search

mvt-project / mvt

MVT (Mobile Verification Toolkit) helps with conducting forensics of mobile devices in order to find signs of a potential compromise.
https://mvt.re
Other
10.39k stars 986 forks source link

Not dealing with the 'files' folder when check-iocs #500

Open Lynxiayel opened 5 months ago

Lynxiayel commented 5 months ago

The output result from mvt-android check-adb will generate a bunch of json files, as well as a files folder. If we then use mvt-android check-iocs over the check-adb result path, it will run into this files folder, and report IsADirectoryError, as follows:

INFO [mvt.common.cmd_check_iocs] Loading results from "files" with module Files
Traceback (most recent call last): File "/home/xxxx/software/miniconda3/bin/mvt-android", line 8, in sys.exit(cli()) ^^^^^ File "/home/xxxx/software/miniconda3/lib/python3.12/site-packages/click/core.py", line 1157, in call return self.main(args, kwargs) ^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/home/xxxx/software/miniconda3/lib/python3.12/site-packages/click/core.py", line 1078, in main rv = self.invoke(ctx) ^^^^^^^^^^^^^^^^ File "/home/xxxx/software/miniconda3/lib/python3.12/site-packages/click/core.py", line 1688, in invoke return _process_result(sub_ctx.command.invoke(sub_ctx)) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/home/xxxx/software/miniconda3/lib/python3.12/site-packages/click/core.py", line 1434, in invoke return ctx.invoke(self.callback, ctx.params) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/home/xxxx/software/miniconda3/lib/python3.12/site-packages/click/core.py", line 783, in invoke return __callback(args, *kwargs) ^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/home/xxxx/software/miniconda3/lib/python3.12/site-packages/click/decorators.py", line 33, in new_func return f(get_current_context(), args, **kwargs) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/home/xxxx/software/miniconda3/lib/python3.12/site-packages/mvt/android/cli.py", line 396, in check_iocs cmd.run() File "/home/xxxx/software/miniconda3/lib/python3.12/site-packages/mvt/common/cmd_check_iocs.py", line 65, in run m = iocs_module.from_json( ^^^^^^^^^^^^^^^^^^^^^^ File "/home/xxxx/software/miniconda3/lib/python3.12/site-packages/mvt/common/module.py", line 71, in from_json with open(json_path, "r", encoding="utf-8") as handle: ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ IsADirectoryError: [Errno 21] Is a directory: '../mvt/results/files'

Te-k commented 2 months ago

Hi @Lynxiayel , thanks for reporting that, this is indeed a bug in MVT. We'll add it to things to fix in the next version