This blog is NOT OFFICIAL website of Kali Linux. We just share Tutorials to learn Cybersecurity.

MobSF -- Mobile Security Framework on Kali Linux

Home

In today's detailed article we are going to install and use MobSF aka Mobile Security Framework on Kali Linux. After that we can run digital forensics test on any mobile application (Android, iPhone & Windows) and know much more about it. This will be very beneficial for digital forensics experts and ethical hackers.

Mobile Security Framework on Kali Linux

Needless to say that we are living on digital era, and attacks on our digital life comes from everywhere. Mobile devices are very responsible for that. Attackers and bad guys maximum time tries to attack on our mobile devices.

They are creating malicious applications, bind payloads on our favorite applications and creating modded applications (those are juicy) and insert spyware codes inside it.

We need to be very careful before downloading any application from a third-party websites. Sometime even we can't trust on application stores. Apps like Stalkerware was banned from Google Play Store for spying on users.

We uses lots of mobile applications on our Android and iPhone devices. It is not possible to check every line of every third-party application we use. Sometimes we might counter with unknown application and we need to know "Is it safe ?"

In that case we can use MobSF. MobSF stands for Mobile Security Framework. We can analysis mobile applications of Android, iOS and Windows using mobile Security Framework. This automated open-source tool is created using Python3 language.

Mobile Security Framework has a Web-Based GUI (Graphical User Interface) that makes it so handy and easy. Let's see how we can install and run it on our Kali Linux system.

First of all we need to clone it from it's GitHub repository by using following command:

git clone https://github.com/MobSF/Mobile-Security-Framework-MobSF --depth=1

After applying this command Mobile Security Framework will be cloned on our system. It is a big tool (around 300MB) so it will take time depending on our internet speed.

Moblie Security Framework cloning github

After cloning the tool we just navigate inside it's directory by using cd command:

cd Mobile-Security-Framework-MobSF

Now we can see the files by using ls command:

Moblile Security Framework files Kali Linux

This tool is available for Windows, Mac and Linux. Windows have setup.bat and run.bat files but Mac and Linux user can follow our article. We need to run setup.sh file.

To run the setup.sh file we run following command:

./setup.sh

This command will install all the required dependencies to run Mobile Security Framework, as we can see in the following screenshot.

Mobile Security Framework setup.sh setting up

This setting up also might take some minutes depending on our internet speed.

After the installation complete we can use this tool by using run.sh command. As we previously told that this is a web based tool so we need to run it on our localhost server. To run it on our localhost with port 8000 (we can use any other port) by using following command:

./run.sh 127.0.0.1:8000

And Mobile Security Framework will started on 127.0.0.1:8080 as we can see in the following screenshot:

Mobile Security Framework running on Kali Linux

If we run only ./run.sh command without any localhost IP and port then it will start on 0.0.0.0:8000 by default.

Now we can navigate to the localhost link with our browser and we can see in the following screenshot that Mobile Security Framework is running. We like the color theme of main screen.

Mobile Security Framework Home Screen on Kali Linux

Here we upload any application for mobile (APK, IPA & APPX). To upload file we can use drag & drop or click and select.

Here for an example we have an malicious APK file on our Desktop.

Malicious mobile application

Now we drag & drop this on Mobile Security Framework and the toolkit started analy our APK file as we can see in the following screenshot:

Analysis of APK files in Mobile Security Framework on Kali Linux
It will take less then couple of minutes to analyze the application. After the analysis complete it will show us the result in front of us, as We can see in the following screenshot:

Mobile Security Framework Analysis Result
Now we can see all the results of scanning. Here we can see various scan results. We can see the file information and application information on the top & lots of other things.

We also can see de-compiled codes by using MobSF (Mobile Security Framework), as shown in the following screenshot:

De-compile section of MobSF
From the AndroidMainfest.xml we can see the permissions required by the application.

Mainfest.xml contains app permissions

Inside the source code we may got the Payload.java file and we have a chance to get attacker IP address from this.

