matandobr
commented
7 years ago What OS do you use?
Closed erraja1991 closed 6 years ago
matandobr
commented
7 years ago What OS do you use?
erraja1991
commented
7 years ago Linux
matandobr
commented
7 years ago Could you copy the value of "AVD_EMULATOR" inside settings.py, and try to run the emulator manually? ( < AVD_EMULATOR> @Nexus5API16_1)
ajinabraham
commented
6 years ago @erraja1991 this issue will be closed in 1 day if no response is received.
sectest667
commented
6 years ago Hi, though the opener was not very specific about his problem, I think I just ran into the same issue: When starting the dynamic analyzer the mobile screen is not shown in the browser.
Here are some more details: Config:
#===========ANDROID EMULATOR SETTINGS ===========
# generated by mobsfy_AVD.py, do not edit the
# below AVD settings yourself.
AVD_EMULATOR = "avd_emulator"
AVD_PATH = "avd_path"
AVD_REFERENCE_NAME = r'Nexus5API16'
AVD_DUP_NAME = r'Nexus5API16_1'
AVD_ADB_PORT = 5554
#================================================
[...]
#================HOST/PROXY SETTINGS ===============
PROXY_IP = '192.168.56.1' # Host/Server/Proxy IP
PORT = 1337 # Proxy Port
ROOT_CA = '0025aabb.0'
SCREEN_IP = PROXY_IP # ScreenCast IP
SCREEN_PORT = 9339 # ScreenCast Port(Do not Change)
#===================================================Process/Ports:
$ sudo netstat -tlnp | grep 4042
tcp 0 0 192.168.56.1:1337 0.0.0.0:* LISTEN 4042/python
tcp 0 0 192.168.56.1:9339 0.0.0.0:* LISTEN 4042/python
tcp 0 0 127.0.0.1:8000 0.0.0.0:* LISTEN 4042/python
$ ps -fp 4042
UID PID PPID C STIME TTY TIME CMD
kali 4042 3994 3 13:40 pts/0 00:06:45 /home/kali/worx/virtualenv/MobSF/bin/python manage.py runserverConsole log:
[INFO] Invoking ScreenCast Service in VM/Device
WARNING: linker: libdvm.so has text relocations. This is wasting memory and is a security risk. Please fix.
WARNING: linker: app_process has text relocations. This is wasting memory and is a security risk. Please fix.
Starting service: Intent { act=192.168.56.1:9339 cmp=opensecurity.screencast/.StartScreenCast }
[INFO] ScreenCast Service Status: on
[2017-12-18 16:51:23]
[18/Dec/2017 16:51:23] "POST /ScreenCast/ HTTP/1.1" 200 16
[ERROR] ScreenCast Server (/home/kali/worx/apps/Mobile-Security-Framework-MobSF/DynamicAnalyzer/views/android/android_dynamic.py, LINE 1268 "screen_socket.bind(addr)"): [Errno 98] Address already in use
[18/Dec/2017 16:51:23] "GET /download/screen/screen.png?1513615883447 HTTP/1.1" 302 0
[18/Dec/2017 16:51:23] "GET /error/ HTTP/1.1" 200 4661
[18/Dec/2017 16:51:23] "GET /download/screen/screen.png?1513615883668 HTTP/1.1" 302 0
[18/Dec/2017 16:51:23] "GET /error/ HTTP/1.1" 200 4661
[18/Dec/2017 16:51:23] "GET /download/screen/screen.png?1513615883747 HTTP/1.1" 302 0
[18/Dec/2017 16:51:23] "GET /error/ HTTP/1.1" 200 4661
[18/Dec/2017 16:51:23] "GET /download/screen/screen.png?1513615883968 HTTP/1.1" 302 0
[18/Dec/2017 16:51:23] "GET /error/ HTTP/1.1" 200 4661
[18/Dec/2017 16:51:24] "GET /download/screen/screen.png?1513615884048 HTTP/1.1" 302 0
[18/Dec/2017 16:51:24] "GET /error/ HTTP/1.1" 200 4661
[18/Dec/2017 16:51:24] "GET /download/screen/screen.png?1513615884269 HTTP/1.1" 302 0
[18/Dec/2017 16:51:24] "GET /error/ HTTP/1.1" 200 4661
[18/Dec/2017 16:51:24] "GET /download/screen/screen.png?1513615884348 HTTP/1.1" 302 0
[18/Dec/2017 16:51:24] "GET /error/ HTTP/1.1" 200 4661
[INFO] Invoking ScreenCast Service in VM/Device
WARNING: linker: libdvm.so has text relocations. This is wasting memory and is a security risk. Please fix.
