Zvese Nezve MobSF: Iyo Yakakosha Framework yeMobile Application Chengetedzo

  • MobSF chishandiso chakazara chekuongorora chekuchengetedza nharembozha, ichigonesa ese ari maviri uye ane simba ongororo pane akasiyana masisitimu anoshanda.
  • Iyi puratifomu inosanganisirwa zviri nyore muCI/CD uye DevSecOps maitiro, kufambisa otomatiki uye kuenderera kwekuongorora kwekusimudzira uye cybersecurity timu.
  • Iyo inopa intuitive interface uye akawanda ekuisa sarudzo kune vese novice uye yekuchengetedza nyanzvi vashandisi.
  • Ongororo yeMobSF inotangira pakuonekwa kwekusagadzikana, mvumo inonzwisisika, uye kuratidzwa kwedata pakuyedzwa kwehunhu panguva yekushandisa.
Isaac

7 maminitsi

mobsf

Chengetedzo mumashandisirwo enharembozha yave kunetsekana kukuru kune mabhizinesi, vanogadzira, uye cybersecurity nyanzvi. Kuwedzera kwekutyisidzira kwenharembozha, pamwe nekuoma kuri kukura kwemashandisirwo ehurongwa uye software yatinoshandisa mazuva ese, yaburitsa kudiwa kusingamisikike kwezvishandiso zvinotitendera kutarisira uye kudzikisira njodzi mu Android, iOS, uye Windows Mobile nharaunda.

Muchirevo ichi, MobSF, acronym yeMobile Security Framework, yakazvimisikidza seimwe yezvishandiso zvakasimba, zvinogoneka uye zvinokosheswa. nenharembozha chengetedzo yekuongorora nyanzvi. Muchinyorwa chino, iwe uchadzidza kuti MobSF chii, maficha ayo epakati, chiyero cheanalytics yayo, kuti inogona kubatanidzwa sei muDevSecOps workflows, uye nei yave chirevo chakakosha chekuongorora uye kuongorora nharembozha.

Chii chinonzi MobSF uye nei yakakosha kune nharembozha?

Mobile Security Framework (MobSF) ndeye yakavhurika-sosi sisitimu yakagadzirirwa kuongororwa kwekuchengetedza nharembozha pamapuratifomu akawanda, anosanganisira Android, iOS, uye Windows. Ichi chishandiso chinokutendera kuti uite ese ari maviri static ongororo (kuongorora iyo kodhi pasina kuita kuti iite) uye ine simba ongororo (kuona maitiro ayo munguva chaiyo) nenzira yakanyanyisa uye yepakati. Nekutsigira mawedzero akadai seAPK, IPA, APPX, uye zvakare kodhi kodhi, MobSF ine yakasarudzika yekuvhara yehupenyu hwese hwembozha application.

Kukosha kwayo kuri mukukwanisa kwayo kuona kusazvibata, kusachengeteka zvigadziriso, mvumo ine njodzi, zvitupa zvinonyumwira, uye chero angangoita kurwisa mavector app isati yasvika kumushandisi wekupedzisira. Pamusoro pezvo, inofambisa kuedzwa nguva dzose uye kuenderera mberi kwekutarisa nekuda kwekubatanidzwa kwayo kwekare neREST APIs uye kuenderera mberi kwekubatanidza / kuchengetedza kusimudzira (CI/CD, DevSecOps) zvishandiso, nekudaro kuvhara loop pakati pebudiriro nechengetedzo.

Huru tekinoroji maitiro eMobSF

mobsf framework

MobSF yakawanda kupfuura yakapusa chengetedzo scanner: ipuratifomu yemultidisciplinary yekuongorora uye kuongororwa kwemarware mumashandisirwo enhare. Zvikuru zvayo zvinosanganisira:

