crt0mega
/
mvt
mirror of https://github.com/mvt-project/mvt.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Add indicator checking in the SMS module

This commit is contained in:
Donncha Ó Cearbhaill 2023-12-12 16:16:28 +01:00
parent ab33789f06
commit e94913cf78
1 changed files with 5 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
mvt/ios/modules/mixed/sms_attachments.py
View File

@ -55,6 +55,11 @@ class SMSAttachments(IOSExtraction):
def check_indicators(self) -> None:
for attachment in self.results:
# Check for known malicious filenames.
if self.indicators.check_file_path(attachment["filename"]):
print("Found malicious filename", attachment["filename"])
self.detected.append(attachment)
if (
attachment["filename"].startswith("/var/tmp/")
and attachment["filename"].endswith("-1")