Skip to content

Commit

Permalink
Undid some bad updates
Browse files Browse the repository at this point in the history
  • Loading branch information
@brice-syslogic
brice-syslogic committed Sep 29, 2024
1 parent 3bb90c6 commit d25e098
Show file tree
Hide file tree
Showing 4 changed files with 32 additions and 130 deletions.
53 changes: 2 additions & 51 deletions mobsf/MobSF/utils.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -892,27 +892,13 @@ def valid_host(host):
return False
# Local network
invalid_prefix = (
'100.64.',
'127.',
'192.',
'198.',
'10.',
'172.',
'169.',
'169',
'0.',
'203.0.',
'224.0.',
'240.0',
'255.255.',
'localhost',
'::1',
'64::ff9b::',
'100::',
'2001::',
'2002::',
'fc00::',
'fe80::',
'ff00::')
'localhost')
if domain.startswith(invalid_prefix):
return False
ip = socket.gethostbyname(domain)
Expand All @@ -924,41 +910,6 @@ def valid_host(host):
return False


def append_scan_status(checksum, status, exception=None):
"""Append Scan Status to Database."""
try:
db_obj = RecentScansDB.objects.get(MD5=checksum)
if status == 'init':
db_obj.SCAN_LOGS = []
db_obj.save()
return
current_logs = python_dict(db_obj.SCAN_LOGS)
current_logs.append({
'timestamp': utcnow().strftime('%Y-%m-%d %H:%M:%S'),
'status': status,
'exception': exception})
db_obj.SCAN_LOGS = current_logs
db_obj.save()
except RecentScansDB.DoesNotExist:
# Expected to fail for iOS Dynamic Analysis Report Generation
# Calls MalwareScan and TrackerScan with different checksum
pass
except Exception:
logger.exception('Appending Scan Status to Database')


def get_scan_logs(checksum):
"""Get the scan logs for the given checksum."""
try:
db_entry = RecentScansDB.objects.filter(MD5=checksum)
if db_entry.exists():
return python_list(db_entry[0].SCAN_LOGS)
except Exception:
msg = 'Fetching scan logs from the DB failed.'
logger.exception(msg)
return []


def is_admin(request):
if (not isinstance(request, WSGIRequest)):
return False
Expand Down
41 changes: 11 additions & 30 deletions mobsf/StaticAnalyzer/views/android/db_interaction.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,12 +5,7 @@
from django.db.models import QuerySet
from django.utils import timezone

from mobsf.MobSF.utils import (
append_scan_status,
get_scan_logs,
python_dict,
python_list,
)
from mobsf.MobSF.utils import python_dict, python_list
from mobsf.StaticAnalyzer.models import StaticAnalyzerAndroid
from mobsf.StaticAnalyzer.models import RecentScansDB
from mobsf.StaticAnalyzer.views.common.suppression import (
Expand All @@ -27,8 +22,7 @@
def get_context_from_db_entry(db_entry: QuerySet) -> dict:
"""Return the context for APK/ZIP from DB."""
try:
msg = 'Analysis is already Done. Fetching data from the DB...'
logger.info(msg)
logger.info('Analysis is already Done. Fetching data from the DB...')
package = db_entry[0].PACKAGE_NAME
code = process_suppression(
python_dict(db_entry[0].CODE_ANALYSIS),
Expand Down Expand Up @@ -87,12 +81,10 @@ def get_context_from_db_entry(db_entry: QuerySet) -> dict:
'trackers': python_dict(db_entry[0].TRACKERS),
'playstore_details': python_dict(db_entry[0].PLAYSTORE_DETAILS),
'secrets': python_list(db_entry[0].SECRETS),
'logs': get_scan_logs(db_entry[0].MD5),
}
return context
except Exception:
msg = 'Fetching data from the DB failed.'
logger.exception(msg)
logger.exception('Fetching from DB')


