search

MobSF / Mobile-Security-Framework-MobSF

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.
https://opensecurity.in
GNU General Public License v3.0
17.42k stars 3.23k forks source link

Don't Play Around. An Error just popped in! None no such table: StaticAnalyzer_staticanalyzerandroid #788

Closed Josphatgakuo closed 5 years ago

Josphatgakuo commented 5 years ago

EXPLANATION OF THE ISSUE

STEPS TO REPRODUCE THE ISSUE

1. This is the first step
2. This is the second step
3. Further steps, etc.

CONSOLE OUTPUT

Paste the output generated at your console/terminal while scanning the mobile app.
The console log should contain the error or bug you are seeing
(NOT REQUIRED FOR FEATURE REQUEST/ENHANCEMENT)

CONTENTS OF LOG FILES

Paste the contents of logs/MobSF.log here
(NOT REQUIRED FOR FEATURE REQUEST/ENHANCEMENT)
Josphatgakuo commented 5 years ago

Please help with the error guys

Josphatgakuo commented 5 years ago

Mobile Security Framework v1.0.3 Beta

REST API Key: 6f0b6b8bd65864a309d6a6063c74d139fa529f3f76f9fa6be19987ea507254f6 OS: Linux Platform: Linux-4.18.0-kali2-amd64-x86_64-with-Kali-kali-rolling-kali-rolling Dist: ('Kali', 'kali-rolling', 'kali-rolling')

[WARNING] Could not find VirtualBox path. [INFO] MobSF Basic Environment Check [INFO] Checking for Update. [INFO] No updates available. System check identified some issues:

WARNINGS: ?: (1_10.W001) The MIDDLEWARE_CLASSES setting is deprecated in Django 1.10 and the MIDDLEWARE setting takes precedence. Since you've set MIDDLEWARE, the value of MIDDLEWARE_CLASSES is ignored.

System check identified 1 issue (0 silenced). November 23, 2018 - 06:57:39 Django version 1.11.16, using settings 'MobSF.settings' Starting development server at http://127.0.0.1:8099/ Quit the server with CONTROL-C. [23/Nov/2018 06:57:51] "GET / HTTP/1.1" 200 7727 [23/Nov/2018 06:57:51] "GET /static/img/MobSF_Logo_small.png HTTP/1.1" 200 32351 [23/Nov/2018 06:57:51] "GET /static/fonts/glyphicons-halflings-regular.woff HTTP/1.1" 200 8192 [INFO] MIME Type: application/vnd.android.package-archive FILE: simreg-app-release.apk

[2018-11-23 06:57:58] [ERROR] Adding Scan URL to Database (/root/Desktop/Mobile-Security-Framework-MobSF/MobSF/views/scanning.py, LINE 19 "if not db_obj.exists():"): no such table: StaticAnalyzer_recentscansdb

[INFO] Performing Static Analysis of Android APK [23/Nov/2018 06:57:58] "POST /upload/ HTTP/1.1" 200 229 [INFO] Starting Analysis on : simreg-app-release.apk [ERROR] no such table: StaticAnalyzer_staticanalyzerandroid [23/Nov/2018 06:57:58] "GET /StaticAnalyzer/?name=simreg-app-release.apk&type=apk&checksum=559c11d72ec28a739d46c7693434e8c2 HTTP/1.1" 500 4805

Thats the log filei forgot to attach sorry

superpoussin22 commented 5 years ago

did you run setup.sh ?

ajinabraham commented 5 years ago

Properly migrate DB

ajinabraham commented 5 years ago

Do pull the latest master of MobSF and run scripts/kali_fix.sh and then setup.sh

safebaseline commented 5 years ago

Do you fix it?

Josphatgakuo commented 5 years ago

Hi, Yes I fixed it. I got a little busy and forgot to update

On Thu, Dec 13, 2018, 05:32 safebaseline notifications@github.com wrote:

Do you fix it?

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/MobSF/Mobile-Security-Framework-MobSF/issues/788#issuecomment-446820509, or mute the thread https://github.com/notifications/unsubscribe-auth/ArLyz6hETkmuXFepLegTpHRl4TmKLBPDks5u4bwxgaJpZM4YwMgU .

ajayraina143 commented 5 years ago

Don't Play Around. An Error just popped in!

