Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

MobSF scan results aren't fully processed #9132

Closed
ahammoudeh96 opened this issue Dec 7, 2023 · 6 comments
Closed

MobSF scan results aren't fully processed #9132

ahammoudeh96 opened this issue Dec 7, 2023 · 6 comments
Labels
bug

Comments

@ahammoudeh96
Copy link

ahammoudeh96 commented Dec 7, 2023
edited

MobSF binary static scan results in json format aren't fully processed.DefectDojo skips lots of findings made by MobSF, e.g. malware analysis and code analysis

Steps to reproduce:

  • Download json report via MobSF REST API
  • Upload MobSF json report to DefectDojo either via REST API or WEB UI
  • lots of findings are skipped!
@manuel-sommer
Copy link
Contributor

Could you provide a sampleoutput? I can help you to fix this.

@ahammoudeh96
Copy link
Author

Thank you for replaying back @manuel-sommer,

I have attached the following file:

  • Mobsf scan result json file
  • Mobsf scan result pdf file
  • Defectdojo pdf file from the uploaded Mobsf scan result json file.

As you can see in mobsf json and pdf files the total numbers of findings are 36. defectdojo on the other hand only reports 21.

defectdojo_scan_result.xlsx
download.pdf
mobsf_scan_result.json

manuel-sommer added a commit to manuel-sommer/django-DefectDojo that referenced this issue Dec 10, 2023
@manuel-sommer
🐛 fix mobsf parser DefectDojo#9132
ac7d137
@manuel-sommer manuel-sommer mentioned this issue Dec 10, 2023
Merged
@manuel-sommer
Copy link
Contributor

manuel-sommer commented Dec 11, 2023
edited

@ahammoudeh96 I started to fix the parser, could you provide more output files from different scans or test my fix?
I guess we don't have enough test data for this parser to test it properly.

@ahammoudeh96
Copy link
Author

@manuel-sommer I have findings for two apps.

Allsafe - 1.4
allsafe.pdf
allsafe.json

damnvulenrablebank
damnvulnerablebank.pdf
damnvulnrablebank.json

I will create a dev defectdojo machine to test your fix. might takes a bit of time. you know management approval

@manuel-sommer
Copy link
Contributor

You can also test on localhost. ;-)

Tested both your json and added them to the unittests, they are processed fine.

Maffooch pushed a commit that referenced this issue Dec 22, 2023
@manuel-sommer
🐛 fix mobsf parser #9132 (#9139)
ccedcfb 
* 🐛 fix mobsf parser #9132

* 🐛 fixed multiple issues

* added more tests
@manuel-sommer
Copy link
Contributor

This can be closed.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@mtesauro @manuel-sommer @ahammoudeh96