def get_context_from_analysis(app_dic,
Expand Down Expand Up @@ -161,13 +153,10 @@ def get_context_from_analysis(app_dic,
'trackers': trackers,
'playstore_details': app_dic['playstore'],
'secrets': code_an_dic['secrets'],
'logs': get_scan_logs(app_dic['md5']),
}
return context
except Exception as exp:
msg = 'Rendering to Template failed.'
logger.exception(msg)
append_scan_status(app_dic['md5'], msg, repr(exp))
except Exception:
logger.exception('Rendering to Template')


def save_or_update(update_type,
Expand Down Expand Up @@ -237,10 +226,8 @@ def save_or_update(update_type,
else:
StaticAnalyzerAndroid.objects.filter(
MD5=app_dic['md5']).update(**values)
except Exception as exp:
msg = 'Failed to Save/Update Database'
logger.exception(msg)
append_scan_status(app_dic['md5'], msg, repr(exp))
except Exception:
logger.exception('Updating DB')
try:
values = {
'APP_NAME': app_dic['real_name'],
Expand All @@ -249,24 +236,18 @@ def save_or_update(update_type,
}
RecentScansDB.objects.filter(
MD5=app_dic['md5']).update(**values)
except Exception as exp:
msg = 'Updating RecentScansDB table failed'
logger.exception(msg)
append_scan_status(app_dic['md5'], msg, repr(exp))
except Exception:
logger.exception('Updating RecentScansDB')


def save_get_ctx(app, man, m_anal, code, cert, elf, apkid, quark, trk, rscn):
# SAVE TO DB
if rscn:
msg = 'Updating Database...'
logger.info(msg)
append_scan_status(app['md5'], msg)
logger.info('Updating Database...')
action = 'update'
update_scan_timestamp(app['md5'])
else:
msg = 'Saving to Database'
logger.info(msg)
append_scan_status(app['md5'], msg)
logger.info('Saving to Database')
action = 'save'
save_or_update(
action,
Expand Down
42 changes: 12 additions & 30 deletions mobsf/StaticAnalyzer/views/ios/db_interaction.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,12 +4,7 @@
from django.conf import settings
from django.utils import timezone

from mobsf.MobSF.utils import (
append_scan_status,
get_scan_logs,
python_dict,
python_list,
)
from mobsf.MobSF.utils import python_dict, python_list
from mobsf.StaticAnalyzer.models import StaticAnalyzerIOS
from mobsf.StaticAnalyzer.models import RecentScansDB
from mobsf.StaticAnalyzer.views.common.suppression import (
Expand All @@ -22,8 +17,7 @@
def get_context_from_db_entry(db_entry):
"""Return the context for IPA/ZIP from DB."""
try:
msg = 'Analysis is already Done. Fetching data from the DB...'
logger.info(msg)
logger.info('Analysis is already Done. Fetching data from the DB...')
bundle_id = db_entry[0].BUNDLE_ID
code = process_suppression(
python_dict(db_entry[0].CODE_ANALYSIS),
Expand Down Expand Up @@ -72,12 +66,11 @@ def get_context_from_db_entry(db_entry):
'appstore_details': python_dict(db_entry[0].APPSTORE_DETAILS),
'secrets': python_list(db_entry[0].SECRETS),
'trackers': python_dict(db_entry[0].TRACKERS),
'logs': get_scan_logs(db_entry[0].MD5),

}
return context
except Exception:
msg = 'Fetching data from the DB failed.'
logger.exception(msg)
logger.exception('Fetching from DB')


def get_context_from_analysis(app_dict,
Expand Down Expand Up @@ -135,13 +128,10 @@ def get_context_from_analysis(app_dict,
'appstore_details': app_dict['appstore'],
'secrets': app_dict['secrets'],
'trackers': code_dict['trackers'],
'logs': get_scan_logs(app_dict['md5_hash']),
}
return context
except Exception as exp:
msg = 'Rendering to Template'
logger.exception(msg)
append_scan_status(app_dict['md5_hash'], msg, repr(exp))
except Exception:
logger.exception('Rendering to Template')