WARNING: linker: app_process has text relocations. This is wasting memory and is a security risk. Please fix.
[18/Dec/2017 16:51:24] "GET /download/screen/screen.png?1513615884570 HTTP/1.1" 302 0
[18/Dec/2017 16:51:24] "GET /error/ HTTP/1.1" 200 4661
[18/Dec/2017 16:51:24] "GET /download/screen/screen.png?1513615884649 HTTP/1.1" 302 0
[18/Dec/2017 16:51:24] "GET /error/ HTTP/1.1" 200 4661
[INFO] ScreenCast Service Status: off
[18/Dec/2017 16:51:24] "POST /ScreenCast/ HTTP/1.1" 200 17One more thing I've noticed is that though the screen is not shown, it is still "clickable", means that if I click around in the browser, the/some events are done in the VM.
Hope this helps and thanks alot for this great framework! :)
matandobr
commented
6 years ago Hi! Did you run mobsfy_avd script? Did it throws any errors? As you can see, the config does not contain the necessary binaries...
sectest667
commented
6 years ago Hi! No, did not run the script before, just checking the expected values/paths for the first time. Thanks for the feedback!
sectest667
commented
6 years ago Hi again. Sorry for bothering you again...
Have run the mobsfy_avd script, but this does not solve the issue(s): 1) The screen is not shown and 2) dynamic analyzis is not running
Have tried setting "ANDROID_DYNAMIC_ANALYZER" to "MobSF_VM" (as everything is setup in the VM) and to "MobSF_AVD" (as described in the HOWTO).
At least I think I got a step further, though neither the screen is shown in the WebUI nor the app is available in the VM:
[...]
[INFO] Setting up Dynamic Analysis Environment
[INFO] Starting Web Proxy
[INFO] Started Web Proxy at 127.0.0.1:1337
[INFO] Wait for emulator to load
[INFO] Wait for dev.boot_complete loop
[INFO] Wait for sys.boot_complete loop
[INFO] Wait for svc.boot_complete loop
remount succeeded
[INFO] Starting App for Dynamic Analysis
[INFO] Installing APK
/home/kali/worx/apps/Mobile-Security-Framework-MobSF/uploads/8954b5f9e5175022ddac9a632b7e8562/8954b5f9e5175022ddac9a632b7e8562.apk: 1 file pushed. 3.8 MB/s (6190411 bytes in 1.548s)
pkg: /data/local/tmp/8954b5f9e5175022ddac9a632b7e8562.apk
Failure [INSTALL_FAILED_OLDER_SDK]
rm failed for -f, Read-only file system
[INFO] Launching APK Main Activity
Starting: Intent { cmp=uk.co.foo.android/.ui.activity.HomeActivity }
Error type 3
Error: Activity class {uk.co.foo.android/uk.co.foo.android.ui.activity.HomeActivity} does not exist.
[INFO] Testing Environment is Ready!
[INFO] Getting Screen Resolution
[20/Dec/2017 16:00:56] "POST /GetEnv/ HTTP/1.1" 200 66
[INFO] Starting Clipboard Dump Service in VM/Device
Starting service: Intent { act=android.intent.action.MAIN cat=[android.intent.category.LAUNCHER] cmp=opensecurity.clipdump/.ClipDumper }
[20/Dec/2017 16:00:57] "POST /ClipDump/ HTTP/1.1" 200 21
[INFO] Invoking ScreenCast Service in VM/Device
Starting service: Intent { act=10.0.2.2:9339 cmp=opensecurity.screencast/.StartScreenCast }
[INFO] ScreenCast Service Status: on
[20/Dec/2017 16:03:02] "POST /ScreenCast/ HTTP/1.1" 200 16
[20/Dec/2017 16:03:02] "GET /download/screen/screen.png?1513785782958 HTTP/1.1" 302 0
[20/Dec/2017 16:03:02] "GET /error/ HTTP/1.1" 200 4661
[20/Dec/2017 16:03:03] "GET /download/screen/screen.png?1513785783258 HTTP/1.1" 302 0
[20/Dec/2017 16:03:03] "GET /error/ HTTP/1.1" 200 4661
[20/Dec/2017 16:03:03] "GET /download/screen/screen.png?1513785783559 HTTP/1.1" 302 0
[20/Dec/2017 16:03:03] "GET /error/ HTTP/1.1" 200 4661
Got Connection from: 127.0.0.1
[20/Dec/2017 16:03:03] "GET /download/screen/screen.png?1513785783859 HTTP/1.1" 200 0
[20/Dec/2017 16:03:04] "GET /download/screen/screen.png?1513785784159 HTTP/1.1" 200 0
[20/Dec/2017 16:03:04] "GET /download/screen/screen.png?1513785784459 HTTP/1.1" 200 0
Got Connection from: 127.0.0.1
[20/Dec/2017 16:03:04] "GET /download/screen/screen.png?1513785784759 HTTP/1.1" 200 0
[20/Dec/2017 16:03:05] "GET /download/screen/screen.png?1513785785059 HTTP/1.1" 200 0
Thanks alot for your support!
