[MobSF]Documentation

 全称：Mobile Security Framework 

要求：

静态分析

• JDK需>1.7
• Mac OSX 用户必须安装Command-line tools for MAC OS X - 安装连接：http://osxdaily.com/2014/02/12/install-command-line-tools-mac-os-x/
• .ipa静态分析必须在mac osx中执行
• Windows App Static analysis requires a Windows Host or Windows VM for Mac and Linux. For Windows App Static Analysis, Read Windows App Static Analysis：https://github.com/MobSF/Mobile-Security-Framework-MobSF/blob/master/install/windows/readme.md

动态分析

• MobSF.ova文件需用VirtualBox运行
• MobSF arm模拟器需用Android Studio and a configured virtual device 运行. Intel HAXM is recommended. -Hardware Requirements: Min 4GB RAM, 5GB HDD/SSD and Virtualisation Support for running MobSF VM

下载：

• MobSF Android x86 4.4.2 VM (v0.3) ova file: https://goo.gl/QxgHZa
• MobSF Android arm Emulator 4.1.2 (v1.0) file https://goo.gl/LRrGs3
• No Access to Google Drive? Unofficial MobSF VM 0.2 ova file:https://pan.baidu.com/s/1jIzBsgA

安装:

• Windows: Clone MobSF Repository to C:\
• Mac: Clone MobSF Repository to /Users/[username]/
• Linux: Clone MobSF Repository to /home/[username]/

配置静态分析

• Windows： C:\Python27\python.exe -m pip install -r requirements.txt NOTE: If you face any issues, download and install the latest python 2.7.x
• Mac ： pip install -r requirements.txt --user
• Linux： sudo apt install build-essential libssl-dev libffi-dev python-dev pip install -r requirements.txt --user
• 须要安装 wkhtmltopdf 才能生成pdf报告:https://github.com/JazzCore/python-pdfkit/wiki/Installing-wkhtmltopdf
• 在windows系统，需将wkhtmltopdf设为环境变量

运行MobSF

• python manage.py runserver 指定端口号：python manage.pyrunserver PORT_NO 指定ip和端口号：python manage.py runserver IP:PORT_NO

配置动态分析：

• 四种途径：
• Dynamic Analysis with MobSF Android 4.4.2 x86 VirtualBox VM - default (Fast, not all Apps work)：https://github.com/MobSF/Mobile-Security-Framework-MobSF/wiki/1.-Documentation/#configuring-dynamic-analyzer-with-mobsf-android-442-x86-virtualbox-vm
• Dynamic Analysis with MobSF Android 4.1.2 arm Emulator - (Slow, Most Apps work)：https://github.com/MobSF/Mobile-Security-Framework-MobSF/wiki/1.-Documentation/#configuring-dynamic-analyzer-with-with-mobsf-android-412-arm-emulator
• Dynamic Analysis using a Rooted Android 4.03 - 4.4 Device (Very Fast, All Apps work)：https://github.com/MobSF/Mobile-Security-Framework-MobSF/wiki/1.-Documentation/#configuring-dynamic-analyzer-with-rooted-android-403---44-device
• Dynamic Analysis using a Rooted Android 4.03 - 4.4 VM (not tested)：https://github.com/MobSF/Mobile-Security-Framework-MobSF/wiki/1.-Documentation#configuring-dynamic-analyzer-with-rooted-android-403---44-vm

升级MobSF:

• 升级时，须要转移数据库，不然报错： [ERROR] Saving to DB (E:\Mobile-Security-Framework-MobSF\StaticAnalyzer\views\android\db_interaction.py, LINE 236 "static_db.save()"): table StaticAnalyzer_staticanalyzerandroid has no column named
• 转移数据库的命令： pythonmanage.py makemigrations pythonmanage.py migrate
• If the above changes didn't work, you might need to delete the file db.sqlite3, or run clean.sh in Mac/Linux. After that run the above commands. NOTE: This will remove the previously saved MobSF scan results.

被禁用的组件:

APKiD:

• 启用前需安装the rednaga fork of yara-python. git clonehttps://github.com/rednaga/yara-python cd yara-python pythonsetup.py install
• 启用方法：在settings.py设置APKID_ENABLED 为true

Mass Static Analysis

• https://github.com/MobSF/Mobile-Security-Framework-MobSF/wiki/4.-Mass-Static-Analysis

Using Postgres DB instead of SQLite:

• https://github.com/MobSF/Mobile-Security-Framework-MobSF/wiki/8.-Use-Postgres-Database-Instead-of-Sqlite3

家庭地址本支持：

• https://github.com/MobSF/Mobile-Security-Framework-MobSF/wiki/5.-Home-Directory-Support

MobSF Static Analysis的docker镜像

• https://github.com/MobSF/Mobile-Security-Framework-MobSF/wiki/7.-Docker-Container-for-MobSF-Static-Analysis

REST API

• https://github.com/MobSF/Mobile-Security-Framework-MobSF/wiki/3.-REST-API-Documentation

运行例子：

• 静态分析：http://127.0.0.1:8000/runtest/
• api:http://127.0.0.1:8000/runapitest/

 

【来自https://github.com/MobSF/Mobile-Security-Framework-MobSF/wiki/1.-Documentation】