Inappropriate argument type.

'NoneType' object is not subscriptable

ajayraina143 commented 5 years ago

[INFO] 04/Mar/2019 11:59:58 -

| \/ | _ | |_/ || _| _ / | / \ | |\/| |/ | ' \ | | \ \ / / || | | | | | | | () | |_) |) | | \ V /| || || | || ||_/|_./__/|| _/ |(_)___/

[INFO] 04/Mar/2019 11:59:58 - Mobile Security Framework v1.0.5 Beta REST API Key: 097334805e6abf81dafe3510b841ccd13ff35311202a356837d94999659e28e6 [INFO] 04/Mar/2019 11:59:58 - OS: Linux [INFO] 04/Mar/2019 11:59:58 - Platform: Linux-4.19.0-kali1-amd64-x86_64-with-Kali-kali-rolling-kali-rolling [INFO] 04/Mar/2019 11:59:58 - Dist: ('Kali', 'kali-rolling', 'kali-rolling') [INFO] 04/Mar/2019 11:59:58 - Finding JDK Location in Linux/MAC.... [INFO] 04/Mar/2019 11:59:58 - JDK 1.7 or above is available [WARNING] 04/Mar/2019 11:59:58 - Could not find VirtualBox path. [INFO] 04/Mar/2019 11:59:58 - MobSF Basic Environment Check [INFO] 04/Mar/2019 11:59:58 - Checking for Update. [INFO] 04/Mar/2019 11:59:58 - No updates available. System check identified no issues (0 silenced). March 04, 2019 - 11:59:58 Django version 2.1.7, using settings 'MobSF.settings' Starting development server at http://127.0.0.1:8000/ Quit the server with CONTROL-C. [INFO] 04/Mar/2019 12:00:02 - "GET / HTTP/1.1" 200 7723 [INFO] 04/Mar/2019 12:00:02 - "GET /static/css/bootstrap.min.css HTTP/1.1" 304 0 [INFO] 04/Mar/2019 12:00:02 - "GET /static/js/ie-emulation-modes-warning.js HTTP/1.1" 304 0 [INFO] 04/Mar/2019 12:00:02 - "GET /static/css/cover.css HTTP/1.1" 304 0 [INFO] 04/Mar/2019 12:00:02 - "GET /static/js/ie10-viewport-bug-workaround.js HTTP/1.1" 304 0 [INFO] 04/Mar/2019 12:00:02 - "GET /static/js/bootstrap.min.js HTTP/1.1" 304 0 [INFO] 04/Mar/2019 12:00:02 - "GET /static/css/dropzone.css HTTP/1.1" 304 0 [INFO] 04/Mar/2019 12:00:02 - "GET /static/js/jquery.min.js HTTP/1.1" 304 0 [INFO] 04/Mar/2019 12:00:02 - "GET /static/js/dropzone.js HTTP/1.1" 304 0 [INFO] 04/Mar/2019 12:00:02 - "GET /static/img/MobSF_Logo_small.png HTTP/1.1" 304 0 [INFO] 04/Mar/2019 12:00:02 - "GET /static/fonts/glyphicons-halflings-regular.woff HTTP/1.1" 304 0 [INFO] 04/Mar/2019 12:00:17 - MIME Type: application/vnd.android.package-archive FILE: zoho mail.apk [INFO] 04/Mar/2019 12:00:17 - Performing Static Analysis of Android APK [INFO] 04/Mar/2019 12:00:17 - "POST /upload/ HTTP/1.1" 200 211 [INFO] 04/Mar/2019 12:00:17 - Starting Analysis on : Zoho Mail.apk [INFO] 04/Mar/2019 12:00:17 - Generating Hashes [INFO] 04/Mar/2019 12:00:17 - Unzipping [ERROR] 04/Mar/2019 12:00:17 - Unzipping Error (/root/Mobile-Security-Framework-MobSF/StaticAnalyzer/views/shared_func.py, LINE 78 "with zipfile.ZipFile(app_path, "r") as zipptr:"): File is not a zip file [INFO] 04/Mar/2019 12:00:17 - Using the Default OS Unzip Utility. error: -fn or any combination of -c, -l, -p, -t, -u and -v options invalid UnZip 6.00 of 20 April 2009, by Debian. Original by Info-ZIP.

