = safe_join(root, path) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\utils_os.py", line 49, in safe_join 'component ({})'.format(final_path, base_path)) django.core.exceptions.SuspiciousFileOperation: The joined path (C:\Apps\Mobile-Security-Framework-MobSF\static\img\MobSF_Logo_small.png) is located outside of the base path component (C:\Apps\Mobile-Security-Framework-MobSF\static) [23/Oct/2018 09:42:17] "GET /static/img/MobSF_Logo_small.png HTTP/1.1" 500 59 Traceback (most recent call last): File "C:\Users\mfaerevaag\AppData\Local\Programs\Python\Python37\Lib\wsgiref\handlers.py", line 137, in run self.result = application(self.environ, self.start_response) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\contrib\staticfiles\handlers.py", line 66, in call return super().call(environ, start_response) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\core\handlers\wsgi.py", line 142, in call response = self.get_response(request) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\contrib\staticfiles\handlers.py", line 58, in get_response return self.serve(request) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\contrib\staticfiles\handlers.py", line 51, in serve return serve(request, self.file_path(request.path), insecure=True) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\contrib\staticfiles\views.py", line 33, in serve absolute_path = finders.find(normalized_path) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\contrib\staticfiles\finders.py", line 263, in find result = finder.find(path, all=all) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\contrib\staticfiles\finders.py", line 98, in find matched_path = self.find_location(root, path, prefix) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\contrib\staticfiles\finders.py", line 115, in find_location path = safe_join(root, path) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\utils_os.py", line 49, in safe_join 'component ({})'.format(final_path, base_path)) django.core.exceptions.SuspiciousFileOperation: The joined path (C:\Apps\Mobile-Security-Framework-MobSF\static\js\bootstrap.min.js) is located outside of the base path component (C:\Apps\Mobile-Security-Framework-MobSF\static) [23/Oct/2018 09:42:17] "GET /static/js/bootstrap.min.js HTTP/1.1" 500 59 Traceback (most recent call last): File "C:\Users\mfaerevaag\AppData\Local\Programs\Python\Python37\Lib\wsgiref\handlers.py", line 137, in run self.result = application(self.environ, self.start_response) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\contrib\staticfiles\handlers.py", line 66, in call return super().call(environ, start_response) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\core\handlers\wsgi.py", line 142, in call response = self.get_response(request) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\contrib\staticfiles\handlers.py", line 58, in get_response return self.serve(request) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\contrib\staticfiles\handlers.py", line 51, in serve return serve(request, self.file_path(request.path), insecure=True) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\contrib\staticfiles\views.py", line 33, in serve absolute_path = finders.find(normalized_path) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\contrib\staticfiles\finders.py", line 263, in find result = finder.find(path, all=all) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\contrib\staticfiles\finders.py", line 98, in find matched_path = self.find_location(root, path, prefix) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\contrib\staticfiles\finders.py", line 115, in find_location path = safe_join(root, path) File "C:\Apps\Mobile-Security-Framework-MobSF\venv\lib\site-packages\django\utils_os.py", line 49, in safe_join 'component ({})'.format(final_path, base_path)) django.core.exceptions.SuspiciousFileOperation: The joined path (C:\Apps\Mobile-Security-Framework-MobSF\static\js\ie10-viewport-bug-workaround.js) is located outside of the base path component (C:\Apps\Mobile-Security-Framework-MobSF\static) [23/Oct/2018 09:42:17] "GET /static/js/ie10-viewport-bug-workaround.js HTTP/1.1" 500 59 Not Found: /favicon.ico [23/Oct/2018 09:42:17] "GET /favicon.ico HTTP/1.1" 404 6809



## CONTENTS OF LOG FILES
File does not exist. The `logs` folder doesn't contain anything other than a `certs` directory, which is also empty.

I will be happy to provide any addition information.

Appreciate all help!

If I do a fresh clone, move the directory to C:\MobSF and install there, the same errors occur, unfortunately:

C:\
(venv) λ git clone https://github.com/MobSF/Mobile-Security-Framework-MobSF.git
Cloning into 'Mobile-Security-Framework-MobSF'...
remote: Enumerating objects: 55, done.
remote: Counting objects: 100% (55/55), done.
remote: Compressing objects: 100% (51/51), done.
remote: Total 10877 (delta 21), reused 12 (delta 3), pack-reused 10822
Receiving objects: 100% (10877/10877), 236.79 MiB | 5.81 MiB/s, done.
Resolving deltas: 100% (4056/4056), done.

