From 3223736d93b2c7e4b55e739e135f5d728d0b66dd Mon Sep 17 00:00:00 2001
From: Ajin Abraham <ajin.abraham@chime.com>
Date: Wed, 11 Dec 2024 18:08:06 -0800
Subject: [PATCH 1/2] HOTFIX: Show Abused Permissions, Fix Download AAB,
 Dependency bump

---
 mobsf/StaticAnalyzer/views/android/xapk.py    |  2 -
 .../android_binary_analysis.html              |  2 +-
 poetry.lock                                   | 50 +++++++++----------
 3 files changed, 26 insertions(+), 28 deletions(-)

diff --git a/mobsf/StaticAnalyzer/views/android/xapk.py b/mobsf/StaticAnalyzer/views/android/xapk.py
index 1d60a7490..67e130eaa 100644
--- a/mobsf/StaticAnalyzer/views/android/xapk.py
+++ b/mobsf/StaticAnalyzer/views/android/xapk.py
@@ -107,8 +107,6 @@ def handle_aab(app_dic):
         if not apks.exists() and aab_path.exists():
             # Convert AAB to APKS
             subprocess.run(args, timeout=300)
-            # Remove AAB
-            aab_path.unlink()
         # Extract APK from APKS
         for apk_file in unzip(checksum, apks.as_posix(), app_dic['app_dir']):
             full_path = app_dic['app_dir'] / apk_file
diff --git a/mobsf/templates/static_analysis/android_binary_analysis.html b/mobsf/templates/static_analysis/android_binary_analysis.html
index abd716d62..cc1aced3d 100755
--- a/mobsf/templates/static_analysis/android_binary_analysis.html
+++ b/mobsf/templates/static_analysis/android_binary_analysis.html
@@ -1827,6 +1827,7 @@ <h5 class="description-header">{{ code_analysis.summary.suppressed }}</h5>
     </div>
 </section>
 <!-- ===========================end virus total ================================== -->
+{% endif %}
 <a id="malware_permissions" class="anchor"></a>
 <section class="content">
   <div class="container-fluid">
@@ -1885,7 +1886,6 @@ <h5 class="description-header">{{ code_analysis.summary.suppressed }}</h5>
     </div>
 </section>
  <!-- ===========================end malware permissions  ================================== -->
- {% endif %}
 <style>
   #chartdiv {
   width: 100%;
diff --git a/poetry.lock b/poetry.lock
index 9266b1cf2..46261efab 100644
--- a/poetry.lock
+++ b/poetry.lock
@@ -665,13 +665,13 @@ files = [
 
 [[package]]
 name = "django"
-version = "5.1.3"
+version = "5.1.4"
 description = "A high-level Python web framework that encourages rapid development and clean, pragmatic design."
 optional = false
 python-versions = ">=3.10"
 files = [
-    {file = "Django-5.1.3-py3-none-any.whl", hash = "sha256:8b38a9a12da3ae00cb0ba72da985ec4b14de6345046b1e174b1fd7254398f818"},
-    {file = "Django-5.1.3.tar.gz", hash = "sha256:c0fa0e619c39325a169208caef234f90baa925227032ad3f44842ba14d75234a"},
+    {file = "Django-5.1.4-py3-none-any.whl", hash = "sha256:236e023f021f5ce7dee5779de7b286565fdea5f4ab86bae5338e3f7b69896cf0"},
+    {file = "Django-5.1.4.tar.gz", hash = "sha256:de450c09e91879fa5a307f696e57c851955c910a438a35e6b4c895e86bedc82a"},
 ]
 
 [package.dependencies]
@@ -771,28 +771,28 @@ dotenv = ["python-dotenv"]
 
