移动端安全框架：MobSF：概要与使用

MobSF是Mobile Security Framework的缩写，是一个移动端应用安全问题检出的框架和工具，它适用于Android/iOS/Windows，能够执行动态和静态的恶意软件的分析和检测。支持Android和iOS以及Windows移动应用，无论是二进制方式还是压缩的源代码都可以进行检测。MobSF将数据保持在本地环境之中，所以可以不必担心应用和相关的数据被送至云端。另外，对于ssl链接/简单的加密方式/硬编码的密件信息等MobSF也进行了重点地关注。

MobSF概要信息

项目	说明
开源/闭源	开源
License类别	GPL v3.0 License
代码管理地址	https://github.com/MobSF/Mobile-Security-Framework-MobSF
开发语言	Python,Snail,JavaScript
支持平台	提供官方镜像，可运行于容器之中
当前版本	v0.9.5.5 Beta（2017/12/17）

2018开发计划

使用MobSF

本文使用最简单的方式通过官方镜像的方式来使用MobSF。可以使用如下步骤简单进行

步骤	说明	命令
步骤1	下载镜像	docker pull opensecurity/mobile-security-framework-mobsf
步骤2	启动容器	docker run -it -p 8000:8000 opensecurity/mobile-security-framework-mobsf:latest
步骤3	访问服务	http://127.0.0.1:8000
步骤4	上传Android或者iOS应用并确认结果	-

执行日志

下载镜像

[root@devops ~]# docker pull opensecurity/mobile-security-framework-mobsf
Using default tag: latest
latest: Pulling from opensecurity/mobile-security-framework-mobsf
68393378db12: Pull complete 
...省略 
Digest: sha256:89df8be7e2991ae6c10fe02d91ce7eff4f976697a34551744c4cd4732a606098
Status: Downloaded newer image for opensecurity/mobile-security-framework-mobsf:latest
[root@devops ~]#

镜像尺寸较大, 目前版本达2.15G

[root@devops ~]# docker images |grep mobsf
opensecurity/mobile-security-framework-mobsf   latest              b7308c12af38        2 weeks ago         2.15 GB
[root@devops ~]#

启动容器

[root@devops ~]# docker run -it -p 8000:8000 opensecurity/mobile-security-framework-mobsf:latest
[INFO] Loading User config from: /root/.MobSF/config.py

  __  __       _    ____  _____         _   ___  
 |  \/  | ___ | |__/ ___||  ___| __   _/ | / _ \ 
 | |\/| |/ _ \| '_ \___ \| |_    \ \ / / || | | |
 | |  | | (_) | |_) |__) |  _|    \ V /| || |_| |
 |_|  |_|\___/|_.__/____/|_|       \_/ |_(_)___/ 




Mobile Security Framework v1.0 Beta

REST API Key: d6abbc7a15d6fc66e86c0483a4bc8f1835f82f953c5244f6443d925aeb65b08b
OS: Linux
Platform: Linux-3.10.0-693.el7.x86_64-x86_64-with-Ubuntu-17.10-artful
Dist: ('Ubuntu', '17.10', 'artful')
[INFO] Finding JDK Location in Linux/MAC....
[INFO] JDK 1.7 or above is available

[WARNING] Could not find VirtualBox path.
[INFO] MobSF Basic Environment Check
[INFO] Checking for Update.

[INFO] No updates available.
No changes detected
[INFO] Loading User config from: /root/.MobSF/config.py

  __  __       _    ____  _____         _   ___  
 |  \/  | ___ | |__/ ___||  ___| __   _/ | / _ \ 
 | |\/| |/ _ \| '_ \___ \| |_    \ \ / / || | | |
 | |  | | (_) | |_) |__) |  _|    \ V /| || |_| |
 |_|  |_|\___/|_.__/____/|_|       \_/ |_(_)___/ 




Mobile Security Framework v1.0 Beta

REST API Key: d6abbc7a15d6fc66e86c0483a4bc8f1835f82f953c5244f6443d925aeb65b08b
OS: Linux
Platform: Linux-3.10.0-693.el7.x86_64-x86_64-with-Ubuntu-17.10-artful
Dist: ('Ubuntu', '17.10', 'artful')
[INFO] Finding JDK Location in Linux/MAC....
[INFO] JDK 1.7 or above is available

[WARNING] Could not find VirtualBox path.
[INFO] MobSF Basic Environment Check
[INFO] Checking for Update.

[INFO] No updates available.
No changes detected in app 'StaticAnalyzer'
[INFO] Loading User config from: /root/.MobSF/config.py

  __  __       _    ____  _____         _   ___  
 |  \/  | ___ | |__/ ___||  ___| __   _/ | / _ \ 
 | |\/| |/ _ \| '_ \___ \| |_    \ \ / / || | | |
 | |  | | (_) | |_) |__) |  _|    \ V /| || |_| |
 |_|  |_|\___/|_.__/____/|_|       \_/ |_(_)___/ 




Mobile Security Framework v1.0 Beta

REST API Key: d6abbc7a15d6fc66e86c0483a4bc8f1835f82f953c5244f6443d925aeb65b08b
OS: Linux
Platform: Linux-3.10.0-693.el7.x86_64-x86_64-with-Ubuntu-17.10-artful
Dist: ('Ubuntu', '17.10', 'artful')
[INFO] Finding JDK Location in Linux/MAC....
[INFO] JDK 1.7 or above is available

[WARNING] Could not find VirtualBox path.
[INFO] MobSF Basic Environment Check
[INFO] Checking for Update.

[INFO] No updates available.
Operations to perform:
  Apply all migrations: StaticAnalyzer, auth, contenttypes, sessions
Running migrations:
  Applying StaticAnalyzer.0001_initial... OK
  Applying contenttypes.0001_initial... OK
  Applying contenttypes.0002_remove_content_type_name... OK
  Applying auth.0001_initial... OK
  Applying auth.0002_alter_permission_name_max_length... OK
  Applying auth.0003_alter_user_email_max_length... OK
  Applying auth.0004_alter_user_username_opts... OK
  Applying auth.0005_alter_user_last_login_null... OK
  Applying auth.0006_require_contenttypes_0002... OK
  Applying auth.0007_alter_validators_add_error_messages... OK
  Applying auth.0008_alter_user_username_max_length... OK
  Applying auth.0009_alter_user_last_name_max_length... OK
  Applying sessions.0001_initial... OK
[INFO] Loading User config from: /root/.MobSF/config.py
[INFO] Loading User config from: /root/.MobSF/config.py
Performing system checks...


  __  __       _    ____  _____         _   ___  
 |  \/  | ___ | |__/ ___||  ___| __   _/ | / _ \ 
 | |\/| |/ _ \| '_ \___ \| |_    \ \ / / || | | |
 | |  | | (_) | |_) |__) |  _|    \ V /| || |_| |
 |_|  |_|\___/|_.__/____/|_|       \_/ |_(_)___/ 




Mobile Security Framework v1.0 Beta

REST API Key: d6abbc7a15d6fc66e86c0483a4bc8f1835f82f953c5244f6443d925aeb65b08b
OS: Linux
Platform: Linux-3.10.0-693.el7.x86_64-x86_64-with-Ubuntu-17.10-artful
Dist: ('Ubuntu', '17.10', 'artful')
[INFO] Finding JDK Location in Linux/MAC....
[INFO] JDK 1.7 or above is available

[WARNING] Could not find VirtualBox path.
[INFO] MobSF Basic Environment Check
[INFO] Checking for Update.

[INFO] No updates available.
System check identified no issues (0 silenced).
May 24, 2018 - 11:29:06
Django version 2.0.5, using settings 'MobSF.settings'
Starting development server at http://0.0.0.0:8000/
Quit the server with CONTROL-C.

访问服务

上传Android或者iOS应用并确认结果

下载一个Android的apk文件并进行分析，这里我们从Pconline上下载一下工商银行的手机应用并进行上传

稍等片刻，即可确认整体的结果了