C:\
(venv) λ mv Mobile-Security-Framework-MobSF\ MobSF

C:\
(venv) λ cd MobSF\

C:\MobSF (master -> origin)
(venv) λ setup.bat
[INSTALL] Found Python3
[INSTALL] Found pip3
[INSTALL] Found OpenSSL executable
[INSTALL] Installing Virtualenv
Requirement already up-to-date: pip in c:\users\mfaerevaag\appdata\local\programs\python\python37\lib\site-packages (18.1)
Requirement already up-to-date: virtualenv in c:\users\mfaerevaag\appdata\local\programs\python\python37\lib\site-packages (16.0.0)
Running virtualenv with interpreter C:\Users\mfaerevaag\AppData\Local\Programs\Python\Python37\python.exe
Using base prefix 'C:\\Users\\mfaerevaag\\AppData\\Local\\Programs\\Python\\Python37'
c:\users\mfaerevaag\appdata\local\programs\python\python37\lib\site-packages\virtualenv.py:1041: DeprecationWarning: the imp module is deprecated in favour of importlib; see the module's documentation for alternative uses
  import imp
New python executable in C:\MobSF\venv\Scripts\python.exe
Installing setuptools, pip, wheel...done.
[INSTALL] Installing Requirements
Collecting git+https://github.com/MobSF/CapFuzz.git (from -r requirements.txt (line 9))
  Cloning https://github.com/MobSF/CapFuzz.git to c:\users\mfaere~1\appdata\local\temp\pip-req-build-x2lczhh1
Collecting Django==2.1.2 (from -r requirements.txt (line 1))
  Using cached https://files.pythonhosted.org/packages/32/ab/22530cc1b2114e6067eece94a333d6c749fa1c56a009f0721e51c181ea53/Django-2.1.2-py3-none-any.whl
Collecting pdfkit==0.6.1 (from -r requirements.txt (line 2))
  Using cached https://files.pythonhosted.org/packages/57/da/48fdd627794cde49f4ee7854d219f3a65714069b722b8d0e3599cd066185/pdfkit-0.6.1-py3-none-any.whl
Collecting configparser==3.5.0 (from -r requirements.txt (line 3))
Collecting androguard==3.2.1 (from -r requirements.txt (line 4))
  Using cached https://files.pythonhosted.org/packages/27/ec/aba7c1d9f9cb253a5b938b347be673c376291eaa193625564d2cbcff3fc4/androguard-3.2.1-py3-none-any.whl
Collecting lxml==4.2.5 (from -r requirements.txt (line 5))
  Using cached https://files.pythonhosted.org/packages/d7/9d/1aa28aa9d293a816baec6c37328d6465b722b2ff3f4d1e93ed56e87813ee/lxml-4.2.5-cp37-cp37m-win_amd64.whl
Collecting rsa==4.0 (from -r requirements.txt (line 6))
  Using cached https://files.pythonhosted.org/packages/02/e5/38518af393f7c214357079ce67a317307936896e961e35450b70fad2a9cf/rsa-4.0-py2.py3-none-any.whl
Collecting biplist==1.0.3 (from -r requirements.txt (line 7))
Collecting requests==2.20.0 (from -r requirements.txt (line 8))
  Using cached https://files.pythonhosted.org/packages/f1/ca/10332a30cb25b627192b4ea272c351bce3ca1091e541245cccbace6051d8/requests-2.20.0-py2.py3-none-any.whl
Collecting mitmproxy==3.0.2 (from capfuzz==0.0.1->-r requirements.txt (line 9))
  Using cached https://files.pythonhosted.org/packages/90/7b/09d4c6140f56cd6834c5ae320908795d0df2641a2cba694d7343e3a930c7/mitmproxy-3.0.2-py3-none-any.whl
Collecting pytz (from Django==2.1.2->-r requirements.txt (line 1))
  Using cached https://files.pythonhosted.org/packages/30/4e/27c34b62430286c6d59177a0842ed90dc789ce5d1ed740887653b898779a/pytz-2018.5-py2.py3-none-any.whl
Collecting colorama (from androguard==3.2.1->-r requirements.txt (line 4))
  Using cached https://files.pythonhosted.org/packages/0a/93/6e8289231675d561d476d656c2ee3a868c1cca207e16c118d4503b25e2bf/colorama-0.4.0-py2.py3-none-any.whl
Collecting asn1crypto>=0.24.0 (from androguard==3.2.1->-r requirements.txt (line 4))
  Using cached https://files.pythonhosted.org/packages/ea/cd/35485615f45f30a510576f1a56d1e0a7ad7bd8ab5ed7cdc600ef7cd06222/asn1crypto-0.24.0-py2.py3-none-any.whl
Collecting pygments (from androguard==3.2.1->-r requirements.txt (line 4))
  Using cached https://files.pythonhosted.org/packages/02/ee/b6e02dc6529e82b75bb06823ff7d005b141037cb1416b10c6f00fc419dca/Pygments-2.2.0-py2.py3-none-any.whl
Collecting matplotlib (from androguard==3.2.1->-r requirements.txt (line 4))
  Using cached https://files.pythonhosted.org/packages/7e/ce/a4b83c538b48841d4d060569cc0e6afeab5caa95993613f15294ce1b1380/matplotlib-3.0.0-cp37-cp37m-win_amd64.whl
Collecting ipython>=5.0.0 (from androguard==3.2.1->-r requirements.txt (line 4))
  Using cached https://files.pythonhosted.org/packages/a0/27/29d66ed395a5c2c3a912332d446a54e2bc3277c36b0bbd22bc71623e0193/ipython-7.0.1-py3-none-any.whl
Collecting networkx>=1.11 (from androguard==3.2.1->-r requirements.txt (line 4))
Collecting future (from androguard==3.2.1->-r requirements.txt (line 4))
Collecting pyasn1>=0.1.3 (from rsa==4.0->-r requirements.txt (line 6))
  Using cached https://files.pythonhosted.org/packages/d1/a1/7790cc85db38daa874f6a2e6308131b9953feb1367f2ae2d1123bb93a9f5/pyasn1-0.4.4-py2.py3-none-any.whl
Collecting certifi>=2017.4.17 (from requests==2.20.0->-r requirements.txt (line 8))
  Using cached https://files.pythonhosted.org/packages/56/9d/1d02dd80bc4cd955f98980f28c5ee2200e1209292d5f9e9cc8d030d18655/certifi-2018.10.15-py2.py3-none-any.whl
Collecting chardet<3.1.0,>=3.0.2 (from requests==2.20.0->-r requirements.txt (line 8))
  Using cached https://files.pythonhosted.org/packages/bc/a9/01ffebfb562e4274b6487b4bb1ddec7ca55ec7510b22e4c51f14098443b8/chardet-3.0.4-py2.py3-none-any.whl
Collecting idna<2.8,>=2.5 (from requests==2.20.0->-r requirements.txt (line 8))
