MobSF -- Mobile Security Framework on Kali Linux

In today's detailed article we are going to install and use MobSF aka Mobile Security Framework on Kali Linux. After that we can run digital forensics test on any mobile application (Android, iPhone & Windows) and know much more about it. This will be very beneficial for digital forensics experts and ethical hackers.

Mobile Security Framework on Kali Linux

Needless to say that we are living on digital era, and attacks on our digital life comes from everywhere. Mobile devices are very responsible for that. Attackers and bad guys maximum time tries to attack on our mobile devices.

They are creating malicious applications, bind payloads on our favorite applications and creating modded applications (those are juicy) and insert spyware codes inside it.

We need to be very careful before downloading any application from a third-party websites. Sometime even we can't trust on application stores. Apps like Stalkerware was banned from Google Play Store for spying on users.

We uses lots of mobile applications on our Android and iPhone devices. It is not possible to check every line of every third-party application we use. Sometimes we might counter with unknown application and we need to know "Is it safe ?"

In that case we can use MobSF. MobSF stands for Mobile Security Framework. We can analysis mobile applications of Android, iOS and Windows using mobile Security Framework. This automated open-source tool is created using Python3 language.

Mobile Security Framework has a Web-Based GUI (Graphical User Interface) that makes it so handy and easy. Let's see how we can install and run it on our Kali Linux system.

First of all we need to clone it from it's GitHub repository by using following command:

git clone https://github.com/MobSF/Mobile-Security-Framework-MobSF --depth=1

After applying this command Mobile Security Framework will be cloned on our system. It is a big tool (around 300MB) so it will take time depending on our internet speed.

Moblie Security Framework cloning github

After cloning the tool we just navigate inside it's directory by using cd command:

cd Mobile-Security-Framework-MobSF

Now we can see the files by using ls command:

Moblile Security Framework files Kali Linux

This tool is available for Windows, Mac and Linux. Windows have setup.bat and run.bat files but Mac and Linux user can follow our article. We need to run setup.sh file.

To run the setup.sh file we run following command:

./setup.sh

This command will install all the required dependencies to run Mobile Security Framework, as we can see in the following screenshot.

Mobile Security Framework setup.sh setting up

This setting up also might take some minutes depending on our internet speed.

After the installation complete we can use this tool by using run.sh command. As we previously told that this is a web based tool so we need to run it on our localhost server. To run it on our localhost with port 8000 (we can use any other port) by using following command:

./run.sh 127.0.0.1:8000

And Mobile Security Framework will started on 127.0.0.1:8080 as we can see in the following screenshot:

Mobile Security Framework running on Kali Linux

If we run only ./run.sh command without any localhost IP and port then it will start on 0.0.0.0:8000 by default.

Now we can navigate to the localhost link with our browser and we can see in the following screenshot that Mobile Security Framework is running. We like the color theme of main screen.

Mobile Security Framework Home Screen on Kali Linux

Here we upload any application for mobile (APK, IPA & APPX). To upload file we can use drag & drop or click and select.

Here for an example we have an malicious APK file on our Desktop.

Malicious mobile application

Now we drag & drop this on Mobile Security Framework and the toolkit started analy our APK file as we can see in the following screenshot:

Analysis of APK files in Mobile Security Framework on Kali Linux
It will take less then couple of minutes to analyze the application. After the analysis complete it will show us the result in front of us, as We can see in the following screenshot:

Mobile Security Framework Analysis Result
Now we can see all the results of scanning. Here we can see various scan results. We can see the file information and application information on the top & lots of other things.

We also can see de-compiled codes by using MobSF (Mobile Security Framework), as shown in the following screenshot:

De-compile section of MobSF
From the AndroidMainfest.xml we can see the permissions required by the application.

Mainfest.xml contains app permissions

Inside the source code we may got the Payload.java file and we have a chance to get attacker IP address from this.

These are the basics, there are lots of things to explore on this Mobile Security Framework. If we invest some time we can explore more in this awesome framework.

Mobile Security Framework is a grate tool for digital forensics on mobile applications. This is updated and very much popular among digital forensics experts and ethical hackers.

Liked our articles ?  Follow us by providing e-mail id to get instant upgraded articles directly on e-mail. We also post updated on Twitter and GitHub, make sure to follow us there.

Need any assistance or getting any problem ? Make sure to leave a comment in the comment section. We always reply.

author-img
Kali Linux

Comments

No comments
Post a Comment
    google-playkhamsatmostaqltradent