These are the basics, there are lots of things to explore on this Mobile Security Framework. If we invest some time we can explore more in this awesome framework.

Mobile Security Framework is a grate tool for digital forensics on mobile applications. This is updated and very much popular among digital forensics experts and ethical hackers.

Like our articles? Make sure to follow us on Twitter and GitHub, we post article updates there. To join our KaliLinuxIn family, join our Telegram Group. We are trying to build a community for Linux and Cybersecurity. For anything we always happy to help everyone on the comment section. As we know our comment section is always open to everyone. We read each and every comment and we always reply.
author-img
Kali Linux

Comments

15 comments
Post a Comment
  • AnonymousFebruary 4, 2021 at 9:35 AM

    tried to install MobSF in kali but got the following:
    [INSTALL] Found Python 3.8.6
    /usr/bin/python3: No module name pip
    [ERROR] python3-pip not installed

    Delete Comment
    • Kali Linux photo
      Kali LinuxFebruary 4, 2021 at 9:42 AM

      You don't have python3-pip installed in your system. Please install it by using following command:

      sudo apt-get install python3-pip

      Delete Comment
    • AnonymousFebruary 4, 2021 at 10:01 AM

      That was quick. Thank you very much. I'll try it out and will get back to you

      Delete Comment
      • AnonymousFebruary 4, 2021 at 11:26 AM

        Hi! the sudo apt-get python3-pip worked was followed by:
        Failing command: ['/root/Mobile-Security-Framework-MobSF/venv/bin/python3', '-Im', 'ensurepip', '--upgrade', '--default-pip']
        [ERROR] Failed to create virtualenv. Please install MobSF requirements mentioned in Documentation.

        Delete Comment
        • Kali Linux photo
          Kali LinuxFebruary 4, 2021 at 5:19 PM

          Try following command and install virtual environment for python.

          sudo apt-get install python3-venv

          Then run the setup file again. Hope this will solve your problem.

          Delete Comment
        • AnonymousFebruary 5, 2021 at 9:34 AM

          Hi! I did the last instruction above and it did great and got to: Booting worker with PID: XXXX. But, it stopped there and would not proceed.
          I got 2 sets of warnings by the way:
          WARNING (1 time): The script pip, pip3, and pip3.9 are installed in '/root/.local/bin' which is not on PATH.
          WARNING (7 times): Dynamic Analysis related functions will not work. Make sure a Genymotion Android VM/Android Studio Emulator is running before performing Dynamic Analysis.

          Delete Comment
          • Kali Linux photo
            Kali LinuxFebruary 5, 2021 at 6:32 PM

            Hey, are you using Virtual Machine? You can not perform dynamic scan when host machine is VM.

            The first error is comes from your PATH. You need to specify your PATH on system, To solve it we need to know you are using bash or zsh on Kali Linux?

            Delete Comment
          • Miguel Castro photo
            Miguel CastroMarch 31, 2021 at 9:24 PM

            hola, tienen algun tutorial para instalar el genymotion correctamente en kali linux?

            Delete Comment
          • AnonymousMay 2, 2022 at 5:00 AM

            I'm having trouble installing this tool. [error installatoin failed] make sure all requirements in documentation are installed before you run setup script. says the 'decorator=4.4.2' distribution was not found and is required by the application. how do i install it? Also on the installation I see no module named django, wkhtmltopdf not found.

            How do I install django, the decorator, and wkhtmltopdf?

            Delete Comment
            • AnonymousMay 2, 2022 at 5:14 AM

              SO I installed the decorator for python and tried install mobsf again but it still isn't working. What do i need to do to fix this ? I also realized yara-python-dex needs to be installed too.

              Delete Comment
            • AnonymousMarch 1, 2023 at 3:30 AM

              [ERROR] MobSF dependencies require Python 3.8 - 3.10. You have Python version 3.11.2 or python3 points to Python 3.11.2.

              how?

