- #Genymotion proxy install
- #Genymotion proxy for android
- #Genymotion proxy android
- #Genymotion proxy software
#Genymotion proxy install
Also install net-tools and ifupdown for the configuration of the network interfaces, which sometimes does not come with some distros.įor our eth1 interface to work, it must have an IP. It is highly recommended to disable network-manager: service network-manager stop. Then in the file /etc/dhcp/nf it must be modified as follows: Modify the line INTERFACESv4="" to INTERFACESv4="eth1"
DHCP server installation and configurationĪdd the interface, in the file /etc/default/isc-dhcp-server, where you want to let the dhcp running.
Sudo docker pull opensecurity/mobile-security-framework-mobsfĮcho “alias mobsf=’sudo docker run -it -p 8000:8000 opensecurity/mobile-security-framework-mobsf:latest'” > ~/.bashrc 1.1.3. Sudo ln -s /usr/local/bin/jadx-1.2.0/bin/jadx-gui /usr/local/bin/jadx-guiĬhmod +x burpsuite_community_linux_v2020_12_1.sh Sudo ln -s /usr/local/bin/jadx-1.2.0/bin/jadx /usr/local/bin/jadx Sudo apt install adb docker docker.io docker-compose android-sdk openjdk-8-jre wireshark -y Here is the installation of the tools that we have found most relevant.
#Genymotion proxy android
There are hundreds of tools for both dynamic and static analysis of Android applications. We also have to add one more interface (eth1) where the DHCP server will be configured and where the Android machine will be connected.
#Genymotion proxy software
Since we are going to run a lot of software at the same time on the analysis machine, we have to dedicate more than 2GB of RAM, in our case 4GB. In the center of the previous scheme we will have the analysis machine that through a network interface, in bridge mode, will be connected to the internet (eth0) and through the other interface (eth1) will be connected to the internal network of Virtualbox. Linux Analysis & Transparent Proxy Virtual Machine 1.1.1. The scheme to follow will be as follows:ġ.1. We will install a machine through which all network requests made by Android will pass, and where we will install all the necessary software for the analysis.
#Genymotion proxy for android
There is also CuckooDroid which is a sandbox for Android malware analysis that we may try in the future. There are alternatives, for example Genymotion which has better performance but we lose control because these Genymotion machines raise a Host-Only interface on your host, which is a risk we prefer to avoid. Although this can be done with physical devices, it is much more convenient to do it with virtual machines, because at any time we can take a snapshot of the system, and at any time we can return the system to the state of any of the snapshots almost immediately.Īs a virtualization platform we will use Virtualbox and for android emulation on Virtualbox we will use the Open Source project Android_x86 which is actively maintained and updated. 1.Virtual machine installation in VirtualBoxĪs we are going to execute malicious code it will be important to be able to return the system to a pre-infection state at any time. We use an infrastructure similar to the one that will be described in our laboratory accredited to perform Security Evaluations of IT products and in our Red Team activities.
The question is, how does it work at the system level, how do they get out of the sandbox that is generated when the App is installed, do they only use social engineering or are there more interesting technical aspects? For this reason, we decided to set up a laboratory to analyze in detail the techniques used by these pieces of malware. This series of articles in our blog is motivated by the amount of news circulating with headlines like “Android malware steals your bank details”, “Malware that won’t uninstall from your Android”, “Malware that reinstalls without you noticing”….
0 kommentar(er)
