Open source technology recommendation: security testing framework AndroBugs Framework
In the Android system, the security of each application is to distinguish the permissions of each application by creating a separate Linux user and group for it. An exploitable security vulnerability exists when a malicious app can steal the internal private information of a legitimate app through flaws or sniffing network packets (such as a man-in-the-middle attack).
What is AndroBugs Framework ?
The AndroBugs framework is an efficient Android vulnerability scanner that helps developers or penetration testers find potential security vulnerabilities in Android applications. It is developed based on the Python language and can be used without installation and configuration of the relevant environment. Although the AndroBugs framework does not provide a GUI interface, it has high operating efficiency and accurate problem location (an average of less than 2 minutes per scan).
AndroBugs Framework can quickly and efficiently find all possible potential security holes in millions of apps. AndroBugs Framework found security vulnerabilities in Android apps or SDKs developed by multiple companies, such as Facebook, Twitter, Google Android, Evernote, AT&T, etc. And the discovered vulnerabilities have been confirmed by the corresponding companies and appear on the Manufacturers Appreciation List.
characteristic
Find Security Risks of Apk
Check for unreasonable code
Check for dangerous shell commands (e.g. "su")
Ability to collect information from millions of apps
Check the security mechanism of the app (app is repackaged)
Windows platform
Single APK Analysis
Create a new folder C:\AndroBugs_Framework
cd C: \ AndroBugs_Framework
Download the latest version of AndroBugs Framework and unzip it
Add C:\AndroBugs_Framework to the environment variable Path
androbugs.exe -h
androbugs.exe -f [APK]
Multiple APK Analysis
1. Complete the installation of a single Apk analysis tool
2. Install the Windows version of MongoDB
3. Install the PyMongo library
4. Modify MongoDB configuration items in C:\AndroBugs_Framework\androbugs-db.cfg
5. Choose a MongoDB management tool you like
6.AndroBugs_MassiveAnalysis.exe -h
●Example:
AndroBugs_MassiveAnalysis.exe -b 20160909 -t TestBird -d .\All_Your_Apps\ -o .\Massive_Analysis_Reports
7.AndroBugs_ReportByVectorKey.exe -h
●Example:
AndroBugs_ReportByVectorKey.exe -v WEBVIEW_RCE -l Critical -b 20160909 -t TestBird
Unix/Linux platform
Single APK Analysis
1. Download the AndroBugs Framework source code and unzip it
2.python androbugs.py -h
3.python androbugs.py -f [APK]
Multiple APK Analysis
1. Install MongoDB
2. Modify MongoDB configuration items in "androbugs-db.cfg"
3.python AndroBugs_MassiveAnalysis.py -b [Your_Analysis_Number] -t [Your_Analysis_Tag] -d [APKs input directory] -o [Report output directory]
●Example:
python AndroBugs_MassiveAnalysis.py -b 20160909 -t TestBird -d ~/All_Your_Apps/ -o ~/Massive_Analysis_Reports
4.python AndroBugs_ReportSummary.py -m massive -b [Your_Analysis_Number] -t [Your_Analysis_Tag]
●Example:
python AndroBugs_ReportSummary.py -m massive -b 20160909 -t TestBird
5. List potentially risky apps:
python AndroBugs_ReportByVectorKey.py -v [Vector ID] -l [Log Level] -b [Your_Analysis_Number] -t [Your_Analysis_Tag]
python AndroBugs_ReportByVectorKey.py -v [Vector ID] -l [Log Level] -b [Your_Analysis_Number] -t [Your_Analysis_Tag] -a
●Example:
python AndroBugs_ReportByVectorKey.py -v WEBVIEW_RCE -l Critical -b 20160909 -t TestBird
python AndroBugs_ReportByVectorKey.py -v WEBVIEW_RCE -l Critical -b 20160909 -t TestBird -a
This article was written by TestBird test engineers . To learn more about development testing, visit TestBird !