def save_or_update(update_type,
Expand Down Expand Up @@ -200,10 +190,8 @@ def save_or_update(update_type,
else:
StaticAnalyzerIOS.objects.filter(
MD5=app_dict['md5_hash']).update(**values)
except Exception as exp:
msg = 'Failed to Save/Update Database'
logger.exception(msg)
append_scan_status(app_dict['md5_hash'], msg, repr(exp))
except Exception:
logger.exception('Updating DB')
try:
values = {
'APP_NAME': info_dict['bin_name'],
Expand All @@ -212,25 +200,19 @@ def save_or_update(update_type,
}
RecentScansDB.objects.filter(
MD5=app_dict['md5_hash']).update(**values)
except Exception as exp:
msg = 'Updating RecentScansDB table failed'
logger.exception(msg)
append_scan_status(app_dict['md5_hash'], msg, repr(exp))
except Exception:
logger.exception('Updating RecentScansDB')


def save_get_ctx(app_dict, pdict, code_dict, bin_dict, all_files, rescan):
# Saving to DB
logger.info('Connecting to DB')
if rescan:
msg = 'Updating Database...'
logger.info(msg)
append_scan_status(app_dict['md5_hash'], msg)
logger.info('Updating Database...')
action = 'update'
update_scan_timestamp(app_dict['md5_hash'])
else:
msg = 'Saving to Database'
logger.info(msg)
append_scan_status(app_dict['md5_hash'], msg)
logger.info('Saving to Database')
action = 'save'
save_or_update(
action,
Expand Down
26 changes: 7 additions & 19 deletions mobsf/StaticAnalyzer/views/windows/db_interaction.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,11 +3,7 @@

from django.conf import settings

from mobsf.MobSF.utils import (
append_scan_status,
get_scan_logs,
python_list,
)
from mobsf.MobSF.utils import python_list
from mobsf.StaticAnalyzer.models import StaticAnalyzerWindows
from mobsf.StaticAnalyzer.models import RecentScansDB

Expand Down Expand Up @@ -42,7 +38,6 @@ def get_context_from_db_entry(db_entry):
'strings': python_list(db_entry[0].STRINGS),
'binary_analysis': python_list(db_entry[0].BINARY_ANALYSIS),
'binary_warnings': python_list(db_entry[0].BINARY_WARNINGS),
'logs': get_scan_logs(db_entry[0].MD5),
}
return context
except Exception:
Expand Down Expand Up @@ -78,13 +73,10 @@ def get_context_from_analysis(app_dic,
'strings': bin_an_dic['strings'],
'binary_analysis': bin_an_dic['results'],
'binary_warnings': bin_an_dic['warnings'],
'logs': get_scan_logs(app_dic['md5']),
}
return context
except Exception as exp:
msg = 'Rendering to Template'
logger.exception(msg)
append_scan_status(app_dic['md5'], msg, repr(exp))
except Exception:
logger.exception('Rendering to Template')


def save_or_update(update_type,
Expand Down Expand Up @@ -124,10 +116,8 @@ def save_or_update(update_type,
else:
StaticAnalyzerWindows.objects.filter(
MD5=app_dic['md5']).update(**values)
except Exception as exp:
msg = 'Failed to Save/Update Database'
logger.exception(msg)
append_scan_status(app_dic['md5'], msg, repr(exp))
except Exception:
logger.exception('Updating DB')
try:
values = {
'APP_NAME': bin_an_dic['bin_name'],
Expand All @@ -136,7 +126,5 @@ def save_or_update(update_type,
}
RecentScansDB.objects.filter(
MD5=app_dic['md5']).update(**values)
except Exception as exp:
msg = 'Updating RecentScansDB table failed'
logger.exception(msg)
append_scan_status(app_dic['md5'], msg, repr(exp))
except Exception:
logger.exception('Updating RecentScansDB')

0 comments on commit d25e098

Please sign in to comment.