m0wn1ka · December 13, 2023 14:38
diff --git a/mobsf-rest-api-python.py b/mobsf-rest-api-python.py
 """
 MOBSF REST API Python Requests
 """

 import json
 import requests
 from requests_toolbelt.multipart.encoder import MultipartEncoder

 SERVER = "http://127.0.0.1:8000"

 FILE2='app-release.apk'
 FILE1 = 'diva-beta.apk'
 APIKEY = '<API_KEY>'


 def upload(x):
    """Upload File"""
    print("Uploading file")
    multipart_data = MultipartEncoder(fields={'file': (x, open(x, 'rb'), 'application/octet-stream')})
    headers = {'Content-Type': multipart_data.content_type, 'Authorization': APIKEY}
    response = requests.post(SERVER + '/api/v1/upload', data=multipart_data, headers=headers)
    print(response.text)
    return response.text


 def scan(data):
    """Scan the file"""
    print("Scanning file")
    post_dict = json.loads(data)
    headers = {'Authorization': APIKEY}
    response = requests.post(SERVER + '/api/v1/scan', data=post_dict, headers=headers)
    print(response.text)
 def compare(hash1,hash2):
 	
 	headers = { 'Authorization': APIKEY}
 	data={"hash1":hash1,"hash2":hash2}
 	print("in comparinsg data is ",data)
 	response = requests.post(SERVER + '/api/v1/compare', data=data, headers=headers)
 	
 	return response.text


 def pdf(data):
    """Generate PDF Report"""
    print("Generate PDF report")
    headers = {'Authorization': APIKEY}
    data = {"hash": json.loads(data)["hash"]}
    response = requests.post(SERVER + '/api/v1/download_pdf', data=data, headers=headers, stream=True)
    with open("report.pdf", 'wb') as flip:
        for chunk in response.iter_content(chunk_size=1024):
            if chunk:
                flip.write(chunk)
    print("Report saved as report.pdf")


 def json_resp(data):
    """Generate JSON Report"""
    print("Generate JSON report")
    headers = {'Authorization': APIKEY}
    data = {"hash": json.loads(data)["hash"]}
    response = requests.post(SERVER + '/api/v1/report_json', data=data, headers=headers)
    print(response.text)


 def delete(data):
    """Delete Scan Result"""
    print("Deleting Scan")
    headers = {'Authorization': APIKEY}
    data = {"hash": json.loads(data)["hash"]}
    response = requests.post(SERVER + '/api/v1/delete_scan', data=data, headers=headers)
    print(response.text)
 def recent_scans():
 	"""get recent scans"""
 	print("printing recent scans")
 	headers = {'Authorization': APIKEY}
 	response = requests.get(SERVER + '/api/v1/scans', headers=headers)
 	print("response of recent scans is ",response.content)
 def score_card(hash):
 	headers = {'Authorization': APIKEY}
 	post_dict = json.loads(hash)
 	response = requests.post(SERVER + '/api/v1/scan', data=post_dict, headers=headers)
 	print("response of scorecard is ",response.text)
 def suppress_by_rule(hash,rule='app_allowbackup',type='manifest'):
 #type can be manifest or code
 #rule can be android_logging ,app_allowbackup
 	"""supress a check by some rule id"""
 	print("supresing by rule")
 	hash=json.loads(hash)["hash"]
 	data={"hash":hash,"rule":rule,"type":type}
 	headers = {'Authorization': APIKEY}
 	response = requests.post(SERVER + '/api/v1/suppress_by_rule', data=data, headers=headers)
 	return response.text
 def suppress_by_file(hash,type,rule="android_logging"):
 #type can be  or code
 #rule can be android_logging ,app_allowbackup
 	"""supress a check by some rule id"""
 	print("supresing by file")
 	hash=json.loads(hash)["hash"]
 	data={"hash":hash,"rule":rule,"type":type}
 	headers = {'Authorization': APIKEY}
 	response = requests.post(SERVER + '/api/v1/suppress_by_files', data=data, headers=headers)
 	return response.text
 def view_suppressions(data):
 	print("checking which are suppresdd..")
 	data = json.loads(data)
 	headers = {'Authorization': APIKEY}
 	response = requests.post(SERVER + '/api/v1/list_suppressions', data=data, headers=headers)
 	return response.text
 def delete_suppressions(data,type="code",rule="android_sql_raw_query",kind="file"):
 	print("removing suppresions..")
 	hash = json.loads(data)["hash"]
 	headers = {'Authorization': APIKEY}
 	data={"hash":hash,"type":type,"rule":rule,"kind":kind}
 	response = requests.post(SERVER + '/api/v1/delete_suppression', data=data, headers=headers)
 	return response.text
 RESP = upload(FILE1)
 scan(RESP)

 RESP2=upload(FILE2)


 scan(RESP2)
 print(compare(json.loads(RESP)["hash"],json.loads(RESP2)["hash"]))


 json_resp(RESP)
 pdf(RESP)
 print("displaying recent scans")
 recent_scans()
 print("suppress by rule")
 res=suppress_by_rule(RESP)
 print(res)
 print("score card")
 score_card(RESP)
 print("suppress by file")
 res=suppress_by_file(RESP,"code")
 print("view suppressions")
 view_suppressions(RESP)
 print("delete suppressions")
 delete_suppressions(RESP)
 delete(RESP)
 delete(RESP2)
	"""
	MOBSF REST API Python Requests
	"""

	import json
	import requests
	from requests_toolbelt.multipart.encoder import MultipartEncoder

