Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

How to configure dynamic analyzer with android emulator in Mobsf (Mobile-Security-Framework-MobSF) #91

Open
mylamour opened this issue Mar 28, 2022 · 0 comments
Open

How to configure dynamic analyzer with android emulator in Mobsf (Mobile-Security-Framework-MobSF) #91

mylamour opened this issue Mar 28, 2022 · 0 comments
Labels
学习 learning 安全 security 工具 tools 教程 tutorial

Comments

@mylamour
Copy link
Owner

mylamour commented Mar 28, 2022
edited
Loading

0x00 Prepare ENV

My ENV:

  • Windows 11
  • WSL2
  • Docker Desktop: 4.6.1

0x01 Install Mobsf

Create a customized python Env for Mobsf, and if there was any network issues, you should configure a proxy to solve that.

git clone https://github.com/MobSF/Mobile-Security-Framework-MobSF.git
cd Mobile-Security-Framework-MobSF
python3 -m venv mobsfvenv
source mobsfvenv/bin/activate
./setup.sh

0x02 Install Android Emulator Within WSL2

cd ~
mkdir -p ~/Android/Sdk
sudo apt-get install -y openjdk-8-jdk
wget https://dl.google.com/android/repository/sdk-tools-linux-4333796.zip
unzip sdk-tools-linux-4333796.zip -d Android/Sdk

sdkmanager --install "platform-tools" "platforms;android-26" "build-tools;26.0.3"
sdkmanager --install "platform-tools" "system-images;android-26;google_apis;x86"

Add those environment variable into ~/.bashrc or ~/.zshrc

export JAVA_HOME=/usr/lib/jvm/java-8-openjdk-amd64/
export ANDROID_HOME=~/Android
export PATH=$PATH:$JAVA_HOME/bin
export PATH=$PATH:~/Android
export PATH=$PATH:~/Android/Sdk/bin
export PATH=$PATH:$ANDROID_HOME/tools
export PATH=$PATH:$ANDROID_HOME/platform-tools

0x03 Create AVD (Android Virtual Device) and Run it

avdmanager create avd -n pixel -k "system-images;android-26;google_apis;x86" --device "pixel"
emulator -list-avds
cd ~/Android/tools
./emulator -avd pixel -writable-system -no-snapshot

image

you can delete avd with # avdmanager delete avd -n yourdevicename

0x04 Start Mobsf with Android Emulator

change the ADB path to ADB_BINARY = '~/Android/platform-tools/adb' within ~/.MobSF/config.py

image
image

0x05 Issues

  1. frida.NotSupportedError: need Gadget to attach on jailed Android; its default location is: /home/xxxx/.cache/frida/gadget-android-arm64.so

That' mean gadget was not exists, so we need to download the correctly version and put it into ~/.cache/frida folder

mkdir -p .cache/frida/
wget -O .cache/frida/frida-gadget-arm64.xz https://github.com/frida/frida/releases/download/15.1.17/frida-gadget-15.1.17-android-arm64.so.xz
cd .cache/frida/ && xz -d -v frida-gadget-15.1.17-android-arm64.so.xz
mv frida-gadget-15.1.17-android-arm64.so gadget-android-arm64.so
  1. [ERROR] 28/Mar/2022 07:17:11 - Error Connecting to Frida
    That's mean frida server was not started in Emulator, we need put frida-server into emulator and run it. please select your own version. There was 2 options, first one, you can start it manually, and second one, you can download the frida-server directly and put it into ~/.MobSF/downloads
adb push frida-server /data/local/tmp
adb shell
su
cd /data/local/tmp
chmod 755 frida-server
nohup ./frida-server &

image
@mylamour mylamour added 工具 tools 教程 tutorial 学习 learning 安全 security labels Mar 28, 2022
@mylamour mylamour changed the title How to config dynamic analyzer with android emulator in Mobsf (Mobile-Security-Framework-MobSF) How to configure dynamic analyzer with android emulator in Mobsf (Mobile-Security-Framework-MobSF) Mar 28, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
学习 learning 安全 security 工具 tools 教程 tutorial
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@mylamour