Quick Tutorial: MobSF Installation on Linux/Windows

MobSF framework is an awesome tool for the security analysis of mobile applications. This tool supports both static and dynamic analysis. This tutorial covers MobSF installation on Linux-based distributions (e.g. Ubuntu) and Windows systems. Click Here if you are interested in the Top 15 Android Mobile App Penetration Testing Tools.

MobSF Installation on Linux

Step 1: Download MobSF installer on system

git clone https://github.com/MobSF/Mobile-Security-Framework-MobSF.git

If git not installed on machine,

sudo apt-get install git-all

Step 2: Change directory by using cd command

cd Mobile-Security-Framework-MobSF

Step 3: Run

./setup.sh

Got Error.

[ERROR] MobSF dependencies require Python 3.8/3.9. You have Python version 3.5.2 or python3 points to Python 3.5.2.

Update python to python3.9 by using below commands:

sudo apt-get update
mkdir ~/tmp
cd ~/tmp
wget https://www.python.org/ftp/python/3.9.0/Python-3.9.0.tgz
tar -xvzf Python-3.9.0.tgz
cd Python-3.9.0
./configure
sudo make install

Again Run.

./setup.sh

After successful installation. Shoot below command to run MobSF.

./run.sh 127.0.0.1:8000

Now, you can Access MobSF by browsing http://localhost:8000/

Easy Method: Install MobSF on Linux using docker

Step1: Install docker

sudo apt install docker.io

Step 2: Install MobSF

sudo docker pull opensecurity/mobile-security-framework-mobsf

Step 3: Run MobSF

sudo docker run -it – rm -p 8000:8000 opensecurity/mobile-security-framework-mobsf:latest

Now, access MobSF on browser by url http://127.0.0.1:8000

MobSF Installation on Windows

You need to install a lot of pre-requisites to install MobSF. Although, the MobSF installer guides you to install different programs. I am also listing some pre-requisites with a download link.

Click Here to download the python3.9 installer. After download, set up python by clicking on the binary.

In addition, Install OpenSSL non-light version.

Click Here to download Visual Basic and install by clicking on binary file.

We are using git utility to download and install MobSF. Click Here to Download git. After installation, click on the setup file and install it. To check the proper installation, open Terminal and type git.

Now, Install MobSF on Windows using simple 3 steps:

Step 1: Open Command Terminal. Download by using the git command or else you can download by browsing URL.

git clone https://github.com/MobSF/Mobile-Security-Framework-MobSF.git

Step 2: Change folder

cd Mobile-Security-Framework-MobSF

Step 3: Install

setup.bat

Run MobSF

run.bat 127.0.0.1:8000

Access MobSF by browsing http://localhost:8000/

First Test Run

I have downloaded a vulnerable android banking application by using this link and uploaded it on the tool. The tool will give you a report containing all possible vulnerabilities found in the vulnerable application. Security Analyst needs to verify all vulnerabilities provided by the tool and identify false positives.

Conclusion

MobSF is a versatile tool and helps in the early start of analysis of mobile applications. You can start analysis just by uploading apk or ipa file on the tool and you get a set of possible issues in applications.

Subscribe us to receive more such articles updates in your email.

If you have any questions, feel free to ask in the comments section below. Nothing gives me greater joy than helping my readers!

Disclaimer: This tutorial is for educational purpose only. Individual is solely responsible for any illegal act.

You may also like...

Leave a Reply

Your email address will not be published.