Mark release 2.5.2 (#486 )

Convert timezone-aware datetimes automatically to UTC (#485 )
Updates SMS module to highlight new text of Apple notifications
2025-11-13 01:37:36 +01:00 · 2024-04-18 16:53:41 +02:00 · 2024-04-18 16:49:30 +02:00 · 2024-04-15 23:28:36 +02:00 · 2024-04-15 22:41:01 +02:00
5 changed files with 20 additions and 6 deletions
--- a/mvt/common/utils.py
+++ b/mvt/common/utils.py
@@ -53,20 +53,23 @@ def convert_chrometime_to_datetime(timestamp: int) -> datetime.datetime:
 def convert_datetime_to_iso(date_time: datetime.datetime) -> str:
    """Converts datetime to ISO string.

-    :param datetime: datetime.
+    :param datetime: datetime, naive or timezone aware
    :type datetime: datetime.datetime
    :returns: ISO datetime string in YYYY-mm-dd HH:MM:SS.ms format.
    :rtype: str

    """
    try:
+        if date_time.tzinfo:
+            # Timezone aware object - convert to UTC
+            date_time = date_time.astimezone(tz=datetime.UTC)
        return date_time.strftime("%Y-%m-%d %H:%M:%S.%f")
    except Exception:
        return ""


 def convert_unix_to_utc_datetime(
-    timestamp: Union[int, float, str]
+    timestamp: Union[int, float, str],
 ) -> datetime.datetime:
    """Converts a unix epoch timestamp to UTC datetime.

--- a/mvt/common/version.py
+++ b/mvt/common/version.py
@@ -3,4 +3,4 @@
 # Use of this software is governed by the MVT License 1.1 that can be found at
 #   https://license.mvt.re/1.1/

-MVT_VERSION = "2.5.1"
+MVT_VERSION = "2.5.2"
--- a/mvt/ios/modules/mixed/sms.py
+++ b/mvt/ios/modules/mixed/sms.py
@@ -66,8 +66,11 @@ class SMS(IOSExtraction):

    def check_indicators(self) -> None:
        for message in self.results:
-            alert = "ALERT: State-sponsored attackers may be targeting your iPhone"
-            if message.get("text", "").startswith(alert):
+            alert_old = "ALERT: State-sponsored attackers may be targeting your iPhone"
+            alert_new = "ALERT: Apple detected a targeted mercenary spyware attack against your iPhone"
+            if message.get("text", "").startswith(alert_old) or message.get(
+                "text", ""
+            ).startswith(alert_new):
                self.log.warning(
                    "Apple warning about state-sponsored attack received on the %s",
                    message["isodate"],
--- a/setup.cfg
+++ b/setup.cfg
@@ -31,7 +31,7 @@ install_requires =
    iOSbackup >=0.9.923
    adb-shell >=0.4.3
    libusb1 >=3.0.0
-    cryptography >=38.0.1
+    cryptography >=42.0.5
    pyyaml >=6.0
    pyahocorasick >= 2.0.0

--- a/tests/common/test_utils.py
+++ b/tests/common/test_utils.py
@@ -42,6 +42,14 @@ class TestDateConversions:
        converted = convert_unix_to_utc_datetime(TEST_DATE_EPOCH)
        assert convert_datetime_to_iso(converted) == TEST_DATE_ISO

+    def test_convert_timezone_aware_to_iso(self):
+        assert (
+            convert_datetime_to_iso(
+                datetime.strptime("2024-09-30 11:21:20+0200", "%Y-%m-%d %H:%M:%S%z")
+            )
+            == "2024-09-30 09:21:20.000000"
+        )
+

 class TestHashes:
    def test_hash_from_file(self):
Author	SHA1	Message	Date
Rory Flynn	f1821d1a02	Mark release 2.5.2 (#486 )	2024-04-18 16:53:41 +02:00
Rory Flynn	6c7ad0ac95	Convert timezone-aware datetimes automatically to UTC (#485 )	2024-04-18 16:49:30 +02:00
tek	3a997d30d2	Updates SMS module to highlight new text of Apple notifications	2024-04-15 23:28:36 +02:00
tek	6f56939dd7	Requires latest cryptography version	2024-04-15 22:41:01 +02:00