[FEATURE] Split Analysis Process and Add API for Listing Analyzed APKs #2467
Description
Description:
I propose adding new features to MobSF to improve its flexibility:
1. Split the Analysis Process into Two Steps
The suggested feature splits the analysis process into:
- APK Unpacking: A step where the file is prepared for analysis.
- APK Analysis: The actual static analysis of the application.
This would allow users to intervene when issues arise during the unpacking stage, such as when MobSF's built-in tools fail to process an APK. Users could manually prepare the APK and then continue with the analysis.
2. API Endpoint to List Analyzed APKs
I propose adding an API endpoint to retrieve a list of APKs that have already been analyzed in MobSF. This endpoint would return:
- MD5 hash
- File name
- Package name
This feature would streamline MobSF integration with other tools and avoid redundant analysis of previously processed APKs.
Integration with Existing Logic:
- New routes have been added in
urls.py:re_path(r'^api/v1/apk/unpack$', api_sz.api_apk_unpack), re_path(r'^api/v1/apk/analyze$', api_sz.api_apk_analyze), re_path(r'^api/v1/apk/list$', api_sz.api_apk_list),
- Two new methods handle the unpacking and analysis processes:
static_analyzer_apk_unpack(request, checksum, api=False)static_analyzer_apk_analyze(request, checksum, api=False)
These methods save the unpacked APK's context (app_dic) into a{checksum}.dicfile, allowing users to resume the analysis after manual intervention.
- Added API endpoints:
api_apk_unpack(request): Handles APK unpacking via API.api_apk_analyze(request): Handles APK analysis via API.api_apk_list(request): Returns a list of MD5 hashes, file names, and package names for all analyzed APKs.
Expected Impact:
- Improved flexibility in handling non-standard APKs.
- Enhanced integration of MobSF with external systems through APIs to retrieve analysis data.
mobsf_api_static_analysis.patch
mobsf_static_analyzer.patch
mobsf_urls.patch