Usage: unzip [-Z] [-opts[modifiers]] file[.zip] [list] [-x xlist] [-d exdir] Default action is to extract files in list, except those in xlist, to exdir; file[.zip] may be a wildcard. -Z => ZipInfo mode ("unzip -Z" for usage).

-p extract files to pipe, no messages -l list files (short format) -f freshen existing files, create none -t test compressed archive data -u update files, create if necessary -z display archive comment only -v list verbosely/show version info -T timestamp archive to latest -x exclude files that follow (in xlist) -d extract files into exdir modifiers: -n never overwrite existing files -q quiet mode (-qq => quieter) -o overwrite files WITHOUT prompting -a auto-convert any text files -j junk paths (do not make directories) -aa treat ALL files as text -U use escapes for all non-ASCII Unicode -UU ignore any Unicode fields -C match filenames case-insensitively -L make (some) names lowercase -X restore UID/GID info -V retain VMS version numbers -K keep setuid/setgid/tacky permissions -M pipe through "more" pager See "unzip -hh" or unzip.txt for more help. Examples: unzip data1 -x joe => extract all files except joe from zipfile data1.zip unzip -p foo | more => send contents of foo.zip via pipe into program more unzip -fo foo ReadMe => quietly replace existing ReadMe if archive file newer [/root/Mobile-Security-Framework-MobSF/uploads/79e412acc09ff213485dae27182c7741/79e412acc09ff213485dae27182c7741.apk] End-of-central-directory signature not found. Either this file is not a zipfile, or it constitutes one disk of a multi-part archive. In the latter case the central directory and zipfile comment will be found on the last disk(s) of this archive. unzip: cannot find zipfile directory in one of /root/Mobile-Security-Framework-MobSF/uploads/79e412acc09ff213485dae27182c7741/79e412acc09ff213485dae27182c7741.apk or /root/Mobile-Security-Framework-MobSF/uploads/79e412acc09ff213485dae27182c7741/79e412acc09ff213485dae27182c7741.apk.zip, and cannot find /root/Mobile-Security-Framework-MobSF/uploads/79e412acc09ff213485dae27182c7741/79e412acc09ff213485dae27182c7741.apk.ZIP, period. [ERROR] 04/Mar/2019 12:00:17 - Unzipping Error (/root/Mobile-Security-Framework-MobSF/StaticAnalyzer/views/shared_func.py, LINE 96 "dat = subprocess.check_output(['unzip', '-qq', '-l', app_path])"): Command '['unzip', '-qq', '-l', '/root/Mobile-Security-Framework-MobSF/uploads/79e412acc09ff213485dae27182c7741/79e412acc09ff213485dae27182c7741.apk']' returned non-zero exit status 9. [INFO] 04/Mar/2019 12:00:17 - Getting Hardcoded Certificates/Keystores [ERROR] 04/Mar/2019 12:00:17 - Getting Hardcoded Certificates/Keystores (/root/Mobile-Security-Framework-MobSF/StaticAnalyzer/views/android/cert_analysis.py, LINE 26 "for file_name in files:"): 'NoneType' object is not iterable [INFO] 04/Mar/2019 12:00:17 - APK Extracted [INFO] 04/Mar/2019 12:00:17 - Converting AXML to XML Exception in thread "main" brut.androlib.AndrolibException: brut.directory.DirectoryException: java.util.zip.ZipException: zip END header not found at brut.androlib.ApkDecoder.hasResources(ApkDecoder.java:307) at brut.androlib.ApkDecoder.decode(ApkDecoder.java:103) at brut.apktool.Main.cmdDecode(Main.java:164) at brut.apktool.Main.main(Main.java:73) Caused by: brut.directory.DirectoryException: java.util.zip.ZipException: zip END header not found at brut.directory.ZipRODirectory.