Closed madhuCNKony closed 8 years ago
Are you using the shipped VM or a Device? Which OS are you running?
Installed Ubuntu on virtual box and imported "MobSF_VM_0.1.ova" as appliance into Oracle VM VirtualBox
Then followed the installation steps.
That's wrong. MobSF should not be installed into a VM if you need to do Dynamic Analysis. You have to install it in host OS
Hi ajinabraham,
MobSF is installed in Ubuntu (Ubuntu is running inside Oracle VM VirtualBox) Imported "MobSF_VM_0.1.ova" as appliance into Oracle VM VirtualBox.
You should not run MobSF from a VM, if you have plans for Dynamic Analysis. Install MobSF on your Windows Host.
ok got it. Thanks ajinabraham.
I am getting this issue now when running MobSF in Docker... Can we not use dynamic Analysis through Docker?
No
It's by design. We can't run dynamic analysis inside a docker. We will have to technically run VirtualBox inside a docker (VM inside VM)
This caught me out too. Might be worth showing an error/warning in the console (or UI) about running dynamic analysis in a docker/vm?
Some updates here,
By default dynamic analysis is not configured in Docker. How ever you can do that, provided you are using a Real Android Device for Dynamic Analysis.
docker pull opensecurity/mobile-security-framework-mobsf
docker run -it -p 8000:8000 opensecurity/mobile-security-framework-mobsf:latest bash
settings.py
following https://github.com/MobSF/Mobile-Security-Framework-MobSF/wiki/1.-Documentation#configuring-dynamic-analyzer-with-rooted-android-403---44-devicesettings.py
PS: Make sure that you can communicate with the real device from the running docker container.
How can I update values in the settings.py
? I can't call vi, emacs or nano when I run docker run -it -p 8000:8000 opensecurity/mobile-security-framework-mobsf:latest bash
. Where is the settings.py stored on linux?
settings are read from config file available in the user home directory inside .MobSF. You can alternatively disable use home feature. (See dockerfile) You can also install any utilities for editing files. Once you figure this out, it's easier to modify the docker file to accomodate your changes and build the image locally.
Do I need to clone git repository if I want to use both static and dynamic analysis using docker? I did the steps you mentioned above, 1. pulling the docker, 2. running it with script and getting the bash open but I cannot use any editing tools there to change settings.py
in .MobSF.
Considering I didn't clone repository I don't have anything in my user home directory, or is docker supposed to create those folders?
If you are building the docker image locally, you need to clone the repo. Install nano or vi in docker image by modifying the Dockerfile. Modify the settings.py in the cloned repo to do dynamic analysis with a real device. Built the image locally and use it.
Can I add an arm Emulator to the Docker?
You can add it like a Real device by providing the IP, the ARM emu should be running in the same network as the docker container.
Some updates here,
By default dynamic analysis is not configured in Docker. How ever you can do that, provided you are using a Real Android Device for Dynamic Analysis.
docker pull opensecurity/mobile-security-framework-mobsf
docker run -it -p 8000:8000 opensecurity/mobile-security-framework-mobsf:latest bash
- From the shell, modify
settings.py
following https://github.com/MobSF/Mobile-Security-Framework-MobSF/wiki/1.-Documentation#configuring-dynamic-analyzer-with-rooted-android-403---44-device- Run MobSF with the updated
settings.py
PS: Make sure that you can communicate with the real device from the running docker container.
May i know the new link, cannot find in the new https://mobsf.github.io/docs. Trying to configure dynamic analysis working in the docker with real android device
We do not support it officially at this time. How ever you could follow https://dreher.in/posts/2020/may/28/mobsify-docker/
Tengo un problema al hacer el análisis dinámico con MOBSF en un dispositivo físico Android.
Tengo MOBSF con docker. tengo conectado mi dispositivo por USB y activa la depuración USB. Hago la conexión median el adb connect ip devices:puerto. Al momento de iniciar el analisis MOBSF no puede reconocer el dipositivo.
Getting below error when clicked on Dynamic Analysis
[ERROR] Refreshing MobSF VM (/home/madhu/Downloads/Mobile-Security-Framework-MobSF-0.9.2/DynamicAnalyzer/views.py, LINE 562 "subprocess.call(args)"): 'NoneType' object has no attribute 'rfind'
After that when I clicked on "Create Environment" getting below error.
[ERROR] MobSF RootCA Handler (/home/madhu/Downloads/Mobile-Security-Framework-MobSF-0.9.2/DynamicAnalyzer/views.py, LINE 238 "subprocess.call([adb, "-s",getIdentifier() ,"push", ROOTCA, "/data/local/tmp/"+settings.ROOT_CA])"): [Errno 2] No such file or directory
Any help to resolve dynamic analysis is much appreciated.
Thanks in Advance