  Using cached https://files.pythonhosted.org/packages/4b/2a/0276479a4b3caeb8a8c1af2f8e4355746a97fab05a372e4a2c6a6b876165/idna-2.7-py2.py3-none-any.whl
Collecting urllib3<1.25,>=1.21.1 (from requests==2.20.0->-r requirements.txt (line 8))
  Using cached https://files.pythonhosted.org/packages/8c/4b/5cbc4cb46095f369117dcb751821e1bef9dd86a07c968d8757e9204c324c/urllib3-1.24-py2.py3-none-any.whl
Collecting urwid<2.1,>=2.0.1 (from mitmproxy==3.0.2->capfuzz==0.0.1->-r requirements.txt (line 9))
Collecting brotlipy<0.8,>=0.7.0 (from mitmproxy==3.0.2->capfuzz==0.0.1->-r requirements.txt (line 9))
Collecting ldap3<2.5,>=2.4 (from mitmproxy==3.0.2->capfuzz==0.0.1->-r requirements.txt (line 9))
  Using cached https://files.pythonhosted.org/packages/5a/fc/746bebdb9362dff76291aba17393381d30fcb99415b7143f4ddca865995d/ldap3-2.4.1-py2.py3-none-any.whl
Collecting hyperframe<6,>=5.1.0 (from mitmproxy==3.0.2->capfuzz==0.0.1->-r requirements.txt (line 9))
  Using cached https://files.pythonhosted.org/packages/44/23/e9b5095440ccac7f8ecd72a90dbd0a38791f5f2134a329e2f331b7e64c58/hyperframe-5.1.0-py2.py3-none-any.whl
Collecting tornado<4.6,>=4.3 (from mitmproxy==3.0.2->capfuzz==0.0.1->-r requirements.txt (line 9))
Collecting pydivert<2.2,>=2.0.3; sys_platform == "win32" (from mitmproxy==3.0.2->capfuzz==0.0.1->-r requirements.txt (line 9))
  Using cached https://files.pythonhosted.org/packages/ca/8f/86d7931c62013a5a7ebf4e1642a87d4a6050c0f570e714f61b0df1984c62/pydivert-2.1.0-py2.py3-none-any.whl
Collecting h2<4,>=3.0.1 (from mitmproxy==3.0.2->capfuzz==0.0.1->-r requirements.txt (line 9))
  Using cached https://files.pythonhosted.org/packages/30/2b/833e258072d47865b99dc0810475481d6371e3d3bfede9251ca27035e30f/h2-3.0.1-py2.py3-none-any.whl
Collecting pyperclip<1.7,>=1.5.22 (from mitmproxy==3.0.2->capfuzz==0.0.1->-r requirements.txt (line 9))
Collecting sortedcontainers<1.6,>=1.5.4 (from mitmproxy==3.0.2->capfuzz==0.0.1->-r requirements.txt (line 9))
  Using cached https://files.pythonhosted.org/packages/1f/ba/215c652f38197729189a3c15971b4914c4650b2dbc556ea516c8b5509e8b/sortedcontainers-1.5.10-py2.py3-none-any.whl
Collecting cryptography<2.2,>=2.1.4 (from mitmproxy==3.0.2->capfuzz==0.0.1->-r requirements.txt (line 9))
Collecting h11<0.8,>=0.7.0 (from mitmproxy==3.0.2->capfuzz==0.0.1->-r requirements.txt (line 9))
  Using cached https://files.pythonhosted.org/packages/97/57/c0734cec5a9344d1feab295046011edbc6ba8e877ce1b822373257acdb61/h11-0.7.0-py2.py3-none-any.whl
Collecting blinker<1.5,>=1.4 (from mitmproxy==3.0.2->capfuzz==0.0.1->-r requirements.txt (line 9))
Collecting pyOpenSSL<17.6,>=17.5 (from mitmproxy==3.0.2->capfuzz==0.0.1->-r requirements.txt (line 9))
  Using cached https://files.pythonhosted.org/packages/79/db/7c0cfe4aa8341a5fab4638952520d8db6ab85ff84505e12c00ea311c3516/pyOpenSSL-17.5.0-py2.py3-none-any.whl
Collecting wsproto<0.12.0,>=0.11.0 (from mitmproxy==3.0.2->capfuzz==0.0.1->-r requirements.txt (line 9))
  Using cached https://files.pythonhosted.org/packages/1f/bf/a4136bd7950c49f18a7d643f962e307cbed93ca115e0634656d88e02c333/wsproto-0.11.0-py2.py3-none-any.whl
Collecting ruamel.yaml<0.16,>=0.13.2 (from mitmproxy==3.0.2->capfuzz==0.0.1->-r requirements.txt (line 9))
  Using cached https://files.pythonhosted.org/packages/ba/8c/93b43682bfc1700a6734e17c8641c167810b36248ddad868776a375556c6/ruamel.yaml-0.15.74-cp37-cp37m-win_amd64.whl
Collecting passlib<1.8,>=1.6.5 (from mitmproxy==3.0.2->capfuzz==0.0.1->-r requirements.txt (line 9))
  Using cached https://files.pythonhosted.org/packages/ee/a7/d6d238d927df355d4e4e000670342ca4705a72f0bf694027cf67d9bcf5af/passlib-1.7.1-py2.py3-none-any.whl
Collecting pyparsing<2.3,>=2.1.3 (from mitmproxy==3.0.2->capfuzz==0.0.1->-r requirements.txt (line 9))
  Using cached https://files.pythonhosted.org/packages/2b/4a/f06b45ab9690d4c37641ec776f7ad691974f4cf6943a73267475b05cbfca/pyparsing-2.2.2-py2.py3-none-any.whl
Collecting kaitaistruct<0.9,>=0.7 (from mitmproxy==3.0.2->capfuzz==0.0.1->-r requirements.txt (line 9))
Collecting click<7,>=6.2 (from mitmproxy==3.0.2->capfuzz==0.0.1->-r requirements.txt (line 9))
  Using cached https://files.pythonhosted.org/packages/34/c1/8806f99713ddb993c5366c362b2f908f18269f8d792aff1abfd700775a77/click-6.7-py2.py3-none-any.whl
Collecting python-dateutil>=2.1 (from matplotlib->androguard==3.2.1->-r requirements.txt (line 4))
  Using cached https://files.pythonhosted.org/packages/cf/f5/af2b09c957ace60dcfac112b669c45c8c97e32f94aa8b56da4c6d1682825/python_dateutil-2.7.3-py2.py3-none-any.whl
Collecting kiwisolver>=1.0.1 (from matplotlib->androguard==3.2.1->-r requirements.txt (line 4))
  Using cached https://files.pythonhosted.org/packages/7c/be/7ae355b45699460e369ebf88d86058fca26827933974cc3f6b6b7800a324/kiwisolver-1.0.1-cp37-none-win_amd64.whl
Collecting numpy>=1.10.0 (from matplotlib->androguard==3.2.1->-r requirements.txt (line 4))
  Using cached https://files.pythonhosted.org/packages/f7/f0/62f520cbefd6f398dc05115bb83e97196d7601ebf1ca75e9a02145bf7b2f/numpy-1.15.3-cp37-none-win_amd64.whl
Collecting cycler>=0.10 (from matplotlib->androguard==3.2.1->-r requirements.txt (line 4))
  Using cached https://files.pythonhosted.org/packages/f7/d2/e07d3ebb2bd7af696440ce7e754c59dd546ffe1bbe732c8ab68b9c834e61/cycler-0.10.0-py2.py3-none-any.whl
