Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

IP address disclosure issue #1299

Closed
frida12345 opened this issue Mar 5, 2020 · 1 comment
Closed

IP address disclosure issue #1299

frida12345 opened this issue Mar 5, 2020 · 1 comment
Labels
enhancement MobSF enhancements and feature requests

Comments

@frida12345
Copy link

In static analysis :code analysis, the issue " IP address disclosure is not showing the correct file location. It is been tested on various apks. Those file location it shows where a dot (.) is coming between any numeric value in the code. It seems considering such values as IP. However it is observed that it cannot be an IP. tested on apps l from google playstore like, Bhim adhaar UBI, KVB UPay, U-Mobile, bob, maha_UPI, SBI yono and many more.

image

image
image

image
@ajinabraham ajinabraham added the enhancement MobSF enhancements and feature requests label Mar 5, 2020
@ajinabraham
Copy link
Member

This is a false positive. Our IP address regex is very forgiving to capture most of the IP address or look alike format. There is a room for improvement. I will track this as an enhancement.

@ajinabraham ajinabraham mentioned this issue Mar 5, 2020
Open
94 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement MobSF enhancements and feature requests
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@ajinabraham @frida12345