  • Automated static analysis: inokutendera kuti utarise mabhinari, maratidziro, mvumo, zvitupa, sosi kodhi (Java, Smali, Swift, nezvimwewo), zvinoenderana, uye nekumisikidzwa kweapp, zvese pasina kumhanyisa application.
  • Dynamic analysis: Iyo inogonesa iyo application kuti ivhurwe munzvimbo dzakadzorwa (emulators kana chaiwo madivayiri), kutarisa maitiro ayo, network traffic, API mafoni, kushandiswa kwe data rakajeka, nezvimwe.
  • Cross-platform kuenderana: Inotsigira APK (Android), IPA (iOS), APPX (Windows Mobile) mafaera uye ZIP yakamanikidzwa sosi kodhi.
  • Kubatanidzwa neDevSecOps: Kutenda kune yayo REST uye CLI APIs, MobSF inogona kuverengerwa muCI/CD mapaipi kuti iite otomatiki cheki chekuchengetedza nekutumirwa kwega kwega kana kugadzirisa.
  • Flexible deployment: Inogona kuiswa mukati uye kumaseva ari kure, ine sarudzo dzeDocker, otomatiki zvinyorwa, uye kutsigirwa kweLinux, Windows, uye Mac nharaunda.
  • Mushandisi-ane hushamwari pawebhu interface: Dashboard yayo inobvumidza iwe kurodha maapplication nekudhonza uye kudonhedza mafaera uye kuona mishumo munguva chaiyo, zvichiita kuti zvive nyore kune ese marudzi emaprofile.

Ini ndinoisa sei MobSF? Maitiro uye zvinodiwa

Kuiswa kweMobSF kuri nyore uye kuchinjika, kuchinjira kune akasiyana masisitimu anoshanda uye zvido zvevashandisi. Vagadziri vayo vakapa zvinyorwa zvekuendesa chishandiso nekukurumidza, kunyanya kushandisa Docker, iyo inobatsira kudzivirira nyaya dzekuenderana.

Manual kuiswa paLinux

Kana iwe uchida yakasarudzika Linux kuisirwa, aya ndiwo anowanzo nhanho:

  1. Isa masisitimu zvinoenderana ne:
    sudo apt install python3-dev python3-venv python3-pip build-essential libffi-dev libssl-dev libxml2-dev libxslt1-dev libjpeg8-dev zlib1g-dev wkhtmltopdf
  2. Isa mamwe maturusi:
    • git: sudo apt-get install git
    • Python 3.7/3.8: sudo apt-get install python3.7
    • Java JDK 8 kana kupfuura: sudo apt-get install openjdk-8-jdk
  3. Clone iro repamutemo repamutemo:
    git clone https://github.com/MobSF/Mobile-Security-Framework-MobSF.git
  4. Svika iyo dhairekitori uye wotanga iyo installer:
    cd Mobile-Security-Framework-MobSF && ./setup.sh
  5. Mhanya sevha munharaunda yako kana pane yaunoda IP:
    ./run.sh 127.0.0.1:8000

Kuongorora kwakasimba, zvinokurudzirwa kuve neGenymotion, Android Studio Emulator kana Genymotion Cloud VM, kufambisa kutevedzera kwenharembozha dzakachengeteka.

Kurumidza kuisirwa neDocker

Kana iwe uchida kudzivirira kupokana kwekutsamira kana uri kutsvaga kumhanya, Docker ndiyo inosarudzwa nenharaunda. Ingo mhanyisa iyo mirairo inokurudzirwa mune zviri pamutemo zvinyorwa kuti MobSF isimuke uye ichimhanya mumaminitsi, zvisinei neiyo base inoshanda sisitimu.

Nhanho-ne-nhanho interface uye mushandisi kuyerera

Kamwe MobSF yaiswa, kupinda kunoitwa kuburikidza newebhu browser, uchishandisa IP uye chiteshi chakapihwa panguva yekuiswa. Iyo interface iri nyore uye yakatarisana nekubudirira:

  1. Kuisa uye kusarudza faira: Dhonza iyo bhinari (APK, IPA, APPX) kana yakamanikidzwa kodhi yaunoda kuongorora.
  2. Running static analysis: Pakurodha faira, MobSF inotanga ongororo, ichigadzira rondedzero yakazara pamusoro pemvumo, zviratidziro, kodhi, maraibhurari, zvitupa, mabhinari, tambo, uye njodzi dzinogona kuitika.
  3. Dynamic analysis (optional): Sarudza sarudzo yekutangisa ongororo munzvimbo inotevedzerwa. Pano, MobSF ichaisa iyo app, itarise maitiro ayo, kuona network traffic, kuwana dhatabhesi, ine simba kodhi kurodha, uye chero chiitiko chekufungidzira.
  4. Kutarisa mhinduro: Mishumo yacho yakajeka uye yakakamurwa nechikamu, zvichiita kuti zvive nyore kufamba kuburikidza nezviziviso zvezviitiko, masevhisi, vanogamuchira, vanopa, mvumo, uye kusazvibata kwakaonekwa.

Iyi yese maitiro akagadzirirwa kuchengetedza vanoongorora nguva uye kuita kududzira data kuve nyore kune vese vehunyanzvi uye vasiri tekinoroji nyanzvi.