Collecting prompt-toolkit<2.1.0,>=2.0.0 (from ipython>=5.0.0->androguard==3.2.1->-r requirements.txt (line 4))
  Using cached https://files.pythonhosted.org/packages/06/6f/03f10d2206e34a81934b10fb43975a29028e0fe2ae330f9f000bbc0780b7/prompt_toolkit-2.0.6-py3-none-any.whl
Collecting backcall (from ipython>=5.0.0->androguard==3.2.1->-r requirements.txt (line 4))
Collecting decorator (from ipython>=5.0.0->androguard==3.2.1->-r requirements.txt (line 4))
  Using cached https://files.pythonhosted.org/packages/bc/bb/a24838832ba35baf52f32ab1a49b906b5f82fb7c76b2f6a7e35e140bac30/decorator-4.3.0-py2.py3-none-any.whl
Collecting jedi>=0.10 (from ipython>=5.0.0->androguard==3.2.1->-r requirements.txt (line 4))
  Using cached https://files.pythonhosted.org/packages/7a/1a/9bd24a185873b998611c2d8d4fb15cd5e8a879ead36355df7ee53e9111bf/jedi-0.13.1-py2.py3-none-any.whl
Collecting traitlets>=4.2 (from ipython>=5.0.0->androguard==3.2.1->-r requirements.txt (line 4))
  Using cached https://files.pythonhosted.org/packages/93/d6/abcb22de61d78e2fc3959c964628a5771e47e7cc60d53e9342e21ed6cc9a/traitlets-4.3.2-py2.py3-none-any.whl
Collecting simplegeneric>0.8 (from ipython>=5.0.0->androguard==3.2.1->-r requirements.txt (line 4))
Collecting pickleshare (from ipython>=5.0.0->androguard==3.2.1->-r requirements.txt (line 4))
  Using cached https://files.pythonhosted.org/packages/9a/41/220f49aaea88bc6fa6cba8d05ecf24676326156c23b991e80b3f2fc24c77/pickleshare-0.7.5-py2.py3-none-any.whl
Requirement already satisfied: setuptools>=18.5 in c:\mobsf\venv\lib\site-packages (from ipython>=5.0.0->androguard==3.2.1->-r requirements.txt (line 4)) (40.4.3)
Collecting cffi>=1.0.0 (from brotlipy<0.8,>=0.7.0->mitmproxy==3.0.2->capfuzz==0.0.1->-r requirements.txt (line 9))
  Using cached https://files.pythonhosted.org/packages/ca/f2/e375b7469a2dfe9d1feac81a10df97f18cd771b9a10ac62ca9864b760f7c/cffi-1.11.5-cp37-cp37m-win_amd64.whl
Collecting hpack<4,>=2.3 (from h2<4,>=3.0.1->mitmproxy==3.0.2->capfuzz==0.0.1->-r requirements.txt (line 9))
  Using cached https://files.pythonhosted.org/packages/8a/cc/e53517f4a1e13f74776ca93271caef378dadec14d71c61c949d759d3db69/hpack-3.0.0-py2.py3-none-any.whl
Collecting six>=1.4.1 (from cryptography<2.2,>=2.1.4->mitmproxy==3.0.2->capfuzz==0.0.1->-r requirements.txt (line 9))
  Using cached https://files.pythonhosted.org/packages/67/4b/141a581104b1f6397bfa78ac9d43d8ad29a7ca43ea90a2d863fe3056e86a/six-1.11.0-py2.py3-none-any.whl
Collecting wcwidth (from prompt-toolkit<2.1.0,>=2.0.0->ipython>=5.0.0->androguard==3.2.1->-r requirements.txt (line 4))
  Using cached https://files.pythonhosted.org/packages/7e/9f/526a6947247599b084ee5232e4f9190a38f398d7300d866af3ab571a5bfe/wcwidth-0.1.7-py2.py3-none-any.whl
Collecting parso>=0.3.0 (from jedi>=0.10->ipython>=5.0.0->androguard==3.2.1->-r requirements.txt (line 4))
  Using cached https://files.pythonhosted.org/packages/09/51/9c48a46334be50c13d25a3afe55fa05c445699304c5ad32619de953a2305/parso-0.3.1-py2.py3-none-any.whl
Collecting ipython-genutils (from traitlets>=4.2->ipython>=5.0.0->androguard==3.2.1->-r requirements.txt (line 4))
  Using cached https://files.pythonhosted.org/packages/fa/bc/9bd3b5c2b4774d5f33b2d544f1460be9df7df2fe42f352135381c347c69a/ipython_genutils-0.2.0-py2.py3-none-any.whl
Collecting pycparser (from cffi>=1.0.0->brotlipy<0.8,>=0.7.0->mitmproxy==3.0.2->capfuzz==0.0.1->-r requirements.txt (line 9))
Building wheels for collected packages: capfuzz
  Running setup.py bdist_wheel for capfuzz ... done
  Stored in directory: C:\Users\MFAERE~1\AppData\Local\Temp\pip-ephem-wheel-cache-00pb9thl\wheels\b3\28\db\381f394ea2298b954714256e06d524a7bf5f104d8780f8945e
Successfully built capfuzz
Installing collected packages: pytz, Django, pdfkit, configparser, colorama, asn1crypto, pygments, six, python-dateutil, kiwisolver, numpy, pyparsing, cycler, matplotlib, wcwidth, prompt-toolkit, backcall, decorator, parso, jedi, ipython-genutils, traitlets, simplegeneric, pickleshare, ipython, networkx, future, lxml, androguard, pyasn1, rsa, biplist, certifi, chardet, idna, urllib3, requests, urwid, pycparser, cffi, brotlipy, ldap3, hyperframe, tornado, pydivert, hpack, h2, pyperclip, sortedcontainers, cryptography, h11, blinker, pyOpenSSL, wsproto, ruamel.yaml, passlib, kaitaistruct, click, mitmproxy, capfuzz
Successfully installed Django-2.1.2 androguard-3.2.1 asn1crypto-0.24.0 backcall-0.1.0 biplist-1.0.3 blinker-1.4 brotlipy-0.7.0 capfuzz-0.0.1 certifi-2018.10.15 cffi-1.11.5 chardet-3.0.4 click-6.7 colorama-0.4.0 configparser-3.5.0 cryptography-2.1.4 cycler-0.10.0 decorator-4.3.0 future-0.16.0 h11-0.7.0 h2-3.0.1 hpack-3.0.0 hyperframe-5.1.0 idna-2.7 ipython-7.0.1 ipython-genutils-0.2.0 jedi-0.13.1 kaitaistruct-0.8 kiwisolver-1.0.1 ldap3-2.4.1 lxml-4.2.5 matplotlib-3.0.0 mitmproxy-3.0.2 networkx-2.2 numpy-1.15.3 parso-0.3.1 passlib-1.7.1 pdfkit-0.6.1 pickleshare-0.7.5 prompt-toolkit-2.0.6 pyOpenSSL-17.5.0 pyasn1-0.4.4 pycparser-2.19 pydivert-2.1.0 pygments-2.2.0 pyparsing-2.2.2 pyperclip-1.6.5 python-dateutil-2.7.3 pytz-2018.5 requests-2.20.0 rsa-4.0 ruamel.yaml-0.15.74 simplegeneric-0.8.1 six-1.11.0 sortedcontainers-1.5.10 tornado-4.5.3 traitlets-4.3.2 urllib3-1.24 urwid-2.0.1 wcwidth-0.1.7 wsproto-0.11.0
[INSTALL] Installation Complete