 [[package]]
 name = "frida"
-version = "16.5.7"
+version = "16.5.9"
 description = "Dynamic instrumentation toolkit for developers, reverse-engineers, and security researchers"
 optional = false
 python-versions = ">=3.7"
 files = [
-    {file = "frida-16.5.7-cp37-abi3-macosx_10_13_x86_64.whl", hash = "sha256:9c6fd90d9f236c295bce7dffada302d8976a4b6410304c8637f8e724b6467d6b"},
-    {file = "frida-16.5.7-cp37-abi3-macosx_11_0_arm64.whl", hash = "sha256:ea16c82afdd1e1d7aaad9c82197c295e4f387a3f1e9693c662f7d48b90c29ad3"},
-    {file = "frida-16.5.7-cp37-abi3-manylinux1_i686.whl", hash = "sha256:8fb067d478208d6b083716cf3eec7acc8b2fc8e9f024d2f56321b453ff8b4528"},
-    {file = "frida-16.5.7-cp37-abi3-manylinux1_x86_64.whl", hash = "sha256:fb63fe05eef10d60477aca9c1aea6dea019d52675ad33229f0793226acc6822a"},
-    {file = "frida-16.5.7-cp37-abi3-manylinux2014_aarch64.whl", hash = "sha256:087efee1e85bad0e097113bb0b109578c2cf3b9eeacc05903ce872c1ba66444f"},
-    {file = "frida-16.5.7-cp37-abi3-manylinux2014_armv7l.whl", hash = "sha256:17ff1fcbfc5a189169cb9d48ee58ecaddf8c07f22a5d91347c75b8a504fe448f"},
-    {file = "frida-16.5.7-cp37-abi3-manylinux_2_17_aarch64.whl", hash = "sha256:71da6a037d215384af4fba14f580abd91c02dfa5838b6da57e7aa7390a836758"},
-    {file = "frida-16.5.7-cp37-abi3-manylinux_2_17_armv7l.whl", hash = "sha256:f74adef37b78611ada425affeab252ce73b928160afe921a9c652db7859fbaa7"},
-    {file = "frida-16.5.7-cp37-abi3-manylinux_2_5_i686.whl", hash = "sha256:1e37bcad68e86d3f40b1a8a3bc1a9f802baaa51de753433d794d2f2553279374"},
-    {file = "frida-16.5.7-cp37-abi3-manylinux_2_5_x86_64.whl", hash = "sha256:a1b3e455db5cfd38bf6cfc09341d4e85d30c9eb234840f863485ea1e5a305069"},
-    {file = "frida-16.5.7-cp37-abi3-win32.whl", hash = "sha256:bee37a43a934b627624048ff554e52aefafab4af8414ecb336d4e88b5bfd540d"},
-    {file = "frida-16.5.7-cp37-abi3-win_amd64.whl", hash = "sha256:a6b92addf345f3b76d561271eba0edadaa412ae10d1a72fa1343f24cdcbf1f03"},
-    {file = "frida-16.5.7.tar.gz", hash = "sha256:49412b7ab26ef0eb38cd0e25f1cbaabd742c69a71109ff156983b22e3da7f6f3"},
+    {file = "frida-16.5.9-cp37-abi3-macosx_10_13_x86_64.whl", hash = "sha256:ca22d7ea49fdd36b01a4cf19fa98ab0219d8f70861c0dc8b8ecd6c3ab17a6d83"},
+    {file = "frida-16.5.9-cp37-abi3-macosx_11_0_arm64.whl", hash = "sha256:795a6a07c5729e21e891293793a66f85d8b3cb59cc3f4fe8c9b944b32ed216b7"},
+    {file = "frida-16.5.9-cp37-abi3-manylinux1_i686.whl", hash = "sha256:23494ba2991a68cb1fd9abe3baaea8ecc18ed7716f97bac5fb9e1567f893de12"},
+    {file = "frida-16.5.9-cp37-abi3-manylinux1_x86_64.whl", hash = "sha256:821abe2c2ec41394acbdd9a7d635531fc3d5cfd98550342225499dea59b0a565"},
+    {file = "frida-16.5.9-cp37-abi3-manylinux2014_aarch64.whl", hash = "sha256:59d4ea960f06b90b62534af30e3959637bf19bb48c584993386c3d40f2d08994"},
+    {file = "frida-16.5.9-cp37-abi3-manylinux2014_armv7l.whl", hash = "sha256:4881cab6c69148c0a27902305d10f01c615d85047cf45f627f03ada3c9fcc5a6"},
+    {file = "frida-16.5.9-cp37-abi3-manylinux_2_17_aarch64.whl", hash = "sha256:a473ccada3e5f4db6779ff7ccc26179548c87418ce7f26408d534380c0147d4e"},
+    {file = "frida-16.5.9-cp37-abi3-manylinux_2_17_armv7l.whl", hash = "sha256:d7857d628160682d16ec664398dbe71258986d6e2fa5ec37a40724bded35461c"},
+    {file = "frida-16.5.9-cp37-abi3-manylinux_2_5_i686.whl", hash = "sha256:e4b97c3cf9be1f6ab0dd6e916bb3f34039b44fed58e70853a59cdb51dc4e1594"},
+    {file = "frida-16.5.9-cp37-abi3-manylinux_2_5_x86_64.whl", hash = "sha256:9ff9eefa0e860d402a125134d2078c74e16397abe0febc7060029ed2f4b2db90"},
+    {file = "frida-16.5.9-cp37-abi3-win32.whl", hash = "sha256:4e9da3119afbcbbe15e570639d0e93c1d6f105d85aa37afb01a3a5d1231d13e0"},
+    {file = "frida-16.5.9-cp37-abi3-win_amd64.whl", hash = "sha256:5d619903e0879299d68ae0ce489de3f561b565eab40dd18c9d31c69ab03d8bcc"},
+    {file = "frida-16.5.9.tar.gz", hash = "sha256:a563f78842d2663f0a8282091003b338af7336d57d56b329913177154b9083ac"},
 ]
 