Static Analysis Details: Chii Chaizvo Chinotariswa neMobSF?

MobSF inoita yakadzama scan yechinhu chimwe nechimwe che mobile app kuona njodzi, kushaya simba, uye kuchengetedzwa kuratidzwa. Nzvimbo dzakakosha dzakaongororwa dzinosanganisira:

  • General file information: Saizi, zita, hashi (MD5, SHA1, SHA256) kuona uye kuenzanisa masampuli kana kuona mafaera anoramba achidzokororwa.
  • Ratidza uye metadata: Inobvisa zvemukati kubva kuAndroidManifest.xml, sezita repasuru, chikuru chiitiko, vhezheni, mvumo yakakumbirwa, kutumira kunze kwenyika, masevhisi, uye zvimwe zvakakosha-zvekuchengetedza zvigadziriso.
  • Kuzivikanwa kwezvinhu zvinotengeswa kunze kwenyika: Inoona kuti zvingani zviitwa, masevhisi, vanogamuchira, uye vanopa vanoburitswa, kufambisa kuzivikanwa kweanogona kupinda nzvimbo dzekurwiswa.
  • Ongororo yekwakabva uye binary kodhi: Inotarisa Java, Smali, Swift, uye imwe kodhi yemapateni asina kuchengetedzeka, yakakosha basa rekushandisa, ine simba kurodha, kuratidza, encryption, obfuscation, uye yemuno kodhi kuuraya.
  • Digital certificates: Inotaridza kuti ndeupi sangano rakasaina chikumbiro, kuona zvitupa zvinozivikanwa kusaina malware kana kushandisa zvakare mumapurogiramu anofungidzirwa, zvichibatsira kuronda mhuri dzine njodzi.
  • Mvumo uye njodzi dzakabatana: Anonyora uye anoisa mumapoka ega ega akakumbirwa mvumo, yambiro nezve izvo zvinogona kuunza njodzi huru kune kuvanzika kwevashandisi uye kuchengetedzeka.
  • System APIs nemaraibhurari anoshandiswa: Iyo inoongorora mashandisirwo ehurongwa hwemadhizaini, kuona kana iyo app ichisvika zvine njodzi kana masevhisi mabasa (nzvimbo, kamera, SMS, vanobatika, nezvimwewo).
  • Mamwe mitemo yekuchengetedza: Inosanganisira ma modules ekuona tambo dzakasimba, zviitiko zvakavanzika, zvigadziriso zvisina kusimba, uye zvimwe zvinhu zvinogona kuenda zvisingaonekwe mukuongororwa kwemanyorero.

Dynamic analysis inoshanda sei? Advanced monitoring

Ongororo yeDynamic inokutendera kuti utarise maitiro echishandiso panguva yekuitwa kwepasirese munzvimbo inodzorwa uye inotariswa, pasina kuisa chaiwo zvishandiso kana ruzivo rwakavanzika panjodzi. Zvimwe zvezvikwanisiro zvinonyanya kukosha ndezvi:

  • Chaiyo-nguva yekutarisa yeapp inoshanda pane emulator: MobSF inoisa iyo application munzvimbo chaiyo, ichibvumira mabasa ayo ese kutangwa uye kutora maitiro ayo, network yekubatanidza, zvikumbiro zvekunze, kuendesa data, uye zviitiko zvisina kunyorwa.
  • Kutora network traffic uye data yakabatwa: Iyo inotarisisa kana iyo app ichitumira ruzivo rwakadzama pasina encryption, inobatanidza kune anofungidzirwa maseva, kana kufumura data kuburikidza nematanho asina kubvumidzwa.
  • Kuwanikwa kwemukati dhatabhesi uye kuongororwa kwemafaira akagadzirwa: MobSF inotarisa kana iyo app inochengeta ruzivo nenzira isina kuchengeteka kana kushandisa matekiniki kunzvenga kuongorora kana kushandura.
  • Dynamic load yekuona uye auto-yakagadzirwa kodhi: Iyo dhizaini inotarisisa kana iyo app inorodha executable kana mamodule munguva chaiyo, tsika yakajairika mune advanced mobile malware.

Iyi kusanganiswa kweiyo static uye ine simba yekuongorora inopa maonero akakwana ega yega yega mobile app njodzi, zvichiita kuti inyanyo batsira kune vanogadzira, maodhita, uye peni vanoedza zvakafanana.


Siya yako yekutaura

Your kero e havazobvumirwi ichibudiswa. Raida minda anozivikanwa ne *

*

*