(ZipRODirectory.java:55) at brut.directory.ZipRODirectory.(ZipRODirectory.java:38) at brut.directory.ExtFile.getDirectory(ExtFile.java:52) at brut.androlib.ApkDecoder.hasResources(ApkDecoder.java:305) ... 3 more Caused by: java.util.zip.ZipException: zip END header not found at java.base/java.util.zip.ZipFile$Source.zerror(ZipFile.java:1529) at java.base/java.util.zip.ZipFile$Source.findEND(ZipFile.java:1430) at java.base/java.util.zip.ZipFile$Source.initCEN(ZipFile.java:1437) at java.base/java.util.zip.ZipFile$Source.(ZipFile.java:1268) at java.base/java.util.zip.ZipFile$Source.get(ZipFile.java:1231) at java.base/java.util.zip.ZipFile$CleanableResource.(ZipFile.java:726) at java.base/java.util.zip.ZipFile$CleanableResource.get(ZipFile.java:843) at java.base/java.util.zip.ZipFile.(ZipFile.java:246) at java.base/java.util.zip.ZipFile.(ZipFile.java:176) at java.base/java.util.zip.ZipFile.(ZipFile.java:190) at brut.directory.ZipRODirectory.(ZipRODirectory.java:53) ... 6 more [ERROR] 04/Mar/2019 12:00:18 - Getting Manifest file (/root/Mobile-Security-Framework-MobSF/StaticAnalyzer/views/android/manifest_analysis.py, LINE 888 "subprocess.check_output(args)"): Command '['/usr/bin/java', '-jar', '/root/Mobile-Security-Framework-MobSF/StaticAnalyzer/tools/apktool_2.3.4.jar', '--match-original', '-f', '-s', 'd', '/root/Mobile-Security-Framework-MobSF/uploads/79e412acc09ff213485dae27182c7741/79e412acc09ff213485dae27182c7741.apk', '-o', '/root/Mobile-Security-Framework-MobSF/uploads/79e412acc09ff213485dae27182c7741/apktool_out']' returned non-zero exit status 1. [ERROR] 04/Mar/2019 12:00:18 - Reading Manifest file (/root/Mobile-Security-Framework-MobSF/StaticAnalyzer/views/android/manifest_analysis.py, LINE 843 "if isFileExists(manifest):"): stat: path should be string, bytes, os.PathLike or integer, not NoneType [INFO] 04/Mar/2019 12:00:18 - Parsing AndroidManifest.xml [ERROR] 04/Mar/2019 12:00:18 - apktool failed to extract AndroidManifest.xml or parsing failed (/root/Mobile-Security-Framework-MobSF/StaticAnalyzer/views/android/manifest_analysis.py, LINE 34 "manifest = minidom.parseString(dat)"): a bytes-like object is required, not 'NoneType' [WARNING] 04/Mar/2019 12:00:18 - Using Fake XML to continue the Analysis [INFO] 04/Mar/2019 12:00:18 - Extracting Manifest Data [INFO] 04/Mar/2019 12:00:18 - Manifest Analysis Started [INFO] 04/Mar/2019 12:00:18 - Static Android Binary Analysis Started [INFO] 04/Mar/2019 12:00:18 - Static Android Resource Analysis Started [INFO] 04/Mar/2019 12:00:18 - Reading Code Signing Certificate [ERROR] 04/Mar/2019 12:00:18 - Reading Code Signing Certificate (/root/Mobile-Security-Framework-MobSF/StaticAnalyzer/views/android/cert_analysis.py, LINE 52 "cert) if os.path.isfile(os.path.join(cert, f))]"): [Errno 2] No such file or directory: '/root/Mobile-Security-Framework-MobSF/uploads/79e412acc09ff213485dae27182c7741/META-INF/' [INFO] 04/Mar/2019 12:00:18 - DEX -> JAR [INFO] 04/Mar/2019 12:00:18 - Using JAR converter - dex2jar [INFO] 04/Mar/2019 12:00:18 - DEX -> SMALI [INFO] 04/Mar/2019 12:00:18 - JAR -> JAVA [INFO] 04/Mar/2019 12:00:18 - Static Android Code Analysis Started [INFO] 04/Mar/2019 12:00:18 - Code Analysis Started on - java_source [INFO] 04/Mar/2019 12:00:18 - Performing Malware Check on extracted Domains [INFO] 04/Mar/2019 12:00:18 - Finished Code Analysis, Email and URL Extraction [INFO] 04/Mar/2019 12:00:18 - Generating Java and Smali Downloads [INFO] 04/Mar/2019 12:00:18 - Generating Downloads [INFO] 04/Mar/2019 12:00:18 - Zipping [INFO] 04/Mar/2019 12:00:18 - Zipping [INFO] 04/Mar/2019 12:00:18 - Extracting Strings from APK [ERROR] 04/Mar/2019 12:00:18 - Extracting Strings from APK (/root/Mobile-Security-Framework-MobSF/StaticAnalyzer/views/android/strings.py, LINE 24 "and_a = apk.APK(apk_file)"): File is not a zip file [INFO] 04/Mar/2019 12:00:18 - Connecting to Database [INFO] 04/Mar/2019 12:00:18 - Saving to Database [ERROR] 04/Mar/2019 12:00:18 - Saving to DB (/root/Mobile-Security-Framework-MobSF/StaticAnalyzer/views/android/db_interaction.py, LINE 221 "CERT_INFO=cert_dic['cert_info'],"): 'NoneType' object is not subscriptable [ERROR] 04/Mar/2019 12:00:18 - Rendering to Template (/root/Mobile-Security-Framework-MobSF/StaticAnalyzer/views/android/db_interaction.py, LINE 108 "'certinfo': cert_dic['cert_info'],"): 'NoneType' object is not subscriptable [ERROR] 04/Mar/2019 12:00:18 - 'NoneType' object is not subscriptable [ERROR] 04/Mar/2019 12:00:18 - Internal Server Error: /StaticAnalyzer/ [ERROR] 04/Mar/2019 12:00:18 - "GET /StaticAnalyzer/?name=Zoho%20Mail.apk&type=apk&checksum=79e412acc09ff213485dae27182c7741 HTTP/1.1" 500 4848 [INFO] 04/Mar/2019 12:00:18 - "GET /static/bootstrap/css/bootstrap.min.css HTTP/1.1" 304 0 [INFO] 04/Mar/2019 12:00:18 - "GET /static/css/font-awesome.min.css HTTP/1.1" 304 0 [INFO] 04/Mar/2019 12:00:18 - "GET /static/dash/css/AdminLTE.min.css HTTP/1.1" 304 0 [INFO] 04/Mar/2019 12:00:18 - "GET /static/css/style.css HTTP/1.1" 304 0 [INFO] 04/Mar/2019 12:00:18 - "GET /static/css/ionicons.min.css HTTP/1.1" 304 0 [INFO] 04/Mar/2019 12:00:18 - "GET /static/dash/css/skins/_all-skins.min.css HTTP/1.1" 304 0 [INFO] 04/Mar/2019 12:00:18 - "GET /static/plugins/fastclick/fastclick.min.js HTTP/1.1" 304 0 [INFO] 04/Mar/2019 12:00:18 - "GET /static/js/jquery.bootstrap-growl.min.js HTTP/1.1" 304 0 [INFO] 04/Mar/2019 12:00:18 - "GET /static/plugins/jQuery/jQuery-2.1.4.min.js HTTP/1.1" 304 0 [INFO] 04/Mar/2019 12:00:18 - "GET /static/bootstrap/js/bootstrap.min.js HTTP/1.1" 304 0 [INFO] 04/Mar/2019 12:00:18 - "GET /static/plugins/slimScroll/jquery.slimscroll.min.js HTTP/1.1" 304 0 [INFO] 04/Mar/2019 12:00:18 - "GET /static/dash/js/app.min.js HTTP/1.1" 304 0 [INFO] 04/Mar/2019 12:00:18 - "GET /static/js/docs.js HTTP/1.1" 304 0

ajinabraham commented 5 years ago

@ajayraina143 What are you trying? Opening multiple issues or commenting in unrelated thread won't get your queries resolved.