How to use MobSF with Genymotion SaaS

In this tutorial, it is assumed that you are familiar with MobSF and you are using it from a physical local machine. For detailed information about MobSF, please refer to MobSF documentation.

Prerequisite

• MobSF code from github is cloned on your local machine
• Git must be installed on your local machine
• ADB from the Android SDK platform tools is installed on your local machine
• gmsaas CLI is installed on your local machine

Setup gmsaas CLI

Configure the path to your Android SDK

Use the following command:

gmsaas config set android-sdk-path <sdk_path>

gmsaas config set android-sdk-path <sdk_path>

<sdk_path> should point to the Android SDK installation directory, similar to the ANDROID_SDK_ROOT or deprecated ANDROID_HOME environment variables.

Configure authentication

You will need a Genymotion SaaS API token for this step. If you haven’t created one yet, you can follow the steps from our on-line documentation.

Next, use the following command:

gmsaas auth token <token>

gmsaas auth token <token>

Alternatively, you can store the API Token in the environment variable: GENYMOTION_API_TOKEN

Verify gmsaas configuration

Run the command:

gmsaas doctor

gmsaas doctor

If the command returns “Authentication OK” and “Android SDK OK”, you are all set with gmsaas!

Connect an instance to ADB

Start your instance. When it is in “Running” state, copy the instance UUID (you can get it from Genymotion SaaS UI dashboard, or with the gmsaas recipes list command), then use the following command:

gmsaas instances adbconnect [--adb-serial-port PORT] <instance_uuid>

gmsaas instances adbconnect [--adb-serial-port PORT] <instance_uuid>

Replace <instance_uuid> with the instance UUID. The command returns to shell once ADB is connected. If the --adb-serial-port <PORT> option is set, the instance will be connected to ADB on localhost:<PORT>.

Another method is to connect any running instances to ADB by combining this command with the --quiet or -q option and xargs:

gmsaas instances list -q | xargs -n1 gmsaas instances adbconnect

gmsaas instances list -q | xargs -n1 gmsaas instances adbconnect

You can verify with the adb devices command; adb should now be connected to “localhost:XXXXX device”. For example:

$ adb devices
List of devices attached
localhost:45485	device

$ adb devices
List of devices attached
localhost:45485	device

Configure MobSF

1. Clone MobSF code from github

Clone MobSF open-source code to your computer:

git clone https://github.com/MobSF/Mobile-Security-Framework-MobSF.git

git clone https://github.com/MobSF/Mobile-Security-Framework-MobSF.git

2. Modify the code

Edit the Mobile-Security-Framework-MobSF/mobsf/DynamicAnalyzer/views/android/environment.py script and comment the following lines in def connect_n_mount(self):

• self.adb_command(['kill-server'])
• self.adb_command(['start-server'], False, True)
• logger.info('ADB Restarted')

    def connect_n_mount(self):
        """Test ADB Connection."""
        if not self.identifier:
            return False
        """self.adb_command(['kill-server'])
        self.adb_command(['start-server'], False, True)
        logger.info('ADB Restarted')"""
        self.wait(2)

    def connect_n_mount(self):
        """Test ADB Connection."""
        if not self.identifier:
            return False
        """self.adb_command(['kill-server'])
        self.adb_command(['start-server'], False, True)
        logger.info('ADB Restarted')"""
        self.wait(2)

Save the script.

3. Install MobSF

In the Mobile-Security-Framework-MobSF folder, run:

./setup.sh

./setup.sh

4. Launch MobSF

When done, run this command:

./run.sh 127.0.0.1:8000

./run.sh 127.0.0.1:8000

Now, you can access MobSF by browsing to http://localhost:8000/.

Log in and navigate to DYNAMIC ANALYSER, your Genymotion SaaS instance should appear as connected at localhost:XXXXX :