MobSF -- Mobile Security Framework on Kali Linux

In today's detailed article we are going to install and use MobSF aka Mobile Security Framework on Kali Linux. After that we can run digital forensics test on any mobile application (Android, iPhone & Windows) and know much more about it. This will be very beneficial for digital forensics experts and ethical hackers.

Mobile Security Framework on Kali Linux

Needless to say that we are living on digital era, and attacks on our digital life comes from everywhere. Mobile devices are very responsible for that. Attackers and bad guys maximum time tries to attack on our mobile devices.

They are creating malicious applications, bind payloads on our favorite applications and creating modded applications (those are juicy) and insert spyware codes inside it.

We need to be very careful before downloading any application from a third-party websites. Sometime even we can't trust on application stores. Apps like Stalkerware was banned from Google Play Store for spying on users.

We uses lots of mobile applications on our Android and iPhone devices. It is not possible to check every line of every third-party application we use. Sometimes we might counter with unknown application and we need to know "Is it safe ?"

In that case we can use MobSF. MobSF stands for Mobile Security Framework. We can analysis mobile applications of Android, iOS and Windows using mobile Security Framework. This automated open-source tool is created using Python3 language.

Mobile Security Framework has a Web-Based GUI (Graphical User Interface) that makes it so handy and easy. Let's see how we can install and run it on our Kali Linux system.

First of all we need to clone it from it's GitHub repository by using following command:

git clone https://github.com/MobSF/Mobile-Security-Framework-MobSF --depth=1

After applying this command Mobile Security Framework will be cloned on our system. It is a big tool (around 300MB) so it will take time depending on our internet speed.

Moblie Security Framework cloning github

After cloning the tool we just navigate inside it's directory by using cd command:

cd Mobile-Security-Framework-MobSF

Now we can see the files by using ls command:

Moblile Security Framework files Kali Linux

This tool is available for Windows, Mac and Linux. Windows have setup.bat and run.bat files but Mac and Linux user can follow our article. We need to run setup.sh file.

To run the setup.sh file we run following command:

./setup.sh

This command will install all the required dependencies to run Mobile Security Framework, as we can see in the following screenshot.

Mobile Security Framework setup.sh setting up

This setting up also might take some minutes depending on our internet speed.

After the installation complete we can use this tool by using run.sh command. As we previously told that this is a web based tool so we need to run it on our localhost server. To run it on our localhost with port 8000 (we can use any other port) by using following command:

./run.sh 127.0.0.1:8000

And Mobile Security Framework will started on 127.0.0.1:8080 as we can see in the following screenshot:

Mobile Security Framework running on Kali Linux

If we run only ./run.sh command without any localhost IP and port then it will start on 0.0.0.0:8000 by default.

Now we can navigate to the localhost link with our browser and we can see in the following screenshot that Mobile Security Framework is running. We like the color theme of main screen.

Mobile Security Framework Home Screen on Kali Linux

Here we upload any application for mobile (APK, IPA & APPX). To upload file we can use drag & drop or click and select.

Here for an example we have an malicious APK file on our Desktop.

Malicious mobile application

Now we drag & drop this on Mobile Security Framework and the toolkit started analy our APK file as we can see in the following screenshot:

Analysis of APK files in Mobile Security Framework on Kali Linux
It will take less then couple of minutes to analyze the application. After the analysis complete it will show us the result in front of us, as We can see in the following screenshot:

Mobile Security Framework Analysis Result
Now we can see all the results of scanning. Here we can see various scan results. We can see the file information and application information on the top & lots of other things.

We also can see de-compiled codes by using MobSF (Mobile Security Framework), as shown in the following screenshot:

De-compile section of MobSF
From the AndroidMainfest.xml we can see the permissions required by the application.

Mainfest.xml contains app permissions

Inside the source code we may got the Payload.java file and we have a chance to get attacker IP address from this.

These are the basics, there are lots of things to explore on this Mobile Security Framework. If we invest some time we can explore more in this awesome framework.

Mobile Security Framework is a grate tool for digital forensics on mobile applications. This is updated and very much popular among digital forensics experts and ethical hackers.

Liked our articles ?  Follow us by providing e-mail id to get instant upgraded articles directly on e-mail. We also post updated on Twitter and GitHub, make sure to follow us there.

Need any assistance or getting any problem ? Make sure to leave a comment in the comment section. We always reply.

author-img
Kali Linux

Comments

8 comments
Post a Comment
  • AnonymousFebruary 4, 2021 at 9:35 AM

    tried to install MobSF in kali but got the following:
    [INSTALL] Found Python 3.8.6
    /usr/bin/python3: No module name pip
    [ERROR] python3-pip not installed

    Delete Comment
    • Kali Linux photo
      Kali LinuxFebruary 4, 2021 at 9:42 AM

      You don't have python3-pip installed in your system. Please install it by using following command:

      sudo apt-get install python3-pip

      Delete Comment
    • AnonymousFebruary 4, 2021 at 10:01 AM

      That was quick. Thank you very much. I'll try it out and will get back to you

      Delete Comment
      • AnonymousFebruary 4, 2021 at 11:26 AM

        Hi! the sudo apt-get python3-pip worked was followed by:
        Failing command: ['/root/Mobile-Security-Framework-MobSF/venv/bin/python3', '-Im', 'ensurepip', '--upgrade', '--default-pip']
        [ERROR] Failed to create virtualenv. Please install MobSF requirements mentioned in Documentation.

        Delete Comment
        • Kali Linux photo
          Kali LinuxFebruary 4, 2021 at 5:19 PM

          Try following command and install virtual environment for python.

          sudo apt-get install python3-venv

          Then run the setup file again. Hope this will solve your problem.

          Delete Comment
        • AnonymousFebruary 5, 2021 at 9:34 AM

          Hi! I did the last instruction above and it did great and got to: Booting worker with PID: XXXX. But, it stopped there and would not proceed.
          I got 2 sets of warnings by the way:
          WARNING (1 time): The script pip, pip3, and pip3.9 are installed in '/root/.local/bin' which is not on PATH.
          WARNING (7 times): Dynamic Analysis related functions will not work. Make sure a Genymotion Android VM/Android Studio Emulator is running before performing Dynamic Analysis.

          Delete Comment
          • Kali Linux photo
            Kali LinuxFebruary 5, 2021 at 6:32 PM

            Hey, are you using Virtual Machine? You can not perform dynamic scan when host machine is VM.

            The first error is comes from your PATH. You need to specify your PATH on system, To solve it we need to know you are using bash or zsh on Kali Linux?

            Delete Comment
          • Miguel Castro photo
            Miguel CastroMarch 31, 2021 at 9:24 PM

            hola, tienen algun tutorial para instalar el genymotion correctamente en kali linux?

            Delete Comment
            google-playkhamsatmostaqltradent