C:\MobSF (master -> origin)
(venv) λ run.bat

  __  __       _    ____  _____         _   ___
 |  \/  | ___ | |__/ ___||  ___| __   _/ | / _ \
 | |\/| |/ _ \| '_ \___ \| |_    \ \ / / || | | |
 | |  | | (_) | |_) |__) |  _|    \ V /| || |_| |
 |_|  |_|\___/|_.__/____/|_|       \_/ |_(_)___/

Mobile Security Framework v1.0.2 Beta

REST API Key: 715087b1c66a57cd7cf5dde52914cfe93f77ec1bc119fa4093123a8a3a4e6868
OS: Windows
Platform: Windows-10-10.0.16299-SP0

[INFO] Finding JDK Location in Windows....

[INFO] Oracle Java JDK is installed!
[INFO] MobSF Basic Environment Check
[INFO] Checking for Update.
[INFO] No updates available.
No changes detected

  __  __       _    ____  _____         _   ___
 |  \/  | ___ | |__/ ___||  ___| __   _/ | / _ \
 | |\/| |/ _ \| '_ \___ \| |_    \ \ / / || | | |
 | |  | | (_) | |_) |__) |  _|    \ V /| || |_| |
 |_|  |_|\___/|_.__/____/|_|       \_/ |_(_)___/

Mobile Security Framework v1.0.2 Beta

REST API Key: 715087b1c66a57cd7cf5dde52914cfe93f77ec1bc119fa4093123a8a3a4e6868
OS: Windows
Platform: Windows-10-10.0.16299-SP0

[INFO] Finding JDK Location in Windows....

[INFO] Oracle Java JDK is installed!
[INFO] MobSF Basic Environment Check
[INFO] Checking for Update.
[INFO] No updates available.
No changes detected in app 'StaticAnalyzer'

  __  __       _    ____  _____         _   ___
 |  \/  | ___ | |__/ ___||  ___| __   _/ | / _ \
 | |\/| |/ _ \| '_ \___ \| |_    \ \ / / || | | |
 | |  | | (_) | |_) |__) |  _|    \ V /| || |_| |
 |_|  |_|\___/|_.__/____/|_|       \_/ |_(_)___/

Mobile Security Framework v1.0.2 Beta

REST API Key: 715087b1c66a57cd7cf5dde52914cfe93f77ec1bc119fa4093123a8a3a4e6868
OS: Windows
Platform: Windows-10-10.0.16299-SP0

[INFO] Finding JDK Location in Windows....

[INFO] Oracle Java JDK is installed!
[INFO] MobSF Basic Environment Check
[INFO] Checking for Update.
[INFO] No updates available.
Operations to perform:
  Apply all migrations: StaticAnalyzer, auth, contenttypes, sessions
Running migrations:
  Applying StaticAnalyzer.0001_initial... OK
  Applying contenttypes.0001_initial... OK
  Applying contenttypes.0002_remove_content_type_name... OK
  Applying auth.0001_initial... OK
  Applying auth.0002_alter_permission_name_max_length... OK
  Applying auth.0003_alter_user_email_max_length... OK
  Applying auth.0004_alter_user_username_opts... OK
  Applying auth.0005_alter_user_last_login_null... OK
  Applying auth.0006_require_contenttypes_0002... OK
  Applying auth.0007_alter_validators_add_error_messages... OK
  Applying auth.0008_alter_user_username_max_length... OK
  Applying auth.0009_alter_user_last_name_max_length... OK
  Applying sessions.0001_initial... OK
[INFO] Running first time setup for windows.
[*] Reading config file..
[*] Creating other folders...
[*] Downloading nuget..
[*] Saving to File nuget.exe
[*] Downloading and installing Binskim...
[*] Downloading BinScope..
[*] Saving to File C:\Users\mfaerevaag\MobSF\\Tools\BinScope\BinScope_x64.msi
[*] Installing BinScope to C:\Users\mfaerevaag\MobSF\\Tools\BinScope
Performing system checks...

  __  __       _    ____  _____         _   ___
 |  \/  | ___ | |__/ ___||  ___| __   _/ | / _ \
 | |\/| |/ _ \| '_ \___ \| |_    \ \ / / || | | |
 | |  | | (_) | |_) |__) |  _|    \ V /| || |_| |
 |_|  |_|\___/|_.__/____/|_|       \_/ |_(_)___/

Mobile Security Framework v1.0.2 Beta

REST API Key: 715087b1c66a57cd7cf5dde52914cfe93f77ec1bc119fa4093123a8a3a4e6868
OS: Windows
Platform: Windows-10-10.0.16299-SP0

[INFO] Finding JDK Location in Windows....