 [package.dependencies]
-typing-extensions = {version = "*", markers = "python_version < \"3.11\""}
+typing_extensions = {version = "*", markers = "python_version < \"3.11\""}
 
 [[package]]
 name = "google-play-scraper"
@@ -2150,13 +2150,13 @@ files = [
 
 [[package]]
 name = "six"
-version = "1.16.0"
+version = "1.17.0"
 description = "Python 2 and 3 compatibility utilities"
 optional = false
-python-versions = ">=2.7, !=3.0.*, !=3.1.*, !=3.2.*"
+python-versions = "!=3.0.*,!=3.1.*,!=3.2.*,>=2.7"
 files = [
-    {file = "six-1.16.0-py2.py3-none-any.whl", hash = "sha256:8abb2f1d86890a2dfb989f9a77cfcfd3e47c2a354b01111771326f8aa26e0254"},
-    {file = "six-1.16.0.tar.gz", hash = "sha256:1e61c37477a1626458e36f7b1d82aa5c9b094fa4802892072e49de9c60c4c926"},
+    {file = "six-1.17.0-py2.py3-none-any.whl", hash = "sha256:4721f391ed90541fddacab5acf947aa0d3dc7d27b2e1e8eda2be8970586c3274"},
+    {file = "six-1.17.0.tar.gz", hash = "sha256:ff70335d468e7eb6ec65b95b99d3a2836546063f63acc5171de367e834932a81"},
 ]
 
 [[package]]
@@ -2183,13 +2183,13 @@ files = [
 
 [[package]]
 name = "sqlparse"
-version = "0.5.2"
+version = "0.5.3"
 description = "A non-validating SQL parser."
 optional = false
 python-versions = ">=3.8"
 files = [
-    {file = "sqlparse-0.5.2-py3-none-any.whl", hash = "sha256:e99bc85c78160918c3e1d9230834ab8d80fc06c59d03f8db2618f65f65dda55e"},
-    {file = "sqlparse-0.5.2.tar.gz", hash = "sha256:9e37b35e16d1cc652a2545f0997c1deb23ea28fa1f3eefe609eee3063c3b105f"},
+    {file = "sqlparse-0.5.3-py3-none-any.whl", hash = "sha256:cf2196ed3418f3ba5de6af7e82c694a9fbdbfecccdfc72e281548517081f16ca"},
+    {file = "sqlparse-0.5.3.tar.gz", hash = "sha256:09f67787f56a0b16ecdbde1bfc7f5d9c3371ca683cfeaa8e6ff60b4807ec9272"},
 ]
 
 [package.extras]

From fbf567446bfe818b179aed074ec5f2c4de3915d3 Mon Sep 17 00:00:00 2001
From: Ajin Abraham <ajin.abraham@chime.com>
Date: Tue, 17 Dec 2024 17:03:03 -0800
Subject: [PATCH 2/2] dependencies bump + show resources

---
 mobsf/MobSF/utils.py | 13 +++++++++++++
 poetry.lock          | 16 ++++++++--------
 2 files changed, 21 insertions(+), 8 deletions(-)

diff --git a/mobsf/MobSF/utils.py b/mobsf/MobSF/utils.py
index b6a4f5320..d24e4367a 100755
--- a/mobsf/MobSF/utils.py
+++ b/mobsf/MobSF/utils.py
@@ -98,6 +98,17 @@ def upstream_proxy(flaw_type):
     return proxies, verify
 
