Konke NgeMobSF: Isakhelo esiBalulekileyo soKhuseleko lweSicelo seMobile

  • I-MobSF sisixhobo esibanzi sohlalutyo lokhuseleko lwesicelo, esenza ukuba uvandlakanyo olungaguquguqukiyo noluguquguqukayo lusebenze kwiinkqubo ezahlukeneyo zokusebenza.
  • Iqonga lidibanisa ngokulula kwiinkqubo ze-CI / CD kunye ne-DevSecOps, ukuququzelela uphicotho oluzenzekelayo noluqhubekayo lophuhliso kunye namaqela e-cybersecurity.
  • Ibonelela ngojongano olubonakalayo kunye neendlela ezininzi zokusasaza kubo bobabini abaqalayo kunye nabasebenzisi beengcali zokhuseleko.
  • Uhlalutyo lwe-MobSF lusukela ekubhaqweni kokuba sesichengeni, iimvume ezibuthathaka, kunye nokuvezwa kwedatha kuvavanyo lokuziphatha ngexesha lokwenziwa kwesicelo.
Isaac

Imizuzu ye7

mobsf

Ukhuseleko kwizicelo zeselula kuye kwaba yinkxalabo enkulu kumashishini, abaphuhlisi, kunye neengcali zokhuseleko lwe-cyber. Ukwanda kwezisongelo zeselula, kunye nokukhula kobunzima beenkqubo zokusebenza kunye nesoftware esiyisebenzisa yonke imihla, yenze imfuno engenakuthintelwa yezixhobo ezisivumela ukuba silindele kwaye sinciphise imingcipheko kwi-Android, iOS, kunye ne-Windows Mobile.

Kule meko, I-MobSF, isifinyezo seSikhokelo soKhuseleko lweMobile, izimise njengenye yezona zixhobo zinamandla, eziguquguqukayo nezixatyiswayo. ngeengcali zohlalutyo lokhuseleko lwesicelo seselula. Kweli nqaku, uya kufunda ukuba yintoni i-MobSF, eyona nto iphambili kuyo, umda wohlalutyo lwayo, inodityaniswa njani nokuhamba komsebenzi we-DevSecOps, kwaye kutheni ibe sisalathiso esibalulekileyo sokuvavanya kunye nokuvavanya ii-apps eziphathwayo.

Yintoni i-MobSF kwaye kutheni ibaluleke kangaka kukhuseleko lweselula?

Isakhelo soKhuseleko lweMobile (i-MobSF) sisikhokelo somthombo ovulekileyo olungiselelwe uhlalutyo lokhuseleko lwezicelo zeselula kumaqonga amaninzi, kubandakanya i-Android, iOS, kunye neWindows. Esi sixhobo sikuvumela ukuba wenze uhlalutyo lwe-static (ukuvavanya ikhowudi ngaphandle kokuyenza) kunye nohlalutyo oluguqukayo (ukuqwalasela ukuziphatha kwayo ngexesha lokwenyani) ngendlela ezenzekelayo kunye nephakathi. Ngokuxhasa izandiso ezifana ne-APK, i-IPA, i-APPX, kunye nekhowudi yomthombo, i-MobSF inokhuselo olukhethekileyo kubomi bonke besicelo esiphathwayo.

Ukubaluleka kwayo kulele ekukwazini kwayo ukuchonga ubuthathaka ngokuzenzekelayo, ulungelelwaniso olungakhuselekanga, iimvume ezinobungozi, izatifikethi ezirhanelwayo, kunye naziphi na iivektha zohlaselo ezinokubakho phambi kokuba i-app ifike kumsebenzisi wokugqibela. Ukongezelela, iququzelela uvavanyo oluqhelekileyo kunye nokubeka iliso ngokuqhubekayo ngenxa yokuhlanganiswa kwayo kwendabuko kunye ne-REST APIs kunye nokuhlanganiswa okuqhubekayo / uphuhliso olukhuselekileyo (CI / CD, DevSecOps) izixhobo, ngaloo ndlela kuvala i-loop phakathi kophuhliso kunye nokhuseleko.

Iimpawu eziphambili zobugcisa beMobSF

isakhelo se-mobsf

I-MobSF ingaphezulu kweskena esilula sokhuseleko: liqonga lezinto ezininzi zokuvavanya kunye nohlalutyo lwe-malware kwizicelo eziphathwayo. Iimpawu zayo eziphambili ziquka:

  • Uhlalutyo oluzenzekelayo olumileyo: ikuvumela ukuba uhlole okubini, umboniso, iimvume, izatifikethi, ikhowudi yemvelaphi (Java, Smali, Swift, njalo-njalo), ukuxhomekeka, kunye noqwalaselo lwesicelo, zonke ngaphandle kokuqhuba isicelo.
  • Uhlalutyo olunamandla: Yenza ukuba isicelo siqaliswe kwiindawo ezilawulwayo (i-emulators okanye izixhobo ezibonakalayo), ukubeka esweni ukuziphatha kwayo, i-traffic traffic, iifowuni ze-API, ukusetyenziswa kwedatha ebuthathaka, kunye nokunye.
  • Ukuhambelana kweqonga: Ixhasa i-APK (i-Android), i-IPA (i-iOS), i-APPX (i-Windows Mobile) iifayile kunye nekhowudi yomthombo ocinezelweyo we-ZIP.
  • Ukudityaniswa ne-DevSecOps: Ndiyabulela kwi-REST yayo kunye ne-CLI APIs, i-MobSF inokubandakanywa kwimibhobho ye-CI / CD ukuze yenze ngokuzenzekelayo ukuhlolwa kokhuseleko kunye nokuthunyelwa okanye ukuhlaziywa ngalunye.
  • Ukusasazwa okuguquguqukayo: Inokufakwa kwindawo kunye nakwiiseva ezikude, kunye nokhetho lwe-Docker, izikripthi ezizenzekelayo, kunye nenkxaso ye-Linux, Windows, kunye ne-Mac.
  • Ujongano lwewebhu olusebenziseka lula: Ideshibhodi yayo ikuvumela ukuba ulayishe usetyenziso ngokutsala kunye nokulahla iifayile kwaye ujonge iingxelo ngexesha langempela, okwenza kube lula kuzo zonke iintlobo zeeprofayili.

Ndiyifaka njani iMobSF? Inkqubo kunye neemfuno

Ufakelo lweMobSF lulula kwaye lubhetyebhetye, luziqhelanisa neenkqubo ezahlukeneyo zokusebenza kunye nezinto ezikhethwa ngumsebenzisi. Abaphuhlisi bayo banikeze izikripthi zokusebenzisa isixhobo ngokukhawuleza, ngakumbi ukusebenzisa i-Docker, enceda ukuphepha imiba yokuhambelana.

Ukufakela ngesandla kwiLinux

Ukuba ukhetha ukufakwa kweLinux yakudala, la ngamanyathelo aqhelekileyo:

  1. Faka ukuxhomekeka kwenkqubo nge:
    sudo apt install python3-dev python3-venv python3-pip build-essential libffi-dev libssl-dev libxml2-dev libxslt1-dev libjpeg8-dev zlib1g-dev wkhtmltopdf
  2. Faka izixhobo ezongezelelweyo:
    • Isini: sudo apt-get install git
    • Inhlwathi 3.7/3.8: sudo apt-get install python3.7
    • Java JDK 8 okanye ngaphezulu: sudo apt-get install openjdk-8-jdk
  3. Clone indawo yokugcina esemthethweni:
    git clone https://github.com/MobSF/Mobile-Security-Framework-MobSF.git
  4. Fikelela kulawulo kwaye uqalise isifakeli:
    cd Mobile-Security-Framework-MobSF && ./setup.sh
  5. Sebenzisa iseva kwindawo okanye kwi-IP efunwayo:
    ./run.sh 127.0.0.1:8000

Uhlalutyo oluguquguqukayo, kucetyiswa ukuba ube neGenymotion, i-Android Studio Emulator okanye iGenymotion Cloud VM, iququzelele ukulinganiswa kwezixhobo eziphathwayo ezikhuselekileyo.

Ukufakwa ngokukhawuleza kunye neDocker

Ukuba ufuna ukunqanda iingxabano zokuxhomekeka okanye ujonge isantya, iDocker lukhetho olukhethwa luluntu. Qhuba ngokulula imiyalelo ecetyiswayo kumaxwebhu asemthethweni ukuze i-MobSF iphakame kwaye isebenze ngemizuzu, nokuba yeyiphi na inkqubo yokusebenza.

Inyathelo ngenyathelo ujongano kunye nokuhamba komsebenzisi

Nje ukuba i-MobSF isetyenziswe, ukufikelela kusetyenziswa isikhangeli sewebhu, usebenzisa i-IP kunye ne-port eyabelwe ngexesha lofakelo. I-interface ilula kwaye ijolise kwimveliso:

  1. Ukulayisha kunye nokukhetha ifayile: Tsala i-binary (APK, IPA, APPX) okanye ikhowudi ecinezelweyo ofuna ukuyihlalutya.
  2. Ukwenza uhlalutyo olungagungqiyo: Emva kokulayisha ifayile, i-MobSF iqala ukuhlalutya, ivelisa ingxelo ebanzi malunga neemvume, izibonakaliso, ikhowudi, iilayibrari, izatifikethi, iibhinari, iintambo, kunye nobungozi obunokubakho.
  3. Uhlalutyo olunamandla (ukhetho): Khetha ukhetho lokumisela uhlalutyo kwimeko-bume elinganisiweyo. Apha, i-MobSF iya kufaka i-app, ibeke iliso kwindlela yokuziphatha kwayo, ibone itrafikhi yenethiwekhi, ukufikelela kwisiseko sedatha, ukulayisha ikhowudi eguqukayo, kunye nawo nawuphi na umsebenzi okrokrelayo.
  4. Iziphumo zokujonga: Iingxelo zicacile kwaye zihlelwe ngokwecandelo, okwenza kube lula ukuhamba ngokusebenzisa izichongi zemisebenzi, iinkonzo, abamkeli, ababoneleli, iimvume, kunye nobuthathaka obufunyenweyo.

Yonke le nkqubo yenzelwe ukugcina ixesha labahlalutyi kwaye yenza ukutolikwa kwedatha kube lula kubo bobabini abachwephesha kunye nabangezona zobugcisa.

Iinkcukacha zohlalutyo oluzinzileyo: Yintoni kanye kanye efunyanwa yiMobSF?

I-MobSF yenza iskena esinzulu sayo yonke into ye-app yeselula ukubona imingcipheko, ubuthathaka, kunye nokuvezwa kokhuseleko. Iindawo eziphambili ezivavanyiweyo ziquka:

  • Ulwazi lwefayile ngokubanzi: Ubungakanani, igama, i-hashes (MD5, SHA1, SHA256) ukuchonga kunye nokuthelekisa iisampuli okanye ukufumana iifayile ezinobungozi eziphindaphindiweyo.
  • Bonisa kunye nemetadata: Itsalwa iinkcukacha kwi-AndroidManifest.xml, njengegama lepakethe, umsebenzi ongundoqo, uguqulelo, iimvume eziceliweyo, umsebenzi othunyelwa ngaphandle, iinkonzo, kunye nezinye iimpawu zoqwalaselo olubalulekileyo.
  • Ukuchongwa kwezinto ezithunyelwa ngaphandle: Ichonga ukuba mingaphi imisebenzi, iinkonzo, abamkeli, kunye nababoneleli abavezwayo, baququzelela ukuchongwa kweendawo ezinokungena zokuhlaselwa.
  • Uhlalutyo lomthombo kunye nekhowudi yokubini: Ihlola iJava, iSmali, iSwift, kunye nenye ikhowudi yeepatheni ezingakhuselekanga, ukusetyenziswa komsebenzi obalulekileyo, ukulayisha okuguquguqukayo, ukubonakalisa, ukubethela, ukubethelwa, kunye nokwenziwa kwekhowudi yemveli.
  • Izatifikethi zedijithali: Iqinisekisa ukuba leliphi na iziko elityikitye isicelo, lifumana izatifikethi ezaziwa ngokusayina i-malware okanye ziphinde zisetyenziswe kwii-apps ezikrokrisayo, ukunceda ukulandela ugrogriso lweentsapho.
  • Iimvume kunye nemingcipheko ehambelana nayo: Udwelisa kwaye uhlele imvume nganye eceliweyo, isilumkiso malunga nezo zinokubeka umngcipheko omkhulu kubumfihlo bomsebenzisi kunye nokhuseleko.
  • Inkqubo ye-APIs kunye namathala eencwadi asetyenzisiweyo: Iphonononga ukusetyenziswa kojongano lwenkqubo, ukubona ukuba i-app ifikelela kwimisebenzi enobungozi okanye ebuthathaka (indawo, ikhamera, iSMS, abafowunelwa, njl.njl.).
  • Imithetho eyongezelelweyo yokhuseleko: Iquka iimodyuli zokubona iintambo ezinovakalelo, imisebenzi efihliweyo, ukucwangciswa okubuthathaka, kunye nezinye izinto ezinokuthi zingabonakali kuhlalutyo lwezandla.

Uhlalutyo oluguquguqukayo lusebenza njani? Ukubeka iliso okuphezulu

Uhlalutyo olunamandla lukuvumela ukuba ubone indlela isicelo esiziphatha ngayo ngexesha lokwenziwa kwehlabathi lokwenyani kwindawo elawulwayo nebekwe iliso, ngaphandle kokubeka izixhobo zokwenyani okanye ulwazi oluyimfihlo emngciphekweni. Ezinye zezona zakhono ziqaphelekayo zezi:

  • Ujongo lwexesha lokwenyani lwe-app esebenza kwi-emulator: I-MobSF ifakela isicelo kwindawo ebonakalayo, ivumela yonke imisebenzi yayo ukuba iqaliswe kwaye ibambe ukuziphatha kwayo, uqhagamshelwano lwenethiwekhi, izicelo zangaphandle, ukudluliselwa kwedatha, kunye nemisebenzi engabhalwanga.
  • Ukufota itrafikhi yenethiwekhi kunye nedatha ebanjiweyo: Ibeka iliso ukuba ingaba i-app ithumela ulwazi olubuthathaka ngaphandle koguqulelo oluntsonkothileyo, iqhagamshela kwiiseva ezikrokrisayo, okanye iveze idatha ngeetshaneli ezingagunyaziswanga.
  • Ukufikelela kuluhlu lwangaphakathi kunye nohlalutyo lweefayile ezenziweyo: I-MobSF ijonga ukuba ingaba i-app igcina ulwazi ngendlela engakhuselekanga okanye isebenzisa ubuchule bokubaleka uhlalutyo okanye utshintsho.
  • Ukufunyanwa komthwalo onamandla kunye nekhowudi eyenziwe ngokuzenzekelayo: Isakhelo sijonga ukuba ingaba i-app ikhuphela izinto eziphunyeziweyo okanye iimodyuli ngexesha lokwenyani, into eqhelekileyo kwi-malware ehamba phambili.

Oku kudityaniswa kohlalutyo oluzinzileyo noluguquguqukayo lubonelela ngombono opheleleyo weprofayile yomngcipheko ye-app yeselula nganye, iyenza ibe luncedo ngakumbi kubaphuhlisi, abaphicothi-zincwadi, kunye nabavavanyi bokubhala ngokufanayo.


Shiya uluvo lwakho

Idilesi yakho ye email aziyi kupapashwa. ezidingekayo ziphawulwe *

*

*