[INFO] Oracle Java JDK is installed!
[INFO] MobSF Basic Environment Check
[INFO] Checking for Update.
[INFO] No updates available.
System check identified no issues (0 silenced).
October 23, 2018 - 10:30:39
Django version 2.1.2, using settings 'MobSF.settings'
Starting development server at http://127.0.0.1:8000/
Quit the server with CTRL-BREAK.
[23/Oct/2018 10:30:43] "GET / HTTP/1.1" 200 7723
Traceback (most recent call last):
  File "C:\Users\mfaerevaag\AppData\Local\Programs\Python\Python37\Lib\wsgiref\handlers.py", line 137, in run
    self.result = application(self.environ, self.start_response)
Traceback (most recent call last):
  File "C:\MobSF\venv\lib\site-packages\django\contrib\staticfiles\handlers.py", line 66, in __call__
    return super().__call__(environ, start_response)
  File "C:\Users\mfaerevaag\AppData\Local\Programs\Python\Python37\Lib\wsgiref\handlers.py", line 137, in run
    self.result = application(self.environ, self.start_response)
Traceback (most recent call last):
  File "C:\MobSF\venv\lib\site-packages\django\contrib\staticfiles\handlers.py", line 66, in __call__
    return super().__call__(environ, start_response)
Traceback (most recent call last):
  File "C:\MobSF\venv\lib\site-packages\django\core\handlers\wsgi.py", line 142, in __call__
    response = self.get_response(request)
  File "C:\Users\mfaerevaag\AppData\Local\Programs\Python\Python37\Lib\wsgiref\handlers.py", line 137, in run
    self.result = application(self.environ, self.start_response)
Traceback (most recent call last):
  File "C:\MobSF\venv\lib\site-packages\django\core\handlers\wsgi.py", line 142, in __call__
    response = self.get_response(request)
  File "C:\Users\mfaerevaag\AppData\Local\Programs\Python\Python37\Lib\wsgiref\handlers.py", line 137, in run
    self.result = application(self.environ, self.start_response)
  File "C:\MobSF\venv\lib\site-packages\django\contrib\staticfiles\handlers.py", line 58, in get_response
    return self.serve(request)
  File "C:\MobSF\venv\lib\site-packages\django\contrib\staticfiles\handlers.py", line 66, in __call__
    return super().__call__(environ, start_response)
  File "C:\MobSF\venv\lib\site-packages\django\contrib\staticfiles\handlers.py", line 66, in __call__
    return super().__call__(environ, start_response)
  File "C:\MobSF\venv\lib\site-packages\django\contrib\staticfiles\handlers.py", line 58, in get_response
    return self.serve(request)
Traceback (most recent call last):
  File "C:\Users\mfaerevaag\AppData\Local\Programs\Python\Python37\Lib\wsgiref\handlers.py", line 137, in run
    self.result = application(self.environ, self.start_response)
  File "C:\MobSF\venv\lib\site-packages\django\contrib\staticfiles\handlers.py", line 51, in serve
    return serve(request, self.file_path(request.path), insecure=True)
  File "C:\MobSF\venv\lib\site-packages\django\core\handlers\wsgi.py", line 142, in __call__
    response = self.get_response(request)
  File "C:\MobSF\venv\lib\site-packages\django\core\handlers\wsgi.py", line 142, in __call__
    response = self.get_response(request)
  File "C:\MobSF\venv\lib\site-packages\django\contrib\staticfiles\handlers.py", line 51, in serve
    return serve(request, self.file_path(request.path), insecure=True)
  File "C:\Users\mfaerevaag\AppData\Local\Programs\Python\Python37\Lib\wsgiref\handlers.py", line 137, in run
    self.result = application(self.environ, self.start_response)
  File "C:\MobSF\venv\lib\site-packages\django\contrib\staticfiles\handlers.py", line 66, in __call__
    return super().__call__(environ, start_response)
  File "C:\MobSF\venv\lib\site-packages\django\contrib\staticfiles\views.py", line 33, in serve
    absolute_path = finders.find(normalized_path)
  File "C:\MobSF\venv\lib\site-packages\django\contrib\staticfiles\handlers.py", line 58, in get_response
    return self.serve(request)
  File "C:\MobSF\venv\lib\site-packages\django\contrib\staticfiles\handlers.py", line 58, in get_response
    return self.serve(request)
  File "C:\MobSF\venv\lib\site-packages\django\contrib\staticfiles\views.py", line 33, in serve
    absolute_path = finders.find(normalized_path)
  File "C:\MobSF\venv\lib\site-packages\django\contrib\staticfiles\handlers.py", line 66, in __call__
    return super().__call__(environ, start_response)
  File "C:\MobSF\venv\lib\site-packages\django\core\handlers\wsgi.py", line 142, in __call__
    response = self.get_response(request)
  File "C:\MobSF\venv\lib\site-packages\django\contrib\staticfiles\finders.py", line 263, in find
    result = finder.find(path, all=all)
  File "C:\MobSF\venv\lib\site-packages\django\contrib\staticfiles\handlers.py", line 51, in serve
    return serve(request, self.file_path(request.path), insecure=True)
  File "C:\MobSF\venv\lib\site-packages\django\contrib\staticfiles\handlers.py", line 51, in serve
    return serve(request, self.file_path(request.path), insecure=True)
  File "C:\MobSF\venv\lib\site-packages\django\contrib\staticfiles\finders.py", line 263, in find
    result = finder.find(path, all=all)
  File "C:\MobSF\venv\lib\site-packages\django\core\handlers\wsgi.py", line 142, in __call__
    response = self.get_response(request)
  File "C:\MobSF\venv\lib\site-packages\django\contrib\staticfiles\handlers.py", line 58, in get_response
    return self.serve(request)
  File "C:\MobSF\venv\lib\site-packages\django\contrib\staticfiles\finders.py", line 98, in find
    matched_path = self.find_location(root, path, prefix)
  File "C:\MobSF\venv\lib\site-packages\django\contrib\staticfiles\views.py", line 33, in serve
    absolute_path = finders.find(normalized_path)
  File "C:\MobSF\venv\lib\site-packages\django\contrib\staticfiles\views.py", line 33, in serve
    absolute_path = finders.find(normalized_path)
  File "C:\MobSF\venv\lib\site-packages\django\contrib\staticfiles\finders.py", line 98, in find
    matched_path = self.find_location(root, path, prefix)
  File "C:\MobSF\venv\lib\site-packages\django\contrib\staticfiles\handlers.py", line 58, in get_response
    return self.serve(request)
