[MobSF]Documentation
全称:Mobile Security Framework
要求:
静态分析
- JDK需>1.7
- Mac OSX 用户必须安装Command-line tools for MAC OS X - 安装链接:http://osxdaily.com/2014/02/12/install-command-line-tools-mac-os-x/
- .ipa静态分析必须在mac osx中执行
- Windows App Static analysis requires a Windows Host or Windows VM for Mac and Linux. For Windows App Static Analysis, Read Windows App Static Analysis:https://github.com/MobSF/Mobile-Security-Framework-MobSF/blob/master/install/windows/readme.md
动态分析
- MobSF.ova文件需用VirtualBox运行
- MobSF arm模拟器需用Android Studio and a configured virtual device 运行. Intel HAXM is recommended. -Hardware Requirements: Min 4GB RAM, 5GB HDD/SSD and Virtualisation Support for running MobSF VM
下载:
- MobSF Android x86 4.4.2 VM (v0.3) ova file: https://goo.gl/QxgHZa
- MobSF Android arm Emulator 4.1.2 (v1.0) file https://goo.gl/LRrGs3
- No Access to Google Drive? Unofficial MobSF VM 0.2 ova file:https://pan.baidu.com/s/1jIzBsgA
安装:
- Windows: Clone MobSF Repository to C:\
- Mac: Clone MobSF Repository to /Users/[username]/
- Linux: Clone MobSF Repository to /home/[username]/
配置静态分析
- Windows: C:\Python27\python.exe -m pip install -r requirements.txt NOTE: If you face any issues, download and install the latest python 2.7.x
- Mac : pip install -r requirements.txt --user
- Linux: sudo apt install build-essential libssl-dev libffi-dev python-dev pip install -r requirements.txt --user
- 需要安装 wkhtmltopdf 才能生成pdf报告:https://github.com/JazzCore/python-pdfkit/wiki/Installing-wkhtmltopdf
- 在windows系统,需将wkhtmltopdf设为环境变量
运行MobSF
- python manage.py runserver 指定端口号:python manage.pyrunserver PORT_NO 指定ip和端口号:python manage.py runserver IP:PORT_NO
配置动态分析:
- 四种途径:
- Dynamic Analysis with MobSF Android 4.4.2 x86 VirtualBox VM - default (Fast, not all Apps work):https://github.com/MobSF/Mobile-Security-Framework-MobSF/wiki/1.-Documentation/#configuring-dynamic-analyzer-with-mobsf-android-442-x86-virtualbox-vm
- Dynamic Analysis with MobSF Android 4.1.2 arm Emulator - (Slow, Most Apps work):https://github.com/MobSF/Mobile-Security-Framework-MobSF/wiki/1.-Documentation/#configuring-dynamic-analyzer-with-with-mobsf-android-412-arm-emulator
- Dynamic Analysis using a Rooted Android 4.03 - 4.4 Device (Very Fast, All Apps work):https://github.com/MobSF/Mobile-Security-Framework-MobSF/wiki/1.-Documentation/#configuring-dynamic-analyzer-with-rooted-android-403---44-device
- Dynamic Analysis using a Rooted Android 4.03 - 4.4 VM (not tested):https://github.com/MobSF/Mobile-Security-Framework-MobSF/wiki/1.-Documentation#configuring-dynamic-analyzer-with-rooted-android-403---44-vm
升级MobSF:
- 升级时,需要转移数据库,否则报错: [ERROR] Saving to DB (E:\Mobile-Security-Framework-MobSF\StaticAnalyzer\views\android\db_interaction.py, LINE 236 "static_db.save()"): table StaticAnalyzer_staticanalyzerandroid has no column named
- 转移数据库的命令: pythonmanage.py makemigrations pythonmanage.py migrate
- If the above changes didn't work, you might need to delete the file db.sqlite3, or run clean.sh in Mac/Linux. After that run the above commands. NOTE: This will remove the previously saved MobSF scan results.
被禁用的组件:
APKiD:
- 启用前需安装the rednaga fork of yara-python. git clonehttps://github.com/rednaga/yara-python cd yara-python pythonsetup.py install
- 启用方法:在settings.py设置APKID_ENABLED 为true
Mass Static Analysis
Using Postgres DB instead of SQLite:
家庭地址本支持:
MobSF Static Analysis的docker镜像
REST API
运行例子:
【来自https://github.com/MobSF/Mobile-Security-Framework-MobSF/wiki/1.-Documentation】