	SERVER = "http://127.0.0.1:8000"

	FILE2='app-release.apk'
	FILE1 = 'diva-beta.apk'
	APIKEY = '<API_KEY>'


	def upload(x):
	"""Upload File"""
	print("Uploading file")
	multipart_data = MultipartEncoder(fields={'file': (x, open(x, 'rb'), 'application/octet-stream')})
	headers = {'Content-Type': multipart_data.content_type, 'Authorization': APIKEY}
	response = requests.post(SERVER + '/api/v1/upload', data=multipart_data, headers=headers)
	print(response.text)
	return response.text


	def scan(data):
	"""Scan the file"""
	print("Scanning file")
	post_dict = json.loads(data)
	headers = {'Authorization': APIKEY}
	response = requests.post(SERVER + '/api/v1/scan', data=post_dict, headers=headers)
	print(response.text)
	def compare(hash1,hash2):

	headers = { 'Authorization': APIKEY}
	data={"hash1":hash1,"hash2":hash2}
	print("in comparinsg data is ",data)
	response = requests.post(SERVER + '/api/v1/compare', data=data, headers=headers)

	return response.text


	def pdf(data):
	"""Generate PDF Report"""
	print("Generate PDF report")
	headers = {'Authorization': APIKEY}
	data = {"hash": json.loads(data)["hash"]}
	response = requests.post(SERVER + '/api/v1/download_pdf', data=data, headers=headers, stream=True)
	with open("report.pdf", 'wb') as flip:
	for chunk in response.iter_content(chunk_size=1024):
	if chunk:
	flip.write(chunk)
	print("Report saved as report.pdf")


	def json_resp(data):
	"""Generate JSON Report"""
	print("Generate JSON report")
	headers = {'Authorization': APIKEY}
	data = {"hash": json.loads(data)["hash"]}
	response = requests.post(SERVER + '/api/v1/report_json', data=data, headers=headers)
	print(response.text)


	def delete(data):
	"""Delete Scan Result"""
	print("Deleting Scan")
	headers = {'Authorization': APIKEY}
	data = {"hash": json.loads(data)["hash"]}
	response = requests.post(SERVER + '/api/v1/delete_scan', data=data, headers=headers)
	print(response.text)
	def recent_scans():
	"""get recent scans"""
	print("printing recent scans")
	headers = {'Authorization': APIKEY}
	response = requests.get(SERVER + '/api/v1/scans', headers=headers)
	print("response of recent scans is ",response.content)
	def score_card(hash):
	headers = {'Authorization': APIKEY}
	post_dict = json.loads(hash)
	response = requests.post(SERVER + '/api/v1/scan', data=post_dict, headers=headers)
	print("response of scorecard is ",response.text)
	def suppress_by_rule(hash,rule='app_allowbackup',type='manifest'):
	#type can be manifest or code
	#rule can be android_logging ,app_allowbackup
	"""supress a check by some rule id"""
	print("supresing by rule")
	hash=json.loads(hash)["hash"]
	data={"hash":hash,"rule":rule,"type":type}
	headers = {'Authorization': APIKEY}
	response = requests.post(SERVER + '/api/v1/suppress_by_rule', data=data, headers=headers)
	return response.text
	def suppress_by_file(hash,type,rule="android_logging"):
	#type can be or code
	#rule can be android_logging ,app_allowbackup
	"""supress a check by some rule id"""
	print("supresing by file")
	hash=json.loads(hash)["hash"]
	data={"hash":hash,"rule":rule,"type":type}
	headers = {'Authorization': APIKEY}
	response = requests.post(SERVER + '/api/v1/suppress_by_files', data=data, headers=headers)
	return response.text
	def view_suppressions(data):
	print("checking which are suppresdd..")
	data = json.loads(data)
	headers = {'Authorization': APIKEY}
	response = requests.post(SERVER + '/api/v1/list_suppressions', data=data, headers=headers)
	return response.text
	def delete_suppressions(data,type="code",rule="android_sql_raw_query",kind="file"):
	print("removing suppresions..")
	hash = json.loads(data)["hash"]
	headers = {'Authorization': APIKEY}
	data={"hash":hash,"type":type,"rule":rule,"kind":kind}
	response = requests.post(SERVER + '/api/v1/delete_suppression', data=data, headers=headers)
	return response.text
	RESP = upload(FILE1)
	scan(RESP)

	RESP2=upload(FILE2)


	scan(RESP2)
	print(compare(json.loads(RESP)["hash"],json.loads(RESP2)["hash"]))


	json_resp(RESP)
	pdf(RESP)
	print("displaying recent scans")
	recent_scans()
	print("suppress by rule")
	res=suppress_by_rule(RESP)
	print(res)
	print("score card")
	score_card(RESP)
	print("suppress by file")
	res=suppress_by_file(RESP,"code")
	print("view suppressions")
	view_suppressions(RESP)
	print("delete suppressions")
	delete_suppressions(RESP)
	delete(RESP)
	delete(RESP2)