-
-
Notifications
You must be signed in to change notification settings - Fork 3.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Failed to get Json response from dynamic analysis #1699
Comments
I hit the same problem using the latest version 3.3.3. The issue is with https://www.malwaredomainlist.com certificate CERTIFICATE_VERIFY_FAILED , You might want to add an option to ignore an invalid certificate. Please also capture an exception so it won't just crash. |
@blshkv It's not a good idea to ignore the cert errors. The update check is disabled in the latest master. |
well, we all know it's not a good idea. However, all major tools like wget and even your favourite browser has that option. That options basically says "I know what I'm doing". It allows me to verify the problem manually and accept the risk in case if the certificate is really invalid like in this particular case with malwaredomainlist. |
Well my major problem is in the JSON response. I have tried to edit the funnction view_report (def view_report(request, checksum, api=False)) in the report.py file and when commenting apimon from the variable context , the error disappears and the JOSN repsonse is returned with code 200 => After In this way everything is OK. So the problem lies mainly in the shape of apimon array. The output of the apimon using print function is attached in the following file. It is an essential part for my dynamic analysis so I can not ignore it. N.B: I have tried this on more than 3 applications. |
@blshkv malwaredomainlist looks unmaintained now, hence we disabled the update. Regarding the cert error, since MobSF is run locally by the users. I can't assume that they all know what they are doing and can't accept the risk on behalf of them. I would very much like them to report it and fix it at the tool. @YasserHaidar Yeah looks like API monitor output has bytes that's not JSON serializable. I will have to take a look and fix. Thanks a lot for the apimon output and further debugging. |
First of all, thanks alot for this usefull and excellent framework. Everything is working well for me , just I have a small issue in dynamic analysis. I want to get JSON response from a dynamic analysis using the REST API mentioned in the docs. However, a TypeScript error rises each time when doing so. Below,I have attached my python code and the error logs.
ENVIRONMENT
EXPLANATION OF THE ISSUE
STEPS TO REPRODUCE THE ISSUE
LOG FILE
The text was updated successfully, but these errors were encountered: