Lab Setup

Lab Setup
- Steps
- References

Steps

Install Android SDK
1. Android Studio
2. ADB
Install following tools:
1. Enjarify
2. JD-GUI
3. APKTool
4. SignApk
5. SQLite Browser
Setup MobSF
Setup Drozer

Install Android Studio

Copy android-studio-ide-183.5522156-linux.tar.gz file from ./android-pentesting/installers/android-studio-ide path.

Run following command:

tar xvzf android-studio-ide-183.5522156-linux.tar.gz

A new folder named as android-studio would be created in the destination path.
Right-click on android-studio folder and select the option Open in Terminal, from the context menu.
Run following command:
```
$ ./bin/studio.sh
```
Android Studio should start.

Install Android Debug Bridge

Copy platform-tools_r28.0.3-linux.zip file from ./android-pentesting/installers/adb path.
Open a terminal and run the following command:
```
$  unzip platform-tools_r28.0.3-linux.zip
```
A new folder named as platform-tools would be created in the destination path.
Right-click on platform-tools folder and select the option Open in Terminal, from the context menu.
Run following command:
```
$ ./adb devices
```

Enjarify

Install Python3.
Install virtualenv by running following command:
```
 $ pip install virtualenv
```
Create a virtual environment named as venv3:
```
 $ virtualenv -p /usr/bin/python3 venv3
```
Activate the virtual environment by running following command:
```
 $ source venv3/bin/activate
 (venv3) $
```
Note: To deactiavate the virtual environment, run the command deactivate.
Copy enjarify-1.0.3.zip file from ./android-pentesting/installers path.
Open a terminal and run the following command:
```
$  unzip enjarify-1.0.3.zip
```
A new folder named as enjarify-1.0.3 would be created in the destination path.
Right-click on enjarify-1.0.3 folder and select the option Open in Terminal, from the context menu.
Ensure that Python3 virtual environment is active (see step #4 above).
Run following command to test if enjarify installation was successful:
```
(venv3) $ ./enjarify.sh
```

JD-GUI

Copy jd-gui-1.5.0.jar file from ./android-pentesting/installers path.
Open a terminal and run the following command:
```
$ java -jar jd-gui-1.5.0.jar
```
A Graphical User Interface of JD-GUI tool should open.

APKTool

Copy Linux wrapper script file apktool from ./android-pentesting/installers/Apktool/Wrapper/linux path.
Copy apktool.jar file from ./android-pentesting/installers/Apktool path.
Open a terminal and run following commands to make the files executable:
```
 $ chmod +x apktool
 $ chmod +x apktool.jar
```
Move both files (apktool.jar & apktool) to /usr/local/bin directory by running following commands:
```
 $ sudo mv ./apktool.jar /usr/local/bin/
 $ sudo mv ./apktool /usr/local/bin
```
Note: Root permissions are required.
Type the command apktool in your terminal.
Copy sieve.apk file from ./android-pentesting/ path.
Open a terminal and run following command to decode the APK:
```
 $ apktool d sieve.apk
```
Open a terminal and run following command to build the decoded application:
```
 $ apktool b sieve/ -o new_sieve.apk
```

SignApk

After the APK is built, it is important to sign it. The signature ensures that the app is genuine and comes from a trusted source.

Copy sign.jar file from ./android-pentesting/installers path.
Open a terminal and run following command to sign an APK:
```
 $ java -jar sign.jar new_sieve.apk
```

SQLite Browser

Open a terminal and run following command to install sqlitebrowser:
```
 $ sudo apt-get install sqlitebrowser
```
Start the SQLite browser by running following command:
```
 $ sqlitebrowser
```

Setup MobSF

Open a terminal and run following command:

 $ sudo docker run -it -p 8000:8000 opensecurity/mobile-security-framework-mobsf:latest

Open a browser and navigate to: http://127.0.0.1:8000/
Upload an APK file and wait to see the results of static analysis.
Copy MobSF_VM_0.3.ova file from ./android-pentesting/VM path.
Open VirtualBox and import the copied OVA file.
Start the imported virtual machine.
While the VM is Booting up. Note down the VM IP.
If the VM is not showing an IP, that means your Virtualbox network is not configured properly. Follow the steps given below.
1. In VirtualBox, open the Host Network Manager (File > Host Network Manager)
2. If a host network is not already present, create a new host network.
3. In the host network's DHCP settings tab (viewable by clicking "Properties") make sure the "DHCP Enabled" box is checked.
Once the VM Boots up, It will present a Lock Screen. The password for the Lock Screen is 1234.

NOTE: If the VM does not boot up properly then you cannot perform Dynamic Analysis with MobSF VM.
In your host machine, run the command ifconfig in a terminal, and note down the IP corresponding to the name of the Host-only Adapter (e.g, vboxnet0).

NOTE: The VirtualBox Host-Only Adapter IP and MobSF VM IP should be in the same network range. If your MobSF VM IP and Adapter IP are in different network range, modify the Adapter IP to be in the same network range as that of MobSF VM IP.
In the MobSF VM, go to Settings > Wi-Fi > WiredSSID.
Long press on WiredSSID.
Select Modify network.
Set the Proxy IP as the Host/Proxy IP which you have obtained from the previous step (#10).
Set port no as 1337.
Save the settings and navigate to the Home Screen of MobSF VM.
Wait for 30 seconds and take a snapshot of the MobSF VM in VirtualBox.
Once the snapshot is saved, right click MobSF VM and select Show in File Manager.
Open the File MobSF_VM_X.X.vbox in any Text Editor

Search for the term <Machine uuid=.

<Machine uuid="{851b9849-e6de-4c9a-a506-441e2902fcff}" name="MobSF_VM_0.2" OSType="Linux" currentSnapshot="{46d9gde4-b9cf-4cs2-b39f-99f88258d55d}" snapshotFolder="Snapshots" lastStateChange="2019-05-24T02:09:53Z">

Note down the value of uuid as "VM UUID"
Note down the value of currentSnapshot as "Snapshot UUID".
Run following command and obtain the container ID (e.g., 6cjk1e37h81a):
```
$ sudo docker ps -a | grep mobsf
```
Run following command and copy the settings.py file to your host machine.
```
$ sudo docker cp <CONTAINER_ID>:/root/Mobile-Security-Framework-MobSF/MobSF/settings.py ./
```
Note: Replace <CONTAINER_ID> with actual value.
Open the settings.py file in a text editor, and set appropriate values for UUID, SUUID, VM_IP and PROXY_IP:
- UUID = VM UUID
- SUUID = Snapshot UUID
- VM_IP = VM IP
- PROXY_IP = Host/Proxy IP
Set ANDROID_DYNAMIC_ANALYZER = "MobSF_VM"
Move the modified settings.py file into the running MobSF docker container by running following commands:
```
$ sudo docker cp ./settings.py <CONTAINER_ID>:/root/Mobile-Security-Framework-MobSF/MobSF/settings.py
```
Note: Replace <CONTAINER_ID> with actual value.

Stop and restart the container by running following commands:

$ sudo docker stop <CONTAINER_ID>
$ sudo docker start <CONTAINER_ID>

This will configure MobSF to use Android VirtualBox VM for Dynamic Analysis.

Setup Drozer

Copy Androl4b.ova file from ./android-pentesting/VM path.
Open VirtualBox and import the copied OVA file.
Start the imported virtual machine.
When prompted for credentials, enter username as andro and password as andro.
Click on the "Emulator" desktop icon.
Start the drozer Agent app and ensure that "Embedded Server" is switched on.
Click on Terminus icon from the bottom tray, and select the New terminal option.
We need to set up a suitable port forward so that our PC can connect to a TCP socket opened by the drozer Agent inside the emulator, or on the device. By default, drozer uses port 31415. Run the following command in the terminal:
```
 $ adb forward tcp:31415 tcp:31415
```
Start drozer CLI by running following command:
```
  $ drozer console connect
```

Lab Setup

Lab Setup

Steps

Install Android Studio

Install Android Debug Bridge

Enjarify

JD-GUI

APKTool

SignApk

SQLite Browser

Setup MobSF

Setup Drozer

References

results matching ""

No results matching ""