HILALUDEEN
commented
6 years ago Hi, i am getting this error when running dynamic analyzer, using ubuntu OS
[INFO] Dynamic Analysis Started
[INFO] Refreshing MobSF Emulator
[INFO] Stopping MobSF Emulator
[INFO] Deleting emulator files
[INFO] Duplicating MobSF Emulator
[2018-04-11 11:27:17] [ERROR] Duplicating MobSF Emulator (/root/Mobile-Security-Framework-MobSF/DynamicAnalyzer/views/android/avd.py, LINE 56 "shutil.copyfile(reference_ini, dup_ini)"): [Errno 2] No such file or directory: '/home/hilaal/.android/avd/Nexus5API16.ini'
[INFO] Starting MobSF Emulator
[2018-04-11 11:27:17] [ERROR] Starting MobSF Emulator (/root/Mobile-Security-Framework-MobSF/DynamicAnalyzer/views/android/avd.py, LINE 96 "subprocess.Popen(args, stdout=subprocess.PIPE, stderr=subprocess.PIPE)"): [Errno 2] No such file or directory: '/home/hilaal/Android/Sdk/emulator/emulator': '/home/hilaal/Android/Sdk/emulator/emulator'
ajinabraham
commented
6 years ago AVD emulator is not stable at the moment.
yindeming
commented
6 years ago The mobsfy_AVD.py script does not run well, after typing the path, it just quits, would be nice to add something such as an example of the path, so I don't need to run it over and over again.
For example, after unzipping the emulator zip file in ~/Downlads, I've tried the path "~/Downlads", "~/Downlads/MobSF_ARM_Emulator/", "root/Downlads", etc. Nothing works!
ZapDos7
commented
5 years ago I have the same issue with the path. Tried running the .py script and upon prompted to type the path, nothing worked. Perhaps it needs an escape character after the slashes? A solution or an example of a path would be highly appreciated.
ajinabraham
commented
5 years ago AVD emulator support is discontinued at the moment. See documentation.
ZapDos7
commented
5 years ago In the documentation it is stated that it is still supported. In any case, ff there exists no alternative (a rooted device), there's no way to do a dynamic analysis through MobSF as of now?
ajinabraham
commented
5 years ago 
This is the updated documention. AVD is not supported. You can use the MobSF x86 VM or a rooted real device
when i start for "Start Dynamic Analysis" it do not open Android emulator , and prints following logs.[INFO] Dynamic Analysis Started
[INFO] Stopping any running instance of WebProxy
[INFO] Refreshing MobSF Emulator
[INFO] Stopping MobSF Emulator
[INFO] Deleting emulator files
[INFO] Duplicating MobSF Emulator
[INFO] Starting MobSF Emulator [14/Nov/2017 09:38:46] "POST /DynamicAnalyzer/ HTTP/1.1" 200 30907 [14/Nov/2017 09:38:46] "GET /download/screen/screen.png HTTP/1.1" 302 0 [14/Nov/2017 09:38:47] "GET /error/ HTTP/1.1" 200 4661 [14/Nov/2017 09:38:47] "GET /download/screen/screen.png HTTP/1.1" 302 0 [14/Nov/2017 09:38:47] "GET /error/ HTTP/1.1" 200 4661
kindly suggest possible solution.