In the terminal, we get some gibrish ansi codes:
\e[1;32m[M]\e[1;33mobile \e[1;32m[A]\e[1;33mpplication \e[1;32m[R]\e[1;33meverse Engineering & \e[1;32m[A]\e[1;33mnalysis Framework

There seems to be a problem with yara-python in the current build. I am getting compile errors running setup.sh. Also manually performing the yara-python install from the tools/yara-python directory gave me the following error below at _ERROR_.
I had yara-python installed and attempted it with apt install and pip install of both python2.7 and python3 but still no luck. APKiD would fail with an error telling me that yara-python failed to meet the requirement of yara-python==3.5.0.999.

Eventually I was able to correct the issue by manually cloning APKiD from https://github.com/rednaga/APKiD and quoting out the APKiD section in your setup.sh file. Hope this helps.
:EDIT: System is Kali Linux 2016.2 Rolling Release

_ERROR_
yara-python.c: In function ‘yara_callback’:
yara-python.c:602:18: error: ‘CALLBACK_MSG_MODULE_IMPORTED’ undeclared (first use in this function)
if (message == CALLBACK_MSG_MODULE_IMPORTED && modules_callback == NULL)
^~~~~~~~~~~~~~~~~~~~~~~~~~~~
yara-python.c:602:18: note: each undeclared identifier is reported only once for each function it appears in
yara-python.c:727:60: error: ‘YR_MATCH {aka struct _YR_MATCH}’ has no member named ‘data_length’; did you mean ‘chain_length’?
object = PyBytes_FromStringAndSize((char*) m->data, m->data_length);
^~
yara-python.c: In function ‘handle_error’:
yara-python.c:940:10: error: ‘ERROR_INVALID_EXTERNAL_VARIABLE_TYPE’ undeclared (first use in this function)
case ERROR_INVALID_EXTERNAL_VARIABLE_TYPE:
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
error: command 'x86_64-linux-gnu-gcc' failed with exit status 1

apkid tool is not getting installed with mara framework in my case. I am getting the below error :

Could not find a version that satisfies the requirement apkid (from versions: )
No matching distribution found for apkid

Tried to install yara-python through both options, pip install yara-python and build but still getting this error when trying to run the mac setup script.

fatal: destination path 'yara-python' already exists and is not an empty directory.
python: can't open file 'setup.py': [Errno 2] No such file or directory
Collecting apkid
Using cached apkid-1.0.0-py2.py3-none-any.whl
Collecting yara-python==3.5.0.999 (from apkid)
Could not find a version that satisfies the requirement yara-python==3.5.0.999 (from apkid) (from versions: 3.4.0.0, 3.5.0, 3.6.0, 3.6.1, 3.6.2, 3.6.3)
No matching distribution found for yara-python==3.5.0.999 (from aphid)

Any work around for this issue?

Not an issue just a FYI: pypubsub is now at https://github.com/schollii/pypubsub (I moved it from sourceforge and made some updates).

In the vulnerabilities/crypto_implementation.txt
Does the following mean that no SSL pinning was detected, or something else?

==========================
SSL pinning detection:

Jadx:

Java:

Hi Team
I am running command ./mara.sh and it performs OWASP Top Mobile Top 10 analysis but when i look to report but it has nothing/blank report is generated
can you please let me know how it is working ?

Every apk file I run with deobfuscator.sh i get the follow issue using the command:
./deobfuscator.sh --apk test.apk

after uploading it and waiting curl issue:
curl: (3) Illegal characters found in URL
[-] Retrying in 30 seconds

The setup script is not compatible with mac.
apt-get is not available.

Hi
Thank you for your contribution to the community.
However as I understand, MARA only works for apks having size < 16 MB..
I think the reason for that is the deobfuscator :

Statistical Deobfuscation of Android Applications

Where deobfuscation is only allowed for apk's having size less than 16 MB. Any ideas for deobfuscators for file sizes above 16 MB?

hi folks,
in all my reports, thisfile is empty, 0 octets.
any idea how fx this?
thxx for your help

I am trying to do an audit for an app the deobfuscation phase is taking too long....More that five minutes. Whats the best way to do a minimalist and quick audit?

Not sure if this is the expected behavior:

./mara.sh: line 83: [: ==: unary operator expected
./mara.sh: line 83: [: ==: unary operator expected
./mara.sh: line 86: [: ==: unary operator expected
./mara.sh: line 86: [: ==: unary operator expected
./mara.sh: line 90: [: ==: unary operator expected
\e[1;31m[NOTE] \e[0;33mInvalid response!!