  File "C:\MobSF\venv\lib\site-packages\django\contrib\staticfiles\handlers.py", line 51, in serve
    return serve(request, self.file_path(request.path), insecure=True)
  File "C:\MobSF\venv\lib\site-packages\django\contrib\staticfiles\views.py", line 33, in serve
    absolute_path = finders.find(normalized_path)
  File "C:\MobSF\venv\lib\site-packages\django\contrib\staticfiles\finders.py", line 263, in find
    result = finder.find(path, all=all)
  File "C:\MobSF\venv\lib\site-packages\django\contrib\staticfiles\finders.py", line 98, in find
    matched_path = self.find_location(root, path, prefix)
  File "C:\MobSF\venv\lib\site-packages\django\contrib\staticfiles\finders.py", line 115, in find_location
    path = safe_join(root, path)
  File "C:\MobSF\venv\lib\site-packages\django\contrib\staticfiles\finders.py", line 263, in find
    result = finder.find(path, all=all)
  File "C:\MobSF\venv\lib\site-packages\django\contrib\staticfiles\finders.py", line 115, in find_location
    path = safe_join(root, path)
  File "C:\MobSF\venv\lib\site-packages\django\contrib\staticfiles\finders.py", line 115, in find_location
    path = safe_join(root, path)
  File "C:\MobSF\venv\lib\site-packages\django\utils\_os.py", line 49, in safe_join
    'component ({})'.format(final_path, base_path))
  File "C:\MobSF\venv\lib\site-packages\django\contrib\staticfiles\handlers.py", line 51, in serve
    return serve(request, self.file_path(request.path), insecure=True)
  File "C:\MobSF\venv\lib\site-packages\django\contrib\staticfiles\finders.py", line 263, in find
    result = finder.find(path, all=all)
django.core.exceptions.SuspiciousFileOperation: The joined path (C:\MobSF\static\css\dropzone.css) is located outside of the base path component (C:\MobSF\static\)
  File "C:\MobSF\venv\lib\site-packages\django\contrib\staticfiles\views.py", line 33, in serve
    absolute_path = finders.find(normalized_path)
  File "C:\MobSF\venv\lib\site-packages\django\contrib\staticfiles\finders.py", line 98, in find
    matched_path = self.find_location(root, path, prefix)
  File "C:\MobSF\venv\lib\site-packages\django\contrib\staticfiles\finders.py", line 115, in find_location
    path = safe_join(root, path)
  File "C:\MobSF\venv\lib\site-packages\django\utils\_os.py", line 49, in safe_join
    'component ({})'.format(final_path, base_path))
  File "C:\MobSF\venv\lib\site-packages\django\contrib\staticfiles\finders.py", line 98, in find
    matched_path = self.find_location(root, path, prefix)
  File "C:\MobSF\venv\lib\site-packages\django\contrib\staticfiles\finders.py", line 115, in find_location
    path = safe_join(root, path)
  File "C:\MobSF\venv\lib\site-packages\django\utils\_os.py", line 49, in safe_join
    'component ({})'.format(final_path, base_path))
  File "C:\MobSF\venv\lib\site-packages\django\utils\_os.py", line 49, in safe_join
    'component ({})'.format(final_path, base_path))
  File "C:\MobSF\venv\lib\site-packages\django\utils\_os.py", line 49, in safe_join
    'component ({})'.format(final_path, base_path))
django.core.exceptions.SuspiciousFileOperation: The joined path (C:\MobSF\static\css\bootstrap.min.css) is located outside of the base path component (C:\MobSF\static\)
django.core.exceptions.SuspiciousFileOperation: The joined path (C:\MobSF\static\js\dropzone.js) is located outside of the base path component (C:\MobSF\static\)
django.core.exceptions.SuspiciousFileOperation: The joined path (C:\MobSF\static\css\cover.css) is located outside of the base path component (C:\MobSF\static\)
django.core.exceptions.SuspiciousFileOperation: The joined path (C:\MobSF\static\js\jquery.min.js) is located outside of the base path component (C:\MobSF\static\)
  File "C:\MobSF\venv\lib\site-packages\django\contrib\staticfiles\finders.py", line 263, in find
    result = finder.find(path, all=all)
[23/Oct/2018 10:30:44] "GET /static/css/dropzone.css HTTP/1.1" 500 59
  File "C:\MobSF\venv\lib\site-packages\django\contrib\staticfiles\finders.py", line 98, in find
    matched_path = self.find_location(root, path, prefix)
  File "C:\MobSF\venv\lib\site-packages\django\contrib\staticfiles\finders.py", line 115, in find_location
    path = safe_join(root, path)
  File "C:\MobSF\venv\lib\site-packages\django\utils\_os.py", line 49, in safe_join
    'component ({})'.format(final_path, base_path))
[23/Oct/2018 10:30:44] "GET /static/css/bootstrap.min.css HTTP/1.1" 500 59
django.core.exceptions.SuspiciousFileOperation: The joined path (C:\MobSF\static\js\ie-emulation-modes-warning.js) is located outside of the base path component (C:\MobSF\static\)
[23/Oct/2018 10:30:44] "GET /static/css/cover.css HTTP/1.1" 500 59
[23/Oct/2018 10:30:44] "GET /static/js/dropzone.js HTTP/1.1" 500 59
[23/Oct/2018 10:30:44] "GET /static/js/jquery.min.js HTTP/1.1" 500 59
[23/Oct/2018 10:30:44] "GET /static/js/ie-emulation-modes-warning.js HTTP/1.1" 500 59
Traceback (most recent call last):
Traceback (most recent call last):
  File "C:\Users\mfaerevaag\AppData\Local\Programs\Python\Python37\Lib\wsgiref\handlers.py", line 137, in run
    self.result = application(self.environ, self.start_response)
  File "C:\Users\mfaerevaag\AppData\Local\Programs\Python\Python37\Lib\wsgiref\handlers.py", line 137, in run
    self.result = application(self.environ, self.start_response)
  File "C:\MobSF\venv\lib\site-packages\django\contrib\staticfiles\handlers.py", line 66, in __call__
    return super().__call__(environ, start_response)
  File "C:\MobSF\venv\lib\site-packages\django\contrib\staticfiles\handlers.py", line 66, in __call__
    return super().__call__(environ, start_response)
  File "C:\MobSF\venv\lib\site-packages\django\core\handlers\wsgi.py", line 142, in __call__
    response = self.get_response(request)
  File "C:\MobSF\venv\lib\site-packages\django\core\handlers\wsgi.py", line 142, in __call__
    response = self.get_response(request)
  File "C:\MobSF\venv\lib\site-packages\django\contrib\staticfiles\handlers.py", line 58, in get_response
    return self.serve(request)