 
+def get_system_resources():
+    """Get CPU and Memory Available."""
+    # Get number of physical cores
+    physical_cores = psutil.cpu_count(logical=False)
+    # Get number of logical processors (threads)
+    logical_processors = psutil.cpu_count(logical=True)
+    # Get total RAM
+    total_ram = psutil.virtual_memory().total / (1024 ** 3)  # Convert bytes to GB
+    return physical_cores, logical_processors, total_ram
+
+
 def print_version():
     """Print MobSF Version."""
     logger.info(settings.BANNER)
@@ -122,6 +133,8 @@ def print_version():
         dst_str = f' ({dist}) '
     env_str = f'OS Environment: {os}{dst_str}{pltfm}'
     logger.info(env_str)
+    cores, threads, ram = get_system_resources()
+    logger.info('CPU Cores: %s, Threads: %s, RAM: %.2f GB', cores, threads, ram)
     find_java_binary()
     check_basic_env()
     thread = threading.Thread(target=check_update, name='check_update')
diff --git a/poetry.lock b/poetry.lock
index 46261efab..335a9c51d 100644
--- a/poetry.lock
+++ b/poetry.lock
@@ -146,19 +146,19 @@ files = [
 
 [[package]]
 name = "attrs"
-version = "24.2.0"
+version = "24.3.0"
 description = "Classes Without Boilerplate"
 optional = false
-python-versions = ">=3.7"
+python-versions = ">=3.8"
 files = [
-    {file = "attrs-24.2.0-py3-none-any.whl", hash = "sha256:81921eb96de3191c8258c199618104dd27ac608d9366f5e35d011eae1867ede2"},
-    {file = "attrs-24.2.0.tar.gz", hash = "sha256:5cfb1b9148b5b086569baec03f20d7b6bf3bcacc9a42bebf87ffaaca362f6346"},
+    {file = "attrs-24.3.0-py3-none-any.whl", hash = "sha256:ac96cd038792094f438ad1f6ff80837353805ac950cd2aa0e0625ef19850c308"},
+    {file = "attrs-24.3.0.tar.gz", hash = "sha256:8f5c07333d543103541ba7be0e2ce16eeee8130cb0b3f9238ab904ce1e85baff"},
 ]
 
 [package.extras]
 benchmark = ["cloudpickle", "hypothesis", "mypy (>=1.11.1)", "pympler", "pytest (>=4.3.0)", "pytest-codspeed", "pytest-mypy-plugins", "pytest-xdist[psutil]"]
 cov = ["cloudpickle", "coverage[toml] (>=5.3)", "hypothesis", "mypy (>=1.11.1)", "pympler", "pytest (>=4.3.0)", "pytest-mypy-plugins", "pytest-xdist[psutil]"]
-dev = ["cloudpickle", "hypothesis", "mypy (>=1.11.1)", "pre-commit", "pympler", "pytest (>=4.3.0)", "pytest-mypy-plugins", "pytest-xdist[psutil]"]
+dev = ["cloudpickle", "hypothesis", "mypy (>=1.11.1)", "pre-commit-uv", "pympler", "pytest (>=4.3.0)", "pytest-mypy-plugins", "pytest-xdist[psutil]"]
 docs = ["cogapp", "furo", "myst-parser", "sphinx", "sphinx-notfound-page", "sphinxcontrib-towncrier", "towncrier (<24.7)"]
 tests = ["cloudpickle", "hypothesis", "mypy (>=1.11.1)", "pympler", "pytest (>=4.3.0)", "pytest-mypy-plugins", "pytest-xdist[psutil]"]
 tests-mypy = ["mypy (>=1.11.1)", "pytest-mypy-plugins"]
@@ -348,13 +348,13 @@ beautifulsoup4 = "*"
 
 [[package]]
 name = "certifi"
-version = "2024.8.30"
+version = "2024.12.14"
 description = "Python package for providing Mozilla's CA Bundle."
 optional = false
 python-versions = ">=3.6"
 files = [
-    {file = "certifi-2024.8.30-py3-none-any.whl", hash = "sha256:922820b53db7a7257ffbda3f597266d435245903d80737e34f8a45ff3e3230d8"},
-    {file = "certifi-2024.8.30.tar.gz", hash = "sha256:bec941d2aa8195e248a60b31ff9f0558284cf01a52591ceda73ea9afffd69fd9"},
+    {file = "certifi-2024.12.14-py3-none-any.whl", hash = "sha256:1275f7a45be9464efc1173084eaa30f866fe2e47d389406136d332ed4967ec56"},
+    {file = "certifi-2024.12.14.tar.gz", hash = "sha256:b650d30f370c2b724812bee08008be0c4163b163ddaec3f2546c1caf65f191db"},
 ]
 
 [[package]]