./mara.sh: line 231: dpkg: command not found
./mara.sh: line 219: ./aapt: cannot execute binary file
./mara.sh: line 243: ./dexdump: cannot execute binary file

./mara.sh: line 283: [: ==: unary operator expected
./mara.sh: line 283: [: ==: unary operator expected
./mara.sh: line 287: [: ==: unary operator expected
./mara.sh: line 287: [: ==: unary operator expected
./mara.sh: line 291: [: ==: unary operator expected
\e[1;31m[NOTE] Invalid response!!

./owasp_static_android.sh: line 478: [: ==: unary operator expected
./owasp_static_android.sh: line 478: [: ==: unary operator expected
./owasp_static_android.sh: line 481: [: ==: unary operator expected
./owasp_static_android.sh: line 481: [: ==: unary operator expected
./owasp_static_android.sh: line 485: [: ==: unary operator expected
\e[1;31m[NOTE] \e[0;33mInvalid response!!

It might be worth changing the shebang in the bash scripts from

#!/bin/bash

to

#!/usr/bin/env bash

The later is more portable and will allow us to remove the multiple sed invocations from setup_mac.sh.

In mara.sh an maybe in other scripts, a lot of cd and ../../ are used referring from the root of the project ignoring where the script was called from, despite of being ugly, this force the user to change his current directory to the root directory of mara project. So the script can't be launched from everywhere else.

There is an article The Right Way to Get the Directory of a bash Script which seems to have a better approach for calling resources. It would be great to apply that solution.

hello

when i install MARA

it writes

Using cached https://files.pythonhosted.org/packages/9f/dc/0683a458d21c3d561ab2f71b4fcdd812bf04e55c54e560b0854cea95610e/poster-0.8.1.tar.gz
ERROR: Command errored out with exit status 1:
command: /usr/bin/python3 -c 'import sys, setuptools, tokenize; sys.argv[0] = '"'"'/tmp/pip-install-d9yzvzfv/poster/setup.py'"'"'; file='"'"'/tmp/pip-install-d9yzvzfv/poster/setup.py'"'"';f=getattr(tokenize, '"'"'open'"'"', open)(file);code=f.read().replace('"'"'\r\n'"'"', '"'"'\n'"'"');f.close();exec(compile(code, file, '"'"'exec'"'"'))' egg_info --egg-base pip-egg-info
cwd: /tmp/pip-install-d9yzvzfv/poster/
Complete output (10 lines):
Traceback (most recent call last):
File "", line 1, in
File "/tmp/pip-install-d9yzvzfv/poster/setup.py", line 2, in
import poster
File "/tmp/pip-install-d9yzvzfv/poster/poster/init.py", line 29, in
import poster.streaminghttp
File "/tmp/pip-install-d9yzvzfv/poster/poster/streaminghttp.py", line 61
print "send:", repr(value)
^
SyntaxError: invalid syntax
----------------------------------------
ERROR: Command errored out with exit status 1: python setup.py egg_info Check the logs for full command output.

how can i resolve that issue?

When decompile .apk to java source code I have exception like that and more:
Exception in thread "pool-1-thread-1" java.lang.OutOfMemoryError: Java heap space at jadx.core.codegen.CodeWriter.add(CodeWriter.java:109) at jadx.core.codegen.ClassGen.makeClass(ClassGen.java:104) at jadx.core.codegen.CodeGen.visit(CodeGen.java:19) at jadx.core.ProcessClass.process(ProcessClass.java:43) at jadx.api.JadxDecompiler.processClass(JadxDecompiler.java:281) at jadx.api.JavaClass.decompile(JavaClass.java:59) at jadx.api.JadxDecompiler$1.run(JadxDecompiler.java:161) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) at java.lang.Thread.run(Thread.java:745)

I was assisting a friend install MARA on macOS Mojave and came across some issues with ./setup_mac.sh.

I've fixed several of them in my fork of setup_mac.sh.

I'm happy to open a PR if you're happy with those changes.

However there's still a few issues outstanding that I don't have time to investigate/ fix.

I'm not sure if the following code works as there's a lot of Operation not permitted errors but this could be for source file and directories rather than regular files which need to be made executable.

chmod -R +x tools/

Cleanup the mara.sh script.

You might want to run all the shell/bash scripts through shellcheck. It's a shell script static analysis tool.

Running them through shellcheck via CI (I use Travis) is pretty straightforward. I already have a script, test.sh, that will find all shell/ bash files and run shellcheck on them. Paied with my Travis config, .travis.yml which executes test.sh in the CI instance.

shellcheck will help catch a lot of issues. We can use its warnings as a basis for cleaning up some of scripts.