  File "C:\MobSF\venv\lib\site-packages\django\contrib\staticfiles\handlers.py", line 58, in get_response
    return self.serve(request)
  File "C:\MobSF\venv\lib\site-packages\django\contrib\staticfiles\handlers.py", line 51, in serve
    return serve(request, self.file_path(request.path), insecure=True)
  File "C:\MobSF\venv\lib\site-packages\django\contrib\staticfiles\handlers.py", line 51, in serve
    return serve(request, self.file_path(request.path), insecure=True)
  File "C:\MobSF\venv\lib\site-packages\django\contrib\staticfiles\views.py", line 33, in serve
    absolute_path = finders.find(normalized_path)
  File "C:\MobSF\venv\lib\site-packages\django\contrib\staticfiles\finders.py", line 263, in find
    result = finder.find(path, all=all)
  File "C:\MobSF\venv\lib\site-packages\django\contrib\staticfiles\views.py", line 33, in serve
    absolute_path = finders.find(normalized_path)
  File "C:\MobSF\venv\lib\site-packages\django\contrib\staticfiles\finders.py", line 98, in find
    matched_path = self.find_location(root, path, prefix)
  File "C:\MobSF\venv\lib\site-packages\django\contrib\staticfiles\finders.py", line 263, in find
    result = finder.find(path, all=all)
  File "C:\MobSF\venv\lib\site-packages\django\contrib\staticfiles\finders.py", line 115, in find_location
    path = safe_join(root, path)
  File "C:\MobSF\venv\lib\site-packages\django\contrib\staticfiles\finders.py", line 98, in find
    matched_path = self.find_location(root, path, prefix)
  File "C:\MobSF\venv\lib\site-packages\django\utils\_os.py", line 49, in safe_join
    'component ({})'.format(final_path, base_path))
  File "C:\MobSF\venv\lib\site-packages\django\contrib\staticfiles\finders.py", line 115, in find_location
    path = safe_join(root, path)
django.core.exceptions.SuspiciousFileOperation: The joined path (C:\MobSF\static\img\MobSF_Logo_small.png) is located outside of the base path component (C:\MobSF\static\)
  File "C:\MobSF\venv\lib\site-packages\django\utils\_os.py", line 49, in safe_join
    'component ({})'.format(final_path, base_path))
Traceback (most recent call last):
django.core.exceptions.SuspiciousFileOperation: The joined path (C:\MobSF\static\js\ie10-viewport-bug-workaround.js) is located outside of the base path component (C:\MobSF\static\)
[23/Oct/2018 10:30:44] "GET /static/img/MobSF_Logo_small.png HTTP/1.1" 500 59
  File "C:\Users\mfaerevaag\AppData\Local\Programs\Python\Python37\Lib\wsgiref\handlers.py", line 137, in run
    self.result = application(self.environ, self.start_response)
  File "C:\MobSF\venv\lib\site-packages\django\contrib\staticfiles\handlers.py", line 66, in __call__
    return super().__call__(environ, start_response)
  File "C:\MobSF\venv\lib\site-packages\django\core\handlers\wsgi.py", line 142, in __call__
    response = self.get_response(request)
[23/Oct/2018 10:30:44] "GET /static/js/ie10-viewport-bug-workaround.js HTTP/1.1" 500 59
  File "C:\MobSF\venv\lib\site-packages\django\contrib\staticfiles\handlers.py", line 58, in get_response
    return self.serve(request)
  File "C:\MobSF\venv\lib\site-packages\django\contrib\staticfiles\handlers.py", line 51, in serve
    return serve(request, self.file_path(request.path), insecure=True)
  File "C:\MobSF\venv\lib\site-packages\django\contrib\staticfiles\views.py", line 33, in serve
    absolute_path = finders.find(normalized_path)
  File "C:\MobSF\venv\lib\site-packages\django\contrib\staticfiles\finders.py", line 263, in find
    result = finder.find(path, all=all)
  File "C:\MobSF\venv\lib\site-packages\django\contrib\staticfiles\finders.py", line 98, in find
    matched_path = self.find_location(root, path, prefix)
  File "C:\MobSF\venv\lib\site-packages\django\contrib\staticfiles\finders.py", line 115, in find_location
    path = safe_join(root, path)
  File "C:\MobSF\venv\lib\site-packages\django\utils\_os.py", line 49, in safe_join
    'component ({})'.format(final_path, base_path))
django.core.exceptions.SuspiciousFileOperation: The joined path (C:\MobSF\static\js\bootstrap.min.js) is located outside of the base path component (C:\MobSF\static\)
[23/Oct/2018 10:30:44] "GET /static/js/bootstrap.min.js HTTP/1.1" 500 59
Traceback (most recent call last):
  File "C:\Users\mfaerevaag\AppData\Local\Programs\Python\Python37\Lib\wsgiref\handlers.py", line 137, in run
    self.result = application(self.environ, self.start_response)
  File "C:\MobSF\venv\lib\site-packages\django\contrib\staticfiles\handlers.py", line 66, in __call__
    return super().__call__(environ, start_response)
  File "C:\MobSF\venv\lib\site-packages\django\core\handlers\wsgi.py", line 142, in __call__
    response = self.get_response(request)
  File "C:\MobSF\venv\lib\site-packages\django\contrib\staticfiles\handlers.py", line 58, in get_response
    return self.serve(request)
  File "C:\MobSF\venv\lib\site-packages\django\contrib\staticfiles\handlers.py", line 51, in serve
    return serve(request, self.file_path(request.path), insecure=True)
  File "C:\MobSF\venv\lib\site-packages\django\contrib\staticfiles\views.py", line 33, in serve
    absolute_path = finders.find(normalized_path)
  File "C:\MobSF\venv\lib\site-packages\django\contrib\staticfiles\finders.py", line 263, in find
    result = finder.find(path, all=all)
  File "C:\MobSF\venv\lib\site-packages\django\contrib\staticfiles\finders.py", line 98, in find
    matched_path = self.find_location(root, path, prefix)
  File "C:\MobSF\venv\lib\site-packages\django\contrib\staticfiles\finders.py", line 115, in find_location
    path = safe_join(root, path)
  File "C:\MobSF\venv\lib\site-packages\django\utils\_os.py", line 49, in safe_join
    'component ({})'.format(final_path, base_path))
django.core.exceptions.SuspiciousFileOperation: The joined path (C:\MobSF\static\js\ie10-viewport-bug-workaround.js) is located outside of the base path component (C:\MobSF\static\)
[23/Oct/2018 10:30:44] "GET /static/js/ie10-viewport-bug-workaround.js HTTP/1.1" 500 59

MobSF / Mobile-Security-Framework-MobSF

Django path exceptions after fresh install #752

EXPLANATION OF THE ISSUE

STEPS TO REPRODUCE THE ISSUE