HOTFIX: Fixes #1699, #1700

MobSF · Mar 21, 2021 · 091b860 · 091b860
1 parent 2d58a21
commit 091b860
Show file tree

Hide file tree

Showing 9 changed files with 6,070 additions and 3,532 deletions.
diff --git a/mobsf/DynamicAnalyzer/views/android/tests_frida.py b/mobsf/DynamicAnalyzer/views/android/tests_frida.py
@@ -259,7 +259,8 @@ def apimon_analysis(app_dir):
                 to_decode = api['arguments'][0]
             try:
                 if to_decode:
-                    api['decoded'] = decode_base64(to_decode)
+                    api['decoded'] = decode_base64(
+                        to_decode).decode('utf-8', 'ignore')
             except Exception:
                 pass
             api['icon'] = get_icon_map(api['name'])

diff --git a/mobsf/DynamicAnalyzer/views/android/tests_xposed.py b/mobsf/DynamicAnalyzer/views/android/tests_xposed.py
@@ -148,7 +148,7 @@ def droidmon_api_analysis(app_dir, package):
                         if ('decode' in apis['method']
                                 and api == 'api_base64'):
                             call_data['decoded'] = base64_decode(
-                                call_data['args'])
+                                call_data['args']).decode('utf-8', 'ignore')
                         hooks.append(call_data)
             except Exception:
                 pass

diff --git a/mobsf/MalwareAnalyzer/views/MalwareDomainCheck.py b/mobsf/MalwareAnalyzer/views/MalwareDomainCheck.py
@@ -20,7 +20,6 @@
 )
 
 logger = logging.getLogger(__name__)
-IP2Loc = IP2Location.IP2Location()
 
 
 class MalwareDomainCheck:
@@ -32,6 +31,7 @@ def __init__(self):
         self.iplocbin = self.sig_dir / 'IP2LOCATION-LITE-DB5.IPV6.BIN'
         self.result = {}
         self.domainlist = None
+        self.IP2Loc = IP2Location.IP2Location()
 
     def update_malware_db(self):
         """Check for update in malware DB."""
@@ -78,7 +78,7 @@ def update_maltrail_db(self):
     def gelocation(self):
         """Perform Geolocation."""
         try:
-            IP2Loc.open(self.iplocbin)
+            self.IP2Loc.open(self.iplocbin)
             for domain in self.domainlist:
                 # Tag Good Domains
                 if domain not in self.result:
@@ -92,15 +92,15 @@ def gelocation(self):
                 except (gaierror, UnicodeError):
                     pass
                 if ip:
-                    rec = IP2Loc.get_all(ip)
+                    rec = self.IP2Loc.get_all(ip)
                     self.result[domain]['geolocation'] = rec.__dict__
                 else:
                     self.result[domain]['geolocation'] = None
         except Exception:
             logger.exception('Failed to Perform Geolocation')
         finally:
-            if IP2Loc:
-                IP2Loc.close()
+            if self.IP2Loc:
+                self.IP2Loc.close()
 
     def malware_check(self):
         try:

diff --git a/mobsf/MobSF/settings.py b/mobsf/MobSF/settings.py
@@ -20,8 +20,8 @@
 #       MOBSF CONFIGURATIONS
 # !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
 
-VERSION = '3.3.4'
-MOBSF_VER = 'v3.3.4 Beta'
+VERSION = '3.3.5'
+MOBSF_VER = 'v3.3.5 Beta'
 # Remove this later with f string
 BANNER = """
   __  __       _    ____  _____   _____  _____ 

diff --git a/mobsf/StaticAnalyzer/views/android/db_interaction.py b/mobsf/StaticAnalyzer/views/android/db_interaction.py
@@ -191,7 +191,10 @@ def save_or_update(update_type,
             'SECRETS': app_dic['secrets'],
         }
         if update_type == 'save':
-            StaticAnalyzerAndroid.objects.create(**values)
+            db_entry = StaticAnalyzerAndroid.objects.filter(
+                MD5=app_dic['md5'])
+            if not db_entry.exists():
+                StaticAnalyzerAndroid.objects.create(**values)
         else:
             StaticAnalyzerAndroid.objects.filter(
                 MD5=app_dic['md5']).update(**values)

diff --git a/mobsf/StaticAnalyzer/views/ios/db_interaction.py b/mobsf/StaticAnalyzer/views/ios/db_interaction.py
@@ -153,7 +153,10 @@ def save_or_update(update_type,
             'APPSTORE_DETAILS': app_dict['appstore'],
         }
         if update_type == 'save':
-            StaticAnalyzerIOS.objects.create(**values)
+            db_entry = StaticAnalyzerIOS.objects.filter(
+                MD5=app_dict['md5_hash'])
+            if not db_entry.exists():
+                StaticAnalyzerIOS.objects.create(**values)
         else:
             StaticAnalyzerIOS.objects.filter(
                 MD5=app_dict['md5_hash']).update(**values)

diff --git a/mobsf/StaticAnalyzer/views/windows/db_interaction.py b/mobsf/StaticAnalyzer/views/windows/db_interaction.py
@@ -109,7 +109,10 @@ def save_or_update(update_type,
             'BINARY_WARNINGS': bin_an_dic['warnings'],
         }
         if update_type == 'save':
-            StaticAnalyzerWindows.objects.create(**values)
+            db_entry = StaticAnalyzerWindows.objects.filter(
+                MD5=app_dic['md5'])
+            if not db_entry.exists():
+                StaticAnalyzerWindows.objects.create(**values)
         else:
             StaticAnalyzerWindows.objects.filter(
                 MD5=app_dic['md5']).update(**values)

diff --git a/mobsf/signatures/exodus_trackers b/mobsf/signatures/exodus_trackers