              Delete Comment
              • KaliLinuxIN TeamMarch 8, 2023 at 8:29 AM

                You Python Version is wrong. You need to degrade your Python to version 3.8 . You have Python 3.11 which is not supported by MobSF

                Delete Comment
              • Jeet PalNovember 6, 2023 at 1:11 PM

                Hi I got an error during the sudo ./setup.sh command


                [INSTALL] Migrating Database
                Traceback (most recent call last):
                File "/home/kali/tools/Mobile-Security-Framework-MobSF/mobsf/../manage.py", line 18, in
                execute_from_command_line(sys.argv)
                File "/home/kali/.cache/pypoetry/virtualenvs/mobsf-IvTCkEI0-py3.11/lib/python3.11/site-packages/django/core/management/__init__.py", line 446, in execute_from_command_line
                utility.execute()
                File "/home/kali/.cache/pypoetry/virtualenvs/mobsf-IvTCkEI0-py3.11/lib/python3.11/site-packages/django/core/management/__init__.py", line 440, in execute
                self.fetch_command(subcommand).run_from_argv(self.argv)
                File "/home/kali/.cache/pypoetry/virtualenvs/mobsf-IvTCkEI0-py3.11/lib/python3.11/site-packages/django/core/management/base.py", line 402, in run_from_argv
                self.execute(*args, **cmd_options)
                File "/home/kali/.cache/pypoetry/virtualenvs/mobsf-IvTCkEI0-py3.11/lib/python3.11/site-packages/django/core/management/base.py", line 443, in execute
                self.check()
                File "/home/kali/.cache/pypoetry/virtualenvs/mobsf-IvTCkEI0-py3.11/lib/python3.11/site-packages/django/core/management/base.py", line 475, in check
                all_issues = checks.run_checks(
                ^^^^^^^^^^^^^^^^^^
                File "/home/kali/.cache/pypoetry/virtualenvs/mobsf-IvTCkEI0-py3.11/lib/python3.11/site-packages/django/core/checks/registry.py", line 88, in run_checks
                new_errors = check(app_configs=app_configs, databases=databases)
                ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
                File "/home/kali/.cache/pypoetry/virtualenvs/mobsf-IvTCkEI0-py3.11/lib/python3.11/site-packages/django/core/checks/urls.py", line 42, in check_url_namespaces_unique
                all_namespaces = _load_all_namespaces(resolver)
                ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
                File "/home/kali/.cache/pypoetry/virtualenvs/mobsf-IvTCkEI0-py3.11/lib/python3.11/site-packages/django/core/checks/urls.py", line 61, in _load_all_namespaces
                url_patterns = getattr(resolver, "url_patterns", [])
                ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
                File "/home/kali/.cache/pypoetry/virtualenvs/mobsf-IvTCkEI0-py3.11/lib/python3.11/site-packages/django/utils/functional.py", line 57, in __get__
                res = instance.__dict__[self.name] = self.func(instance)
                ^^^^^^^^^^^^^^^^^^^
                File "/home/kali/.cache/pypoetry/virtualenvs/mobsf-IvTCkEI0-py3.11/lib/python3.11/site-packages/django/urls/resolvers.py", line 715, in url_patterns
                patterns = getattr(self.urlconf_module, "urlpatterns", self.urlconf_module)
                ^^^^^^^^^^^^^^^^^^^
                File "/home/kali/.cache/pypoetry/virtualenvs/mobsf-IvTCkEI0-py3.11/lib/python3.11/site-packages/django/utils/functional.py", line 57, in __get__
                res = instance.__dict__[self.name] = self.func(instance)
                ^^^^^^^^^^^^^^^^^^^
                File "/home/kali/.cache/pypoetry/virtualenvs/mobsf-IvTCkEI0-py3.11/lib/python3.11/site-packages/django/urls/resolvers.py", line 708, in urlconf_module
                return import_module(self.urlconf_name)
                ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
                can anyone please help to reach out from this error

                Delete Comment
                google-playkhamsatmostaqltradent